last executing test programs:

18.432769728s ago: executing program 0 (id=936):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8020, {0x0, 0x0, 0x0, r3, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, r6, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x84ff, 0x22044028}, 0x84)
mkdir(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
shutdown(r7, 0x2)

18.293401565s ago: executing program 0 (id=937):
r0 = socket$inet(0x2, 0x1, 0x0)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
read(r1, &(0x7f0000032440)=""/102364, 0x18fdc)
getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdir(0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r2, 0x4b3d, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebdbe429d"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x18, 0x2d, 0x1, 0x70bd2d, 0x25dfdbfc, {0x4}, [@nested={0x4, 0x12}]}, 0x18}, 0x1, 0x700}, 0x8004)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

17.415700778s ago: executing program 0 (id=942):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r0, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r0, @ANYBLOB="4b7656da"], 0x40c}, 0x1, 0x1000000}, 0x0)

17.363100848s ago: executing program 3 (id=943):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000080000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, 0x0)

17.362732031s ago: executing program 0 (id=944):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$dri(&(0x7f00000001c0), 0xa, 0x9c556f0db2cf8b5e)
syz_emit_ethernet(0x22, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000006f7ce78c0aaa81003b00000c040000c0000700fd5800462af5a98e00a078acbc9e5bd7d0"], &(0x7f0000000200)={0x1, 0x3, [0x718, 0xe46, 0x26e, 0xc11]})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000090bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c405a96cf638c41510f26e9da5f316"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x62, 0xfe, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000440)=""/254, 0x2f00, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x10000}, 0x24)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
socket$unix(0x1, 0x5, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
poll(&(0x7f0000000080), 0x2000011b, 0xf0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x53e}, 0x1c)
sendto$inet6(r3, &(0x7f00000001c0)="a6", 0x1, 0x840, 0x0, 0x0)
recvmsg(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x102)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(0xffffffffffffff9c, &(0x7f0000008080)='./file0\x00', r4, 0x0, 0x160)
socket(0x1, 0x803, 0x0)

17.292555145s ago: executing program 3 (id=945):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r0, 0x5329, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {{&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000010000000000004b664d7772dd147bf2cb22c87f00ab57bbd3f1de8b0c53e618aa16434ed6674a7d12bcd16b9319", @ANYRES32=r1], 0x10, 0x4010}}], 0x2, 0x20000000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBENT(r2, 0x4bfa, &(0x7f0000000000)={0x1, 0x26, 0x5})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0)
r4 = openat(r3, 0x0, 0x5050c1, 0xfb)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='smaps\x00')
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
close(r8)
preadv(r7, &(0x7f0000000440)=[{&(0x7f0000000580)=""/239, 0xef}], 0x1, 0x5f0e, 0xff)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='f2fs_update_extent_tree_range\x00', r9, 0x0, 0x2}, 0x18)

17.233245138s ago: executing program 0 (id=946):
r0 = socket$nl_rdma(0x10, 0x3, 0x14) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r3 = socket(0x400000000010, 0x3, 0x0) (async)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001300)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {0xa, 0x4}, {}, {0xc, 0xe}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_MASK={0x8, 0x6, 0x528b}, @TCA_FLOW_KEYS={0x8, 0x1, 0x18934}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x200008c2)
socket$key(0xf, 0x3, 0x2)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x3, &(0x7f0000000140)=<r7=>0x0) (async)
r8 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r8, 0xc25c4110, &(0x7f0000000380)={0x0, [[0x1, 0x0, 0x9281, 0x0, 0x0, 0x0, 0xfffffffc], [0x3, 0x12000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x1, 0x1, 0x0, 0x4]], '\x00', [{0x0, 0x677}, {0x0, 0x3ff}, {0x2, 0xe}, {}, {}, {}, {}, {0x1}], '\x00', 0x400}) (async)
io_submit(r7, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x20, 0x1405, 0x300, 0x70bd27, 0xfffffffd, "", [{{0x8}, {0x8}}]}, 0x20}}, 0x0)

17.029177044s ago: executing program 0 (id=949):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff}, 0x6)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_int(r1, 0x11a, 0x3, &(0x7f0000000100)=0x304, 0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)

16.385493818s ago: executing program 3 (id=952):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x800, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
write$P9_RAUTH(r3, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r4=>r2, {0x1000}}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r2, 0xc08c5336, &(0x7f0000000000)={0x0, 0x7, 0x1, 'queue1\x00', 0x7df})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r4)
sendmsg$TIPC_CMD_GET_LINKS(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r7, 0x400, 0x70bd2b, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x4}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x1c5}]})
ioctl$LOOP_SET_CAPACITY(r2, 0x4c07)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f00000022c0)={{0x0, 0x0, 0x80, {0xdddd0000, 0x1, 0x5}}, "cdb372b4dfe02964a59572ecc37526989e90f15cc175ae8c93ae45591f356c6884a1eb49a1ccc74c2260aded1979bfd746a27408d1220c39493a1d3b65f5306464393183b3b654e5237f83855fde05bc36e88baa2c07c6acd1e5d8c2b3736f1ec8fb98c1b5c20bae0c02c146f4182375c277e8647f577021416f8ba515ffa35cddd261d521df3e841a9179cda39879511c2e9ab06778ce9ffa6f2c9370d7af33bc74d16360a42aa2ced6433463ef4bbed671371e8eba18f2aa913f65ff1b5b35c7c67638ba4aaa64a717f556fe32f70ab1f227b75eaace9c63811a4abc99987e6c8964cfac90a0ca3384510dc63e3e3935540ce749bfa6a8785ee00fe862262ce28ff980e350a64be310b5f576ccfb5a2ba166b324b4bbe9f23030a79f16f20258d077d87f7b1e5b8ca402ce6e51b3236729fde5e6f96d7a94c8db3cc00fdab35e2544ebb424632bb9d82cbfb21146bfeb80e5f5e26ed89a6c521920b5c02cd9cf8063e1ef18919946124f64f749f5c2e3d603af2b7a2d2d24acb6ebe5f47b988dc50e690d9aea44fece3a353bae1b80dcae49c8cb6443978623b0ec80cd0feb0a134a51fdd2b1912a45c6ca41414273268c676bbef4ab3e2f7ac5e061d6dcf0041af2cc971a27b616444ae913033933ed4b1d89b96c8ee9edc86ee12d5917695796906d4822fb3a931df763e3a8e8893ae4749765bdbae4377ce47fb5e26890cb5178c03dd0df248bf35caf84f3cea3d778086065dbb0cd51ea04f28dd6ce80820fda0ffa3f33d38adb2d68d41db8ab27d4cad8b7abb026827738fb9c59d043199cd27c2bdf9711acb36926c730e216de7ad2de0326676916586ec8325f4b13735e34c4d60bd27e2fde3edc95dc59cb69c1dc25569da425488b6b6e9a63b17964ce1fa57bf2c7508ed199cf64a5cbc23b01cdf08b1ad4337f1b0aa02a6c137fb90e32fd7e204966170aa80fca868a45d496be7758c47f83760208793eb1600b6ebf4d1d2dcaa2b741f1c0b9f8844b9e68ec7f7123083c6926a1e95fe9b75f16064f213f69f8f1a97b66961279a6aa3498f146f7e517c2f5a9c0b0673b93dca4fe0c48d53c8f5f89bb7ab0476e00a13e020370077a55c28abccb585bcbdf29966a4db1c3ab0f3f58e54640032484e08072aac638b9c9dc9655a525e9016d9b24358ba477695875e3abd484ff3adb92069825841c3bd1870f708cc25288ee5cc4a6d7fab62eaa724a7acb4ee5952db977b4da11597891f5c5af6086ddf387deb19ce0995ba175f830c94b5adac04d8618a262b3059fe96d5b18690e5adf3e592ae77fed8214ef468d0cacdbbdb1712cff009e03146b57bab5b8302a5ed0f75f59c63877ad8fea5ec596c667ffc2337343e1726e79985bf7c663f8dca6ae731dd96486568d0c0e4c3a3860d7250e04373cc55018eda3ac9077cd2c5317df8992b548e34344ca97a9ed3b6f8bf1a97e060231657706c9e8ce8f03805b111d4bf1a559f4cf0822a20cd9ce06b56c5f051317e187d76a303af82d2053286d5d3cee381602170f5bb4036fb34c080992e9f7d509aa230935233dac608f533ae2a26ce6c2ed1bf61303cc3c47465791333dae385f91de77c3357fbedbbb64ae3b868ee90b98ab647fa0dcc85bfbab33058667b95106519c7ba80246f73391919fb575dedfe436fb190e828fd58ac25537a4ba5ef0a97c595ce67a740d1cfd84a05d3462d9203dd6ea94f60dc03a29c3c81aa25dce4b330fa7500234016373add8120018ea6b5fac8597fcc8404c793658db3277e2a7e042cb56420002922183f14af74d970dec12a781763c1d9d69cf664b065a9b09491b1ff043e9c9a2098975c17e82a5d06b9f1081c43a539669e95991d866f3105e0b327ab8659e23bf1b196603c7406221e47494b765a114077187295dfafc261ea9ad3064b3449c6e8ef5e2517f609995adf82710d6c23a83e06f61c8186017afa6b2de5b28082770edfc81ee72e46fd1365d0a7583e3609ce420e54cc7a2d57542b924c6c5c9c896d068912adf22a97b3547502d0181d2c69729c539921ab16c466ba6d1d518c3e787fb0e9f708c9a1bc6d428355f0a3bd574397a6f8eda6a1503854a1bd4004719db60a9b3fefe434464d9f2aaddf44ee98c503ac606b7d4d8bac4efa557a77fa5a31ed8c8b48cd1ee6e4e7731ffb273bf21838f4e0cb8eec8a2cbd8acd40c15fcc3959ec3b4ea86680fb1e65743acfc164c6ae830f81a00c83102085d6ae8c7b4424ee0e86673015d98449252de73a25bfbe1697ff06aecf299b2a0e7ce452ba6bcba6b6da2c494cf0ce51cbb555cc2a371bf5a595748486825b0798221f40d2c29396431d13a03248874b893c7880d3b87cf845858a31f68fe57b032e3e0204fd4fb23fd5b2357d8e4f6052dd058b3bf6cd913b4341446e62895d6a367e4233e25ef3aabfb7f35a7804938e3181b6f551ac4a947ff016a12dffb53e7101b6ee911fac7637b2786cf95a4611376d0ac7b1e61c763040550e0c00ddb39a11086e08941c518a5ebedcff2c9477f7be26ad4dc48d837b85d082b4a54c8ec3f1caff75f7fb8f1282df6c5b336c2e56c0f35d9c5dd38fc91001e950f5fb41b58a620a9ee5e6b001a637aad4ec9ffd09eb762fd0d1d8058ca0e544329ee8693547095264c46d9b716fe56ff991b28dc056caefb0d08c0c509ab0eafeffc280684f8654b18323eddff28b4e778a674b4d5b85df786bb12ca24e1980e56032d1d32eb472954eed24b99bbc404dc920e16d4f8e792d6fe581efa82420085955ab9716dc642b44e2a9215cdaaf3df4fa5ad66a26804ad87b7520c132fdb595ea560eb408b5d519cb31c2c6ed2a16fe971d7ca71b7530af7478f06509cc988b96b27dd3e667ce4b08ca685ae818527103addba74d71d094e7a58325658343b989a1d973fc9f1cfebe848c35279cfff728928f77af22430daee46cc9242fa4afe5197e6b42811396f9136fbd545826e020a910fa790acf9292472b7ee3b34723d6f56781d5c061be6e535e49bfcc292a1208645c730b6aadc94e56f05c6f8ca71c7fde81b687190accb75b08f131d61d6536cb3810eb2b6006336f700f1e6ea8104de9c9c6c9f4566a3783d253e3153e9550b91d547430bbe6dc23d31b930692f2a2c5b009fa44c416bfbe28e524ee6a2d0b016331037010fa882db5d35cfa359d1c7a173cf913e11b8888d0f37b75011f26ce9f97b132dd6f50cbf4bd7d1f9201c55ade10bdb4e2df4a3b35d2980bf8ee63b8091fed356f764c0bbcc95a91afeb4a2c1deb3fc0c44fa76d768fed87d737bb3380794e4b67932e7492e654cca53599a446664031ef83e6a6d5362d89eac11c767932f477201d2953b4bb6058f4a3baca2968719edbf41ca5da5be2efeb9bceb38e2f1394ff41d9e93ecc746175b8e5fa2f5bf903663cebc1266ca7a2f8c57340c1ef42e4fc8a85d76ce24237d16f1ac13d32bfd1121017e9a72ad3fb0e952a296ff9a79bdc5be6d8691696720d97daa7c27fb9489e47584c00c854779de5980490afbacad0d0774a7f13e424b0ea955a87b7e296ac209000000000000170da77fff6b554c50dcdc6a261e8ebb7d2f24583023d001ff218ec7844fb4640736f04e9f7d968aa74bef26f65eae961a4857a946d3b221818a798d65bf74f8c0ac1b4529e36183c49606890643573722d467f4c464e68069955e561ccfd4423c2a240cfbb96efb668844ba0a1ceb910ad4ef06cd0f13f7ffa857dd16ca27f62179b3916868187421b6d9f9c698d6542a02d4c124373ce0f10cbbc6b9a18385d99519f06a24aa9a4f5560157880233ee8352f2e9de0ffa333bb50932587a70153a37f25263693b86dd6a61f7d1f40cac0f205b65fa2faa3098254fb084160c271addea6711ecae589870450b941db419bb27c8b597982b704ba0ea0189e7b5cd6b72e3529cd77e4a79c752f2f7af6aa43ec9eb0bbcfc91a02a85871771189c1f9a0742e8e6fc2d71575e20631dee592f0ed44c9d8f6a22e7d7844445066ca5e8bb97dd5c2ca0365d7c33563ceca884e8e14ba21733c4d2415c1be9369298fbd616fd792bd767555aa2deec8f45e92e10fcc88079cf0093ca2e38adc797845548005a0660b5cbf6423d966ebdccb6ce9d5d476bfd562dff0dd1f8e576d424c0f5cbfe68a3a571e860e5661861a133bc8eb3d9838e9a88f18edb12dfec18a488ad1177ca22f6f763beee9c1e0dd61344997dbbc6de56800f15d2b04a4d83a0b79adb12c54aa7c418d8fd0c96b5797a003b8313d14093fdadd4b530233dd1176e86090e0cc5401d6f98529de8bb6094b8e2f02b53f562a4c115655dc2619811d8caade655b767a5d4fac6c10784bf5bb06e9f535fd1304f383e39bbc5ce58a5f2f9deb9af1d6df6b491fbcbb9053f9bc73da0ae2e815ae72aff41c71ab7adc71074dfa6906724f18b74a344f7911994ee8ee843fd991de053dd9fae152d02b4fe0818c6313aee7df2f32009221f6c2d0ef9b53b7c2e795d64dcae34e5fab88e6b112b935fa836c6868f72077c57a42a940d3c0a667f3d0b674a3de2aa8c3443748c3a5ac949f72ed49220a9cbf0896794f58e12b74a1d7c7bbf8bec7d8aa055855c34a6c25d6fddd22a73725ca3daf8e357b8173508be65d329a4b97820cdb1c7a98d222a839b4da2a33ac687ab4004f5e1d90be7dad53a50ab4d6bc04135e0a9f31af27dc75eae3b9e7fd7459455a4cdd7faf94c5fe701d66d2006719b9acb72db3c89ca61bddea7c0be7ec769ec1cbfae11a77f36a59966f042e5dd32ece56932b083f0cb68c92194c6a4ca0267186b5f3ebaa25f63b6a1b60a2a5c78b9b5b488962b2ce4854b51ab2bc001231b6be3fcdc5563b0950165da87745e387c1205ba8182833d775c6cddaa936d1907e29b5dd692560a291a71f06552647144cac4884a8ae8f2dade616384eeafa54f84737d1613beb945faaa4a316ee2e2a3a094187b5edba42358e930c89bfeaf4620bada8aa6d6c8800d1b19548a308b8310a0b51c8ccc7db60aa2a04fd8b21769a32eded238f93f476b69a6548a8a17aee1d0c4476db41e4eba24d9351d3f98fac043f423ffead379b6cbfb05aaf705ff0dca6e5f6ba36d00d1bc98714a92c8ac1e7cbf441521c98e2b913dd7a5d8595e0479537029de96e2991652243fe3093594720a0538b1687711bf0bc46a1453ebe60c5d33bd798b66f19e69c90e55c2b68b62d1a759a3519630798dd4434fa658b013e28fe9befca82abc1f89a3b246f2fd44df84f88dab2792fc67b3ef2ef8eef84e441e2a7ff5a83e3784a5636a7d4775f5b3063d8e190bfcedcd8083d864d0cbb2fcca7af05cee2be552d89c801e760348dadf01ee4dbb9fb09d5b6c993ab9ac9ff7d5e1e104ab3a894f6cc9067ad64c5a97d3e12efd17820b3c07e4ce302a20fd4c5b5de8752bc4e609fbe9e6cebe713f309229883790ab6dffc22864f7b02fd9026a07299f8cf1e799acdd448428199165abf20eee23988cfcad773c7bc483f941f994c07f255e6cd72e7198f34bcbcbd801abb84e6e383d7bf6e217ee0281f4691beba5d17ef8bd59d7474540dda647ca3bdb8e280a2e6b7a7688bc677a25b2186b1e59e637737366733d75f02a597b7cabb18e75a1722d2327f4f2f101955ca88636ae97d5740ba61d7867c5141becd39f7fc5abb5b9614040995046c2ab369ac46c18159d5a3569df964e69e7686471ac756bf0515fee78904fe8fcec2096b5f3e00", "8f9bea13d6c1793efefda669a3bfc1a1f2d2afea1c14a5b35aac4a522cce409cb88f5802ab78a0dc4ad9e13501a073e6fc60f1778eecc8a6f5299ba9f7dcdab9079dc269bb0d7bb287afa53a930cfb99ca80b3c23dd58d7a4d8ceadf2787fc4f8c638dcd55f8e962ef362db8ae2d407ea8f04c151b89947d52c901335b5ca070883017289368b02ae4676286906bf2f984ae3b2f4ce4d345ea814a725ef388f09b6b6dcc519515885e6e5062d9cd7e801d8a14b1c5b86c404a3bcfb968a48710eb7c451630b0e3895739f51e1379f25a9848fd01021cc53ab10691091090b2cad44133a51465c16c2257cdde467cdae5616e809ad2f3ca71a0b4ae46b5b62142b1d6f782c4286dbea20f02bae71821c1c956172806c55069c3e33f8811a31a44856a1d0521c3e81c12b6dcae2b0e5f006a9468614031c6ad977aa589e4076f55a5528d7b408fd429da83d78bc7dbb794b4117379334fb9167b872d0459a457ae425f768052a583f23ff60a29f11659756f40240b1939fb8b72c3fbe3963680fdcc09900ab387757c9146d223ccdfd5aa26682d39aee3e4b327748d02f82964c117fd480804952654de00db09934cd5c1786b35453f18515ec8f28ee9aee0bfd367eafdfccb54ed29fd08bbea75ed8b6a93c23cb337ae900ba89dcbb3d87191e1e56de67175572aa09f2eaa4fc1f31055b08ce99c30dadc63c743de7fc3e5e0511c98d6b37132f66f09577f6a5f9d113865830876d2f33887136d976525d195790184b7eeaf82169128911c37856b5e75db9999269b252f12d07c62236fac6835a3c13261c527d03d33df946ddfa40c85548ddb9179cf5d963246e215fa0f76472f9f24493aad8db71422f1d1c31a454980f2499294f858de9e8a4937f832b21104c843d084ba15466453f9fd830a1d7d5dbe801ef67c2d6ba52cefcaffa798dd47e9d1e94729956b62ccaf200ff3c32e41cabf86de920f74e1c9e00391909b622505388a3d297b4095f5aa3c17ef5e68c4b3ff18855fd13ff2fe3b1746155d149baaead01ce8d975730b235b1fca6a158f219d3256489d1421e9a008434ae4acc01e583a3145633bd217a6b74d4165fddc31499b6bde7341aad811e80ee6aefdb5aa993926b57d90c0098babdf172c2ec2fe85ba0b75bdc898ba9a2dc7383533b70f3eae8c5c91526a9d5aa99f4a91c9a4235b05558f9871f1e2254a2300e7bd5b4c0fa0bae78e00a53400ca2d1bd03f9d47c82a0e8a17519b53ab0274dd5fcab49ef76a567c156b947b38744657321da66d2983024a67adc00adcde04f35fc2cfeb39c0adcaa508ee7cb8b7a6b73b4deeba620538003f11f390d108c466a2058db84b122b62844f6aebf2d119ea050ba34a1152c439b4ee0491d9417398ec2b7154bdb39ffadb6385c52108f61cc0847cc8e499b3009b00ea000d1c84848c8213d82aa2c87d9c7b15fdf23454190b5c18f563985383a42c2d600155970c15cde8da2d14ef5908704966c286d59a5141bff15ed1e8b7c1252d8cbd641c70f8129ca870fa1235155cf642095b20d88de5c0a0ac6e8969c05996481d1e8e7f9cae627ad6cd374bffa2c8714c84e735384c4064c2e194f26ea16d3d99259cc394d2c4553578ad251c3fe2b88b316dd3533b644ec59390868fe5e7f79fa721ae8dd5ded8ceefaad3879b8c5577bb831079b44fab7db38f0b61d74ed192b2c61cfe6bed13049db2c6b85434e46194230ab022f7d74be00a844023b0e33cbf1d2b4d0ad3e61b950cd9801941fd8e5d4b90154ae9f173b42fcd658190758f21af8ff9086d4eb12bc3496bfecd99211c1048b3ce4dd25f0934d7f17d45f50084c4ef7c31625080a1c1cec43922d89d1945f675d980e8f2b374c198fb6e857d099c33aeececaac17ab9c12c343051e7dd2f8786883339dbc643af493745974a4da505844e0419dbddb4eca492713d006a5ff47d78dfac1642acab8caa7bda595b6b9532edf6da9ee99711822fabf8e8783dc8f156d1490f40ed6aedb4f97ce55269a2070b4aa3fc51ef22d9fa8342a03ef1b27831f83ade237f4344797eb29f9bbc6aced4005f4b379a1e0b060b4f9cbfce975b9bb2b53e1228c91753a7dfe6d67282d565c1ef42a15c1ff0d49f1128694336eaa277fd691de0748740241edb9250ab53e53523b2217fd4d554fe482c35d8ebdce8c2d053ea2b035a5e8f9ea2e683b24e418698e48b6bb8275c6938c61a6fcafb1f7c73a344db76bdc8cafb1a07000000e62e3d9b92ad50241ec0908d73255cb72ab5d144757a55c116343e6e6c61bb0999615ddca343e02a5e3438cc9f66b1619c4467b12e615918d2f27392977775c165530dc0059bb41bd6103e612ef5bcd7f2df54ab86a05836b0bb685c05e935da8dfe4144217603c6e4f703d8062af788c7acf61285baaf7c7043a0602fbe8d61daabcf07156f7ee60debca3787d1f4b60f39c341df2908bf7944a5753883626920f1e82eeb374409fa0b331053a9c6bd3ab48682d228ec04d7cb3eb94917d00bc97b46ec14f1681013969cda5ea2c95fa390b3d6422ce0ac242690fbf352d757c9fbc66d06b0e4578e43f032c5f033d54618d178ef0fabdb00108d23cae66bd4ce059709b01e5b8ffec5595865a1c77c0bd8a1f2cb5f13d2b49450b23d021f64247966fd07bee6538fb0565b7eb41489566bc066107a345d705335bc918fe2e3c4edc50872fd25933aaa908cd78eec4e414d46c035c734af8a5b8d47fe62a4a9c49da0cf6547cc8d6702a2468c8d6fbe0ec7d90888d0bf3a0c7c42507d0baf458ce087d4c7725f42edad430abf233b064186c111b4c1fc2861e74426a31d04e2ade9d7acd8f0ac376b712d1eb20175b93b6900291b5625f90276f0857af6b0d108ddb0d772f501e687196c7caafc90010403596a6b5735e28ec6363896c8719e6002dcea716038e7b773c250c98aae730a7f39d995d0c737ff6e29c7a548c69896355b73d50eff7f7a1238f66601d10e4ccc6fb5e924a59bb41da1eba811f5acb22e8bc3719f3568d0fdc0868b29df0727f5cd50290a1845e22d523cde3002560fef504bd2c9a291c7a81a4f2b5b8a015f379009e3e8baed5d35c4a03e09afd37d7fe9d86e86eb53701ae8016d5a19ce5e96e11549ba09e3c2a6700ea84796091f6ca47d4c68fb1e6f4448e1b72f6d4b8af491b635208b31356140db8134e5a1594e47c7ad68dcd2399f49731c60f5f6c101955d4c31275df3d4ce3207e8dc03b87cae229f1f1d09f0064ef7b0727f787efef0369222717129287a9b3a375e6aadd40b6fdaea3d43cd59febe098b7f80d72343bb147a20b22b5de8fbd32bf4ce64f3ad2510dad9c243327e7c706b06004d1cb82edcc113d74bb9cb820e360c9a8992b884a65234b93250f7ff8e7271983c6505cdf0524b5a8e60f8b3d86281a903ee62d3010d62a788d360182c1106486ee1673f5b7da5a2a154cbe53697305907f64140283f78b9b3b78d2a420586bbac1f72b4388258a0e7c1cc26048cbf3e47c593e9d3300e98931801efc3bdd0ed74e0d3b4f881c66b71a401d9719a1231394ffd04b35bb3c5dcc5ee18696e8327ef9f0f7d8ee218662ec6e747d5c009ba9462d0fba519be8f5f951a5bc077a6eaca928536f35e5929863357cc025fb80c5806d3b7a9f2645e1f6d3239bf763e9ff16fe6bf30d6139f2a117fa1db0d6d2c6aaecf1cacc1b28b24587c9bfd48e52f37651cc97c35d3dc3834b7f973213d0edefdf42a239da89bf1b735767f9e38119de3fd24dbdb34c38068888dc8ff11d19b1950772e283903ce51b1c13e86d58b283dc8f8a3c9456115b19a0561f3aa9c7eca553c4e5bfc20b5da4b32e607a57c2577ab2a65cedb2dd754a2363b37b138ea37e2e3546eea289da7475850e393e7331416bcf4ec75f0c6e654df1fc513e0dcc52ba57e9a128d148cf42d35fb9c7168c959e1ed6e4811fba1662c22194101a6d8787e037a35888117c854a2ef8f605076771ab5aefc8135cfa4c2a25680c6566e0fd19eee7cc86ece140efb6fab4200eabc09d834239abf5f48b46ea51797ee393693270da94c3e73859c01d1042e2eff0b1c4ed41ea560f38b8483d94b9dace687bbe8993fc4e2872b686bf299bb0dce34874d940fd2c36b5270aedd09e5e5a952d70f191e011c7e269219477fe8f5ded564f14fda6461b64d84ec32543a7ed663d8d27d8b8893942e0b7167f3f7b936f8f1fe623248d9815c5969f3a22f0fdefb527d9a870d7ece5430a9adcfee9eef05d235a0c87989965b20bad18c96d696e817c95693fec426ff81f1250e81c244058722243cb3e2df722ac46554a368a90a81206628fcc889cca832a8d4ed20188db0005b1b1c494e3dcce0622dd72ee35f4b4ac447909937bf67807344f5a629230752645aee6c70a885a80ea0e491fdef70648bfa0060ad78b122f2cc0637feb6c5754073d71326bb5a5c0b8c9890fffab1360d647d3a7b4e4bfb29c3162f311d7a1a41c3c5f739542ec723fff2c1e086dd79b1f22f3ff5a512e7ec7dfa54cc6883ae22b949139b1f029f8674ea97c5fb8125a3dafebddd524acdd1618c9f9b9fdf0ea659c4bd4b8da12cae75d1f5ae611b8fa7fd23ff0ff7dcf8a10540120d03d72db15d0775075c1c30ba7e6a07ee6633fa6fa396ca3a5799a7905db5d49e8e8ce00eb7a9af5f2c60749bc28c4b188054e21f44f28d2d1258326ae27a1b14d4704ffb93ff506bbf07e0e4e1bf2502fce11eeb83b9c491a68db0744a61ec449f5338c0b40d77ed16de2d935320bbd2cea2a164f26e7b619ddd81448009adeadfdcdead9df5a1c6da9aca64f373dfaf7cb940aac9f5eedb7a5d49eb74dc0e0819b05f328e9a4ddf3ef0a27cf01a853e02bc69970a32930c48509d726600dc7ee95e119d4cb28f87aa13b7ff846c338b5f9090586ff7bd983721d4a4b5a2e9a3e1495644483bf14861d524196f0d73265688794d6b3b4ce8b3f994c56a82a02a35aeaf9f79c08f5280a6ba0187eae965e412f14cb379869c997564b0a37349dc535882d5d4054d18bf44cbfccbdb8b377761096c974b3dde6a9dc767937bc3430a7fb614671e73ea867b4cd499f2581766510ad70811cda49b69b5afd380ae2ad43281e6640d4f20b2615f3c0b20f7d45c69a9cbbe7933776e07043b141664c059f1c6de17d44eed8b6242d6e8e8b3b86cff4306a9657e6d6f0c429f52138c6c5f7d155bc713432ca75bbf77c3a2c06e546474a7c327d10c46be64e6729643a9455420c48677a23c92f05e3e56f70100000000000000600739cd068305bb6aea50d5d1042f821e78f2942d603c46a1e4541756bac183b640935dffe8309e3e90a170ca3d126375a0177b1d94b72b622607af60a2cfb9b63464689237fcdbb752e89335aa96c615a59e39fcd89a3a39445e78fb5dd4912b16850863305496ca80974c3d39892a255f9a26b438662e6bc67e1d5115acff5bee940368df7e182ac1cc24331adb6e155ecfa1257d2f47a6b959f2bcf2dfbf86613c7761746ed85fd7e2a3c7c8602ee5143b100bd0a5026146becd255004fd8728bcfad605fad03e754ff1245e7716884e7e6898158ca4e9ba58cf09d8afe65fc18c2529b43a14e7eb7451b8072d68124be7b9133301d840191435de4704e2dda8ccfa87013f733aa10431faf7e46be7a391809af91e5e98d63c80a13c4b4fbb95b44ae5540f62f43036daef02b5dd404c0b08d46fa66fbdf0b4ed839494aa4c85194dac555e4061481c6717a3306700"})

16.223055313s ago: executing program 3 (id=953):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000080000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, 0x0)

16.13265304s ago: executing program 3 (id=954):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0xffff, 0x100}})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001})
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x8084)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b37090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f383b6c090890e0879b0a0ac6e70a9b3361959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000040)=@x86={0x5, 0x3, 0x6, 0x0, 0x8, 0x7, 0x6, 0x0, 0x4, 0x9, 0x48, 0x9, 0x0, 0x7, 0x1, 0xa, 0x1, 0x40, 0x10, '\x00', 0x4d, 0x1f})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x23011, r1, 0x6a855000)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x1}, 0x1c)
sendmmsg$inet6(r8, &(0x7f0000003a00)=[{{&(0x7f0000000100)={0xa, 0x4e21, 0xfffffb27, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x3aa}, 0x1c, 0x0}}, {{&(0x7f0000000180)={0xa, 0x4e24, 0x0, @loopback, 0xa}, 0x1c, 0x0, 0x0, &(0x7f0000001f40)=[@pktinfo={{0x20, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0xe}}}}], 0x20}}], 0x2, 0x1000)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}], 0x2, 0xfe, 0x0, 0x0)

15.21278448s ago: executing program 3 (id=959):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)
socket(0x1d, 0x2, 0x6)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f00000000c0)=@generic={0x0, 0xffffffffffffffff})
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r2, 0x80044dff, &(0x7f00000003c0))
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
r7 = openat(0xffffffffffffffff, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x1258c1, 0x60)
preadv(r7, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
read$FUSE(r7, &(0x7f0000005b80)={0x2020}, 0x2020)
ioctl$BTRFS_IOC_ADD_DEV(r6, 0xff08, 0x0)
r8 = gettid()
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r9, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000000)='\x00', 0x1)
write$rfkill(r9, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)

9.341666182s ago: executing program 1 (id=991):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x10, &(0x7f0000000480)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x8, 0x9c, &(0x7f0000000140)=""/156, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000280)}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @private=0xa010101}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff0100000001000000560000002500001f190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x14)
syz_emit_vhci(&(0x7f0000000280)=ANY=[], 0xd)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat2$dir(0xffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r5 = openat2$dir(0xffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x224500, 0x144, 0x6}, 0x18)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
ioctl$EVIOCSCLOCKID(r6, 0x400445a0, &(0x7f0000000100)=0x7)
renameat(r4, &(0x7f0000000200)='./file0\x00', r5, &(0x7f0000000300)='./file0\x00')
openat$kvm(0xffffff9c, &(0x7f0000000440), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r7}, 0x10)
sched_getattr(0x0, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$GIO_UNIMAP(r8, 0x4b66, &(0x7f0000000080)={0xa8464d82bf42b528, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}]})

8.523152393s ago: executing program 1 (id=994):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x401, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x7000000, 0x20000000}, 0x0)

8.463023924s ago: executing program 1 (id=995):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r0, 0x5329, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {{&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000010000000000004b664d7772dd147bf2cb22c87f00ab57bbd3f1de8b0c53e618aa16434ed6674a7d12bcd16b9319", @ANYRES32=r1], 0x10, 0x4010}}], 0x2, 0x20000000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBENT(r2, 0x4bfa, &(0x7f0000000000)={0x1, 0x26, 0x5})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0)
r4 = openat(r3, 0x0, 0x5050c1, 0xfb)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='smaps\x00')
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
close(r8)
preadv(r7, &(0x7f0000000440)=[{&(0x7f0000000580)=""/239, 0xef}], 0x1, 0x5f0e, 0xff)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='f2fs_update_extent_tree_range\x00', r9, 0x0, 0x2}, 0x18)

7.52727979s ago: executing program 1 (id=1000):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_io_uring_setup(0x23d, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x4000000, 0x4023d}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000040)=0xa)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000500))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
set_mempolicy(0x2, &(0x7f0000000300)=0x51e1, 0x3ff)
r5 = openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0)
ftruncate(r5, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
socket$kcm(0x10, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000006180)=""/152, 0x98}], 0x1, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r7 = socket$kcm(0x29, 0x5, 0x0)
pipe(0x0)
splice(r7, 0x0, 0xffffffffffffffff, 0x0, 0xf3e, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000100))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000fb0400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1e}, 0x94)

6.842712727s ago: executing program 2 (id=1001):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x101, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x400c800)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x800455c9, 0x0)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
r5 = fanotify_init(0x20, 0x0)
fanotify_mark(r5, 0x445, 0x1003, r4, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRESOCT=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES64=r0, @ANYBLOB="00aba0bb74c9bc5600000000000000bf737b0000e2ff00000000000000"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB="180700810000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000001000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xac, 0x0, 0x0, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2098, 0x8, 0x0, 0x0}}, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x2f, 0x40002)

6.77284555s ago: executing program 2 (id=1002):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) (async)
fsopen(&(0x7f0000000040)='aio\x00', 0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0}) (async)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) (async)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0)

6.638347702s ago: executing program 1 (id=1003):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
ioctl$CDROM_LOCKDOOR(r0, 0x5329, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {{&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000010000000000004b664d7772dd147bf2cb22c87f00ab57bbd3f1de8b0c53e618aa16434ed6674a7d12bcd16b9319", @ANYRES32=r1], 0x10, 0x4010}}], 0x2, 0x20000000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBENT(r2, 0x4bfa, &(0x7f0000000000)={0x1, 0x26, 0x5})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0)
r4 = openat(r3, 0x0, 0x5050c1, 0xfb)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='smaps\x00')
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x127081)
close(0xffffffffffffffff)
preadv(r7, &(0x7f0000000440)=[{&(0x7f0000000580)=""/239, 0xef}], 0x1, 0x5f0e, 0xff)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYRES64=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='f2fs_update_extent_tree_range\x00', r9, 0x0, 0x2}, 0x18)

5.932738985s ago: executing program 2 (id=1004):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000000004003b00000008000300", @ANYRES32=r1, @ANYBLOB="26003300b098"], 0x4c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

5.873060587s ago: executing program 2 (id=1005):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, 0x0, &(0x7f0000000000))
connect$802154_dgram(r0, &(0x7f0000000000)={0x2, @long={0x3, 0xfffc, {0xaaaaaaaaaaaa0302}}}, 0x14)

5.87144632s ago: executing program 2 (id=1006):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="50000000090601020000000000000000030000000900020073797a310000000005de010007000000280007800c00018008000140e00000010c00148008000140ac1414bb0c00028008000140"], 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

5.871155615s ago: executing program 2 (id=1007):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0xa000, {0x0, 0x0, 0x0, r4, {0xe, 0x7}, {0x0, 0xfff1}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x4}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}, @TCA_FLOWER_CLASSID={0x8, 0x1, {0x1, 0xe}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
r6 = openat$nci(0xffffff9c, &(0x7f0000000300), 0x2, 0x0)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000000180)=0x200000, 0x4)
getsockopt$XDP_STATISTICS(r7, 0x11b, 0x7, &(0x7f00000003c0), &(0x7f0000000400)=0x2f)
read$nci(r6, &(0x7f0000000340)=""/252, 0xfc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r8, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)={0x40, r9, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x79c2}]}, 0x40}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
recvmsg$unix(r5, &(0x7f00000002c0)={&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/54, 0x36}, {&(0x7f0000000140)=""/118, 0x76}], 0x2, &(0x7f0000000240)=[@cred={{0x18}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}], 0x58}, 0x40000000)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
setuid(0xffffffffffffffff)
chdir(&(0x7f0000000100)='./file0\x00')
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r11, 0x0)

5.657309194s ago: executing program 1 (id=1008):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="200000002d0001000000ea001000200004000080050011802efff20004001d"], 0x20}], 0x1}, 0x300)

1.995381477s ago: executing program 32 (id=949):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff}, 0x6)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_int(r1, 0x11a, 0x3, &(0x7f0000000100)=0x304, 0x4)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x4)

0s ago: executing program 33 (id=959):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)
socket(0x1d, 0x2, 0x6)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f00000000c0)=@generic={0x0, 0xffffffffffffffff})
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r2, 0x80044dff, &(0x7f00000003c0))
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
r7 = openat(0xffffffffffffffff, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x1258c1, 0x60)
preadv(r7, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
read$FUSE(r7, &(0x7f0000005b80)={0x2020}, 0x2020)
ioctl$BTRFS_IOC_ADD_DEV(r6, 0xff08, 0x0)
r8 = gettid()
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r9, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000000)='\x00', 0x1)
write$rfkill(r9, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

erface
[   50.324935][ T6134] team0: Port device team_slave_0 removed
[   50.331046][ T6134] team0: Port device team_slave_1 removed
[   50.333458][ T6134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.335981][   T63] Bluetooth: hci2: command tx timeout
[   50.338196][   T63] Bluetooth: hci1: command tx timeout
[   50.340269][ T6134] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.344033][ T6134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.346843][ T6134] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.406451][ T6135] team0: Mode changed to "loadbalance"
[   50.449907][ T6134] netlink: 'syz.1.20': attribute type 10 has an invalid length.
[   50.471112][ T6134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20'.
[   50.547407][ T6135] netlink: 'syz.1.20': attribute type 10 has an invalid length.
[   50.821619][ T6135] bridge0: port 1(netdevsim0) entered blocking state
[   50.825369][ T6135] bridge0: port 1(netdevsim0) entered disabled state
[   50.833382][ T6135] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   50.857023][ T6135] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   50.899745][ T6135] bridge0: port 1(netdevsim0) entered blocking state
[   50.902226][ T6135] bridge0: port 1(netdevsim0) entered forwarding state
[   50.905424][ T6138] veth1_to_bond: entered allmulticast mode
[   51.536673][ T6155] mmap: syz.3.25 (6155) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   52.254716][ T1141] wlan1: Trigger new scan to find an IBSS to join
[   52.371280][ T5982] Bluetooth: hci0: command tx timeout
[   52.373086][ T5982] Bluetooth: hci3: command tx timeout
[   52.415587][   T63] Bluetooth: hci1: command tx timeout
[   52.415629][ T5982] Bluetooth: hci2: command tx timeout
[   52.698865][ T6176] netlink: 5 bytes leftover after parsing attributes in process `syz.1.29'.
[   52.703303][ T6175] process 'syz.3.28' launched './file0' with NULL argv: empty string added
[   52.707850][ T6176] 0ªX¹¦D: renamed from macvtap0 (while UP)
[   52.710660][ T6176] 0ªX¹¦D: entered allmulticast mode
[   52.712299][ T6176] veth0_macvtap: entered allmulticast mode
[   52.714377][ T6176] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   52.724459][ T6178] ip6tnl1: entered promiscuous mode
[   52.726407][ T6178] ip6tnl1: entered allmulticast mode
[   52.729037][ T6178] team0: Device ip6tnl1 is of different type
[   52.732125][ T6176] usb 1-1: USB disconnect, device number 2
[   52.777520][ T6176] hub 1-0:1.0: USB hub found
[   52.779598][ T6176] hub 1-0:1.0: 6 ports detected
[   52.989543][ T3243] usb 1-1: new high-speed USB device number 3 using ehci-pci
[   53.010936][ T6186] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   53.189285][ T3243] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   53.192262][ T3243] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   53.194923][ T3243] usb 1-1: Product: QEMU USB Tablet
[   53.196554][ T3243] usb 1-1: Manufacturer: QEMU
[   53.198082][ T3243] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1
[   53.251659][ T3243] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.0002/input/input9
[   53.287931][ T6192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.32'.
[   53.316132][ T3243] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   53.528903][ T6197] netlink: 4 bytes leftover after parsing attributes in process `syz.2.33'.
[   53.786232][ T6201] netlink: 24 bytes leftover after parsing attributes in process `syz.3.34'.
[   53.863844][ T6197] bridge_slave_1: left allmulticast mode
[   53.865885][ T6197] bridge_slave_1: left promiscuous mode
[   53.868896][ T6197] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.906280][ T6197] bridge_slave_0: left allmulticast mode
[   53.908122][ T6197] bridge_slave_0: left promiscuous mode
[   53.910001][ T6197] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.042651][ T6207] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   54.100598][ T6211] overlay: ./file0 is not a directory
[   55.110332][ T6222] binder: 6221:6222 ioctl c0306201 80004a40 returned -14
[   55.295034][ T1141] wlan1: Trigger new scan to find an IBSS to join
[   55.296372][ T6234] random: crng reseeded on system resumption
[   55.401360][ T6238] input: syz1 as /devices/virtual/input/input10
[   55.406572][   T40] audit: type=1326 audit(1755764341.783:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6239 comm="syz.0.43" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   55.414816][   T40] audit: type=1326 audit(1755764341.783:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6239 comm="syz.0.43" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   55.421404][   T40] audit: type=1326 audit(1755764341.783:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6239 comm="syz.0.43" exe="/syz-executor" sig=0 arch=40000003 syscall=29 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   55.448881][ T6241] input: syz1 as /devices/virtual/input/input11
[   55.699123][ T6244] capability: warning: `syz.0.43' uses 32-bit capabilities (legacy support in use)
[   56.194861][ T6256] syz.2.45 uses obsolete (PF_INET,SOCK_PACKET)
[   56.533101][ T6275] input: syz1 as /devices/virtual/input/input12
[   56.719063][ T6283] input: syz1 as /devices/virtual/input/input13
[   57.211777][ T6297] input: syz1 as /devices/virtual/input/input14
[   57.567043][ T6309] Zero length message leads to an empty skb
[   58.476205][ T1141] wlan1: Trigger new scan to find an IBSS to join
[   58.797943][ T6326] block nbd3: NBD_DISCONNECT
[   59.311878][   T40] audit: type=1326 audit(1755764345.633:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6330 comm="syz.3.57" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd7579 code=0x0
[   59.646606][   T12] wlan1: Creating new IBSS network, BSSID 0e:07:49:40:38:66
[   59.989031][ T6346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.59'.
[   60.137757][ T6348] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[   60.188189][ T6357] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   60.194602][   T40] audit: type=1326 audit(1755764346.563:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6356 comm="syz.0.63" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0
[   60.306695][ T6361] input: syz1 as /devices/virtual/input/input15
[   61.404705][ T3243] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   61.575957][ T3243] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   61.579447][ T3243] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   61.584768][ T3243] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   61.587898][ T3243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.591813][ T6374] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   61.596691][ T3243] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[   62.044958][  T840] usb 6-1: USB disconnect, device number 2
[   62.350589][ T6398] input: syz1 as /devices/virtual/input/input17
[   62.850944][ T6406] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[   62.854111][ T6406] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[   62.858814][ T6406] bridge0: port 1(netdevsim0) entered disabled state
[   63.010372][ T6409] netlink: 'syz.1.74': attribute type 10 has an invalid length.
[   63.016598][ T6409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.74'.
[   63.020306][ T6409] netlink: 'syz.1.74': attribute type 10 has an invalid length.
[   63.025354][ T6409] bridge0: port 1(netdevsim0) entered blocking state
[   63.028817][ T6409] bridge0: port 1(netdevsim0) entered disabled state
[   63.031245][ T6409] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   63.036362][ T6409] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   63.041397][ T6409] bridge0: port 1(netdevsim0) entered blocking state
[   63.043675][ T6409] bridge0: port 1(netdevsim0) entered forwarding state
[   63.154051][ T6412] netlink: 4 bytes leftover after parsing attributes in process `syz.0.75'.
[   63.692333][ T6421] block nbd2: NBD_DISCONNECT
[   63.937399][ T6434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.77'.
[   64.052095][ T6436] block nbd2: shutting down sockets
[   64.324881][ T6444] input: syz1 as /devices/virtual/input/input18
[   65.111766][ T6450] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[   65.118254][   T40] audit: type=1326 audit(1755764351.493:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.0.84" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0
[   65.233447][ T6463] netlink: 4 bytes leftover after parsing attributes in process `syz.3.85'.
[   65.241960][ T6461] bond0: (slave bond_slave_0): Releasing backup interface
[   65.256566][ T6461] bond0: (slave bond_slave_1): Releasing backup interface
[   65.287936][ T6461] team0: Port device team_slave_0 removed
[   65.358749][ T6461] team0: Port device team_slave_1 removed
[   65.359133][ T6467] netlink: 'syz.2.88': attribute type 10 has an invalid length.
[   65.364492][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.366929][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.371192][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.373510][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_1
[   65.409920][ T6464] team0: Mode changed to "loadbalance"
[   65.471123][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.88'.
[   65.578632][ T6455] netlink: 'syz.2.88': attribute type 10 has an invalid length.
[   65.859013][   T40] audit: type=1326 audit(1755764352.233:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz.3.89" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd7579 code=0x0
[   66.022151][   T40] audit: type=1326 audit(1755764352.393:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6475 comm="syz.0.99" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f44579 code=0x0
[   66.883193][ T6488] dlm: no locking on control device
[   67.038352][ T6490] syzkaller1: entered promiscuous mode
[   67.043767][ T6490] syzkaller1: entered allmulticast mode
[   67.196012][ T6503] netlink: 4 bytes leftover after parsing attributes in process `syz.1.98'.
[   67.759791][ T6515] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[   67.762122][ T6515] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[   67.770464][ T6515] bridge0: port 1(netdevsim0) entered disabled state
[   67.874925][ T6527] tipc: Started in network mode
[   67.876572][ T6527] tipc: Node identity ac1414aa, cluster identity 4711
[   67.882063][ T6527] tipc: Enabled bearer <udp:s>, priority 10
[   67.884295][ T6529] netlink: 'syz.1.104': attribute type 10 has an invalid length.
[   67.891782][ T6529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.104'.
[   67.902687][ T6515] netlink: 'syz.1.104': attribute type 10 has an invalid length.
[   67.909105][ T6515] bridge0: port 1(netdevsim0) entered blocking state
[   67.912229][ T6515] bridge0: port 1(netdevsim0) entered disabled state
[   67.914832][ T6515] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   67.923841][ T6515] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   67.933631][ T6515] bridge0: port 1(netdevsim0) entered blocking state
[   67.935826][ T6515] bridge0: port 1(netdevsim0) entered forwarding state
[   67.953818][   T40] audit: type=1326 audit(1755764354.323:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.111" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0xffff0000
[   68.654138][ T6557] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   69.000328][ T6572] netlink: 'syz.0.125': attribute type 1 has an invalid length.
[   69.004846][ T3243] tipc: Node number set to 2886997162
[   69.024571][ T6572] 8021q: adding VLAN 0 to HW filter on device bond2
[   69.028323][ T6572] bond1: (slave bond2): making interface the new active one
[   69.030824][ T6572] bond1: (slave bond2): Enslaving as an active interface with an up link
[   69.052044][ T6576] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   69.073072][ T6578] netlink: 28 bytes leftover after parsing attributes in process `syz.0.127'.
[   69.077638][ T6578] netlink: 28 bytes leftover after parsing attributes in process `syz.0.127'.
[   69.362153][ T6599] netlink: 44 bytes leftover after parsing attributes in process `syz.2.133'.
[   69.382343][ T6598] netlink: 4 bytes leftover after parsing attributes in process `syz.2.133'.
[   69.644844][   T40] audit: type=1326 audit(1755764356.013:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.652537][   T40] audit: type=1326 audit(1755764356.013:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.660217][   T40] audit: type=1326 audit(1755764356.013:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.667199][   T40] audit: type=1326 audit(1755764356.013:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.673967][   T40] audit: type=1326 audit(1755764356.013:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.680691][   T40] audit: type=1326 audit(1755764356.013:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   69.700569][ T6614] dlm: no locking on control device
[   70.144750][   T40] kauditd_printk_skb: 124 callbacks suppressed
[   70.144766][   T40] audit: type=1326 audit(1755764356.453:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f375a7 code=0x7ffc0000
[   70.166138][   T40] audit: type=1326 audit(1755764356.523:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.173439][   T40] audit: type=1326 audit(1755764356.523:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f375a7 code=0x7ffc0000
[   70.180669][   T40] audit: type=1326 audit(1755764356.533:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.188580][   T40] audit: type=1326 audit(1755764356.533:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f375a7 code=0x7ffc0000
[   70.195567][   T40] audit: type=1326 audit(1755764356.533:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=449 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.202940][   T40] audit: type=1326 audit(1755764356.533:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.210152][   T40] audit: type=1326 audit(1755764356.533:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f375a7 code=0x7ffc0000
[   70.224777][   T40] audit: type=1326 audit(1755764356.533:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=449 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.231781][   T40] audit: type=1326 audit(1755764356.543:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.1.136" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   70.401471][ T6629] overlayfs: conflicting options: nfs_export=on,index=off
[   70.462335][ T6627] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[   70.465010][ T6627] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   70.469053][ T6627] vhci_hcd vhci_hcd.0: Device attached
[   70.524402][ T6638] infiniband syz1: set down
[   70.528033][ T6638] infiniband syz1: added ipvlan0
[   70.538223][ T6638] RDS/IB: syz1: added
[   70.539860][ T6638] smc: adding ib device syz1 with port count 1
[   70.541954][ T6638] smc:    ib device syz1 port 1 has pnetid 
[   70.678986][ T6646] input: syz1 as /devices/virtual/input/input20
[   70.689866][ T6086] udevd[6086]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory
[   70.693741][ T6086] udevd[6086]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[   70.714770][ T5851] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[   70.757800][   T10] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[   70.838209][ T6650] netlink: 76 bytes leftover after parsing attributes in process `syz.3.145'.
[   70.896085][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[   70.898132][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[   70.915733][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[   70.920265][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   70.923532][   T10] usb 6-1: config 0 has no interfaces?
[   70.932603][   T10] usb 6-1: string descriptor 0 read error: -22
[   70.935038][   T10] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   70.938157][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.941560][   T10] usb 6-1: config 0 descriptor??
[   71.045878][ T6633] vhci_hcd: connection reset by peer
[   71.048958][   T13] vhci_hcd: stop threads
[   71.050364][   T13] vhci_hcd: release socket
[   71.051868][   T13] vhci_hcd: disconnect device
[   71.145783][ T6643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.144'.
[   71.149600][ T6643] netlink: 48 bytes leftover after parsing attributes in process `syz.1.144'.
[   71.616743][ T6655] netlink: 76 bytes leftover after parsing attributes in process `syz.2.146'.
[   71.735640][ T6034] usb 6-1: USB disconnect, device number 3
[   71.782203][ T6661] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   72.126036][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.149'.
[   72.852378][ T6690] netlink: 92 bytes leftover after parsing attributes in process `syz.0.154'.
[   72.855584][ T6690] netlink: 12 bytes leftover after parsing attributes in process `syz.0.154'.
[   72.858603][ T6690] netlink: 20 bytes leftover after parsing attributes in process `syz.0.154'.
[   72.974892][ T6695] FAULT_INJECTION: forcing a failure.
[   72.974892][ T6695] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   72.979253][ T6695] CPU: 0 UID: 0 PID: 6695 Comm: syz.3.156 Not tainted syzkaller #0 PREEMPT(full) 
[   72.979292][ T6695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   72.979299][ T6695] Call Trace:
[   72.979303][ T6695]  <TASK>
[   72.979307][ T6695]  dump_stack_lvl+0x16c/0x1f0
[   72.979324][ T6695]  should_fail_ex+0x512/0x640
[   72.979339][ T6695]  _copy_from_user+0x2e/0xd0
[   72.979355][ T6695]  get_compat_msghdr+0xa7/0x170
[   72.979369][ T6695]  ? __pfx_get_compat_msghdr+0x10/0x10
[   72.979381][ T6695]  ? rcu_is_watching+0x12/0xc0
[   72.979393][ T6695]  ___sys_recvmsg+0x191/0x1a0
[   72.979406][ T6695]  ? __pfx____sys_recvmsg+0x10/0x10
[   72.979422][ T6695]  ? __pfx___might_resched+0x10/0x10
[   72.979434][ T6695]  do_recvmmsg+0x55d/0x750
[   72.979447][ T6695]  ? __pfx_do_recvmmsg+0x10/0x10
[   72.979458][ T6695]  ? preempt_count_add+0x76/0x150
[   72.979473][ T6695]  ? ksys_write+0x190/0x250
[   72.979485][ T6695]  ? rcu_is_watching+0x12/0xc0
[   72.979494][ T6695]  ? lock_release+0x201/0x2f0
[   72.979509][ T6695]  ? __fget_files+0x20e/0x3c0
[   72.979521][ T6695]  __sys_recvmmsg+0x21c/0x280
[   72.979534][ T6695]  ? __pfx___sys_recvmmsg+0x10/0x10
[   72.979547][ T6695]  ? __pfx_ksys_write+0x10/0x10
[   72.979559][ T6695]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[   72.979572][ T6695]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   72.979586][ T6695]  __do_fast_syscall_32+0x7c/0x3a0
[   72.979600][ T6695]  do_fast_syscall_32+0x32/0x80
[   72.979613][ T6695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   72.979626][ T6695] RIP: 0023:0xf7fd7579
[   72.979634][ T6695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   72.979643][ T6695] RSP: 002b:00000000f54b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[   72.979654][ T6695] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800066c0
[   72.979660][ T6695] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000
[   72.979666][ T6695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   72.979677][ T6695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   72.979682][ T6695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   72.979690][ T6695]  </TASK>
[   73.273452][ T6700] input: syz1 as /devices/virtual/input/input21
[   73.304804][   T93] wlan1: Trigger new scan to find an IBSS to join
[   73.455390][   T63] Bluetooth: hci0: command 0x0406 tx timeout
[   73.870155][ T6705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.159'.
[   74.729366][ T6723] block device autoloading is deprecated and will be removed.
[   75.146353][ T6734] input: syz1 as /devices/virtual/input/input22
[   75.528848][ T6745] netlink: 'syz.3.173': attribute type 4 has an invalid length.
[   75.825925][ T6747] 9pnet_fd: Insufficient options for proto=fd
[   76.104742][ T5851] vhci_hcd: vhci_device speed not set
[   76.261538][   T46] wlan1: Trigger new scan to find an IBSS to join
[   76.345171][ T1141] wlan1: Trigger new scan to find an IBSS to join
[   76.454924][ T6757] lo speed is unknown, defaulting to 1000
[   76.456974][ T6757] lo speed is unknown, defaulting to 1000
[   76.459303][ T6757] lo speed is unknown, defaulting to 1000
[   76.462715][ T6757] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   76.467044][ T6757] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   76.473397][ T6757] lo speed is unknown, defaulting to 1000
[   76.475932][ T6757] lo speed is unknown, defaulting to 1000
[   76.480001][ T6757] lo speed is unknown, defaulting to 1000
[   76.482275][ T6757] lo speed is unknown, defaulting to 1000
[   76.484618][ T6757] lo speed is unknown, defaulting to 1000
[   76.504046][   T40] kauditd_printk_skb: 91 callbacks suppressed
[   76.504061][   T40] audit: type=1326 audit(1755764362.883:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.506710][ T6771] netlink: 40 bytes leftover after parsing attributes in process `syz.0.182'.
[   76.507938][   T40] audit: type=1326 audit(1755764362.883:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.526634][   T40] audit: type=1326 audit(1755764362.883:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.534988][   T40] audit: type=1326 audit(1755764362.883:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.543469][   T40] audit: type=1326 audit(1755764362.883:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.552234][   T40] audit: type=1326 audit(1755764362.883:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.560835][   T40] audit: type=1326 audit(1755764362.883:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.568501][   T40] audit: type=1326 audit(1755764362.883:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.576782][   T40] audit: type=1326 audit(1755764362.883:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.584296][   T40] audit: type=1326 audit(1755764362.883:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.0.182" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000
[   76.585698][ T6773] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   77.354736][   T12] wlan1: Creating new IBSS network, BSSID 42:cd:e2:67:9e:8b
[   77.936376][ T6797] netlink: 32 bytes leftover after parsing attributes in process `syz.0.191'.
[   77.940376][ T6797] netlink: 24 bytes leftover after parsing attributes in process `syz.0.191'.
[   77.983402][ T6797] random: crng reseeded on system resumption
[   78.126547][ T6804] raw_sendmsg: syz.1.194 forgot to set AF_INET. Fix it!
[   78.841939][ T6840] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[   78.844261][ T6840] macsec1: entered promiscuous mode
[   78.846658][ T6840] macsec1: entered allmulticast mode
[   78.848560][ T6840] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[   79.031970][ T6846] bridge_slave_0: left allmulticast mode
[   79.033934][ T6846] bridge_slave_0: left promiscuous mode
[   79.036317][ T6846] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.095440][ T6846] bridge_slave_1: left allmulticast mode
[   79.098882][ T6846] bridge_slave_1: left promiscuous mode
[   79.104005][ T6846] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.149252][ T6849] netlink: 'syz.3.204': attribute type 10 has an invalid length.
[   79.202139][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.204'.
[   79.233802][ T6846] bond0: (slave bond_slave_0): Releasing backup interface
[   79.256583][ T6844] netlink: 'syz.3.204': attribute type 10 has an invalid length.
[   79.317420][ T6846] bond0: (slave bond_slave_1): Releasing backup interface
[   79.333962][ T6846] team0: Port device team_slave_0 removed
[   79.340155][ T6846] team0: Port device team_slave_1 removed
[   79.342738][ T6846] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.345442][ T6846] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.353519][ T6846] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.356805][ T6846] batman_adv: batadv0: Removing interface: batadv_slave_1
[   79.366261][ T6848] team0: Mode changed to "loadbalance"
[   79.370008][ T6849] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.372539][ T6849] team0: Port device bond0 added
[   79.392921][ T6852] team0 (unregistering): Port device bond0 removed
[   79.400828][ T6844] bridge0: port 1(netdevsim0) entered blocking state
[   79.403013][ T6844] bridge0: port 1(netdevsim0) entered disabled state
[   79.405559][ T6844] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[   79.409277][ T6844] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[   79.413026][ T6844] bridge0: port 1(netdevsim0) entered blocking state
[   79.415726][ T6844] bridge0: port 1(netdevsim0) entered forwarding state
[   79.808251][ T6859] netlink: 76 bytes leftover after parsing attributes in process `syz.0.206'.
[   79.875761][ T6870] netlink: 'syz.2.212': attribute type 1 has an invalid length.
[   79.896899][ T6870] 8021q: adding VLAN 0 to HW filter on device bond2
[   79.901622][ T6870] bond1: (slave bond2): making interface the new active one
[   79.905622][ T6870] bond1: (slave bond2): Enslaving as an active interface with an up link
[   80.024933][ T6882] netlink: 8 bytes leftover after parsing attributes in process `syz.3.216'.
[   80.088011][ T6885] netlink: 4 bytes leftover after parsing attributes in process `syz.3.216'.
[   80.164163][ T6891] netlink: 'syz.3.220': attribute type 4 has an invalid length.
[   80.167028][ T6891] netlink: 8 bytes leftover after parsing attributes in process `syz.3.220'.
[   80.296441][ T6905] capability: warning: `syz.2.223' uses deprecated v2 capabilities in a way that may be insecure
[   80.335166][   T80] wlan1: Trigger new scan to find an IBSS to join
[   81.155421][   T29] cfg80211: failed to load regulatory.db
[   81.562417][ T6946] loop2: detected capacity change from 0 to 7
[   81.568610][ T6946] Dev loop2: unable to read RDB block 7
[   81.570440][ T6946]  loop2: unable to read partition table
[   81.572277][ T6946] loop2: partition table beyond EOD, truncated
[   81.579165][ T6946] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   81.635078][ T5982] Bluetooth: hci0: unexpected event for opcode 0x1002
[   81.791592][ T6956] netlink: 76 bytes leftover after parsing attributes in process `syz.1.236'.
[   81.816965][ T6957] dlm: no locking on control device
[   81.911052][ T6953] input: syz1 as /devices/virtual/input/input23
[   81.980695][ T6962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   81.990771][ T6962] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   82.115798][ T6966] netlink: 'syz.0.243': attribute type 10 has an invalid length.
[   82.541028][ T6978] netlink: 32 bytes leftover after parsing attributes in process `syz.2.247'.
[   82.754946][   T40] kauditd_printk_skb: 10 callbacks suppressed
[   82.755147][   T40] audit: type=1326 audit(1755764373.124:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.782549][   T40] audit: type=1326 audit(1755764373.124:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.804406][   T40] audit: type=1326 audit(1755764373.124:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.844814][   T40] audit: type=1326 audit(1755764373.124:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.851519][   T40] audit: type=1326 audit(1755764373.124:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.861443][   T40] audit: type=1326 audit(1755764373.124:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.868791][   T40] audit: type=1326 audit(1755764373.124:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.876987][   T40] audit: type=1326 audit(1755764373.124:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.884789][   T40] audit: type=1326 audit(1755764373.124:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   82.892248][   T40] audit: type=1326 audit(1755764373.124:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[   83.186407][ T6991] input: syz1 as /devices/virtual/input/input24
[   83.260172][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.252'.
[   83.265080][ T6995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.252'.
[   83.280930][ T6999] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   83.466153][ T7005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'.
[   83.466171][ T7005] netlink: 6 bytes leftover after parsing attributes in process `syz.1.254'.
[   84.943826][ T7035] lo speed is unknown, defaulting to 1000
[   85.291533][ T7051] netlink: 'syz.3.266': attribute type 1 has an invalid length.
[   85.294794][   T93] wlan1: Trigger new scan to find an IBSS to join
[   85.298984][ T7051] 8021q: adding VLAN 0 to HW filter on device bond1
[   85.306959][ T7051] bond1: (slave geneve2): making interface the new active one
[   85.309822][ T7051] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   85.337479][ T7054] FAULT_INJECTION: forcing a failure.
[   85.337479][ T7054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.341636][ T7054] CPU: 1 UID: 0 PID: 7054 Comm: syz.3.267 Not tainted syzkaller #0 PREEMPT(full) 
[   85.341651][ T7054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.341658][ T7054] Call Trace:
[   85.341662][ T7054]  <TASK>
[   85.341666][ T7054]  dump_stack_lvl+0x16c/0x1f0
[   85.341682][ T7054]  should_fail_ex+0x512/0x640
[   85.341697][ T7054]  strncpy_from_user+0x3b/0x2e0
[   85.341711][ T7054]  getname_flags.part.0+0x8f/0x550
[   85.341727][ T7054]  ? _copy_from_user+0x93/0xd0
[   85.341742][ T7054]  getname_flags+0x93/0xf0
[   85.341753][ T7054]  user_path_at+0x24/0x60
[   85.341764][ T7054]  __ia32_sys_mount+0x1fb/0x310
[   85.341777][ T7054]  ? __pfx___ia32_sys_mount+0x10/0x10
[   85.341790][ T7054]  ? rcu_is_watching+0x12/0xc0
[   85.341805][ T7054]  __do_fast_syscall_32+0x7c/0x3a0
[   85.341820][ T7054]  do_fast_syscall_32+0x32/0x80
[   85.341833][ T7054]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   85.341846][ T7054] RIP: 0023:0xf7fd7579
[   85.341854][ T7054] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   85.341864][ T7054] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   85.341874][ T7054] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[   85.341880][ T7054] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[   85.341886][ T7054] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   85.341891][ T7054] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   85.341897][ T7054] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   85.341905][ T7054]  </TASK>
[   85.684527][ T7071] netlink: 76 bytes leftover after parsing attributes in process `syz.1.269'.
[   85.747428][ T7073] netlink: 220 bytes leftover after parsing attributes in process `syz.2.273'.
[   85.750950][ T7073] netlink: 220 bytes leftover after parsing attributes in process `syz.2.273'.
[   85.755115][ T7057] block nbd0: server does not support multiple connections per device.
[   85.757874][ T7057] block nbd0: shutting down sockets
[   85.809233][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.274'.
[   85.886965][   T34] IPVS: starting estimator thread 0...
[   86.004769][ T7079] IPVS: using max 57 ests per chain, 136800 per kthread
[   86.406349][   T13] wlan1: Creating new IBSS network, BSSID 22:fa:2e:43:60:ce
[   86.863272][ T7103] trusted_key: syz.3.282 sent an empty control message without MSG_MORE.
[   86.887029][ T7102] ALSA: mixer_oss: invalid OSS volume 'PHONEIÎ'
[   86.889619][ T7102] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦'
[   86.938740][ T7117] __nla_validate_parse: 1 callbacks suppressed
[   86.938751][ T7117] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.286'.
[   86.943547][ T7117] netlink: zone id is out of range
[   86.946434][ T7117] netlink: zone id is out of range
[   86.948921][ T7117] netlink: zone id is out of range
[   86.951009][ T7117] netlink: get zone limit has 8 unknown bytes
[   87.010494][ T7126] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   87.113700][ T7128] netlink: 76 bytes leftover after parsing attributes in process `syz.0.289'.
[   87.402321][ T7135] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[   87.412766][ T7135] netlink: 4 bytes leftover after parsing attributes in process `syz.3.291'.
[   87.599296][ T7125] netlink: 'syz.1.285': attribute type 4 has an invalid length.
[   87.749722][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.293'.
[   87.851325][ T7144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.294'.
[   87.963911][ T7150] netlink: 108 bytes leftover after parsing attributes in process `syz.3.295'.
[   88.121741][ T7159] bond0: entered promiscuous mode
[   88.124292][ T7159] batadv0: entered promiscuous mode
[   88.126773][ T7159] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[   88.130561][ T7159] 8021q: adding VLAN 0 to HW filter on device hsr1
[   88.210349][ T7157] netlink: 136 bytes leftover after parsing attributes in process `syz.3.296'.
[   88.213329][ T7157] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   88.502068][   T40] kauditd_printk_skb: 20 callbacks suppressed
[   88.502084][   T40] audit: type=1326 audit(1755764378.874:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.511384][   T40] audit: type=1326 audit(1755764378.874:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.520040][   T40] audit: type=1326 audit(1755764378.874:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.527313][   T40] audit: type=1326 audit(1755764378.874:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.535750][   T40] audit: type=1326 audit(1755764378.874:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.544239][   T40] audit: type=1326 audit(1755764378.874:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.555329][   T40] audit: type=1326 audit(1755764378.874:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.563244][   T40] audit: type=1326 audit(1755764378.874:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.571669][   T40] audit: type=1326 audit(1755764378.874:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.578950][   T40] audit: type=1326 audit(1755764378.874:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.1.303" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f37579 code=0x7ffc0000
[   88.909073][ T7205] tipc: Started in network mode
[   88.911185][ T7205] tipc: Node identity ac1414aa, cluster identity 4711
[   88.917273][ T7205] tipc: Enabled bearer <udp:s>, priority 10
[   89.035205][ T7209] netlink: 76 bytes leftover after parsing attributes in process `syz.0.310'.
[   89.725336][ T7223] netlink: 48 bytes leftover after parsing attributes in process `syz.3.313'.
[   89.828958][   T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[   90.052740][ T7246] dlm: no locking on control device
[   90.640171][ T7258] input: syz1 as /devices/virtual/input/input25
[   90.768496][   T24] tipc: Node number set to 2886997162
[   91.031454][ T7281] netlink: 'syz.3.332': attribute type 1 has an invalid length.
[   91.057644][ T7281] 8021q: adding VLAN 0 to HW filter on device bond3
[   91.062124][ T7281] bond2: (slave bond3): making interface the new active one
[   91.065748][ T7281] bond2: (slave bond3): Enslaving as an active interface with an up link
[   91.123255][ T7261] input: syz1 as /devices/virtual/input/input26
[   92.697515][ T7324] __nla_validate_parse: 2 callbacks suppressed
[   92.697532][ T7324] netlink: 28 bytes leftover after parsing attributes in process `syz.0.343'.
[   92.705072][ T7324] netlink: 28 bytes leftover after parsing attributes in process `syz.0.343'.
[   92.726762][ T7326] netlink: 'syz.1.344': attribute type 10 has an invalid length.
[   92.730153][ T7326] netlink: 40 bytes leftover after parsing attributes in process `syz.1.344'.
[   92.736684][ T7326] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[   92.873395][ T7334] Bluetooth: MGMT ver 1.23
[   92.941952][ T7333] input: syz1 as /devices/virtual/input/input27
[   93.692557][ T7357] netlink: 76 bytes leftover after parsing attributes in process `syz.2.351'.
[   93.894433][ T7365] input: syz1 as /devices/virtual/input/input28
[   93.960017][ T3243] libceph: connect (1)[c::]:6789 error -101
[   93.962439][ T3243] libceph: mon0 (1)[c::]:6789 connect error
[   94.224890][ T3243] libceph: connect (1)[c::]:6789 error -101
[   94.227283][ T3243] libceph: mon0 (1)[c::]:6789 connect error
[   94.361559][ T7364] ceph: No mds server is up or the cluster is laggy
[   94.958330][   T40] kauditd_printk_skb: 34 callbacks suppressed
[   94.958674][   T40] audit: type=1326 audit(1755764385.334:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   94.972843][   T40] audit: type=1326 audit(1755764385.334:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   94.982341][   T40] audit: type=1326 audit(1755764385.334:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   94.992599][   T40] audit: type=1326 audit(1755764385.334:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   95.002187][   T40] audit: type=1326 audit(1755764385.334:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   95.011587][   T40] audit: type=1326 audit(1755764385.344:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fd7579 code=0x7ffc0000
[   95.020902][   T40] audit: type=1326 audit(1755764385.344:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd7598 code=0x7ffc0000
[   95.030067][   T40] audit: type=1326 audit(1755764385.344:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd7598 code=0x7ffc0000
[   95.039138][   T40] audit: type=1326 audit(1755764385.344:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd7598 code=0x7ffc0000
[   95.048988][   T40] audit: type=1326 audit(1755764385.344:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7393 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fd7598 code=0x7ffc0000
[   95.330706][ T7396] FAULT_INJECTION: forcing a failure.
[   95.330706][ T7396] name failslab, interval 1, probability 0, space 0, times 1
[   95.335013][ T7396] CPU: 0 UID: 0 PID: 7396 Comm: syz.3.365 Not tainted syzkaller #0 PREEMPT(full) 
[   95.335028][ T7396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   95.335046][ T7396] Call Trace:
[   95.335052][ T7396]  <TASK>
[   95.335056][ T7396]  dump_stack_lvl+0x16c/0x1f0
[   95.335074][ T7396]  should_fail_ex+0x512/0x640
[   95.335091][ T7396]  should_failslab+0xc2/0x120
[   95.335106][ T7396]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   95.335120][ T7396]  ? skb_clone+0x190/0x3f0
[   95.335134][ T7396]  ? netlink_deliver_tap+0x103/0xd30
[   95.335147][ T7396]  skb_clone+0x190/0x3f0
[   95.335161][ T7396]  netlink_deliver_tap+0xabd/0xd30
[   95.335175][ T7396]  netlink_unicast+0x64c/0x870
[   95.335190][ T7396]  ? __pfx_netlink_unicast+0x10/0x10
[   95.335203][ T7396]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   95.335219][ T7396]  netlink_sendmsg+0x8d1/0xdd0
[   95.335239][ T7396]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.335253][ T7396]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[   95.335266][ T7396]  ____sys_sendmsg+0xa95/0xc70
[   95.335283][ T7396]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.335299][ T7396]  ? get_compat_msghdr+0x11a/0x170
[   95.335313][ T7396]  ? kstrtouint_from_user+0x13c/0x1d0
[   95.335327][ T7396]  ___sys_sendmsg+0x134/0x1d0
[   95.335339][ T7396]  ? get_pid_task+0xfc/0x250
[   95.335355][ T7396]  ? __pfx____sys_sendmsg+0x10/0x10
[   95.335370][ T7396]  ? rcu_is_watching+0x12/0xc0
[   95.335386][ T7396]  __sys_sendmsg+0x16d/0x220
[   95.335399][ T7396]  ? __pfx___sys_sendmsg+0x10/0x10
[   95.335415][ T7396]  ? rcu_is_watching+0x12/0xc0
[   95.335426][ T7396]  __do_fast_syscall_32+0x7c/0x3a0
[   95.335441][ T7396]  do_fast_syscall_32+0x32/0x80
[   95.335455][ T7396]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   95.335469][ T7396] RIP: 0023:0xf7fd7579
[   95.335478][ T7396] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   95.335488][ T7396] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   95.335499][ T7396] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[   95.335505][ T7396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   95.335511][ T7396] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   95.335517][ T7396] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   95.335523][ T7396] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   95.335532][ T7396]  </TASK>
[   95.656078][ T7407] netlink: 76 bytes leftover after parsing attributes in process `syz.0.368'.
[   95.715960][ T7409] input: syz1 as /devices/virtual/input/input29
[   97.379230][ T7440] netlink: 'syz.3.380': attribute type 10 has an invalid length.
[   97.382759][ T7440] netlink: 40 bytes leftover after parsing attributes in process `syz.3.380'.
[   97.386625][ T7440] batman_adv: batadv0: Adding interface: virt_wifi0
[   97.389453][ T7440] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.400005][ T7440] batman_adv: batadv0: Not using interface virt_wifi0 (retrying later): interface not active
[   97.455603][ T7446] comedi comedi0: Minor 3 could not be opened
[   97.458710][   T93] wlan1: Selected IBSS BSSID 22:fa:2e:43:60:ce based on configured SSID
[   97.714029][ T7454] netlink: 76 bytes leftover after parsing attributes in process `syz.1.384'.
[   97.836909][ T7455] input: syz1 as /devices/virtual/input/input30
[   98.619991][ T7466] ceph: No mds server is up or the cluster is laggy
[   98.623018][   T29] libceph: connect (1)[c::]:6789 error -101
[   98.632936][   T29] libceph: mon0 (1)[c::]:6789 connect error
[   98.824293][ T7472] netlink: 'syz.1.388': attribute type 1 has an invalid length.
[   98.832087][ T7472] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.839811][ T7472] bond1: (slave geneve2): making interface the new active one
[   98.842718][ T7472] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   98.908188][ T7479] netlink: 12 bytes leftover after parsing attributes in process `syz.1.391'.
[   98.995993][ T7483] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[   98.998392][ T7483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   99.001131][ T7483] vhci_hcd vhci_hcd.0: Device attached
[   99.017321][ T7483] netlink: 'syz.1.392': attribute type 1 has an invalid length.
[   99.099967][ T7483] 8021q: adding VLAN 0 to HW filter on device bond2
[   99.254817][   T10] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[   99.325773][ T7493] dlm: no locking on control device
[   99.680369][ T7484] vhci_hcd: connection reset by peer
[   99.682833][ T1141] vhci_hcd: stop threads
[   99.686054][ T1141] vhci_hcd: release socket
[   99.702633][ T1141] vhci_hcd: disconnect device
[   99.956715][ T7507] program syz.0.397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.334345][ T7518] FAULT_INJECTION: forcing a failure.
[  100.334345][ T7518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.338888][ T7518] CPU: 2 UID: 0 PID: 7518 Comm: syz.1.399 Not tainted syzkaller #0 PREEMPT(full) 
[  100.338904][ T7518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.338910][ T7518] Call Trace:
[  100.338913][ T7518]  <TASK>
[  100.338917][ T7518]  dump_stack_lvl+0x16c/0x1f0
[  100.338933][ T7518]  should_fail_ex+0x512/0x640
[  100.338949][ T7518]  _copy_from_user+0x2e/0xd0
[  100.338966][ T7518]  get_compat_msghdr+0xa7/0x170
[  100.338979][ T7518]  ? __pfx_get_compat_msghdr+0x10/0x10
[  100.338991][ T7518]  ? rcu_is_watching+0x12/0xc0
[  100.339003][ T7518]  ___sys_recvmsg+0x191/0x1a0
[  100.339015][ T7518]  ? __pfx____sys_recvmsg+0x10/0x10
[  100.339031][ T7518]  ? __pfx___might_resched+0x10/0x10
[  100.339043][ T7518]  do_recvmmsg+0x55d/0x750
[  100.339055][ T7518]  ? __pfx_do_recvmmsg+0x10/0x10
[  100.339067][ T7518]  ? preempt_count_add+0x76/0x150
[  100.339081][ T7518]  ? ksys_write+0x190/0x250
[  100.339093][ T7518]  ? rcu_is_watching+0x12/0xc0
[  100.339102][ T7518]  ? lock_release+0x201/0x2f0
[  100.339117][ T7518]  ? __fget_files+0x20e/0x3c0
[  100.339129][ T7518]  __sys_recvmmsg+0x21c/0x280
[  100.339142][ T7518]  ? __pfx___sys_recvmmsg+0x10/0x10
[  100.339155][ T7518]  ? __pfx_ksys_write+0x10/0x10
[  100.339176][ T7518]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  100.339189][ T7518]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  100.339203][ T7518]  __do_fast_syscall_32+0x7c/0x3a0
[  100.339217][ T7518]  do_fast_syscall_32+0x32/0x80
[  100.339230][ T7518]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  100.339246][ T7518] RIP: 0023:0xf7f37579
[  100.339257][ T7518] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  100.339266][ T7518] RSP: 002b:00000000f541455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  100.339277][ T7518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800066c0
[  100.339283][ T7518] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000
[  100.339289][ T7518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  100.339294][ T7518] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  100.339300][ T7518] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  100.339308][ T7518]  </TASK>
[  100.462666][ T7520] netlink: 108 bytes leftover after parsing attributes in process `syz.2.400'.
[  100.588694][ T7524] netlink: 136 bytes leftover after parsing attributes in process `syz.2.402'.
[  100.591509][ T7524] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  100.828592][ T7531] syzkaller1: entered promiscuous mode
[  100.830478][ T7531] syzkaller1: entered allmulticast mode
[  100.977133][ T7537] vivid-001: disconnect
[  100.979012][ T7537] vivid-001: reconnect
[  101.004996][ T7537] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  101.357693][ T7545] input: syz1 as /devices/virtual/input/input31
[  102.057795][ T7556] dlm: no locking on control device
[  102.293744][ T7560] netlink: 'syz.3.414': attribute type 1 has an invalid length.
[  102.308737][ T7560] 8021q: adding VLAN 0 to HW filter on device bond5
[  102.311416][ T7560] bond4: (slave bond5): making interface the new active one
[  102.313978][ T7560] bond4: (slave bond5): Enslaving as an active interface with an up link
[  102.380451][ T7568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.416'.
[  102.383806][ T7568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.416'.
[  102.500379][ T7575] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  102.695724][ T7581] usb 1-1: USB disconnect, device number 3
[  102.755525][ T7581] hub 1-0:1.0: USB hub found
[  102.757207][ T7581] hub 1-0:1.0: 6 ports detected
[  102.876079][ T7588] Bluetooth: hci4: Frame reassembly failed (-90)
[  102.881912][ T1141] Bluetooth: hci4: Frame reassembly failed (-84)
[  102.924910][ T6040] usb 1-1: new high-speed USB device number 4 using ehci-pci
[  103.109358][ T6040] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  103.112735][ T6040] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  103.115737][ T6040] usb 1-1: Product: QEMU USB Tablet
[  103.117877][ T6040] usb 1-1: Manufacturer: QEMU
[  103.119535][ T6040] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1
[  103.137845][ T6040] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.0003/input/input32
[  103.198701][ T6040] hid-generic 0003:0627:0001.0003: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  103.903319][ T7616] netlink: 20 bytes leftover after parsing attributes in process `syz.0.428'.
[  104.414978][   T10] vhci_hcd: vhci_device speed not set
[  104.503626][ T7629] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  104.539437][ T7634] netlink: 104 bytes leftover after parsing attributes in process `syz.1.438'.
[  104.542416][ T7634] netlink: 104 bytes leftover after parsing attributes in process `syz.1.438'.
[  104.577457][ T7640] batman_adv: batadv0: Removing interface: virt_wifi0
[  104.582771][ T7640] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  104.585073][ T7640] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  104.587170][ T7640] bridge0: port 1(netdevsim0) entered disabled state
[  104.597040][ T7640] bond1: (slave geneve2): Releasing active interface
[  104.602733][ T7640] bond2: (slave bond3): Releasing backup interface
[  104.613656][ T7640] bond4: (slave bond5): Releasing backup interface
[  104.618941][ T7642] netlink: 108 bytes leftover after parsing attributes in process `syz.0.440'.
[  104.622142][ T7642] netlink: 108 bytes leftover after parsing attributes in process `syz.0.440'.
[  104.625264][ T7642] netlink: 108 bytes leftover after parsing attributes in process `syz.0.440'.
[  104.674524][ T7648] input: syz1 as /devices/virtual/input/input33
[  104.808605][ T7630] netlink: 'syz.3.435': attribute type 10 has an invalid length.
[  104.811711][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.435'.
[  104.816642][ T7630] netlink: 'syz.3.435': attribute type 10 has an invalid length.
[  104.819975][ T7630] bridge0: port 1(netdevsim0) entered blocking state
[  104.822983][ T7630] bridge0: port 1(netdevsim0) entered disabled state
[  104.826290][ T7630] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  104.830634][ T7630] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  104.834267][ T7630] bridge0: port 1(netdevsim0) entered blocking state
[  104.836525][ T7630] bridge0: port 1(netdevsim0) entered forwarding state
[  104.894966][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  104.897041][ T5982] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  104.935070][ T7658] netlink: 'syz.0.444': attribute type 1 has an invalid length.
[  105.036072][ T7658] 8021q: adding VLAN 0 to HW filter on device bond3
[  105.580226][ T7673] netlink: 220 bytes leftover after parsing attributes in process `syz.1.449'.
[  105.583070][ T7673] netlink: 220 bytes leftover after parsing attributes in process `syz.1.449'.
[  105.889349][ T7695] netlink: 136 bytes leftover after parsing attributes in process `syz.2.456'.
[  105.892228][ T7695] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  106.150263][ T7704] input: syz1 as /devices/virtual/input/input34
[  106.242101][ T6086] udevd[6086]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  106.344865][ T1140] wlan1: Trigger new scan to find an IBSS to join
[  106.430975][ T7712] input: syz1 as /devices/virtual/input/input35
[  106.756672][ T7718] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[  106.756672][ T7718]    program syz.1.462 not setting count and/or reply_len properly
[  106.840899][ T7722] syzkaller1: entered promiscuous mode
[  106.842901][ T7722] syzkaller1: entered allmulticast mode
[  106.964264][ T7725] netlink: 'syz.1.465': attribute type 4 has an invalid length.
[  107.107378][ T7730] can0: slcan on pty24.
[  107.275166][   T40] kauditd_printk_skb: 109 callbacks suppressed
[  107.275174][   T40] audit: type=1804 audit(1755764397.484:455): pid=7730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.466" name="/newroot/125/bus" dev="tmpfs" ino=671 res=1 errno=0
[  108.157951][ T7762] input: syz1 as /devices/virtual/input/input36
[  108.541541][ T7766] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  108.575330][ T7726] can0 (unregistered): slcan off pty24.
[  108.610903][ T7772] FAULT_INJECTION: forcing a failure.
[  108.610903][ T7772] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.615153][ T7772] CPU: 3 UID: 0 PID: 7772 Comm: syz.0.475 Not tainted syzkaller #0 PREEMPT(full) 
[  108.615168][ T7772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.615174][ T7772] Call Trace:
[  108.615177][ T7772]  <TASK>
[  108.615181][ T7772]  dump_stack_lvl+0x16c/0x1f0
[  108.615198][ T7772]  should_fail_ex+0x512/0x640
[  108.615213][ T7772]  _copy_from_user+0x2e/0xd0
[  108.615228][ T7772]  do_devconfig_ioctl+0x11c/0x710
[  108.615239][ T7772]  ? __mutex_lock+0x1c5/0x1060
[  108.615252][ T7772]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  108.615264][ T7772]  ? kasan_save_stack+0x42/0x60
[  108.615275][ T7772]  ? kasan_save_stack+0x33/0x60
[  108.615286][ T7772]  ? kasan_save_track+0x14/0x30
[  108.615296][ T7772]  ? kasan_save_free_info+0x3b/0x60
[  108.615305][ T7772]  ? __kasan_slab_free+0x60/0x70
[  108.615316][ T7772]  ? kfree+0x2b4/0x4d0
[  108.615325][ T7772]  ? tomoyo_path_number_perm+0x470/0x580
[  108.615339][ T7772]  comedi_unlocked_ioctl+0x165d/0x2f00
[  108.615356][ T7772]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  108.615371][ T7772]  ? rcu_is_watching+0x12/0xc0
[  108.615382][ T7772]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  108.615400][ T7772]  ? tomoyo_path_number_perm+0x295/0x580
[  108.615411][ T7772]  ? rcu_is_watching+0x12/0xc0
[  108.615421][ T7772]  ? lock_release+0x201/0x2f0
[  108.615434][ T7772]  ? tomoyo_path_number_perm+0x18d/0x580
[  108.615446][ T7772]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  108.615459][ T7772]  comedi_compat_ioctl+0x1d0/0x990
[  108.615470][ T7772]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  108.615481][ T7772]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  108.615496][ T7772]  ? do_vfs_ioctl+0x128/0x14f0
[  108.615512][ T7772]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  108.615528][ T7772]  ? rcu_is_watching+0x12/0xc0
[  108.615538][ T7772]  ? __fget_files+0x204/0x3c0
[  108.615548][ T7772]  ? hook_file_ioctl_common+0x145/0x410
[  108.615562][ T7772]  ? __fget_files+0x20e/0x3c0
[  108.615573][ T7772]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  108.615584][ T7772]  __ia32_compat_sys_ioctl+0x23f/0x370
[  108.615601][ T7772]  __do_fast_syscall_32+0x7c/0x3a0
[  108.615615][ T7772]  do_fast_syscall_32+0x32/0x80
[  108.615628][ T7772]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.615640][ T7772] RIP: 0023:0xf7f44579
[  108.615648][ T7772] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.615658][ T7772] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  108.615680][ T7772] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400
[  108.615687][ T7772] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  108.615692][ T7772] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  108.615698][ T7772] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  108.615703][ T7772] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.615712][ T7772]  </TASK>
[  109.733305][ T7803] dlm: no locking on control device
[  110.250093][ T7808] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.332796][ T7808] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.407090][ T7808] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.480481][ T7808] bridge0: port 1(netdevsim0) entered disabled state
[  110.490518][ T7808] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode
[  110.497077][ T7808] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode
[  110.503470][ T7808] bridge0: port 1(netdevsim0) entered disabled state
[  110.508809][ T7808] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.572335][   T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.579089][   T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.584308][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.589286][   T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.632871][ T7818] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  110.635899][ T7818] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  110.638217][ T7818] bridge0: port 1(netdevsim0) entered disabled state
[  110.705761][ T7822] loop2: detected capacity change from 0 to 7
[  110.710140][ T7822] Dev loop2: unable to read RDB block 7
[  110.711936][ T7822]  loop2: unable to read partition table
[  110.714192][ T7822] loop2: partition table beyond EOD, truncated
[  110.718020][ T7822] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  110.737558][ T7818] netlink: 'syz.3.488': attribute type 10 has an invalid length.
[  110.740367][ T7818] __nla_validate_parse: 2 callbacks suppressed
[  110.740397][ T7818] netlink: 4 bytes leftover after parsing attributes in process `syz.3.488'.
[  110.794068][ T7818] netlink: 'syz.3.488': attribute type 10 has an invalid length.
[  110.807070][ T7818] bridge0: port 1(netdevsim0) entered blocking state
[  110.810269][ T7818] bridge0: port 1(netdevsim0) entered disabled state
[  110.813130][ T7818] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  110.822873][ T7818] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  110.839865][ T7818] bridge0: port 1(netdevsim0) entered blocking state
[  110.842045][ T7818] bridge0: port 1(netdevsim0) entered forwarding state
[  111.305865][ T1141] wlan1: Trigger new scan to find an IBSS to join
[  111.538550][ T7830] random: crng reseeded on system resumption
[  111.614796][ T7837] vxfs: WRONG superblock magic 00000000 at 1
[  111.616923][ T7837] vxfs: WRONG superblock magic 00000000 at 8
[  111.618979][ T7837] vxfs: can't find superblock.
[  111.812007][ T7843] netlink: 76 bytes leftover after parsing attributes in process `syz.2.495'.
[  112.260865][   T13] wlan1: Creating new IBSS network, BSSID 5e:31:79:5c:a0:26
[  113.245797][ T6040] libceph: connect (1)[c::]:6789 error -101
[  113.247849][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  113.250559][ T6040] libceph: connect (1)[c::]:6789 error -101
[  113.252730][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  113.287204][ T7858] input: syz1 as /devices/virtual/input/input37
[  113.289074][ T7855] ceph: No mds server is up or the cluster is laggy
[  117.055817][ T7908] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  117.221897][ T7910] input: syz1 as /devices/virtual/input/input38
[  117.731420][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.519'.
[  117.734237][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.519'.
[  117.790317][ T1140] wlan1: Selected IBSS BSSID 5e:31:79:5c:a0:26 based on configured SSID
[  118.871091][ T7962] netlink: 76 bytes leftover after parsing attributes in process `syz.3.532'.
[  119.701559][ T7974] netlink: 220 bytes leftover after parsing attributes in process `syz.0.535'.
[  119.704519][ T7974] netlink: 220 bytes leftover after parsing attributes in process `syz.0.535'.
[  120.005818][ T7993] overlayfs: failed to resolve './file1': -2
[  120.235236][ T5982] Bluetooth: hci0: unexpected event for opcode 0x0c23
[  120.637059][ T8012] geneve2: entered allmulticast mode
[  120.935288][ T8023] syzkaller1: entered promiscuous mode
[  120.937787][ T8023] syzkaller1: entered allmulticast mode
[  121.253798][   T12] wlan1: Selected IBSS BSSID 22:fa:2e:43:60:ce based on configured SSID
[  123.055929][ T8072] FAULT_INJECTION: forcing a failure.
[  123.055929][ T8072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.060718][ T8072] CPU: 2 UID: 0 PID: 8072 Comm: syz.0.562 Not tainted syzkaller #0 PREEMPT(full) 
[  123.060733][ T8072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.060739][ T8072] Call Trace:
[  123.060743][ T8072]  <TASK>
[  123.060747][ T8072]  dump_stack_lvl+0x16c/0x1f0
[  123.060763][ T8072]  should_fail_ex+0x512/0x640
[  123.060805][ T8072]  _copy_to_user+0x32/0xd0
[  123.060820][ T8072]  simple_read_from_buffer+0xcb/0x170
[  123.060838][ T8072]  proc_fail_nth_read+0x197/0x240
[  123.060856][ T8072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.060872][ T8072]  ? security_file_permission+0x71/0x210
[  123.060889][ T8072]  ? rw_verify_area+0xcf/0x6c0
[  123.060900][ T8072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.060910][ T8072]  vfs_read+0x1e4/0xcf0
[  123.060922][ T8072]  ? __pfx_vfs_read+0x10/0x10
[  123.060933][ T8072]  ? rcu_is_watching+0x12/0xc0
[  123.060945][ T8072]  ? __fget_files+0x20e/0x3c0
[  123.060957][ T8072]  ksys_read+0x12a/0x250
[  123.060968][ T8072]  ? __pfx_ksys_read+0x10/0x10
[  123.060979][ T8072]  ? fput+0x9b/0xd0
[  123.060992][ T8072]  ? rcu_is_watching+0x12/0xc0
[  123.061002][ T8072]  __do_fast_syscall_32+0x7c/0x3a0
[  123.061016][ T8072]  do_fast_syscall_32+0x32/0x80
[  123.061036][ T8072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  123.061050][ T8072] RIP: 0023:0xf7f44579
[  123.061058][ T8072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  123.061068][ T8072] RSP: 002b:00000000f5466590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  123.061080][ T8072] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f5466620
[  123.061090][ T8072] RDX: 000000000000000f RSI: 00000000f73d4ff4 RDI: 0000000000000000
[  123.061099][ T8072] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  123.061107][ T8072] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  123.061118][ T8072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  123.061132][ T8072]  </TASK>
[  123.338521][ T8081] netlink: 4 bytes leftover after parsing attributes in process `syz.2.566'.
[  123.343622][ T8081] netlink: 173 bytes leftover after parsing attributes in process `syz.2.566'.
[  123.348275][ T8081] netlink: 277 bytes leftover after parsing attributes in process `syz.2.566'.
[  123.352133][ T8081] netlink: 277 bytes leftover after parsing attributes in process `syz.2.566'.
[  123.391700][ T8083] openvswitch: netlink: Key type 29 is not supported
[  123.422767][ T8088] netlink: 36 bytes leftover after parsing attributes in process `syz.0.569'.
[  123.426018][ T8088] netlink: 16 bytes leftover after parsing attributes in process `syz.0.569'.
[  123.428873][ T8088] netlink: 36 bytes leftover after parsing attributes in process `syz.0.569'.
[  123.431753][ T8088] netlink: 36 bytes leftover after parsing attributes in process `syz.0.569'.
[  123.435754][ T8090] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  123.477194][ T8092] netlink: 28 bytes leftover after parsing attributes in process `syz.2.566'.
[  123.517900][ T8097] netlink: 52 bytes leftover after parsing attributes in process `syz.1.573'.
[  123.657030][ T8110] input: syz1 as /devices/virtual/input/input39
[  123.716156][ T8115] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  123.847444][ T8122] input: syz1 as /devices/virtual/input/input40
[  123.894351][ T8125] binder: BINDER_SET_CONTEXT_MGR already set
[  123.896430][ T8125] binder: 8124:8125 ioctl 4018620d 80004a80 returned -16
[  124.365613][ T8144] netlink: 'syz.3.589': attribute type 3 has an invalid length.
[  124.688837][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  124.704843][   T10] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  124.807634][ T8159] fido_id[8159]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  125.310456][ T8175] input: syz1 as /devices/virtual/input/input41
[  125.946477][ T8200] orangefs_devreq_open: device cannot be opened in blocking mode
[  126.754864][ T8209] lo speed is unknown, defaulting to 1000
[  128.193077][ T8245] input: syz1 as /devices/virtual/input/input42
[  128.936435][ T8260] syz.0.624 (8260): /proc/8260/oom_adj is deprecated, please use /proc/8260/oom_score_adj instead.
[  129.094545][ T8262] __nla_validate_parse: 7 callbacks suppressed
[  129.094563][ T8262] netlink: 48 bytes leftover after parsing attributes in process `syz.0.625'.
[  129.115311][ T8264] netlink: 48 bytes leftover after parsing attributes in process `syz.0.625'.
[  129.469042][ T8275] netlink: 76 bytes leftover after parsing attributes in process `syz.0.626'.
[  129.791983][ T8282] input: syz1 as /devices/virtual/input/input43
[  130.444834][ T8295] FAULT_INJECTION: forcing a failure.
[  130.444834][ T8295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.450651][ T8295] CPU: 0 UID: 0 PID: 8295 Comm: syz.0.633 Not tainted syzkaller #0 PREEMPT(full) 
[  130.450674][ T8295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.450685][ T8295] Call Trace:
[  130.450692][ T8295]  <TASK>
[  130.450699][ T8295]  dump_stack_lvl+0x16c/0x1f0
[  130.450753][ T8295]  should_fail_ex+0x512/0x640
[  130.450778][ T8295]  _copy_from_user+0x2e/0xd0
[  130.450804][ T8295]  get_compat_msghdr+0xa7/0x170
[  130.450825][ T8295]  ? __pfx_get_compat_msghdr+0x10/0x10
[  130.450846][ T8295]  ? __pfx___schedule+0x10/0x10
[  130.450865][ T8295]  ___sys_recvmsg+0x191/0x1a0
[  130.450893][ T8295]  ? __pfx____sys_recvmsg+0x10/0x10
[  130.450913][ T8295]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  130.450944][ T8295]  ? __pfx___might_resched+0x10/0x10
[  130.450961][ T8295]  ? do_recvmmsg+0x1f5/0x750
[  130.450980][ T8295]  ? do_recvmmsg+0x202/0x750
[  130.451001][ T8295]  do_recvmmsg+0x55d/0x750
[  130.451023][ T8295]  ? __pfx_do_recvmmsg+0x10/0x10
[  130.451042][ T8295]  ? lock_release+0x201/0x2f0
[  130.451064][ T8295]  ? rcu_is_watching+0x12/0xc0
[  130.451082][ T8295]  ? trace_sched_exit_tp+0xd1/0x120
[  130.451107][ T8295]  ? __schedule+0x11a3/0x5de0
[  130.451131][ T8295]  __sys_recvmmsg+0x21c/0x280
[  130.451152][ T8295]  ? __pfx___sys_recvmmsg+0x10/0x10
[  130.451176][ T8295]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  130.451198][ T8295]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  130.451221][ T8295]  __do_fast_syscall_32+0x7c/0x3a0
[  130.451244][ T8295]  do_fast_syscall_32+0x32/0x80
[  130.451265][ T8295]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.451286][ T8295] RIP: 0023:0xf7f44579
[  130.451299][ T8295] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.451314][ T8295] RSP: 002b:00000000f542455c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  130.451332][ T8295] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800066c0
[  130.451342][ T8295] RDX: 0000000000000a0d RSI: 0000000000000000 RDI: 0000000000000000
[  130.451352][ T8295] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  130.451361][ T8295] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  130.451371][ T8295] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.451385][ T8295]  </TASK>
[  132.009381][ T8330] netlink: 76 bytes leftover after parsing attributes in process `syz.1.644'.
[  132.031003][ T8334] bond1: (slave bond2): Releasing backup interface
[  132.091820][ T8334] team0: Mode changed to "loadbalance"
[  132.111460][ T8336] input: syz1 as /devices/virtual/input/input44
[  132.131967][ T8334] netlink: 'syz.0.646': attribute type 10 has an invalid length.
[  132.364254][ T8334] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'.
[  132.367008][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.370916][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.419951][ T8341] netlink: 'syz.0.646': attribute type 10 has an invalid length.
[  132.986828][ T8350] loop6: detected capacity change from 0 to 63
[  132.992583][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  132.995525][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  132.998327][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.000968][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001056][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001161][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001269][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001382][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001464][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  133.001591][ T8350] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.655491][ T6040] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  134.840574][ T6040] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  134.843797][ T6040] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  134.849259][ T6040] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  134.854692][ T6040] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.068066][ T6040] usb 6-1: usb_control_msg returned -32
[  135.070070][ T6040] usbtmc 6-1:16.0: can't read capabilities
[  135.426051][ T8393] overlay: Unknown parameter 'fscontext'
[  135.528998][ T8394] netlink: 'syz.2.662': attribute type 4 has an invalid length.
[  136.304435][ T8401] netlink: 76 bytes leftover after parsing attributes in process `syz.3.664'.
[  136.312161][ T8403] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  136.479417][   T40] audit: type=1326 audit(1755764426.854:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8409 comm="syz.2.668" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[  136.488890][   T40] audit: type=1326 audit(1755764426.854:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8409 comm="syz.2.668" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000
[  136.500349][   T40] audit: type=1326 audit(1755764426.854:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8409 comm="syz.2.668" exe="/syz-executor" sig=0 arch=40000003 syscall=29 compat=1 ip=0xf7f38579 code=0x7ffc0000
[  137.378976][ T8418] input: syz1 as /devices/virtual/input/input45
[  137.402066][ T3243] usb 6-1: USB disconnect, device number 4
[  137.676614][ T8423] netlink: 76 bytes leftover after parsing attributes in process `syz.1.671'.
[  138.012307][ T8429] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  138.015216][ T8429] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 1th superblock
[  138.020967][ T8429] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  138.026182][ T8429] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 2th superblock
[  138.144368][ T8430] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  138.149408][ T8430] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 1th superblock
[  138.206502][ T8430] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  138.209974][ T8430] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 2th superblock
[  138.230073][ T8435] loop2: detected capacity change from 0 to 7
[  138.233908][ T6592] Dev loop2: unable to read RDB block 7
[  138.237013][ T6592]  loop2: unable to read partition table
[  138.241653][ T6592] loop2: partition table beyond EOD, truncated
[  138.251290][ T8435] Dev loop2: unable to read RDB block 7
[  138.253713][ T8435]  loop2: unable to read partition table
[  138.256515][ T8435] loop2: partition table beyond EOD, truncated
[  138.259877][ T8435] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  138.375396][ T6188] IPVS: starting estimator thread 0...
[  138.542531][ T8448] netlink: 'syz.3.680': attribute type 4 has an invalid length.
[  138.546334][ T8448] netlink: 28 bytes leftover after parsing attributes in process `syz.3.680'.
[  138.652685][ T8446] IPVS: using max 33 ests per chain, 79200 per kthread
[  138.710182][ T8452] netlink: 76 bytes leftover after parsing attributes in process `syz.0.677'.
[  138.798112][ T8448] netlink: 56 bytes leftover after parsing attributes in process `syz.3.680'.
[  138.811731][ T8448] tmpfs: Bad value for 'mpol'
[  138.817250][ T8448] netlink: 52 bytes leftover after parsing attributes in process `syz.3.680'.
[  138.900343][ T8457] bond1: (slave geneve2): Releasing active interface
[  139.013412][ T8456] netlink: 68 bytes leftover after parsing attributes in process `syz.1.682'.
[  139.025932][ T8456] netlink: 'syz.1.682': attribute type 10 has an invalid length.
[  139.028857][ T8456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.682'.
[  139.488967][ T8472] dlm: no locking on control device
[  139.768067][ T8474] bond0: entered promiscuous mode
[  139.770265][ T8474] batadv0: entered promiscuous mode
[  139.772451][ T8474] debugfs: 'hsr1' already exists in 'hsr'
[  139.774315][ T8474] Cannot create hsr debugfs directory
[  139.776232][ T8474] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  139.780335][ T8474] 8021q: adding VLAN 0 to HW filter on device hsr1
[  139.859930][ T8479] tipc: Started in network mode
[  139.862057][ T8479] tipc: Node identity ac1414aa, cluster identity 4711
[  139.866309][ T8479] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  139.907350][ T8481] netlink: 220 bytes leftover after parsing attributes in process `syz.1.689'.
[  139.910390][ T8481] netlink: 220 bytes leftover after parsing attributes in process `syz.1.689'.
[  140.005277][ T6040] IPVS: starting estimator thread 0...
[  140.095303][ T8489] IPVS: using max 57 ests per chain, 136800 per kthread
[  140.151885][ T8492] input: syz1 as /devices/virtual/input/input46
[  140.605160][ T5982] Bluetooth: hci0: unexpected event for opcode 0x1002
[  140.777019][ T8508] dlm: no locking on control device
[  141.599729][ T8529] netlink: 108 bytes leftover after parsing attributes in process `syz.0.706'.
[  141.603388][ T8529] netlink: 108 bytes leftover after parsing attributes in process `syz.0.706'.
[  141.607734][ T8529] netlink: 108 bytes leftover after parsing attributes in process `syz.0.706'.
[  143.107506][ T8560] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  143.128548][ T8564] kvm: Disabled LAPIC found during irq injection
[  143.164252][ T8564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.716'.
[  143.171888][ T8564] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  143.196780][ T8564] netlink: 52 bytes leftover after parsing attributes in process `syz.2.716'.
[  144.665883][ T8587] trusted_key: encrypted_key: insufficient parameters specified
[  144.675135][ T6040] libceph: connect (1)[c::]:6789 error -101
[  144.677521][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  144.695604][ T8603] FAULT_INJECTION: forcing a failure.
[  144.695604][ T8603] name failslab, interval 1, probability 0, space 0, times 0
[  144.702009][ T8603] CPU: 2 UID: 0 PID: 8603 Comm: syz.0.726 Not tainted syzkaller #0 PREEMPT(full) 
[  144.702029][ T8603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.702036][ T8603] Call Trace:
[  144.702041][ T8603]  <TASK>
[  144.702045][ T8603]  dump_stack_lvl+0x16c/0x1f0
[  144.702066][ T8603]  should_fail_ex+0x512/0x640
[  144.702084][ T8603]  should_failslab+0xc2/0x120
[  144.702100][ T8603]  __kmalloc_cache_noprof+0x6a/0x3e0
[  144.702112][ T8603]  ? ovl_init_fs_context+0x11f/0x5f0
[  144.702126][ T8603]  ? kasan_save_track+0x14/0x30
[  144.702139][ T8603]  ovl_init_fs_context+0x11f/0x5f0
[  144.702151][ T8603]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  144.702163][ T8603]  alloc_fs_context+0x54a/0x9c0
[  144.702178][ T8603]  path_mount+0xbdd/0x2000
[  144.702194][ T8603]  ? __pfx_path_mount+0x10/0x10
[  144.702207][ T8603]  ? kmem_cache_free+0x2d1/0x4d0
[  144.702218][ T8603]  ? putname+0x154/0x1a0
[  144.702234][ T8603]  ? getname_flags.part.0+0x1c5/0x550
[  144.702252][ T8603]  ? __ia32_sys_mount+0x28b/0x310
[  144.702265][ T8603]  __ia32_sys_mount+0x28b/0x310
[  144.702279][ T8603]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.702293][ T8603]  ? rcu_is_watching+0x12/0xc0
[  144.702309][ T8603]  __do_fast_syscall_32+0x7c/0x3a0
[  144.702327][ T8603]  do_fast_syscall_32+0x32/0x80
[  144.702340][ T8603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.702356][ T8603] RIP: 0023:0xf7f44579
[  144.702366][ T8603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.702378][ T8603] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.702390][ T8603] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  144.702397][ T8603] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[  144.702403][ T8603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.702410][ T8603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.702416][ T8603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.702425][ T8603]  </TASK>
[  144.935321][ T6040] libceph: connect (1)[c::]:6789 error -101
[  144.937705][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  145.215819][ T8633] netlink: 'syz.0.736': attribute type 4 has an invalid length.
[  145.432804][ T8644] loop2: detected capacity change from 0 to 7
[  145.436975][ T8644] Dev loop2: unable to read RDB block 7
[  145.439598][ T8644]  loop2: unable to read partition table
[  145.441827][ T8644] loop2: partition table beyond EOD, truncated
[  145.443871][ T8644] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  145.455334][ T6040] libceph: connect (1)[c::]:6789 error -101
[  145.458100][ T6040] libceph: mon0 (1)[c::]:6789 connect error
[  145.463522][ T8646] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  145.466316][ T8646] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  145.470370][ T8646] vhci_hcd vhci_hcd.0: Device attached
[  145.501755][ T8596] ceph: No mds server is up or the cluster is laggy
[  145.532969][ T8650] =======================================================
[  145.532969][ T8650] WARNING: The mand mount option has been deprecated and
[  145.532969][ T8650]          and is ignored by this kernel. Remove the mand
[  145.532969][ T8650]          option from the mount to silence this warning.
[  145.532969][ T8650] =======================================================
[  145.714746][ T3243] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[  145.717984][   T54] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  145.864770][   T54] usb 5-1: device descriptor read/64, error -71
[  146.104725][   T54] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  146.245082][   T54] usb 5-1: device descriptor read/64, error -71
[  146.355303][   T54] usb usb5-port1: attempt power cycle
[  146.484693][ T8655] Process accounting resumed
[  146.488333][ T8682] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  146.490534][ T8682] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  146.494940][ T8682] vhci_hcd vhci_hcd.0: Device attached
[  146.714795][   T54] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  146.734863][  T840] usb 43-1: new high-speed USB device number 2 using vhci_hcd
[  146.735313][   T54] usb 5-1: device descriptor read/8, error -71
[  146.870345][   T29] IPVS: starting estimator thread 0...
[  146.954827][ T8700] IPVS: using max 57 ests per chain, 136800 per kthread
[  146.974799][   T54] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  146.996159][   T54] usb 5-1: device descriptor read/8, error -71
[  147.080921][ T8702] netlink: 220 bytes leftover after parsing attributes in process `syz.2.757'.
[  147.094571][ T8702] netlink: 220 bytes leftover after parsing attributes in process `syz.2.757'.
[  147.116268][   T54] usb usb5-port1: unable to enumerate USB device
[  147.121110][ T8704] netlink: 136 bytes leftover after parsing attributes in process `syz.2.758'.
[  147.124943][ T8704] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  147.284229][ T8683] vhci_hcd: connection reset by peer
[  147.286580][ T1141] vhci_hcd: stop threads
[  147.288321][ T1141] vhci_hcd: release socket
[  147.289964][ T1141] vhci_hcd: disconnect device
[  147.375366][ T8712] netlink: 8 bytes leftover after parsing attributes in process `syz.2.761'.
[  147.378395][ T8712] lo: entered promiscuous mode
[  147.379881][ T8712] lo: entered allmulticast mode
[  147.383721][ T8712] tunl0: entered promiscuous mode
[  147.385885][ T8712] tunl0: entered allmulticast mode
[  147.387863][ T8712] gre0: entered promiscuous mode
[  147.389466][ T8712] gre0: entered allmulticast mode
[  147.391319][ T8712] gretap0: entered promiscuous mode
[  147.392974][ T8712] gretap0: entered allmulticast mode
[  147.396436][ T8712] erspan0: entered promiscuous mode
[  147.398399][ T8712] erspan0: entered allmulticast mode
[  147.401072][ T8712] ip_vti0: entered promiscuous mode
[  147.402763][ T8712] ip_vti0: entered allmulticast mode
[  147.404609][ T8712] ip6_vti0: entered promiscuous mode
[  147.406566][ T8712] ip6_vti0: entered allmulticast mode
[  147.408537][ T8712] sit0: entered promiscuous mode
[  147.410115][ T8712] sit0: entered allmulticast mode
[  147.411961][ T8712] ip6tnl0: entered promiscuous mode
[  147.413636][ T8712] ip6tnl0: entered allmulticast mode
[  147.416287][ T8712] ip6gre0: entered promiscuous mode
[  147.418535][ T8712] ip6gre0: entered allmulticast mode
[  147.420695][ T8712] syz_tun: entered promiscuous mode
[  147.422466][ T8712] syz_tun: entered allmulticast mode
[  147.425289][ T8712] ip6gretap0: entered promiscuous mode
[  147.427388][ T8712] ip6gretap0: entered allmulticast mode
[  147.429554][ T8712] vcan0: entered promiscuous mode
[  147.431208][ T8712] vcan0: entered allmulticast mode
[  147.434028][ T8712] bond0: entered allmulticast mode
[  147.437069][ T8712] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.439781][ T8712] dummy0: entered promiscuous mode
[  147.441641][ T8712] dummy0: entered allmulticast mode
[  147.443605][ T8712] nlmon0: entered promiscuous mode
[  147.445839][ T8712] nlmon0: entered allmulticast mode
[  147.449128][ T8712] caif0: entered promiscuous mode
[  147.451108][ T8712] caif0: entered allmulticast mode
[  147.453064][ T8712] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  147.458949][   T54] lo speed is unknown, defaulting to 1000
[  147.460819][   T54] syz0: Port: 1 Link ACTIVE
[  147.783529][ T8717] dlm: no locking on control device
[  147.978572][ T8723] netlink: 84 bytes leftover after parsing attributes in process `syz.3.765'.
[  148.129903][ T8727] FAULT_INJECTION: forcing a failure.
[  148.129903][ T8727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.129927][ T8727] CPU: 0 UID: 0 PID: 8727 Comm: syz.2.766 Not tainted syzkaller #0 PREEMPT(full) 
[  148.129941][ T8727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.129947][ T8727] Call Trace:
[  148.129951][ T8727]  <TASK>
[  148.129955][ T8727]  dump_stack_lvl+0x16c/0x1f0
[  148.129973][ T8727]  should_fail_ex+0x512/0x640
[  148.129990][ T8727]  _copy_from_iter+0x29f/0x16f0
[  148.130008][ T8727]  ? __pfx__copy_from_iter+0x10/0x10
[  148.130026][ T8727]  ? __pfx___mutex_lock+0x10/0x10
[  148.130041][ T8727]  ? schedule+0x2d7/0x3a0
[  148.130052][ T8727]  ? rcu_is_watching+0x12/0xc0
[  148.130064][ T8727]  copy_page_from_iter+0xde/0x180
[  148.130080][ T8727]  anon_pipe_write+0xbe7/0x1a90
[  148.130097][ T8727]  ? __pfx_anon_pipe_write+0x10/0x10
[  148.130109][ T8727]  ? __pfx_autoremove_wake_function+0x10/0x10
[  148.130122][ T8727]  ? bpf_lsm_file_permission+0x9/0x10
[  148.130143][ T8727]  ? security_file_permission+0x71/0x210
[  148.130164][ T8727]  ? rw_verify_area+0xcf/0x6c0
[  148.130179][ T8727]  vfs_write+0x7d0/0x11d0
[  148.130195][ T8727]  ? __pfx_anon_pipe_write+0x10/0x10
[  148.130212][ T8727]  ? __pfx_vfs_write+0x10/0x10
[  148.130224][ T8727]  ? lock_release+0x201/0x2f0
[  148.130247][ T8727]  ksys_write+0x1f8/0x250
[  148.130264][ T8727]  ? __pfx_ksys_write+0x10/0x10
[  148.130281][ T8727]  ? rcu_is_watching+0x12/0xc0
[  148.130298][ T8727]  __do_fast_syscall_32+0x7c/0x3a0
[  148.130313][ T8727]  do_fast_syscall_32+0x32/0x80
[  148.130326][ T8727]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.130340][ T8727] RIP: 0023:0xf7f38579
[  148.130348][ T8727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  148.130359][ T8727] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  148.130371][ T8727] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[  148.130381][ T8727] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  148.130391][ T8727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  148.130399][ T8727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  148.130409][ T8727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  148.130422][ T8727]  </TASK>
[  148.535061][ T8647] vhci_hcd: connection reset by peer
[  148.542447][   T12] vhci_hcd: stop threads
[  148.543881][   T12] vhci_hcd: release socket
[  148.547514][   T12] vhci_hcd: disconnect device
[  148.634132][ T8737] overlayfs: failed to resolve './bus': -2
[  148.693033][ T8742] netlink: 'syz.3.771': attribute type 1 has an invalid length.
[  148.738528][ T8742] 8021q: adding VLAN 0 to HW filter on device bond7
[  148.741900][ T8742] bond6: (slave bond7): making interface the new active one
[  148.745393][ T8742] bond6: (slave bond7): Enslaving as an active interface with an up link
[  148.787202][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.774'.
[  148.787270][ T8752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.774'.
[  148.791546][ T8751] gtp0: entered promiscuous mode
[  148.795220][ T8751] gtp0: entered allmulticast mode
[  149.443383][ T8768] netlink: 76 bytes leftover after parsing attributes in process `syz.2.777'.
[  149.888732][ T8758] netlink: 'syz.1.775': attribute type 10 has an invalid length.
[  149.892456][ T8758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.775'.
[  149.896810][ T8758] netlink: 'syz.1.775': attribute type 10 has an invalid length.
[  150.202576][ T8789] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  150.337466][   T63] Bluetooth: hci3: unexpected event for opcode 0x1002
[  150.509128][ T8799] dlm: no locking on control device
[  151.593932][ T8804] netlink: 76 bytes leftover after parsing attributes in process `syz.1.786'.
[  151.654785][ T3243] vhci_hcd: vhci_device speed not set
[  151.660752][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  152.210901][ T8824] overlay: filesystem on ./bus not supported as upperdir
[  152.255048][  T840] vhci_hcd: vhci_device speed not set
[  152.548449][ T8844] input: syz1 as /devices/virtual/input/input47
[  152.813467][ T8828] Set syz1 is full, maxelem 65536 reached
[  152.947607][ T8851] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  153.066492][ T8859] netlink: 'syz.3.802': attribute type 10 has an invalid length.
[  153.069120][ T8859] netlink: 40 bytes leftover after parsing attributes in process `syz.3.802'.
[  153.072473][ T8859] batman_adv: batadv0: Adding interface: virt_wifi0
[  153.075091][ T8859] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.083587][ T8859] batman_adv: batadv0: Not using interface virt_wifi0 (retrying later): interface not active
[  153.115740][ T8861] mkiss: ax0: crc mode is auto.
[  153.348130][ T8871] FAULT_INJECTION: forcing a failure.
[  153.348130][ T8871] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  153.352726][ T8871] CPU: 3 UID: 0 PID: 8871 Comm: syz.3.808 Not tainted syzkaller #0 PREEMPT(full) 
[  153.352745][ T8871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.352754][ T8871] Call Trace:
[  153.352758][ T8871]  <TASK>
[  153.352764][ T8871]  dump_stack_lvl+0x16c/0x1f0
[  153.352785][ T8871]  should_fail_ex+0x512/0x640
[  153.352805][ T8871]  should_fail_alloc_page+0xe7/0x130
[  153.352824][ T8871]  prepare_alloc_pages+0x3c2/0x610
[  153.352843][ T8871]  ? do_user_addr_fault+0x829/0x1370
[  153.352865][ T8871]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  153.352882][ T8871]  ? do_user_addr_fault+0x843/0x1370
[  153.352903][ T8871]  ? rcu_is_watching+0x12/0xc0
[  153.352917][ T8871]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  153.352938][ T8871]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  153.352957][ T8871]  ? _copy_from_iter+0x37e/0x16f0
[  153.352977][ T8871]  ? _copy_from_iter+0x15d/0x16f0
[  153.352996][ T8871]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  153.353016][ T8871]  ? policy_nodemask+0xea/0x4e0
[  153.353034][ T8871]  alloc_pages_mpol+0x1fb/0x550
[  153.353050][ T8871]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  153.353069][ T8871]  alloc_pages_noprof+0x131/0x390
[  153.353085][ T8871]  anon_pipe_write+0xbc2/0x1a90
[  153.353103][ T8871]  ? get_pid_task+0xb1/0x250
[  153.353122][ T8871]  ? __pfx_anon_pipe_write+0x10/0x10
[  153.353138][ T8871]  ? common_file_perm+0x1a9/0x340
[  153.353155][ T8871]  ? bpf_lsm_file_permission+0x9/0x10
[  153.353174][ T8871]  ? security_file_permission+0x71/0x210
[  153.353192][ T8871]  ? rw_verify_area+0xcf/0x6c0
[  153.353206][ T8871]  vfs_write+0x7d0/0x11d0
[  153.353220][ T8871]  ? __pfx_anon_pipe_write+0x10/0x10
[  153.353237][ T8871]  ? __pfx_vfs_write+0x10/0x10
[  153.353251][ T8871]  ? lock_release+0x201/0x2f0
[  153.353272][ T8871]  ksys_write+0x1f8/0x250
[  153.353286][ T8871]  ? __pfx_ksys_write+0x10/0x10
[  153.353301][ T8871]  ? rcu_is_watching+0x12/0xc0
[  153.353314][ T8871]  __do_fast_syscall_32+0x7c/0x3a0
[  153.353332][ T8871]  do_fast_syscall_32+0x32/0x80
[  153.353349][ T8871]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.353370][ T8871] RIP: 0023:0xf7fd7579
[  153.353384][ T8871] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.353398][ T8871] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  153.353412][ T8871] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[  153.353420][ T8871] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  153.353428][ T8871] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.353436][ T8871] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.353443][ T8871] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.353455][ T8871]  </TASK>
[  153.748654][ T8881] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  153.979547][ T8888] trusted_key: encrypted_key: insufficient parameters specified
[  154.757790][ T8908] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  154.760192][ T8908] UDF-fs: Scanning with blocksize 2048 failed
[  154.763589][ T8908] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  154.766363][ T8908] UDF-fs: Scanning with blocksize 4096 failed
[  155.193169][   T40] audit: type=1400 audit(1755764445.564:459): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=8932 comm="syz.2.824"
[  155.210226][ T8908] syz.0.815 (8908) used greatest stack depth: 19784 bytes left
[  155.305366][ T8939] syz.2.826: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  155.309990][ T8939] CPU: 3 UID: 0 PID: 8939 Comm: syz.2.826 Not tainted syzkaller #0 PREEMPT(full) 
[  155.310006][ T8939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.310013][ T8939] Call Trace:
[  155.310018][ T8939]  <TASK>
[  155.310022][ T8939]  dump_stack_lvl+0x16c/0x1f0
[  155.310040][ T8939]  warn_alloc+0x248/0x3a0
[  155.310054][ T8939]  ? __pfx_warn_alloc+0x10/0x10
[  155.310066][ T8939]  ? __pfx_stack_trace_save+0x10/0x10
[  155.310081][ T8939]  ? kasan_save_stack+0x42/0x60
[  155.310093][ T8939]  ? kasan_save_stack+0x33/0x60
[  155.310104][ T8939]  ? kasan_save_track+0x14/0x30
[  155.310115][ T8939]  ? xskq_create+0x52/0x1d0
[  155.310126][ T8939]  ? xsk_setsockopt+0x74e/0x9a0
[  155.310136][ T8939]  ? do_sock_setsockopt+0xf3/0x1d0
[  155.310152][ T8939]  ? xskq_create+0xfb/0x1d0
[  155.310162][ T8939]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  155.310175][ T8939]  ? xskq_create+0xfb/0x1d0
[  155.310187][ T8939]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  155.310198][ T8939]  ? xskq_create+0xfb/0x1d0
[  155.310209][ T8939]  vmalloc_user_noprof+0x9e/0xe0
[  155.310218][ T8939]  ? xskq_create+0xfb/0x1d0
[  155.310229][ T8939]  xskq_create+0xfb/0x1d0
[  155.310243][ T8939]  xsk_setsockopt+0x74e/0x9a0
[  155.310252][ T8939]  ? __pfx_aa_sk_perm+0x10/0x10
[  155.310265][ T8939]  ? __pfx_xsk_setsockopt+0x10/0x10
[  155.310276][ T8939]  ? aa_sock_opt_perm+0xfd/0x1c0
[  155.310286][ T8939]  ? __pfx_xsk_setsockopt+0x10/0x10
[  155.310295][ T8939]  do_sock_setsockopt+0xf3/0x1d0
[  155.310311][ T8939]  __sys_setsockopt+0x120/0x1a0
[  155.310325][ T8939]  __ia32_sys_setsockopt+0xbc/0x160
[  155.310337][ T8939]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  155.310352][ T8939]  __do_fast_syscall_32+0x7c/0x3a0
[  155.310367][ T8939]  do_fast_syscall_32+0x32/0x80
[  155.310380][ T8939]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.310394][ T8939] RIP: 0023:0xf7f38579
[  155.310402][ T8939] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.310413][ T8939] RSP: 002b:00000000f543555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  155.310424][ T8939] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[  155.310430][ T8939] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  155.310436][ T8939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.310442][ T8939] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  155.310448][ T8939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.310457][ T8939]  </TASK>
[  155.310461][ T8939] Mem-Info:
[  155.398826][ T8939] active_anon:13020 inactive_anon:241 isolated_anon:0
[  155.398826][ T8939]  active_file:4658 inactive_file:35736 isolated_file:0
[  155.398826][ T8939]  unevictable:1771 dirty:413 writeback:0
[  155.398826][ T8939]  slab_reclaimable:7699 slab_unreclaimable:59587
[  155.398826][ T8939]  mapped:25897 shmem:7716 pagetables:1318
[  155.398826][ T8939]  sec_pagetables:307 bounce:0
[  155.398826][ T8939]  kernel_misc_reclaimable:0
[  155.398826][ T8939]  free:40487 free_pcp:14535 free_cma:0
[  155.413335][ T8939] Node 0 active_anon:3404kB inactive_anon:888kB active_file:968kB inactive_file:788kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:3632kB dirty:72kB writeback:0kB shmem:5916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8624kB pagetables:1852kB sec_pagetables:1120kB all_unreclaimable? no Balloon:0kB
[  155.423523][ T8939] Node 1 active_anon:49872kB inactive_anon:76kB active_file:17664kB inactive_file:142156kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:101048kB dirty:1580kB writeback:0kB shmem:26040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5416kB pagetables:3420kB sec_pagetables:108kB all_unreclaimable? no Balloon:0kB
[  155.437171][ T8939] Node 0 DMA free:2260kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:324kB local_pcp:4kB free_cma:0kB
[  155.450118][ T8939] lowmem_reserve[]: 0 288 288 288 288
[  155.452397][ T8939] Node 0 DMA32 free:17264kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:852KB active_anon:3404kB inactive_anon:888kB active_file:968kB inactive_file:788kB unevictable:3536kB writepending:72kB present:1032196kB managed:295148kB mlocked:0kB bounce:0kB free_pcp:11572kB local_pcp:3832kB free_cma:0kB
[  155.465304][ T8939] lowmem_reserve[]: 0 0 0 0 0
[  155.467357][ T8939] Node 1 DMA32 free:138708kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:46272kB inactive_anon:76kB active_file:17664kB inactive_file:142156kB unevictable:3536kB writepending:1580kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:50036kB local_pcp:2248kB free_cma:0kB
[  155.481337][ T8939] lowmem_reserve[]: 0 0 0 0 0
[  155.483321][ T8939] Node 0 DMA: 49*4kB (U) 26*8kB (U) 10*16kB (U) 1*32kB (U) 2*64kB (U) 2*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 2260kB
[  155.489573][ T8939] Node 0 DMA32: 622*4kB (UMEH) 310*8kB (UMEH) 84*16kB (UMEH) 50*32kB (UMEH) 38*64kB (UMEH) 36*128kB (UMEH) 10*256kB (UME) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 18024kB
[  155.497502][ T8939] Node 1 DMA32: 1027*4kB (UE) 681*8kB (UE) 208*16kB (UE) 670*32kB (UME) 363*64kB (UME) 162*128kB (UME) 66*256kB (UME) 19*512kB (UME) 13*1024kB (UM) 6*2048kB (UM) 2*4096kB (UM) = 138708kB
[  155.505776][ T8939] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  155.509511][ T8939] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  155.513133][ T8939] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  155.517038][ T8939] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  155.520805][ T8939] 47030 total pagecache pages
[  155.522667][ T8939] 500 pages in swap cache
[  155.524379][ T8939] Free swap  = 118896kB
[  155.526244][ T8939] Total swap = 124996kB
[  155.528049][ T8939] 524155 pages RAM
[  155.529794][ T8939] 0 pages HighMem/MovableOnly
[  155.531934][ T8939] 209473 pages reserved
[  155.533753][ T8939] 0 pages cma reserved
[  157.006092][ T8956] netlink: 'syz.3.830': attribute type 1 has an invalid length.
[  157.025878][ T8956] 8021q: adding VLAN 0 to HW filter on device bond8
[  157.358189][ T8961] netlink: 76 bytes leftover after parsing attributes in process `syz.3.831'.
[  158.575405][   T93] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  158.637514][ T9002] FAULT_INJECTION: forcing a failure.
[  158.637514][ T9002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.643517][ T9002] CPU: 2 UID: 0 PID: 9002 Comm: syz.2.845 Not tainted syzkaller #0 PREEMPT(full) 
[  158.643542][ T9002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.643552][ T9002] Call Trace:
[  158.643557][ T9002]  <TASK>
[  158.643565][ T9002]  dump_stack_lvl+0x16c/0x1f0
[  158.643610][ T9002]  should_fail_ex+0x512/0x640
[  158.643644][ T9002]  _copy_from_iter+0x29f/0x16f0
[  158.643671][ T9002]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.643697][ T9002]  ? __pfx__copy_from_iter+0x10/0x10
[  158.643727][ T9002]  ? alloc_pages_mpol+0x25a/0x550
[  158.643749][ T9002]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  158.643772][ T9002]  copy_page_from_iter+0xde/0x180
[  158.643799][ T9002]  anon_pipe_write+0xbe7/0x1a90
[  158.643821][ T9002]  ? get_pid_task+0xb1/0x250
[  158.643845][ T9002]  ? __pfx_anon_pipe_write+0x10/0x10
[  158.643866][ T9002]  ? common_file_perm+0x1a9/0x340
[  158.643889][ T9002]  ? bpf_lsm_file_permission+0x9/0x10
[  158.643912][ T9002]  ? security_file_permission+0x71/0x210
[  158.643935][ T9002]  ? rw_verify_area+0xcf/0x6c0
[  158.643952][ T9002]  vfs_write+0x7d0/0x11d0
[  158.643969][ T9002]  ? __pfx_anon_pipe_write+0x10/0x10
[  158.643988][ T9002]  ? __pfx_vfs_write+0x10/0x10
[  158.644006][ T9002]  ? lock_release+0x201/0x2f0
[  158.644029][ T9002]  ksys_write+0x1f8/0x250
[  158.644046][ T9002]  ? __pfx_ksys_write+0x10/0x10
[  158.644061][ T9002]  ? rcu_is_watching+0x12/0xc0
[  158.644073][ T9002]  __do_fast_syscall_32+0x7c/0x3a0
[  158.644087][ T9002]  do_fast_syscall_32+0x32/0x80
[  158.644100][ T9002]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  158.644113][ T9002] RIP: 0023:0xf7f38579
[  158.644122][ T9002] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  158.644132][ T9002] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  158.644149][ T9002] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[  158.644156][ T9002] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  158.644166][ T9002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  158.644174][ T9002] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  158.644182][ T9002] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.644196][ T9002]  </TASK>
[  158.841073][ T9010] input: syz1 as /devices/virtual/input/input48
[  159.577080][ T9020] netlink: 136 bytes leftover after parsing attributes in process `syz.1.851'.
[  159.579902][ T9020] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  159.689544][ T9036] netlink: 'syz.0.857': attribute type 10 has an invalid length.
[  159.713013][ T9038] netlink: 'syz.1.858': attribute type 1 has an invalid length.
[  159.720698][ T9036] bond0: (slave netdevsim0): Enslaving as an active interface with a down link
[  159.767334][ T9038] 8021q: adding VLAN 0 to HW filter on device bond5
[  159.780889][   T63] Bluetooth: hci0: unexpected event for opcode 0x1002
[  159.791146][ T9038] bond4: (slave bond5): making interface the new active one
[  159.794559][ T9038] bond4: (slave bond5): Enslaving as an active interface with an up link
[  160.056587][ T9053] dlm: no locking on control device
[  160.706101][ T9064] dlm: no locking on control device
[  160.721024][ T9066] netlink: 104 bytes leftover after parsing attributes in process `syz.1.867'.
[  160.724969][ T9066] netlink: 104 bytes leftover after parsing attributes in process `syz.1.867'.
[  160.757633][ T9070] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  162.061518][ T9094] netlink: 76 bytes leftover after parsing attributes in process `syz.2.872'.
[  162.408232][ T9103] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  163.317945][   T63] Bluetooth: hci0: unexpected event for opcode 0x1002
[  163.514805][ T9131] dlm: no locking on control device
[  164.507520][ T9154] input: syz1 as /devices/virtual/input/input49
[  164.682702][ T9151] lo speed is unknown, defaulting to 1000
[  164.979892][ T9172] FAULT_INJECTION: forcing a failure.
[  164.979892][ T9172] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  164.984087][ T9172] CPU: 1 UID: 0 PID: 9172 Comm: syz.3.898 Not tainted syzkaller #0 PREEMPT(full) 
[  164.984102][ T9172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.984109][ T9172] Call Trace:
[  164.984113][ T9172]  <TASK>
[  164.984118][ T9172]  dump_stack_lvl+0x16c/0x1f0
[  164.984134][ T9172]  should_fail_ex+0x512/0x640
[  164.984150][ T9172]  should_fail_alloc_page+0xe7/0x130
[  164.984165][ T9172]  prepare_alloc_pages+0x3c2/0x610
[  164.984180][ T9172]  ? do_user_addr_fault+0x829/0x1370
[  164.984198][ T9172]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  164.984211][ T9172]  ? do_user_addr_fault+0x843/0x1370
[  164.984227][ T9172]  ? rcu_is_watching+0x12/0xc0
[  164.984238][ T9172]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  164.984254][ T9172]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  164.984269][ T9172]  ? _copy_from_iter+0x37e/0x16f0
[  164.984285][ T9172]  ? _copy_from_iter+0x15d/0x16f0
[  164.984300][ T9172]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.984317][ T9172]  ? policy_nodemask+0xea/0x4e0
[  164.984331][ T9172]  alloc_pages_mpol+0x1fb/0x550
[  164.984343][ T9172]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  164.984358][ T9172]  alloc_pages_noprof+0x131/0x390
[  164.984371][ T9172]  anon_pipe_write+0xbc2/0x1a90
[  164.984385][ T9172]  ? get_pid_task+0xb0/0x250
[  164.984419][ T9172]  ? __pfx_anon_pipe_write+0x10/0x10
[  164.984432][ T9172]  ? common_file_perm+0x1a9/0x340
[  164.984445][ T9172]  ? bpf_lsm_file_permission+0x9/0x10
[  164.984460][ T9172]  ? security_file_permission+0x71/0x210
[  164.984475][ T9172]  ? rw_verify_area+0xcf/0x6c0
[  164.984485][ T9172]  vfs_write+0x7d0/0x11d0
[  164.984496][ T9172]  ? __pfx_anon_pipe_write+0x10/0x10
[  164.984509][ T9172]  ? __pfx_vfs_write+0x10/0x10
[  164.984521][ T9172]  ? lock_release+0x201/0x2f0
[  164.984536][ T9172]  ksys_write+0x1f8/0x250
[  164.984547][ T9172]  ? __pfx_ksys_write+0x10/0x10
[  164.984559][ T9172]  ? rcu_is_watching+0x12/0xc0
[  164.984569][ T9172]  __do_fast_syscall_32+0x7c/0x3a0
[  164.984584][ T9172]  do_fast_syscall_32+0x32/0x80
[  164.984597][ T9172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  164.984611][ T9172] RIP: 0023:0xf7fd7579
[  164.984619][ T9172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  164.984641][ T9172] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  164.984652][ T9172] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[  164.984658][ T9172] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000000
[  164.984664][ T9172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  164.984670][ T9172] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  164.984675][ T9172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  164.984684][ T9172]  </TASK>
[  165.073769][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.652847][ T9186] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  165.836595][ T9190] netlink: 'syz.2.903': attribute type 10 has an invalid length.
[  165.839057][ T9190] netlink: 40 bytes leftover after parsing attributes in process `syz.2.903'.
[  165.875969][ T9190] batman_adv: batadv0: Adding interface: virt_wifi0
[  165.878188][ T9190] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.904740][ T9190] batman_adv: batadv0: Not using interface virt_wifi0 (retrying later): interface not active
[  165.932477][ T9180] lo speed is unknown, defaulting to 1000
[  166.064144][ T9197] input: syz1 as /devices/virtual/input/input50
[  166.187722][ T9199] random: crng reseeded on system resumption
[  166.443818][ T9212] netlink: 104 bytes leftover after parsing attributes in process `syz.0.911'.
[  166.456407][ T9212] netlink: 104 bytes leftover after parsing attributes in process `syz.0.911'.
[  167.747630][ T9229] netlink: 76 bytes leftover after parsing attributes in process `syz.0.916'.
[  168.257677][ T9245] FAULT_INJECTION: forcing a failure.
[  168.257677][ T9245] name failslab, interval 1, probability 0, space 0, times 0
[  168.261594][ T9245] CPU: 3 UID: 0 PID: 9245 Comm: syz.3.923 Not tainted syzkaller #0 PREEMPT(full) 
[  168.261617][ T9245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.261627][ T9245] Call Trace:
[  168.261633][ T9245]  <TASK>
[  168.261639][ T9245]  dump_stack_lvl+0x16c/0x1f0
[  168.261662][ T9245]  should_fail_ex+0x512/0x640
[  168.261685][ T9245]  should_failslab+0xc2/0x120
[  168.261708][ T9245]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  168.261731][ T9245]  ? vfs_parse_fs_string+0xc3/0x150
[  168.261753][ T9245]  kmemdup_nul+0x49/0xf0
[  168.261774][ T9245]  vfs_parse_fs_string+0xc3/0x150
[  168.261792][ T9245]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  168.261812][ T9245]  ? __raw_spin_lock_init+0x3a/0x110
[  168.261835][ T9245]  ? lockdep_init_map_type+0x5c/0x280
[  168.261860][ T9245]  ? ovl_next_opt+0x143/0x1c0
[  168.261876][ T9245]  ? __pfx_ovl_next_opt+0x10/0x10
[  168.261890][ T9245]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  168.261908][ T9245]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  168.261930][ T9245]  ? alloc_fs_context+0x59b/0x9c0
[  168.261952][ T9245]  path_mount+0x14c9/0x2000
[  168.261973][ T9245]  ? __pfx_path_mount+0x10/0x10
[  168.261995][ T9245]  ? kmem_cache_free+0x2d1/0x4d0
[  168.262014][ T9245]  ? putname+0x154/0x1a0
[  168.262034][ T9245]  ? getname_flags.part.0+0x1c5/0x550
[  168.262059][ T9245]  ? __ia32_sys_mount+0x28b/0x310
[  168.262077][ T9245]  __ia32_sys_mount+0x28b/0x310
[  168.262097][ T9245]  ? __pfx___ia32_sys_mount+0x10/0x10
[  168.262120][ T9245]  ? rcu_is_watching+0x12/0xc0
[  168.262140][ T9245]  __do_fast_syscall_32+0x7c/0x3a0
[  168.262162][ T9245]  do_fast_syscall_32+0x32/0x80
[  168.262185][ T9245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.262204][ T9245] RIP: 0023:0xf7fd7579
[  168.262216][ T9245] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.262230][ T9245] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  168.262245][ T9245] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  168.262255][ T9245] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[  168.262264][ T9245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.262273][ T9245] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  168.262282][ T9245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.262295][ T9245]  </TASK>
[  168.804948][   T61] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  169.138218][   T61] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  169.141340][   T61] usb 6-1: config 0 has no interface number 0
[  169.141480][ T9260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.926'.
[  169.144046][   T61] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  169.151463][   T61] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  169.155138][   T61] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  169.158980][   T61] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  169.162693][   T61] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  169.166236][   T61] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  169.170378][   T61] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  169.173420][   T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.186038][   T61] usb 6-1: config 0 descriptor??
[  169.193943][ T9249] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  169.196505][ T9249] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  169.202024][   T61] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  169.857822][ T9267] netlink: 'syz.2.928': attribute type 10 has an invalid length.
[  170.096716][ T9276] input: syz1 as /devices/virtual/input/input51
[  170.254953][ T5984] Bluetooth: hci1: command 0x0406 tx timeout
[  170.264836][ T5976] Bluetooth: hci2: command 0x0406 tx timeout
[  170.386018][ T9278] nbd0: detected capacity change from 0 to 127
[  170.396043][   T63] block nbd0: Receive control failed (result -104)
[  170.399131][ T5976] block nbd0: Receive control failed (result -32)
[  170.429531][ T9282] loop2: detected capacity change from 0 to 7
[  170.433254][ T9282] Dev loop2: unable to read RDB block 7
[  170.436007][ T9282]  loop2: unable to read partition table
[  170.440469][ T9282] loop2: partition table beyond EOD, truncated
[  170.445073][ T9282] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  171.265893][ T9300] netlink: 28 bytes leftover after parsing attributes in process `syz.2.938'.
[  171.277815][ T9300] netlink: 28 bytes leftover after parsing attributes in process `syz.2.938'.
[  171.792095][   T61] usb 6-1: USB disconnect, device number 5
[  171.794548][   T61] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  171.889694][ T9310] netlink: 136 bytes leftover after parsing attributes in process `syz.0.942'.
[  171.892982][ T9310] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  172.113049][ T9328] dlm: no locking on control device
[  172.115477][ T9328] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  172.273093][ T9331] netlink: 260 bytes leftover after parsing attributes in process `syz.2.948'.
[  172.784802][ T6034] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  172.954875][ T6034] usb 7-1: Using ep0 maxpacket: 32
[  172.960100][ T6034] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  172.964861][ T6034] usb 7-1: config 0 has no interface number 0
[  172.966920][ T6034] usb 7-1: config 0 interface 12 has no altsetting 0
[  172.974095][ T6034] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  172.979110][ T6034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.984870][ T6034] usb 7-1: Product: syz
[  172.986255][ T6034] usb 7-1: Manufacturer: syz
[  173.000155][ T6034] usb 7-1: SerialNumber: syz
[  173.004783][ T6034] usb 7-1: config 0 descriptor??
[  173.295398][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.417733][ T6034] f81534 7-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  173.420134][ T6034] f81534 7-1:0.12: f81534_find_config_idx: read failed: -71
[  173.422398][ T6034] f81534 7-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  173.427604][ T6034] f81534 7-1:0.12: probe with driver f81534 failed with error -71
[  173.432748][ T6034] usb 7-1: USB disconnect, device number 2
[  173.433394][ T9339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.950'.
[  174.051387][ T9360] input: syz1 as /devices/virtual/input/input52
[  174.299288][ T9364] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  174.301158][ T9364] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  174.307862][ T9364] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  174.310759][ T9364] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  174.316570][ T9364] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  174.319547][ T9364] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  174.334791][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  174.334970][ T5976] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  174.486314][ T9372] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  174.796396][ T9381] netlink: 12 bytes leftover after parsing attributes in process `syz.1.964'.
[  175.066998][ T9387] netlink: 'syz.2.966': attribute type 1 has an invalid length.
[  175.095166][ T9387] 8021q: adding VLAN 0 to HW filter on device bond5
[  175.098030][ T9387] bond4: (slave bond5): making interface the new active one
[  175.100701][ T9387] bond4: (slave bond5): Enslaving as an active interface with an up link
[  175.173445][ T9395] netlink: 'syz.2.969': attribute type 10 has an invalid length.
[  175.176234][ T9395] netlink: 40 bytes leftover after parsing attributes in process `syz.2.969'.
[  175.201528][ T9396] bond4: (slave bond5): Releasing backup interface
[  175.306205][ T9396] netlink: 'syz.1.967': attribute type 10 has an invalid length.
[  175.310008][ T9396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.967'.
[  175.314186][ T9396] netlink: 'syz.1.967': attribute type 10 has an invalid length.
[  175.467951][ T9402] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  176.085197][ T9406] netlink: 76 bytes leftover after parsing attributes in process `syz.1.971'.
[  176.194307][ T9411] random: crng reseeded on system resumption
[  177.695981][ T9429] netlink: 'syz.1.979': attribute type 4 has an invalid length.
[  178.515556][ T9440] netlink: 76 bytes leftover after parsing attributes in process `syz.1.982'.
[  179.585019][ T9447] netlink: 104 bytes leftover after parsing attributes in process `syz.1.985'.
[  179.589189][ T9447] netlink: 104 bytes leftover after parsing attributes in process `syz.1.985'.
[  179.915309][ T9456] netlink: 12 bytes leftover after parsing attributes in process `syz.1.988'.
[  180.070413][ T9464] netlink: 'syz.1.991': attribute type 4 has an invalid length.
[  180.765942][ T9469] input: syz1 as /devices/virtual/input/input53
[  181.975798][ T9489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.999'.
[  183.369067][ T9510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1004'.
[  183.408158][ T9516] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1006'.
[  183.536079][   T80] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  189.945063][   T80] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  190.575186][ T9364] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  190.577257][ T9364] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  190.579748][ T9412] ------------[ cut here ]------------
[  190.581486][ T9412] workqueue: cannot queue hci_conn_timeout on wq hci3
[  190.584277][ T9412] WARNING: CPU: 2 PID: 9412 at kernel/workqueue.c:2255 __queue_work+0xd03/0x1160
[  190.587927][ T9412] Modules linked in:
[  190.589690][ T9412] CPU: 2 UID: 0 PID: 9412 Comm: kworker/2:4 Not tainted syzkaller #0 PREEMPT(full) 
[  190.595341][ T9412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.599742][ T9412] Workqueue: events l2cap_chan_timeout
[  190.602006][ T9412] RIP: 0010:__queue_work+0xd03/0x1160
[  190.604490][ T9412] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 e0 fe ab 8b e8 de 4b f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 7f 58 38 00 90 0f 0b 90 e9 b4 f5 ff
[  190.610836][ T9412] RSP: 0018:ffffc90006a1fa48 EFLAGS: 00010082
[  190.612855][ T9412] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02c8
[  190.615743][ T9412] RDX: ffff88802ac28000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  190.618571][ T9412] RBP: ffff8880243e4948 R08: 0000000000000001 R09: 0000000000000000
[  190.621123][ T9412] R10: 0000000000000000 R11: 756575716b726f77 R12: 0000000000000000
[  190.624045][ T9412] R13: ffff88802714a000 R14: ffff8880243e4990 R15: ffff88802714a178
[  190.627348][ T9412] FS:  0000000000000000(0000) GS:ffff8880976c4000(0000) knlGS:0000000000000000
[  190.630976][ T9412] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  190.633671][ T9412] CR2: 00000000f5043632 CR3: 000000006be42000 CR4: 0000000000352ef0
[  190.636939][ T9412] Call Trace:
[  190.638316][ T9412]  <TASK>
[  190.639697][ T9412]  ? clear_pending_if_disabled+0xa8/0x210
[  190.642397][ T9412]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  190.644385][ T9412]  __queue_delayed_work+0x35b/0x460
[  190.646385][ T9412]  queue_delayed_work_on+0x1b5/0x200
[  190.648044][ T9412]  l2cap_chan_del+0x5a0/0x8f0
[  190.649538][ T9412]  l2cap_chan_close+0xfe/0xa30
[  190.651052][ T9412]  ? __pfx_l2cap_chan_close+0x10/0x10
[  190.652793][ T9412]  ? trace_sched_exit_tp+0xd1/0x120
[  190.654433][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.655954][ T9412]  l2cap_chan_timeout+0x196/0x310
[  190.657556][ T9412]  process_one_work+0x9cf/0x1b70
[  190.659129][ T9412]  ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10
[  190.661153][ T9412]  ? __pfx_process_one_work+0x10/0x10
[  190.662976][ T9412]  ? assign_work+0x1a0/0x250
[  190.664450][ T9412]  worker_thread+0x6c8/0xf10
[  190.665940][ T9412]  ? __kthread_parkme+0x19e/0x250
[  190.667517][ T9412]  ? __pfx_worker_thread+0x10/0x10
[  190.669141][ T9412]  kthread+0x3c5/0x780
[  190.670431][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.671939][ T9412]  ? ret_from_fork+0x25/0x6f0
[  190.673952][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.676008][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.678039][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.679501][ T9412]  ret_from_fork+0x5d4/0x6f0
[  190.680962][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.682459][ T9412]  ret_from_fork_asm+0x1a/0x30
[  190.683958][ T9412]  </TASK>
[  190.684942][ T9412] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  190.687248][ T9412] CPU: 2 UID: 0 PID: 9412 Comm: kworker/2:4 Not tainted syzkaller #0 PREEMPT(full) 
[  190.690112][ T9412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.693823][ T9412] Workqueue: events l2cap_chan_timeout
[  190.696063][ T9412] Call Trace:
[  190.697513][ T9412]  <TASK>
[  190.698767][ T9412]  dump_stack_lvl+0x3d/0x1f0
[  190.700721][ T9412]  vpanic+0x6e8/0x7a0
[  190.702439][ T9412]  ? __pfx_vpanic+0x10/0x10
[  190.704406][ T9412]  ? __queue_work+0xd03/0x1160
[  190.706465][ T9412]  panic+0xca/0xd0
[  190.708021][ T9412]  ? __pfx_panic+0x10/0x10
[  190.709935][ T9412]  ? check_panic_on_warn+0x1f/0xb0
[  190.712141][ T9412]  check_panic_on_warn+0xab/0xb0
[  190.714276][ T9412]  __warn+0xf6/0x3c0
[  190.715986][ T9412]  ? __queue_work+0xd03/0x1160
[  190.718045][ T9412]  report_bug+0x3c3/0x580
[  190.719900][ T9412]  ? __queue_work+0xd03/0x1160
[  190.721945][ T9412]  handle_bug+0x184/0x210
[  190.723707][ T9412]  exc_invalid_op+0x17/0x50
[  190.725646][ T9412]  asm_exc_invalid_op+0x1a/0x20
[  190.727617][ T9412] RIP: 0010:__queue_work+0xd03/0x1160
[  190.729818][ T9412] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 e0 fe ab 8b e8 de 4b f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 7f 58 38 00 90 0f 0b 90 e9 b4 f5 ff
[  190.737439][ T9412] RSP: 0018:ffffc90006a1fa48 EFLAGS: 00010082
[  190.739850][ T9412] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02c8
[  190.742983][ T9412] RDX: ffff88802ac28000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  190.746211][ T9412] RBP: ffff8880243e4948 R08: 0000000000000001 R09: 0000000000000000
[  190.748906][ T9412] R10: 0000000000000000 R11: 756575716b726f77 R12: 0000000000000000
[  190.751467][ T9412] R13: ffff88802714a000 R14: ffff8880243e4990 R15: ffff88802714a178
[  190.754380][ T9412]  ? __warn_printk+0x198/0x350
[  190.756152][ T9412]  ? __warn_printk+0x1a5/0x350
[  190.757965][ T9412]  ? __queue_work+0xd02/0x1160
[  190.759432][ T9412]  ? clear_pending_if_disabled+0xa8/0x210
[  190.761184][ T9412]  ? __pfx_clear_pending_if_disabled+0x10/0x10
[  190.763246][ T9412]  __queue_delayed_work+0x35b/0x460
[  190.764925][ T9412]  queue_delayed_work_on+0x1b5/0x200
[  190.766649][ T9412]  l2cap_chan_del+0x5a0/0x8f0
[  190.768286][ T9412]  l2cap_chan_close+0xfe/0xa30
[  190.769817][ T9412]  ? __pfx_l2cap_chan_close+0x10/0x10
[  190.771514][ T9412]  ? trace_sched_exit_tp+0xd1/0x120
[  190.773619][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.775680][ T9412]  l2cap_chan_timeout+0x196/0x310
[  190.777800][ T9412]  process_one_work+0x9cf/0x1b70
[  190.779956][ T9412]  ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10
[  190.782553][ T9412]  ? __pfx_process_one_work+0x10/0x10
[  190.784493][ T9412]  ? assign_work+0x1a0/0x250
[  190.785965][ T9412]  worker_thread+0x6c8/0xf10
[  190.787847][ T9412]  ? __kthread_parkme+0x19e/0x250
[  190.789911][ T9412]  ? __pfx_worker_thread+0x10/0x10
[  190.791828][ T9412]  kthread+0x3c5/0x780
[  190.793505][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.795449][ T9412]  ? ret_from_fork+0x25/0x6f0
[  190.797384][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.799355][ T9412]  ? rcu_is_watching+0x12/0xc0
[  190.801357][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.803287][ T9412]  ret_from_fork+0x5d4/0x6f0
[  190.805277][ T9412]  ? __pfx_kthread+0x10/0x10
[  190.807219][ T9412]  ret_from_fork_asm+0x1a/0x30
[  190.809093][ T9412]  </TASK>
[  190.811242][ T9412] Kernel Offset: disabled
[  190.813096][ T9412] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:21:17  Registers:
info registers vcpu 0

CPU#0
RAX=00000000005bec7c RBX=0000000000000000 RCX=ffffffff8b908bf9 RDX=ffffed1005646656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000000 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=ffffffff9b0443e8
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5077f8c CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73a4ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000007fe1ec RBX=0000000000000001 RCX=ffffffff8b908bf9 RDX=ffffed1005666656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73f5000 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000800000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005628e090dc50 00005628e090dc50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe06274440 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5353424920726568 746f20726f66206e 616373206f742067 6e69797274202d20
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e66666f3d74726f 7078655f73666e2c 66666f3d7865646e 69206f74206b6361
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6220676e696c6c61 66202c73656c646e 616820656c696620 74726f7070757320
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746f6e2073656f64 202730656c69662f 2e27206e6f207366 203a736679616c72
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65766f205d323034 3954205b5d313539 3736342e35373120 205b203a6c656e72
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90006a1f3b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b0f8640 R15=ffffffff85616ae0
RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5043632 CR3=000000006be42000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2cb61dcb3776723e f5aeaf2a1c13a8a0
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7285af1df514d0a9 cea7c3a53e6326a1
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64da818652e458e7 edcc8e5ccf37f6cb
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 676655b7999c95e4 d9522960d86bb2ee
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001700
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000073cc07a47a 00000073c2733e18
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cbde94cacb1a09fb ffd314e3d79e7c5e
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 04b2fe7200000000 0000007300800100
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f2271f100000073 6a97e6c9cb12f710
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ac1381e8e9d2e205 ce2b52cd06576d1c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef6216bb2a880527 c59f8890c24ac0df
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002d1d8c RBX=0000000000000003 RCX=ffffffff8b908bf9 RDX=ffffed10056a6656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003867000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=ffffffff9b0a9050
R12=0000000000000003 R13=ffff88801c338000 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f0838218 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73a4ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000