last executing test programs:

3m44.680426479s ago: executing program 0 (id=1237):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0xc, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x4c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r1, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0xa8, &(0x7f0000000600)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x34, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)

3m44.151917471s ago: executing program 0 (id=1239):
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000700)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$caif_stream(0x25, 0x1, 0x2)

3m42.903299011s ago: executing program 0 (id=1242):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@mode}]})
r0 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x400, 0x2, 0x55595659, 0x4, 0xc, 0x6, 0x1, 0x669, 0x0, 0x0, 0x2, 0x4}})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x42c, &(0x7f0000000140)={0x0, 0xdfa3, 0x800, 0x0, 0x1}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='cachefiles_ondemand_read\x00'}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x4, 0x3}, {0x401, 0xfff}]}, 0x14, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

3m39.705327544s ago: executing program 0 (id=1250):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
pipe2(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80080)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioperm(0xfffffffe, 0x40000007, 0x5)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000480)={r1, r0, 0x0, 0xa6, &(0x7f00000003c0)="3d42efc122e5d9a9e87c80b5ef77e951020c83c732378950f261ea328d577642f71333e248e07784e13e3e136548b781631856f4c01654b24111d28448a0b45663fedf44e97731b4f5bff11e073f4fe7022e45758b76cfb73db24b38ea844736373e95cc217c636238b2d603a60725834945b7085b72ff9e14fec03987d19620f29a81a28700036087a6cc537533b25c480a699300f34b544b509026149379dc136d5d1a497c", 0x6, 0x5, 0x3, 0xb, 0xe, 0x3, 0x7, 'syz0\x00'})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {0x0, 0x3}, {0xfffffffc}, {0x400000}], 0x0, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r3 = open_tree(0xffffffffffffffff, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0)
move_mount(r3, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0)
recvmmsg(r5, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)=""/216, 0xd8}], 0x1}, 0x7}], 0x1, 0x0, 0x0)

3m35.948908932s ago: executing program 0 (id=1251):
mkdir(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000700)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$caif_stream(0x25, 0x1, 0x2)

3m34.453935682s ago: executing program 0 (id=1253):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, r3, 0x4b000)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000ffffffffffffaaeaaaaaaabb08004504003800000000002f9078e00000010fa0000429aa8fc229e0000001000086dd0024907838962942735a3785e8df2838afe2875465a35b87e27d6cfbc1de185f"], 0x4a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x0)

3m18.962004418s ago: executing program 32 (id=1253):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, r3, 0x4b000)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000ffffffffffffaaeaaaaaaabb08004504003800000000002f9078e00000010fa0000429aa8fc229e0000001000086dd0024907838962942735a3785e8df2838afe2875465a35b87e27d6cfbc1de185f"], 0x4a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x0)

3m13.963002046s ago: executing program 4 (id=1266):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x400, 0x2, 0x55595659, 0x4, 0xc, 0x6, 0x1, 0x669, 0x0, 0x0, 0x2, 0x4}})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x42c, &(0x7f0000000140)={0x0, 0xdfa3, 0x800, 0x0, 0x1}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='cachefiles_ondemand_read\x00', r5}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x4, 0x3}, {0x401, 0xfff}]}, 0x14, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

3m10.198001069s ago: executing program 4 (id=1279):
socket$rxrpc(0x21, 0x2, 0xa)

3m9.800708878s ago: executing program 4 (id=1280):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, r3, 0x4b000)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000ffffffffffffaaeaaaaaaabb08004504003800000000002f9078e00000010fa0000429aa8fc229e0000001000086dd0024907838962942735a3785e8df2838afe2875465a35b87e27d6cfbc1de185f"], 0x4a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x0)

3m3.996441073s ago: executing program 4 (id=1284):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
fcntl$getown(r2, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = userfaultfd(0x801)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r6, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r6)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x1, 0x2, {0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x38}, 0x9}}}, 0x3a)
geteuid()
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f00000009c0)=[@in6={0xa, 0x4e24, 0x3cf9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x80000000}], 0x1c)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)

3m2.289483823s ago: executing program 4 (id=1291):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
pipe2(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80080)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioperm(0xfffffffe, 0x40000007, 0x5)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000480)={r1, r0, 0x0, 0xa6, &(0x7f00000003c0)="3d42efc122e5d9a9e87c80b5ef77e951020c83c732378950f261ea328d577642f71333e248e07784e13e3e136548b781631856f4c01654b24111d28448a0b45663fedf44e97731b4f5bff11e073f4fe7022e45758b76cfb73db24b38ea844736373e95cc217c636238b2d603a60725834945b7085b72ff9e14fec03987d19620f29a81a28700036087a6cc537533b25c480a699300f34b544b509026149379dc136d5d1a497c", 0x6, 0x5, 0x3, 0xb, 0xe, 0x3, 0x7, 'syz0\x00'})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {0x0, 0x3}, {0xfffffffc}, {0x400000}], 0x0, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r6, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0)
recvmmsg(r6, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)=""/216, 0xd8}], 0x1}, 0x7}], 0x1, 0x0, 0x0)

2m57.610105016s ago: executing program 4 (id=1297):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x9, 0x0, 0x32314d4e, 0x4, 0x1, [{0x5, 0x80000000}, {0x7fffffff, 0x5}, {0x4, 0x7}, {0x2, 0x6a2e}, {0xe, 0x5}, {0x6, 0x3}, {0x7, 0x4}, {0x0, 0x5}], 0x5, 0xf, 0x0, 0x1, 0x5}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, r3, 0x4b000)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000ffffffffffffaaeaaaaaaabb08004504003800000000002f9078e00000010fa0000429aa8fc229e0000001000086dd0024907838962942735a3785e8df2838afe2875465a35b87e27d6cfbc1de185f"], 0x4a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x0)

2m41.902722639s ago: executing program 33 (id=1297):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x9, 0x0, 0x32314d4e, 0x4, 0x1, [{0x5, 0x80000000}, {0x7fffffff, 0x5}, {0x4, 0x7}, {0x2, 0x6a2e}, {0xe, 0x5}, {0x6, 0x3}, {0x7, 0x4}, {0x0, 0x5}], 0x5, 0xf, 0x0, 0x1, 0x5}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, r3, 0x4b000)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000ffffffffffffaaeaaaaaaabb08004504003800000000002f9078e00000010fa0000429aa8fc229e0000001000086dd0024907838962942735a3785e8df2838afe2875465a35b87e27d6cfbc1de185f"], 0x4a)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x0)

14.592912806s ago: executing program 5 (id=1550):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x3a, 0xd1, &(0x7f0000000040)=0x20f, 0x4)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6d5200001f00000004000000ffffff0f000000003efacf40c66c215b2a543f755ffbbc9fe2a4cde0656f72c852d3198fbbce1d89c79b0ae0c009fa8652527084b0f77b0fb76ce8ad2246aa39256fee35b42e3b991938fddce8eeb07e939fa0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0xc, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x4c)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d667363616368"])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r5, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0xa8, &(0x7f0000000600)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x34, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000100001000000001d000000000000000a20000000120a0102000000000000000c00048006000140000700001400000011000100a0e1af2b5fdf4ceb0000000a"], 0x48}}, 0x0)
memfd_secret(0x80000)

12.670580863s ago: executing program 5 (id=1553):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40000000000000000000400c1d67f6f94007134cf6edb8000a007a290457f0189b30d0db672d4de347a1bdbeecb16277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db79835323d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b", 0xd9}], 0x1}, 0x4080054)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000180), 0x4)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x2004c891)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x80805, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x80000003)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140), 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r8, 0x84, 0x1e, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000019240)=0xb4, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000001800000000000000000000001801000020207025000000000020"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_emit_ethernet(0x6a, &(0x7f0000019180)={@link_local, @dev, @val={@val={0x88a8, 0x1, 0x1, 0x2}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x12, 0x4, 0x1, 0x8, 0x54, 0x67, 0x0, 0x8, 0x11, 0x0, @multicast1, @loopback, {[@timestamp={0x44, 0xc, 0x5, 0x0, 0xa, [0x7, 0x4]}, @lsrr={0x83, 0x7, 0x75, [@local]}, @rr={0x7, 0x17, 0x12, [@empty, @multicast2, @empty, @multicast2, @multicast1]}, @lsrr={0x83, 0x7, 0x30, [@broadcast]}]}}, {0x4e21, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x185040)

12.173037205s ago: executing program 2 (id=1556):
socket(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="19000000040000000800000003"], 0x48)
close(0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
syz_usb_disconnect(r2)
r3 = syz_open_dev$evdev(&(0x7f0000000080), 0x3e, 0x0)
r4 = syz_usb_connect$cdc_ecm(0x0, 0x5e, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100102000040"], 0x0)
syz_usb_disconnect(r4)
syz_usb_disconnect(r3)
r5 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r5)
syz_usb_disconnect(r4)

11.027369647s ago: executing program 1 (id=1557):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newqdisc={0xc0, 0x24, 0x20, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0xc}, {0xfffa, 0x10}, {0xffe0, 0x9}}, [@TCA_STAB={0x4c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x36, 0xb0, 0x0, 0x6, 0x0, 0x0, 0x40, 0x1}}, {0x6, 0x2, [0x5ae]}}, {{0x1c, 0x1, {0x8, 0x26, 0x3, 0x0, 0x1, 0x6, 0xc, 0x1}}, {0x6, 0x2, [0x400]}}]}, @qdisc_kind_options=@q_qfg={0x8}, @qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9, "23b80e98653164d8897a7d1d6b979f4c"}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @qdisc_kind_options=@q_taprio={{0xb}, {0x10, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0xa11e}]}}]}, 0xc0}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="35000e0080000000ffffffffffff08021100000050505050505040000000000000000000640007100006020202020202250300ab4b00000005ff7f00000602020202020204002a0008000c000001000008000d"], 0x74}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff0414"], 0x528}}, 0xc000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
preadv(r4, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/152, 0x98}], 0x1, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

10.802108137s ago: executing program 3 (id=1558):
mkdir(0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000700)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$caif_stream(0x25, 0x1, 0x2)

10.41355709s ago: executing program 5 (id=1559):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@mode}]})
r0 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x400, 0x2, 0x55595659, 0x4, 0xc, 0x6, 0x1, 0x669, 0x0, 0x0, 0x2, 0x4}})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x42c, &(0x7f0000000140)={0x0, 0xdfa3, 0x800, 0x0, 0x1}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='cachefiles_ondemand_read\x00', r5}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x4, 0x3}, {0x401, 0xfff}]}, 0x14, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

9.037302963s ago: executing program 3 (id=1560):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newqdisc={0xc0, 0x24, 0x20, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0xc}, {0xfffa, 0x10}, {0xffe0, 0x9}}, [@TCA_STAB={0x4c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x36, 0xb0, 0x0, 0x6, 0x0, 0x0, 0x40, 0x1}}, {0x6, 0x2, [0x5ae]}}, {{0x1c, 0x1, {0x8, 0x26, 0x3, 0x0, 0x1, 0x6, 0xc, 0x1}}, {0x6, 0x2, [0x400]}}]}, @qdisc_kind_options=@q_qfg={0x8}, @qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9, "23b80e98653164d8897a7d1d6b979f4c"}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @qdisc_kind_options=@q_taprio={{0xb}, {0x10, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0xa11e}]}}]}, 0xc0}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="35000e0080000000ffffffffffff08021100000050505050505040000000000000000000640007100006020202020202250300ab4b00000005ff7f00000602020202020204002a0008000c000001000008000d"], 0x74}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff0414"], 0x528}}, 0xc000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
preadv(r4, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/152, 0x98}], 0x1, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

8.855407999s ago: executing program 1 (id=1561):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_FREE(r0, 0x3305)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x10c0, 0x30, 0x1, 0x0, 0x0, {}, [{0x10ac, 0x1, [@m_bpf={0x1060, 0x4, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x1c, 0x4, [{0x5, 0x1, 0x3, 0xfffffff8}, {0x0, 0x81, 0x8, 0x2}, {0x1, 0x2, 0x25, 0x8}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x7fff, 0xa87, 0x5, 0x0, 0xf}}]}, {0x1004, 0x6, "fff15f830ecc29e0e69072a44c0a6b6bfec8a8fe650b4b3288cbc9a7f433e2617039f7c9b7a4183bdcfd3fdb6001012176481d1cfa902d81b72c13399048f2921d4f576b488221f1d790cf20a7c2a0f4a411084b20a4dea6915ecc288e8813075621c5daf52687ffdcb4ca7bb6b9484dfe3b06c8662dff0e0e1c572f56da0a90b6c0d16a0e211e7aa142a59dfd16622083836cca9960f5e87fdb8eb0bd52af6b84fbc1f769b59bd53a57f04724034ea424a44e84befdaba642f71a8b1df7623c8dceca74a1ee521b3e3556f1016cdda450aa82fd68ce06962435266a3c7a1a4eec419f694139f895b2fc3292147e648a8e84924f6bf58ba394287626e4846c96b6590ba021651253a13a392f8f338cd70fe56600b15e65d448fa93d55e056978d2ddf5a8082665fbd859e5189f6ddd3a4ec26536b3c6bdfa9bdb2bf7b05936e56b72d5b3f209f4729e401909c9b2cb78c331ff788e53d9a51551bbda2d43827ee22ec1c45bc293ca03641a5125cec43f655393550874c305e72ddd6917039f2aa79c1e09410c85dd49512e62874b8cfba66294d0216836ffa52d7c890f1aee3263993a40aa73689435b22e055584287869f5888bfc4e7146159960a6c1a252ea6c28910113cbaafbe5a3b5c582c514ced5aadb8298a75116a67f4f6f380dd805a40744586e65511e9b7279a728fb6042284cbb49cfe9479a679736bb6f24927378590ea4159d56f27f3e9a8203d678f49c8071f0f92770f946aa4d964a2d7737fb30f1db19c2fefcd3246d69e71ee9057a8d0277c7bc861b23fdefcc62e260e0b7ba722b3493bfad06aec38445190d5e60bebf399dcbcaba0dc894bdaa1b15cb6a22b50e44b734bf3587f508e499af81478b2d27cfa7f41b96cd0c0f85072f35785c1c4afa20afa00327083e6b19241573c4b8199a6e8e3c0a5c8bbeaa79ddaa4bfecddd53435a0d90754d244bb00f93446be55be48819f9f301dbbd8e698c7f9a2ecf7eb1844e4efae014165f0af0512572f1f72e13dab8183cd20b9f8c55cb8ea714e9a4b721f3584b1d4c869b2e5c8911d1deb8644ed1f92a2236f9d866e43eea4424ff6abe81f158df5bbebdc8b618c7decda2c04498ea9ac9b779651306c267f413df4b42ae2e9c9b4f0328d2c7e17d2d5aaa20582231f98fa9e4016cd54719f644b1c0523817558f044ac66dee65490add20bf3754d57cd4a808b2afc3b86b5fe19fb01f6cf446f724f037f324b0d023666daa8c7cb9c85d540e4e11815e3d33364d35a2cd757ce5ab7d62417ef7de93d011b71b4b7b2e1fb997a1fe90884878ab228fe12c7d2365547176f2a1db4a765b302ce96f5e4c4f7b68ce2ff2c10530411e77531c5e0e53008b52a8f1d22d84d8f2758a357bd84a2c19ff3498ed447c3304b4f0230a469e59562c88fc2e22773652dab7c620d5d52d6775ce91f6c3527b5121f98384282f78bb2251d0dac776407370b0d41a51fea0fd11a735dfa9c9f2984cbc293b9f5f4c7c8e33e8b09dea8dba3062e92e7e0cd45cdc2d77ce26d59cbffc3ef495aaa1b7a4444495210263c52df85ab9cf4e11ff28dd39e64873ee1f7b76b2b79270ffd77e81a64c432a5c58090fa9651642dd4251676eef54a2ac3d286ba65fa026324572f7548c0e61b4faf2d350c5ca6548478ede43f939690ac764d16521f93eb365d2a4005f4e47821577ed49eef412e00f7086425cc39159bb1364eb1ef6545434141750767def2cffe81293eaea6a1ed807bb87214eef787ff9a2158e5d8416b5453e14a75da55e17a192f1fa7f950549d334d6d3fafc00cb79ace7483b6efa20de760812fddc1f36046a1bec855fe5bde147a2ebffa94528c5c1bfabb42f675daaee62cda8d0a0f8057204d4660dabffd8d25ac28fc5878e45db23bb354ccb936f8a38b6889f048e000ecd381fb7e19b900b29828065266230ec7a4b11aea9d0bdf19452ad274090e0bf0e9c515c28793d918869b4383d3ba44cbed802b291e16a232e506d82fc565d818dd85930cf1646dfcd9ba605a566ba440b681b5a69930efbcda94243472a879b253a9dcee6bc188268b8cbad2921c696593e35ec36d14764abf22ce7f7c6659fe1a4e754a863832698aeb3b0257a358ae00966cf169c3b49397f00e1c08a3714ed90bd7d3dad5744ce9cf0d55180a683bf6e1ee5e976c0c5d5b21e705731f7621b46948be963ee0d69ca172d1d3dae578779fbd8607110893875198382379d4ff63a83fe5c815cdf864f122503a5acf6950e1b0567022b60ce88e507fbda69fca244900a7932093d1c2e7ada1a55affa9152614f2f9cbee1db0349f6a699d3e0c1959d104fa7e1652673fb7719d9dd9ce94a3cb0a8a407717a38079ec6f86c0635ec560f86edbd989afd76431fbc529b762282fae7745b8b74ee9d09cad35f15fedbb62c59927148e1151c3162c3a03a52b8ab9da6653ebecface22705323070fc7080132e8838b5530095d92420310bfe82cb1a991b5bd7b2a71067ab184d8650aa6eaf17a47a7f4273e90aa9245b9c36e7cf70e2105257a31de473ebc86ef072b481fff45afd02219943772b6b96e281129ae9c0fe7a3f83e6ba442d0550424271e41ab1672c98ab866492037cd9b3de54bf99b4a1bf7187e3f5703ca5379df115a4204f3a360134c984e5d275865144deb28b2a57a91150190a9a111fc0cbe616b1460c11e360cddaad8f1f6b5a928c76c4046dfa954432ce439c6f1f4ce1705057e7af8177613309fd8e2c0bd490c16a3921a3f678f54f239c7ad120ca20d495da6395787f840df454c46cfac0d960108960fc1684059a8f3c5dc14283afd6a314d316e4f7c62883e42063aa7eee48fe2311f499ac6705c082922f82a2bfe357b29a31e0fb287258acb6ce655c59ee6b05d843259f472885b6313430c081d7d3b6b62dfa92ba106ecb0d94b15fc82ea8a0b8d03bbea9f54e813b3e910a77876967424c432413ee3697e0be6290304ba941fab6edb16618ab68251c3b90c7449bd1fc470ce58e0e78b947f1e328f60c0ffa8e9710ff0cb35239dc16c9d8a297d9699cee196412dc684628d7c0774845e2ef12b81d9b1cd5e75e2fc6bcbb51cd0f742086cad91c9445f446411c15e1f08c55bfe9dae246ea1911f868960876d45275b254ac349424cafeb7d0811a5c7235e40a00535a5b8757ebfa5e40db816efd20d807de7bab78950656379fdf6df91354bd781d5571fe2f21aa19d0b0b4db9f0eaaffb13147657c03a24e821e19e266529a0f8c6b6f171062778a2d7a5b34a5975e6bb56e815d45b619f5d56a123983705c1b6bb96166f396d13fc5215b38afbbcf4109f111aa8a27a65c709c08f95283005ea81ad7bbfe9e42f80ce8e0dbba59599e306df4d901b6114978d8c7af130bb40c9a6389acf2eba40f5fd39aaa8e0fefe8951220a6f7ca6547adac59b431c2299a6959e8f997ac732e2802b9ba29fca17ae5b546a23a7962aba0709aa68ca929c2463b610089b630ec78ba07f794aca4f91fdc160f6ffee46eefe84d5587dea00afdbe84ad2f640fd7914d0172247cf11be3b4273534e60a66b9d368f732028dd29d22ae79bc317675838050bd51fa033fef7f897bfcbe4eb5ed60721f15c1b1a077a7816a02f7d5c219a2f2afbdcae7128f1079646cd5cf724a06db6bbe059475f0ba08109aa2785c788541b64e5687401331e2e54b14fa7bbeb46a5a5bc1af69ed71f7d22d1d5628ff308060acedb4e159d18d3067b46da75565d74be0939d7e3e7896799033ea4209f9b09a65c938af9f5474f877ff80556f2702424b47df2ba73f086e283308f6522434c31b740f6dbf7c471e90776ad5be594e62fb24b28f2b4bcef20b5f959d3c68b4357889f035a8d449d9b9d1a714146fc716f12344b4f82c9069494b15ad46917f26bf23ccba6f109aecf3583ccf4ed992e36236340fb6ff890e9364adc7220ba1776c538957acb9b7f46d0373928b6571dc1210e3de21356aa28df526e4be6435c494c7155dd50ccc4b69bac756dc75142794c8ca3b6cea98d1506633104ecc74d98b960d73f19b339e17f0da173be57e540b0ccea49685301106f62dca2b7290096805c1619b35d674d6cf6bd9461813e7b246fc404dc9e99d92df3e9a22b19a7de33fff52ecbfd5db30a928c0ad1c32330bc2e5a46801bb678e493f4577ca60b2fe1b88e81cb8e99396ce8f79935b1e87461cd3b888963745bdd27077be9f3409bb54c3e3fc1f25d0a81da90d760317c7412c958a9931803cc55de107e8af1a5526e10bdac719d38833ae93c25aa046b1e9e9be351357093299678664d20793bce003b019c5fda2c388f5104e37bcb12d219616cf930db941aa9eefec4c925c0689b70903bb3845d9a1716316cc0bbabca234d2131b5ab9fcaf789158a4dde839a386e3aeef941fccb75bcdece3b6c3a7dc1969aa969f15f0cf8e665d988ca2d04f0f4bbd241f002dcf54ac1b2b9d91a5cb1aa638081ca0d86bab91857b39c7d0b29a588c51c62e5573625189a1fe1c588378b5ef0cf5d06f7ea806a145efd381899303f8d64ae6077b89c4fdfae224bc73ad847659148b16b0ecf68ea914bbca74fbfd2d8915c79ffa2a7ac5dd95eb159d59d3015c9398b603935fb307269e7d9179db35df0d29f83c45b3502eeaf1669c050cb219d087fbbb3ca5e5e78f636126f8567eb25a7699a9043c45be206a8fe09393dc6593efae221e934db6ebf129b612cbbea3dce7721251b2035b13a94e29ce6c02304ba18e24b61fa9a74c3179e06fef4123b647ad54ec48df3236c04b6fd8959aae79a3b3316522f0f8852d30fb657116644d9382f34320f1c20968b5e032ed6cf38ec28e22f6396a7f6062266de0777c45d567099232026dfb90605b987cd6c576e9987fbca6729f5515d8a8ef90eba68b4093e76058c04186c444de8d5837997d065cecfda954f0708aec8dc2340f1fab308861e51cc53da6bcfc6e11713c4af672b3597f39c59d767712cf559cabc0c0316fc85f2c530dcf3959aa3f771e44369b75b8417b8b2a1a8f9def8225ee296b03641dc94ab539400616a97ef9b0de15eaa0346b197bfbe4f32a26e4a37690fb8b6397cbcc2c0951ceb332564c9c64ef2419acd0f3589ab27669cf2f35a8341b03d3d43db8797a49edfe1a629fa502992de8e014da511ae6c5f2a14f20f25a98503c2ba941b35aaca9b34fc6113404241e8e3e21e22f6d841e0ff16cea36a9a4386763ff850c0675391d055b3ff393d6ffd11782238ba64be4c904e27c2bc65996b64fda8993565619bdb4c1593b8146a0306375c6b658ce299493edd8165cb97e342c41a9c47f8e0230b7a7696d183c4b08f30d76a141766e8dae086afd8d1125c726bcd0c2669b93d096470a8cb7b590a1ee7166cd99fda3bbe33d436ff48f1ca2f0420679850d3f4c119d069b483df719150ac0d95f4dfcd18aa47b263af4dc899a5ee6df5891d009c77fb7a4d3239441672a2b7f3330f04c45ac31817c72191d55f283438785a4dd06d43be8c204a3fe8e11e39d6009ad4f2413b81d575c0fc792e5511f0f3b5055d234e2fc57ee87fe5f493d8f69459ed3696192d0d8e10b90a08fd4e68b812d6c39c0d9ed66f446c78c1a1e2fb453a6b3fd744a81174a1dac2604ca02bddd0c2f39dd7717d93ffd49e7b4fc7a8bdc8349b91a3270a0ceda2323a696b8786236de75c6db4509ea7b0c56227b1344e0f0289d971fe5b3eda3549b2610e49dd1d7ca262bde2f7377a9a484cd2f70187c733bbf2632b117f848780246"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x10c0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000180)={0x0, 0x40, &(0x7f00000000c0)={&(0x7f00000002c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@GTPA_VERSION={0x8, 0x2, 0x1000000}]}, 0x1c}}, 0x0)

7.523442268s ago: executing program 2 (id=1562):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x3a, 0xd1, &(0x7f0000000040)=0x20f, 0x4)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6d5200001f00000004000000ffffff0f000000003efacf40c66c215b2a543f755ffbbc9fe2a4cde0656f72c852d3198fbbce1d89c79b0ae0c009fa8652527084b0f77b0fb76ce8ad2246aa39256fee35b42e3b991938fddce8eeb07e939fa0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x4c)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d667363616368"])

7.495259919s ago: executing program 1 (id=1563):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@mode}]})
r0 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x400, 0x2, 0x55595659, 0x4, 0xc, 0x6, 0x1, 0x669, 0x0, 0x0, 0x2, 0x4}})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x42c, &(0x7f0000000140)={0x0, 0xdfa3, 0x800, 0x0, 0x1}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='cachefiles_ondemand_read\x00', r4}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x4, 0x3}, {0x401, 0xfff}]}, 0x14, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

6.707429646s ago: executing program 5 (id=1564):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newqdisc={0xc0, 0x24, 0x20, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0xc}, {0xfffa, 0x10}, {0xffe0, 0x9}}, [@TCA_STAB={0x4c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x36, 0xb0, 0x0, 0x6, 0x0, 0x0, 0x40, 0x1}}, {0x6, 0x2, [0x5ae]}}, {{0x1c, 0x1, {0x8, 0x26, 0x3, 0x0, 0x1, 0x6, 0xc, 0x1}}, {0x6, 0x2, [0x400]}}]}, @qdisc_kind_options=@q_qfg={0x8}, @qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x9, "23b80e98653164d8897a7d1d6b979f4c"}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @qdisc_kind_options=@q_taprio={{0xb}, {0x10, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0xa11e}]}}]}, 0xc0}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=0x0, @ANYBLOB="35000e0080000000ffffffffffff08021100000050505050505040000000000000000000640007100006020202020202250300ab4b00000005ff7f00000602020202020204002a0008000c000001000008000d"], 0x74}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280ff0414"], 0x528}}, 0xc000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
preadv(r4, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/152, 0x98}], 0x1, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380))
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28)

6.288746559s ago: executing program 2 (id=1565):
r0 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000040)=0xdfe5)
sendmmsg(0xffffffffffffffff, &(0x7f0000007a40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)}, {&(0x7f0000000240)="55f2aa3a9e74328a46874e95528376301beb9bbfe71e64db5b0fb3e1d3cd00eaa751e387c8ff7215bc8dd0ca6b38d2d5692c26e71d2ce21451315f4ce8f864f344eee7b2fa2ab6030a3012d60b17aebf9d73aa36c9ab4569661d0410472623473a10e66d058969e76c2a952deebab1e943dd4350e83b8fec543a9ba9e9fb97a3b6", 0x81}], 0x2, &(0x7f0000000540)=[{0xac, 0x10a, 0x4, "047628987177b97e8b6471cc883a2f8dc613ed4d5b37ad659d513928d9892a465593ed58423e3f327f0c2b38c21241510487780efc6fed70ceb7f2a198ccda17fd5ccfa6c90a793684a7255f7d749de71955070c45993fa0cf16a7233e6d94bad563ab7328b90548e9065238aa0997e3e5599c5d142a8f27b54910b48ce4b5c11b77e5d5e2a64026bd25387dbefa4d06a07334e7fe9d44e3e7d86b36ff8a"}, {0x58, 0x101, 0x2, "a9ad6d3e9bf1559ac87d52c08f2894a96f41f8dcf4042f40e32447c36b30ca7388e7df0dd09090062d4c7643bccf1ebe0397c09f72e287b2f67b9cc894b6dd886fb372f7470b1ad5a8aa"}, {0x4c, 0x107, 0xc85, "fa0460a47e3222b5f5cebda8bb64947910cd2daf8e6d495e31baeae29067a5d4a9cbb021bff613ebf6a2fcb02ed309c75d6eb479c4e3b0fcebadaa05c8bfb4"}, {0xcc, 0x1, 0x2, "921f439e418a01e4641ec25f7d90c887e089b4743e8e432528d4e3a325b4eedec0394721faeec308dc97bc8ee827e168bd88d2cb5cf7dab7cef46d496423698444a50804e38505be14542db5dbd41390b96bb770b1f64cbd0fea4757dbf598210cb916e06b7d619899398696e8ba052d412e5f4d47b6025f3b3f51d2b689136277398b1fba78dbd5c13817f1fe09a4fdfecf6f2da32213073748381103a3ed83995fa6748146b0889c9dcc7f505cb5509e2c4143c2b343edab11d7a5ad"}, {0xbc, 0x110, 0x6, "a3ee484e8b312d4d6cf9d8eebb9270ab28cf6ba05ac536f4a49a2008e6a0aeccf7f105c0072cfb9c55dd0f27465bc1c37847b291bd14cceb8bd702e4a171a8af7983614f9bf06f114f246eef7016b628065b8cb633d6370f53ec52553caf6d1c0a3915223edbd21a8c30f96221ab2534189bc9efffcd28596175e9c094dd9e49df3f47036ab85193383b3747a1d0bd9c031ae4fbf7c0550a9838dfca35e44fdd661217f78cf01a966837b3dd554d"}, {0x10, 0x101, 0x2, "ee33"}], 0x2e8}}, {{&(0x7f0000000300)=@xdp={0x2c, 0x8, 0x0, 0x35}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000380)="9f6fc0699ec85ab7a65efd0c6adc34184e0c6bfed167cd42bac64da074e500cda091c8350cb9bbfba0d653d8e6be4b2276d87446af5c29e4f4f83b5bbf7bc92860c2738ece54bd09840c0850066e5176976c23c67884e8", 0x57}], 0x1, &(0x7f0000000840)=[{0x90, 0x3a, 0x200, "bea664df0dcc29530490c7f6330b1b247d3568c93ecee2bce28417e7ba5ad41852c6c9bc88e128352a7282a2cd158dd3afc913060c7ab17f48bf7ef495441d577c440f26577ed6882cd2a20021dd43788888ddeb21ec5409c32875053bf5ba1c41dff957a17ed4d843110814cdb8d395d63156c076055fc302329767dc2621018866"}, {0xdc, 0x10c, 0xfff, "abceeacddaa7fe2374ad389ec3c30c2c4769938e73e401235ff038a9460087825fe4e88d5d59b2933777894cbcd088f0e1a53200d8bf2e5ddba362cae0270ac360f89fa5c30589e15e2aad21ad57b20017678e58e2cf41c27ab1fc603f0e1fb1735923394a93c9229563437dfb6c25953f4a07c83c70f0bc065591fc28b211af0b135eb8fb88bbc3afb89661d465e05a71d902e946b5836aae7b08ed7a620014ef1ba6cbb02783f7eeebca555fd3a29f9a55eb08f11b2328f8380156e5e00dc68e93339446eeed3f54d8fe8cd8111a"}, {0xec, 0x111, 0x8, "32ae1b5d3495ef5b6b2950039f7ffd772aa4ddbdb7a1be2f93cca937993d614b12d6aee090da531c9e052db5575c8e390c483247711d3fd94406c9980f8b4d01dac04f9550b427c3afa0466cc832015b96ec7d56f55075854d187cf468b1912c1f2f62ea21cdcea1aa51baeef1c29e97d3f00ad8dabf49f4c31bd6f1f02d7a0b12a61952e407fa87ecc492ee88cd9861e97166fe0868d658d2572fa326c8e171a2ce414f623967500698a73c2270be5d981dc708e26e0d50e166369fbad3de39882ddc10318fc44f6a155da9c27fabcb71ef96bbcf200a98fc24f6d21f79fa"}], 0x258}}, {{&(0x7f0000000440)=@generic={0x1d, "a05f5b4d73d4cbac122837679eb42a6ea000be9af37d064b0c0aa8fc8e4f18611a9821340b878ec7ec08f076865cb818f40b7939c9f2801af7ba6b90666bd135a0475bb7e2fcdf40a81bcc370d1f6242f683043d832f31392d2676bffaa51cc566f31da1d2b3c20615b50ab19193201a511f1b440c44096f64a451ebcb81"}, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000ac0)="b76ae32994fc5683eca9349897180646bf8ecbcce61f6a67c1a96a18de90f57def13a12744b169dc5e114e631b7a3877f0ac2d889a93b766858bc8bb4160b58856b90059faef8b12d7531b0c820671666a804c61c062feee13a5cf06ef86293c299c3209e7a9da34c331a62cddc2f72dea84f95cc7d22ea5da819464bb356e8a9c410f5ed2d70afdf27afb2c0693ddcf4c0a79295da83adb4916aac788269c887a5da3359dade070885700291a4a614ea49fba0397b4666af18a76785ee4a532fd30b7de4a70578d0e2f00c0bd3e91637edfda34e1978dfbdafd9bb2", 0xdc}, {&(0x7f00000004c0)="72f17cd8082fc60537916f9181e504dd1c2118b2e6712273eaa0a0edff4a6b55bf9b42846fad4d215bf2aafa1598effbb81919b5f60043dce75e3fc5d3", 0x3d}, {&(0x7f0000000bc0)="5da24dc7d7151867dc850083af1fa82804093d147ce79446b99085d5fe0462e700aaf107c47517e9adb6fb1015d4be541d3ae8e61f895ddaacdfa5f4c55d3cf4622909181f51cb3ad8ad5c999221c5781a6aa3a844af01fbbf3cbdb992f170b07ffa83e6e3ce2ed1370db1d966bcead995527eb2b22d13266c375aca01c4aecf00400b68114724b01c4a57678c2ebfc6575b58972b627abe11ff4da66a3e78f423cd506a2cf22e70368bfc23729d55b7c4abf7bf11eddb3d3b49ef2ecb611c9adfd653ab86470acef49a8e280953", 0xce}, {&(0x7f0000000cc0)="666e8323143a6f02c6e088f29c7e251228a8a679d27912ea71fd5905f455e48e888ec29f6767b8b2c25d7b30b5df4ab39a15f9f69e1b0f13f47da107ca22c80ce0d17f01053b8f26d62a1d491512c5c9d7bdff1b929d9ef84b24a6ef50237e2c0deffa77281968d57838c656daf29a0c871e117b1bdfe1c656143e8cdd6482b3f0f4d6fe3fbc32fc82187578221742672d0bcbecf519de5ad08b20d40d29e7a02b280c8076859457c2d56d1bc772732f4f52d7ada1b825febf52664d0836143a808c6c29734513c4c2195d561358fbeff38d627fd43dae", 0xd7}, {&(0x7f0000000dc0)="79832c35a5dfa8c7ad32fe21d34ab71f61dea80cdf5306ba5591e9f7d930b5451b345e3fece7e94f7c092f81e5180b4556b130ef1e0f3509a420d0f5aaf759c60aa23dfdcccab1e2ac3d2d39e40475e776b8ea9988e2bf406c0c0fbef5c7e2c21e386e4642c992754ada8d2b17e9108f3037de0795ba89b9daafc80b73209668ac034df22ee7e289a3703d06873f993824f15ba5e2196e915ea8c44a755b7f734d5f45d6aa", 0xa5}, {&(0x7f0000000e80)="1411bff8c63f061be7dc51acc12501b8cceb16a699b7fc05c794204b1c4ca44288b3803cd26ee0a5892536f429929233ed81975f334a52d2eb41d91b90", 0x3d}, {&(0x7f0000000ec0)="72600b7b6405a4b417c48afc983e4398acbef4ae1ec0215cab7f1b8b7265929bd21280d0fcea3efc376af3ddb5a0628eaa7b60cf58e0", 0x36}, {&(0x7f0000000f00)="1dc981a232d1b96d82a41064108a7f46e0e22e3f2cf25261c42de09e2f6f72d18470f6467968cd34079a8f06a945ff30481b3221991b1b0e9f6b9d6f6f00985a130da15d33d97e525ae84cf93fb7118e7f550926181c3efc91e45c1fb178399983cd74dffb290cdceee9370d39011e5a488173045790880375ea50f0f93df23e194740346b", 0x85}], 0x8}}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000001000)="37b8faa3023e908944c91f33b22dcf0bbbbda823b1fe1ab8a2f781b9d227a6cd70e2194edca6e615f309a45d1a501f341e938695da49b42137818caa159a0034ab821929c633732818cb2ab28e40ec42ba19e241f5290cb089331996ec7b27aaa0d896d4ce975ef3a0715d88c72b5e2acd755fd04594db7ee1c96e0e2101f4261ab669ac4d903db1f185a9670e3aca0f2462f1cd4e16f768bfb85e7bd50941a46149cdc8e4dd6ce53a07cb4c094549104a4fbe835d7ec011ca61c94d0dc03ee8278f61770220edf563ee2f103c51c17dae84d346edbf42f0106899472b13ca742bf6ceeac973eb831504cd2cade3932f66ff0bc198464d3eb6393cc630", 0xfd}, {&(0x7f0000001100)="65e0b3aa29b2cf22f3ac143d3f830544dffad7331249815a1cba14fac1dd44b91c4beddf02b993d4415cd13082dd9ac664d88e1c9ccfd5cdf77dac159b21d85fcd56b878f17f2bce90c8df356f60105bb31fd0786e", 0x55}], 0x2, &(0x7f00000011c0)=[{0xcc, 0x117, 0x401, "92a1eb32b241ff05ad9314dfa6a5a02af51ab3aa97e2fa100804fecd0a73ff840739bd6d1014b6f0a680343f78eda2aa856820eaca28f70a728a9fcfb3d879b6574baf36ac58651d6f832701c6bdf44de46f4fd278d6d9ddcdd942344f468729773b336174580b44aedc191fe5b8157f4184c21fc71d5bb1b54cb6d1072ecbb3281bfe6fe362ca5e740cb2fae49dc8535bc0ba65ece239d5c73dea3d74653053dcca67e759d148db31ce1e3f55fe3ac6b7ca1003fc72fe6f258c7c45fbf089"}, {0x10c, 0x1, 0x80000001, "f63155e471ad76988ffe4d39c01ab9ead4c88333d79e0fd42c5e80802100ec11d19cc095d1bf32b49776c1f9a445ec5d4714aec3d2b7ff2622f16e8992694092c2e9f0f9b2beac598e2a33fbd22c536085c1c0f47cd1dc2fa7b33c40156128381c619109d9cebc5bf5ef9dbfcc8aa6b5e0c1911669def99139b6f4da854a5ecd59e896196fdf63fb3969c5ef5198962dc8da5c92c2e44362f044d65ea1082c030fa9ae16ccbd53b9142ae3672c46a20333d64e6562107e36b4a470846aec7f5bda33f9fb19ca2083be2842de9f67b5b11343b166ac30c8a6f46cb72f421a104d348c33e98ed19ddc3248221f569c70b745ceb7753de6a5bf74f22b833a"}], 0x1d8}}, {{&(0x7f0000001400)=@nfc_llcp={0x27, 0x0, 0xffffffffffffffff, 0x7, 0x3, 0x5, "44cb1deb4e8a669a46b1d0cf4177b24f6abe838f55a8438bfe39284b313d42ebe2d61c385a42dd06684b6fadf9ae0dd7d0fb6b51819beafb637eafc71ac55d", 0xd}, 0x80, &(0x7f0000001480), 0x0, &(0x7f00000014c0)=[{0xf8, 0x1, 0x4, "bdced22e2c9a026900910a8506bc21e08f96304b0c518a152fe955ac11ca96ae7a69cb9ce4ad75d46e7a8788dc98eefad33ee767a506fa0e83a9331e057bc0c929e1d30dad7be27c2179f9ebcb316800dc9c7bf6f58b4e0fb2adaf52657a562f168d5f4d238fb777d137fe4a1c7f9a1fcb4694fc1c5c449c7b145d60c905ff508a5467ce33b5909cfee337b6c2a9c486914edc388776b8125994825f91143bf0e2cd6f16ef6ca376c5b5539b6f9ffee690cca141238eeb5cb60427219685d3a75caf767880ee0f9776ed1622899492511b42fa24c5a4902d2ecb426cf28cd2d19c94ac47696da42b04f148"}, {0x34, 0x220, 0x401, "7ca020d408a7a68152c9480c24c608eac92d0d9101acb673181b8ae21618c364c1852cde134e1928"}, {0x64, 0x0, 0x0, "6a58c0e1763bf7f04532379562f759640c40a2371453488fde235b9f8c8302da6070b066e9ad5eb4625ca30d38e3d7e45c6a1ff5b622c554c2e536a5cc1d8fb661b3c0f505def8e4505891d364fae38d7f70dff529e79d29"}, {0x100c, 0x103, 0x5, "2934f281ae7136e967ea63464735f85d69f715b8c9b7e251ec0b54ae4d8015d36332c06cd6cba080e7282c61836315936b9dc00fbb5171c378909f92f9bf73b71cca7c0512e93734dd4feb2afdc74808847c9e7cbb0bd0cf5afb64425938ff0cd6e23d7766f1fb95912b44a02d166cb3744b620a5f2c20ea6fb68d5c4567eeab3ba2ee5852220bbfbe7331c76e5982b6d58daaef9b634cc82502fa9981f9df6fbb19b6649847864d214ad6250765da0642bc45f4eabf0b0a908873f343000e34650289f18a8317e59675a987dcfc644c2e7e3918daf9b6cc5c3518bde993063cf9b525022e17dfd81420fa782e594c0f2e29c1a2c3a55a25c60c5aecd77b7c79431edc908da4232eef977fb0e696744c430a08002e2953b20ae1e44e11789ef93905720bae5406f1049abba613c7d745e9f0920e90668317511f27767d03fe355fb132bd2b18950e3f8ced005bfebec44270324a38c879d332c186a2eca68ccf9ad259d70332c4e228ee7ec4d46d73f0eea3515366d395725b467fe00fcc15524441eca42eee187da174ddaff3cb3b9607ea1966d84131a335ab8a535002ebd3d11788cfb540f379f6f045678c0dccb00b4fc5fecd05ebb251139353970c465aee6678c32c845bee5321b0ef9363d516dc0c84dbbad28f3bac9e6073b4ea8d66f8e5f1513464dbcde41f9ad9431672198a13debf8fcc2b52de3ebc0dd199b20df0a464b99308d892ba2803b450e4bc1eb1577225206cc77ecd7b1b818a470724b32db866b49185f6c043c4bc336de3bdeef028376071393d96d0b74a5c757a973befcf8af3e0be15ebb5190a04fd73de2a8899d0e64b84845ad16d07b4de18e8f834f1e0bb6eb1e1be9507cdd7e503f5c6af8b228fe684b1ed7d9dcb45e940d722af10281f07537c9b87a70244255f80f00450a8f5a0b2900d4106d76e6682576184ef2c4f10750ff221d6871a990b70506f9444da86104d755b329e9f8c19a29349c72cefc99b7cde96b3c06a03bfbaa55170d7ef4d6fcaa5e07ef557810f11b9ca64d6fdc6914eafdd66cecc36a063f3a3d58db4802c00cfdfb91cd222852e324177760615194c9db463c373ac9ff5c936994f789e13681a2d1b46b45f1821203a48fca837515ef47703f77eef9336a3ec46925f6b5de12cd800ad5039aadc7314f2564f3f494e5d9149e5a4a984a8c1fc9292304d06842145a2f1868076b6fc071927750979731bda81539e292a5cf300351f090e21bcc2a3e4184675de3dfb38bb3a7795d8884ba923b1921d2f2ac7b4bda08ea31ea59bc3fe2506435bbf3223c17cc08baef11dfa4162d52d2ac5c793cf28f4c9e4a7d078c4c22ea668a543aa4797769f68393cf420070c137c0846e49d2dff843cf6c25d77c38c7f5603fc92f69fc608ca103e839071c1921816fbd3303d172f69c7f93930b6d1b80a717a7b728acda8fa23f1154646299fd3907ef83f457cf1c86b603008fad0b9068e5b41f9c6d4d38d6689ca1dafaa8a76f42da51603ce3873fefc54eab7e20b558b1b953e7af73b384201c7b144c3c25335ef52d382237b92288c199e1b7f56b6754d25b5259b08dfc0ad24f9f3d5429f270e6e2c3a933c8847ef375c0c9aa64edd89ab66e9b18f05e2ff865f17862933cd2d23701cabb0d26f5903f380260cb46a1a973fb0814db8095bb5cd032279218548ccf3a7c7450f09c28a02f640ed1523fab9748b97a6aaa33dd8469ca8329c2f55cfcdd67efa5056b6d9bf65f04dea9eb7560cbc345300d87e6a5fbbe9ec0046084d3bec3f7999d751455afed843ea799bebff804e8d3e5ce9cfc14a50dd285ae10ec04d10def6707e24b4e6d2434166da45242f0f176ea60114f072fe8f74ace0cc19e913449e324707c07431b99b2fbe927b14c9608622db6323b6ee826e492ef022f2fb243b0821bbe3846648f1867667c8d9983dc830ddf0dd12c81e4b80abe7752ec4ae71faeec96bae52ed64c062566ad571e59a7cbff32edafb2ddcf1cacf3dc6550f7132bb0033af513006a7e1207ac05bf5ff3000a3e89829aab57667ac296ffe87d2d94ffda6548499301e8c61f369b141b92be344dea01f6b4a08232fd87e99b9626c4622f08c12876f98671009446c56839bffda8a52822077b25375f79b5f53f89c9b7d9065ff44ab336ac9c9fb77ee6ab6d293a72f2c0309b10d6a14f44932350ed4ad92f0f1b8836c0528a636ec791733649e2bc0f94e4c884b777324b34b0e300378d87df25493703ed66cdff1dd54ddb5d779810649d09703efcf934333287f5c0b1af46ef8f4e9c5a07bf09bf5472d1e68010d243ad96f7eb6ac45cb60a82861e5ebadcbceaca7c1a5ad4a025115fbc40b781539c9e29265785a390de5e397d0a9aa10e651b9f787084a34018d5172fa6d44f772a566f5f9b5a29d3bee1d8c499fbe67eee020029c1dd2c578dd487ffe49f17b9723c13e8cb99c86a53989a8633f5078476e49d3b48a198a0d9f9b61f2a63a77b645549cbcd82cb5f53fc6dc9ef35ab15f378b9249922578e9185d54516980b3df21caf3ff5e71914187f72d41d489e71d4126036a81f5ab9af3d672e61b4a3a228de7d83bd2ff24313ccfcd0c24041c0de4ec04de5733a777b4248d9b6334c169f29b9bbd79c2ab588bb5a6220fd651c5f1c26b82026f1d20818f114f1d566ad29752d5f785ed8cce9166c551d24ed35166a0b3b4a3e5bb5c3906aa3c5157e93d3f7b8d74da8fc18ea0835d028580a9ced5f8a024e18c23999307befbf3609893549ae7e7aafb45583d96722eddf2ab40632bdc5dc28e3adb031efa7c26b187863a60cce9114b9673e9d736496af84469fce42395f78e0e6c40b6489c91194ca5235f13a3f1516e997ed2566226568ba8bcec36bd369888aaf46fc67f878b845c14adf23f730123ffbbf2ac52f7be054d103f5755f2c722d2fab3da711f75a953674a4a3243ff8f64fd601d95d7a85cc291264fe945166b7bb5d8cfa89776863c85963f79d6f393fb7051bf0a2cc933061425056587753a99c341873aca3f0355cea2cfd696f7b950569064bfe20d4823550458fe9ebcda05e6c5ca647d9248219deeeb2b27c799076b6a092314ce4a3ed0b0b963e0ba819fe27e39357c0787f29f6cfc90f474cf57c11363ca15e8cf91873e5f88639a973ba06ab4da30eb16e519d2aa930a075a9a832b7fe068d47c5633e12272975b4ee789e59c42c17f320d4b8e499cef309bf34fd887f146a2ff9d5e1ae71ced2652fceaf1ccc4a61ec9310eb2e6ec5fd4d476c880b8663eef7a647c17491011387901473bf0f6437355290e4ecc10f1796c5c5ba3161ac297bc179c3bfed54cce0c2fff5e53c3cf4f5ea2172ee22816fa0caa419177c30249d6bec818e0d29e4eddac58c5a2288bdfa854d0072563d618b6c291f0835cc4b25d457bd20d50cc4291ac26c97780091d2fd60b2e402afec2ee16d5b4d2ee6899a02c0ea2cd435fcf3f4e2bf8056d58d6373cd96c6e33258b130c5489a0490ccecc78b50aeffe00129551e6d262812180bb66e45d36e576ef6928a166bc8629033c7c86cd874d79c56493a12e68d1385111bcd1c055fd0258e9ee6be6e721c26a4e0706ecb32a2813c92ffa0dd47b52df36543846029117337f90935d20aab6515e2d5cea0fa87b99afd795c3fddf17c576b4c548005b5ca8ac63d97e845bee87dc520d32e4c39fffe5ad13a43fa8340e3ddf77afdff026ba678b0156c17a1a5bf71a8f4eeb18c09ea500190810ff4f86a5eb6bba5754d3c24e989e05179ae6902cb994275c172af9eab0756c62a3d16d05c48fc60451505ca68f0d435e4e2865dfc1fc5a178540693ea3efa45c6965efd626c34e1ba337f2cab09feb0331368bdc4c62ded1f5a86025d74edcc36b880f239b1a84e186f6b962ebe14b91448f69a3106a3c5cd4a150f550ee6bca39197125da6a71f8ae1513cdcffdab527da08290e26d8a2335b784f7cc6da41b6428495ded73027ca89ff86a8b425ed8e9642170be9397ce662cae6e1ffb47385095cc367800067e19afd534330215a365b3941ba996e7bb98b6aa90354875c146da209428e056ced4f43bf234869a96864b34ac9cfa5ecbcd1779b7527dce1a6798e38c05cd753a4bed94156d81d26e4feec9eb2102b5cb698c4dc396d48ffb5b0e3cb93b0860384d91975646548c86253b8e85a1ff8e9b511f5d8ba6ee60072d9e8707f6f0de822d804c14803466675eb33bad9e3ea420b9f2149e237642138e11dfe0ad538741a80d5f22b7c7d238881de5549f6d28d5adc8886689b458cb9a62bf40ae3eab665a978f67ca04c05a33d3b99e347c38b5587d5561f9c80318aa53d8be694edbbe49c1cb904b560eed2732f5c212f862017cba3549515da4e0f9691f87541cc97d455596d70f85b8ce6254d248bc468754f7df1468d5626be6dcb7c451ed69ece4bdf0a099fb1b309783b028289b149481f6e8bd6aed425a16e8658189e4e3fdf0e300960a4aaf9d78d1b9f710e8f0dc1db5e59c6cab317eb18514657eb16a0310271139b19c1559eaeae3ea8ec66dec23d84d774569eb9335bb33786efc51de7fc20b87e88dfdafda218895a19644dcf743cc254d2d884565b7e55826185995f8f47b40ad3d288eddfa1f3e9874d5b09f6ba1f81098232a7509f522aae465727a25096f1773cd12a7f40041803c095630a7c4d632566f602abf22a9df628398dbec4a480601e5cb354f363024214720d067a9e7a2df281a7976365691dd96dae9f7361d212b9defe96f630c2ff291789e1e954ae6c57a50f1e8d47aadb32e3f36690aade46680b4e8875e47a7be788d229c41e86d06a03695c0cd0e169b9d913c21ef5249ac4b1b447a09d63f1c7cb1631c926eb60592e8ed0e9def7010ef6ef6cd8a19d06fc0d5e4651a300e1599259bc7d2a16efa12d69fc40b78136f1d3bc118133faccb04811980efe015685b1dab963bc2d9655b17167205149a6f0b7e27e5d8e193ce00f6945480d17929ce24fe85423fd781cc24e9eb36d979a0d50efe3003f73f6425aa4fb0977bc4aa7301c39982951505d3d440457b0837711b8b83b0f4d85667bdd7beddfbcf471d06a351cd01e96c7c44f95a472e16de78a889c8dec6cc9e6ab160a2965c8af5fe056c87b17f9da6d684688a4b2ea3bb6e9df7d335adfd15ea85d583c4a172ae2aebe497b3bf6ca7ac6a995e3c5f1db0f69936d7e468d234c3148e5dc7b590200efe9e0ef65638a4a6512c14ad99912b5be5f9f6b9b26a7d3cbd614a41e1e6acb6974465d5e1f3ef32daa6b19c2a6b1d78017de38c686b9c8a2aa95a50ed331327039e32a9d67e2cef261a6a7f0278c4f8664b00ac2d460d8903d4e8cf6a15fd8b4b29330c82448dc44db27ca9b9ff82e42cde4c0fbef3dcecdbb60fcdd6c59fe68df8e64ba848602bf85a65832905771588f2c3cf206b2212b4aef6c8db1d9e7c4d13cf4fd64106dead228ea43522e8a0b3ff98cd0eae26940a21f37a85c78bb32947f56ad7d764c194276a98b9066f5b717f919120961073e92c5c8a8dafdfc4c4ce9e980be053844aaf94a66e81d531c2c7d0e2fcc56e8c78a0e8946d843ef8166a9d81cb0ab15cdd8d04941e466db7e8e7954413776441963b9b78bac984bcd483178c049830f88daf491ebb8f9adbf5cdae7083c55a70e6c32d0fe3d1299505231a2474d5723dc0bf6a285e03cfb0b83fbf21fc1f2b780a6a957355419440aaca68931ae34b9f71f0e386bfda26edf941f6be2652b34d99321796d9c7141b0ac7a6"}], 0x119c}}, {{0x0, 0x0, &(0x7f00000028c0)=[{&(0x7f0000002740)="2878f861173c896ce4d701137db0e25c34191427369be4482972d793c520fb50477f93706147105c098d9075b59fdcd51494d2cc6842b285d3e716ab4bfce681df49644d6a7463bc7f24601f13457223709914e1ba4de8aa2187c91b753721b3a8b9c5891982b6cd1074ea916aba85bf8d816ddd2a71c40a45ff", 0x7a}, {0x0}], 0x2, &(0x7f0000002900)}}, {{0x0, 0x0, &(0x7f0000003d00)=[{&(0x7f00000029c0)="7f4a494f923ef14df431416e0e1f9755d47740f433eaaec2b25d5653db6ee2a380f2fd4cd3784d6cde36ff262e7649213bb22c098a2618dd678e6eb6f2b502baabf22e371406ab1579fb3afcf05240c5a5dd9ecd6562b7e26c679c7d4d906f7e324bb6ea64f2d96d116c8dde2d695dd38da8047614d0b3a6662537fbb5e50b4a8ebee25cb94097d2f8883d72fd512d88b32e91adb84adbee530747868cdfd09a9d0b866b51225ab2132c8c4539b411c8e4fc8b77d80345296c1e09c9771c76f406a3314ea4148ae61e6169e29f87c6fb9a903ff4c4369a596536c7fa19caeda8cda00cc890d0e7c4f823149e3f3b30736fbbd9958625e407cb23b006436aa2ff745427ef46bf26cc40765ec56e5e1f963451c8731ab33acec381dc3ce307c7c9c0e57e1436aaf92471fe141b055f48f089b1e6b741e0a3a06b4597c14ea66eab38773b98ee62282b5b1771cbeb0cca2af046d7776087de3fda99f68a446fe5b127edeefad6f3f32c980c437291e2623be774fd3bbd4c0985b90e530fbe77cdab3d020cc0f63831d2b9ab985b6c4ff9ed04dca78c7d400ab2482faaf11bb716b7a136e45fbd2c356c580d8d07140d4cadc40fd091b051af8847dbef5822413708707d8256965f22fda87fec5990ae32d094cc20d66dbd438f67bcdba38323a2c494ba9940b1f7fa07c6f6f5f95a31a29fbf522f00135f12eabb3839ae8b9349bac126d372b2518e3360dc5b0c5b3b511ab7b88ea706d79bf3f4784b7df94f146436b7251c87b53e4aa9c459b06a6581b488ee44376621db081d0576a92dc7a115da5bbc908003c39293503bf16ac2c6af6d7bac1f69576430b6ee5046eaf0464a74399669b652d4d3701b0705a9dbc5ba2867e221e584b5a68aee5f1fe07485e32ee5c1d1b40bb9e7bcb83481850898095d690b97e70e16986128628b106f09a5e03313bc93295683ad822c9b435b7cbc9440034ac2750fa1d4f48ada98838c7ff87bf935838abec0f4d4ba1dc18014c4b074f397274a058923df7ba13e9cf8c08f7628d916048f3b18a52ed9f4b1ab55f22567528a8ce54e0e0e7c81d92acc3fab46bd81226e112616487e72639d5c2db74c9dab75f77afb516aa6d328d12f57bee80733bc90beba555d5beb05bf4aaef576acea52210fa38171bf737b570e4f5594b7d5084de6d32b32a4b5e45d3a10d1b3f143b5640a8fb644577e5b0cc13b03956af2de8f23a5a614b4bea40a867a9b3dadb11df02198544d57ea0c71a585a0a67c18ccdfa927a49e0a647e28640f94159c03b258ab242d537a8227f4b3d0819801fafa103972afd2f44d97db99faecb7aa73437168301ca40c700a290da3a9823ada3db5a1a7ad17661cbcfabf73f4f6b7b7818c0f78cf47e378948f2b52c6bc35eacf581cbf34bb3be8f0388afd9c3702a61a20b7d86bc39649910b694d8bd785257ebff83d5c9b15908e26d7914e7bd76ed2d1f6590105a0a0b49aa5ccab39a3340a98f5237b3dc337815ba2c424debe74f0ff1f25763100df0ea784df698fb75de14d28d599766a19a41df7cda18494cb341b38a20b64e02f492e18fc37a425a39443986a6b1251b2baad2678f4913c70c97a83181ef292ad0eb96ebd32c05934665b3bca5dadfec2508e262e74e4dee23aa7e7c62d1a47372b203e3e6b51a51d0675eb3f746844e445eea3214b2db86b515e40f0600018de3dde250e33822160c61845d94c24a9b64cd0e4360a8ca4205ff25b2c960c36469141deee59b6c76cc23b74cb3003c869802c9888bbd2531df9e6f07de897464b57fadd6b30aff495cf70a3655b985edaa50dc8fd8d8f21479a8d61cd32e776ae141ba5cf0c47b15af99192eb2dbc226220c85e56419ed0ca7e10211803f6df02d37a1b323a4cb8d479803b38caa50bf590bafd7704d0e141e9c69b37e316f74443705ca2135e05b73a46414eea89d743cca55ccf48d44f9b9b0e3fe9d511e67a84ea05e561fbc4f8018735d87679dd976d58686334deabab5676ffbd3c1c20791a5edd7bc32cb9e630217a13f8d1d02c9566310ff25c945a811104a284cce7a0f1062aa7b6b61f97fb7504e60515bfbce9c458c04be1343e51e7b19926a30fb628f15584dd86a570ff0819ffcaa071b56ff5517203f5b979c46e5fa11fab86f05e34fd1921bdcc4d2d3358a050dce4de27f1f4c922db23370738a1c00968086803b2b17180c8695efc3b350fe4990432a8d48f9ac5c4ff33e7080961321134b7f14b1a24127789a0239bd056d43edfd03a5e77b8693df2d3f53058a7fb60ef9c01f907894e8af56001e204f8d2f9a7866a1b02ab1deacdd888319f43548b2a8bde72720709ec095a349031ba27984867d526ae29c41f70b4f821adac097758ec3ff238d1f3eb3b8cf87e4b9934a735c596112b7e0057f7ee0168c38677d900195aad6268b318ff289e1a7c70b4d57ea14e187f1e38f227e9127f8d22d997c2cd7657828a81a4159b9a8cb20e4724665f454e20ca68bb69df17e6ce471a12d89dd5ad34bcc3a812c0efafaed40a6490cbdf02554946da291eac6d23b9a168bb22bc4cff274c433ce9504c11ede4b31f5438e7e8bcfd24e8c8505868cb1c1be0957487c2e8518d30c26e5cd43a64fb7bb5e389d4d6f6669482871319b9ed1b8a37ca18c9a8675dd3c2449995b43f593b94aac9f794186fd18fee63af36e048a7bca210eb0ff3cf45c66a1a1ccdff77ed4a533cc8b3a6dab7886b55a935b1069b1ce2f058e9767cf4e93434597851146ce9a63c693da1d42d255394b52fb02beb7936f3b33fdd060e323543b6ae104f1dcdbfb67cab3d02b39b37de0351819a4f028c54fde019fdeb28714757039bb62f2f26debbb6692c506c119949ee2a689e80be22cae3f622a2990192f9c718ea3e6d0307bd2718580394d2f35132a0f10481d109a90bff66722593b05428ce6125a4e7150c4a0980818dd101e63890f46947468e6cc643a395e7d06a58336b8dd14f8bc5f9c6dd0b07f530cdfef3e6ebecdae9e0a3f594c3b4c2b5dfb46996d2f9b128bee2ec848b95dbfbe5599e1c48c13e475b3b785d82cececb237294d0e47b509031aab1d3f2022dcf737c4fde342ede966e61db2a2f7ada233bac7d7390d6d57b59a8c2276950ea198ddc54d941b16ee3adc6b8c797352e07578d882857b25594389fd12aabde9763d4860b393adafb3f31bd8697465de72c68982aeaca0224293a7dc1ff89b1e3491ff4617af4a26f215eb0aea1a5b849ea5c337d96602e3592e9a1ca3bee11a301c41871a01903991b656f703f1880a2ae4f6406081f9353995027e2fe265084a420d22dc0902f9bfc69a08def1f1c1c19830f2e5df653ae956658d581ac82adce9fb27245442aa6fdbf81bd6ef0cbf7a5dfa2085776b6cbdc3f29e9d0bde16130d99855d251f5b6fd28e62e2fc075e5270cd23e523b9cfa263017399c454b1e2633ee8eb0b07aefd7531afb3e04b47089a3aee04b5ae911676b455841bfb101ee3df59a98fdc8a0ee4502101ffb2c9483af411cad14d55b37da42df2898262392b78e6dd1d01355667f4792a06f7148b27fa2868226852e3707e563604fcfc83dd59e4a3085e7e4158124f43ef473e618a2974676e7dd49ac8b9b5183ceca0cdea08ce3a981d9642845297fd04a2046e7b87229c0bee6c34f9811ac73f3b3b780b2a0e6a157221fa7963141dfe94fc2ccfb246ee4f0c0557ab72009ba408b2db663723a96fb7711d160494ff82345833fc866ca5c84b12daebae6991672859eeaf71243fa5cf788d4864a295042e27411850167b6f7f6dccb0a73efafb14e46e70e456232bb82e28993f65bdc322c1c897f665a1b81ff05b4d119f80746fae53e879694cc3734d3f20a61d91bf68167e1a2a68b6c92aff15fd031869cb4d62779dc4e5e646f531db672529f61f666f246044c5e524c21a48610311b85a29d40bc2ecf81bab0041c9d99e21092db29f304ea5211db075b633ebe434b5d8ede8c74f5f771872755c0f7724362e8b8fdd2636b29b53b5cd76e9dc817532aafe1831b6ec3ac639bb925f40c1ea9f3d0dbdf2019dc8bb1a47c4b5a255730cb91cd98e1c05d9f62875fe2b42a66c2ae7389768ae9e0089ac43009fb732a843d09c74648583907e3601dcc931d2b26b2961533ed4ffe1a628daf90d9fc68494fa0c78695e4b3c2f8e693f3466c98630ecbcd67caf73ca259866a1848e16877075fdffabb3bf1ac9e4628fdc5368f88e8d23d9fc5e08fee0a830211121cf43196fc58b2407af878dd6248ad1945fe6146119afe344b1aa09901697a4dceabefe5ac158d253493fc0ecc3cf8f7a10c70203a1326e36b0f1adba4c26c87e2f124cf44dd1830f984eb0fa3a749a840cf63468922613cb611a4855c828d9b39516cfb0fdb908af2d9fb854fb13deee55ab8c39cf89303bef446d2e9c9f12dda707ef8c39919b5bf630d11988992cd7f1995253e77e63b7906d3873fd00b6d507cea90797f681716cd8a897329594f25f2fbce5d50afffbb81fac5ca236c65a5ca9f19654e95e58e359f7284ad57260a3d48329f629382ba5397b2b83b0eaa677652a39af984cb3c31d39ed1973b799231609b4de21ec322064e305074d6b8acd0a5fb6d712897d724894b010bd7975d45457479716a3742e1af70d33f14b78d35ae139557820c79ae4d5c1ce3f30d442a872111c89e0c8c8faf7d0ed2f1c9119913b61a1f51ad7affdb510f78b577e8bb0c1b51acbebad784f17dbf940619dac76b181db19c3e8a147613d97a39ffedd9b36262012295d6502c48a6f3384e1f00df5a60dcb5c2d23faff6d705668a10ea035a22b69d0308d03f146cfcc75111ca772403cbecdb32ea8efadd00c77eb1b365a28e4be3d341cc08e661e2c62167791dabb0e16c1dc267e5967ff01879834ebd70f4456fafc219e644eecf077c7e3b08d900374454e05ab61e119bf038112924c52d10846dac44cc98cfdb93afa3176e6a63932b77fd29e9ae4e1d08f3e4d2823b10a15e7795f18617fb92e5d300a695e63b00074eea04d99503c685804ff0447ae1fd217a491c08d3c6352cd475bc31e6010c84dafe382ef5a50c9827599981e6f4b9e5323d690a5e54208ad16c1952097304ec39b34f6253c66cae4c183b0e7db21be5e7582aae777d53c708abddbe6077f0275728d25ff9849fead95b8f20196e87c020d1ec1a53b9448c487c34ba47373ae69688f3e0e2bcb5a50820741101466507a2ecd76fea7d6a9b01cf1dae747e1ed5d5ad3c5157989ed0ab7c1f3cb9a344e42a11083acf5f701df2ea024680090dfb2e13d02a7ecd819d869614614751e673bd5bb3e1f6ef1d0840b5fbba9e4595279b3a36ce40c1292bb8a19fe5ccba1292e6f9f7efb4d2bb82adbd83ece88aa687ecac35630bc452b9f01048d93449ce83c1a281b792d11171edf6a294de7465c85eab1cbbd96b02aebf06d5577ec920cfa6e04c697e6a7bc444f8fe94ef581c51bc56c7b40c6a2bb8e817b28ecb7bdd3b2f1a62c03692da233c81c74fa3d535285f96a586cb5b70600b3233ffd02916fcb3e6d84f6ecc7669fc726e453b39bf353b20ad3d2acb6ebc750488500cf4f6f4be1b79719f77c3cf7fcf8c8c2fb2e3a392b762eb4965b66a89da83801176a0b3ab26da84f84ad0ecefac5b7a9d965806b769c1ff11d4c6fb2ddced5c6837a71103ff52e4967b95d2ae510d3865123dc1a6a7e9aebef6b69bbaf31a9e48e928696867421d2f22874a9231bf4a95ae272f554edf8d", 0xff8}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000004140)=[{0x0}, {&(0x7f0000003e40)="3fd39b1a31c4ca67207dc0b750faa6d1892c7f72ab77fee1e3036b7e20374686f30ed2409185bb34afacb484f1f5ba5543a7e20690fb0630fd77c017838ba1", 0x3f}, {0x0}, {&(0x7f0000004040)="88522aa86e0b16b51ab8", 0xa}], 0x4, &(0x7f0000004180)=[{0xc, 0x116, 0x3}], 0xc}}, {{0x0, 0x0, 0x0}}, {{&(0x7f0000004400)=@ieee802154={0x24, @short={0x2, 0xffff, 0xaaa0}}, 0x80, &(0x7f00000078c0)}}], 0xa, 0x4028004)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36)

6.046259745s ago: executing program 3 (id=1566):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x10000000, 0x5, 0xa, 0xb}, {0x1, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
fcntl$getown(r2, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = userfaultfd(0x801)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r6, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r6)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x1, 0x2, {0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x38}, 0x9}}}, 0x3a)
geteuid()
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f00000009c0)=[@in6={0xa, 0x4e24, 0x3cf9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x80000000}], 0x1c)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x2)

5.492569838s ago: executing program 1 (id=1567):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40000000000000000000400c1d67f6f94007134cf6edb8000a007a290457f0189b30d0db672d4de347a1bdbeecb16277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db79835323d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b", 0xd9}], 0x1}, 0x4080054)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000180), 0x4)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x2004c891)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x80805, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x80000003)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140), 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r8, 0x84, 0x1e, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000019240)=0xb4, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000001800000000000000000000001801000020207025000000000020"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_emit_ethernet(0x6a, &(0x7f0000019180)={@link_local, @dev, @val={@val={0x88a8, 0x1, 0x1, 0x2}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x12, 0x4, 0x1, 0x8, 0x54, 0x67, 0x0, 0x8, 0x11, 0x0, @multicast1, @loopback, {[@timestamp={0x44, 0xc, 0x5, 0x0, 0xa, [0x7, 0x4]}, @lsrr={0x83, 0x7, 0x75, [@local]}, @rr={0x7, 0x17, 0x12, [@empty, @multicast2, @empty, @multicast2, @multicast1]}, @lsrr={0x83, 0x7, 0x30, [@broadcast]}]}}, {0x4e21, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x185040)

4.555736081s ago: executing program 5 (id=1568):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
pipe2(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80080)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
ioperm(0xfffffffe, 0x40000007, 0x5)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000480)={r1, r0, 0x0, 0xa6, &(0x7f00000003c0)="3d42efc122e5d9a9e87c80b5ef77e951020c83c732378950f261ea328d577642f71333e248e07784e13e3e136548b781631856f4c01654b24111d28448a0b45663fedf44e97731b4f5bff11e073f4fe7022e45758b76cfb73db24b38ea844736373e95cc217c636238b2d603a60725834945b7085b72ff9e14fec03987d19620f29a81a28700036087a6cc537533b25c480a699300f34b544b509026149379dc136d5d1a497c", 0x6, 0x5, 0x3, 0xb, 0xe, 0x3, 0x7, 'syz0\x00'})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {0x0, 0x3}, {0xfffffffc}, {0x400000}], 0x0, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r6, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000003c80)=ANY=[], 0x12f4}}, 0x0)
recvmmsg(r6, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)=""/216, 0xd8}], 0x1}, 0x7}], 0x1, 0x0, 0x0)

4.515491656s ago: executing program 3 (id=1569):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40000000000000000000400c1d67f6f94007134cf6edb8000a007a290457f0189b30d0db672d4de347a1bdbeecb16277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db79835323d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b", 0xd9}], 0x1}, 0x4080054)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x2004c891)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x80805, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x80000003)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140), 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r7, 0x84, 0x1e, &(0x7f0000000040)=0x6e, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000019240)=0xb4, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000001800000000000000000000001801000020207025000000000020"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_emit_ethernet(0x6a, &(0x7f0000019180)={@link_local, @dev, @val={@val={0x88a8, 0x1, 0x1, 0x2}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x12, 0x4, 0x1, 0x8, 0x54, 0x67, 0x0, 0x8, 0x11, 0x0, @multicast1, @loopback, {[@timestamp={0x44, 0xc, 0x5, 0x0, 0xa, [0x7, 0x4]}, @lsrr={0x83, 0x7, 0x75, [@local]}, @rr={0x7, 0x17, 0x12, [@empty, @multicast2, @empty, @multicast2, @multicast1]}, @lsrr={0x83, 0x7, 0x30, [@broadcast]}]}}, {0x4e21, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x185040)

3.927401835s ago: executing program 5 (id=1570):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40000000000000000000400c1d67f6f94007134cf6edb8000a007a290457f0189b30d0db672d4de347a1bdbeecb16277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db79835323d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b", 0xd9}], 0x1}, 0x4080054)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000180), 0x4)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x2004c891)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x80805, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
futex(0x0, 0x9, 0x0, 0x0, 0x0, 0x80000003)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140), 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r8, 0x84, 0x1e, &(0x7f0000000040)=0x6e, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000019240)=0xb4, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000001800000000000000000000001801000020207025000000000020"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_emit_ethernet(0x6a, &(0x7f0000019180)={@link_local, @dev, @val={@val={0x88a8, 0x1, 0x1, 0x2}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x12, 0x4, 0x1, 0x8, 0x54, 0x67, 0x0, 0x8, 0x11, 0x0, @multicast1, @loopback, {[@timestamp={0x44, 0xc, 0x5, 0x0, 0xa, [0x7, 0x4]}, @lsrr={0x83, 0x7, 0x75, [@local]}, @rr={0x7, 0x17, 0x12, [@empty, @multicast2, @empty, @multicast2, @multicast1]}, @lsrr={0x83, 0x7, 0x30, [@broadcast]}]}}, {0x4e21, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x185040)

3.411467995s ago: executing program 1 (id=1571):
mkdir(&(0x7f0000000580)='./bus\x00', 0x0)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000200))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x1e, 0x5, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
close_range(r4, 0xffffffffffffffff, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
socket$rxrpc(0x21, 0x2, 0xa)

3.215965947s ago: executing program 2 (id=1572):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@mode}]})
r0 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x400, 0x2, 0x55595659, 0x4, 0xc, 0x6, 0x1, 0x669, 0x0, 0x0, 0x2, 0x4}})
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x42c, &(0x7f0000000140)={0x0, 0xdfa3, 0x800, 0x0, 0x1}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='cachefiles_ondemand_read\x00', r5}, 0x18)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v2={0x2000000, [{0x4, 0x3}, {0x401, 0xfff}]}, 0x14, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

2.123831523s ago: executing program 1 (id=1573):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40000000000000000000400c1d67f6f94007134cf6edb8000a007a290457f0189b30d0db672d4de347a1bdbeecb16277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db79835323d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b", 0xd9}], 0x1}, 0x4080054)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x2004c891)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
socketpair(0x1e, 0x80805, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_DO_IT(r2, 0xab03)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0x80000003)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140), 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r8, 0x84, 0x1e, &(0x7f0000000040)=0x6e, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000019240)=0xb4, 0x0, 0x4)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)
syz_emit_ethernet(0x6a, &(0x7f0000019180)={@link_local, @dev, @val={@val={0x88a8, 0x1, 0x1, 0x2}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x12, 0x4, 0x1, 0x8, 0x54, 0x67, 0x0, 0x8, 0x11, 0x0, @multicast1, @loopback, {[@timestamp={0x44, 0xc, 0x5, 0x0, 0xa, [0x7, 0x4]}, @lsrr={0x83, 0x7, 0x75, [@local]}, @rr={0x7, 0x17, 0x12, [@empty, @multicast2, @empty, @multicast2, @multicast1]}, @lsrr={0x83, 0x7, 0x30, [@broadcast]}]}}, {0x4e21, 0x4e22, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x8, 0x100, @void}}}}}}}, 0x0)
syz_open_pts(0xffffffffffffffff, 0x185040)

1.815659334s ago: executing program 3 (id=1574):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffe, 0x0, 0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000400)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

536.249445ms ago: executing program 3 (id=1575):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r3, 0x3a, 0xd1, &(0x7f0000000040)=0x20f, 0x4)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6d5200001f00000004000000ffffff0f000000003efacf40c66c215b2a543f755ffbbc9fe2a4cde0656f72c852d3198fbbce1d89c79b0ae0c009fa8652527084b0f77b0fb76ce8ad2246aa39256fee35b42e3b991938fddce8eeb07e939fa0", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0xc, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7000000}, 0x4c)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d667363616368"])
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r5, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0xa8, &(0x7f0000000600)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x34, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000100001000000001d000000000000000a20000000120a0102000000000000000c00048006000140000700001400000011000100a0e1af2b5fdf4ceb0000000a"], 0x48}}, 0x0)
memfd_secret(0x80000)

479.875034ms ago: executing program 2 (id=1576):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc88, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc4, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xae5b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
request_key(&(0x7f0000000280)='cifs.idmap\x00', &(0x7f00000002c0)={'syz', 0x2}, &(0x7f0000000300)=':\x00', r0)

0s ago: executing program 2 (id=1577):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x10000000, 0x5, 0xa, 0xb}, {0x1, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
fcntl$getown(r2, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = userfaultfd(0x801)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r6, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r6)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, r6, 0x1, 0x0, 0x1, 0x2, {0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, '\x00', 0x38}, 0x9}}}, 0x3a)
geteuid()
ioctl$UFFDIO_CONTINUE(r5, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f00000009c0)=[@in6={0xa, 0x4e24, 0x3cf9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x80000000}], 0x1c)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x2)

kernel console output (not intermixed with test programs):

ma:0
[  341.207168][T11306] Node 0 active_anon:5036kB inactive_anon:1576kB active_file:2648kB inactive_file:6856kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5088kB dirty:0kB writeback:0kB shmem:4808kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9584kB pagetables:1084kB sec_pagetables:1148kB all_unreclaimable? yes
[  341.216085][T11306] Node 1 active_anon:24024kB inactive_anon:792kB active_file:2668kB inactive_file:1868kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:116432kB dirty:632kB writeback:0kB shmem:26504kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2808kB pagetables:2044kB sec_pagetables:140kB all_unreclaimable? no
[  341.225302][T11306] Node 0 DMA free:2980kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:156kB inactive_anon:44kB active_file:48kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  341.233302][T11306] lowmem_reserve[]: 0 294 0 0 0
[  341.234695][T11306] Node 0 DMA32 free:19024kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:4880kB inactive_anon:1532kB active_file:2600kB inactive_file:6848kB unevictable:3536kB writepending:0kB present:1032196kB managed:301744kB mlocked:0kB bounce:0kB free_pcp:2032kB local_pcp:68kB free_cma:0kB
[  341.244324][T11306] lowmem_reserve[]: 0 0 0 0 0
[  341.245719][T11306] Node 1 DMA32 free:208460kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:24024kB inactive_anon:792kB active_file:2668kB inactive_file:1868kB unevictable:3536kB writepending:632kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:20944kB local_pcp:7436kB free_cma:0kB
[  341.254234][T11306] lowmem_reserve[]: 0 0 0 0 0
[  341.255821][T11306] Node 0 DMA: 15*4kB (UM) 35*8kB (UME) 25*16kB (UME) 32*32kB (UME) 19*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2980kB
[  341.259863][T11306] Node 0 DMA32: 92*4kB (UME) 58*8kB (UE) 41*16kB (UME) 152*32kB (UMEH) 68*64kB (UEH) 21*128kB (UMEH) 8*256kB (UH) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 19024kB
[  341.266957][T11306] Node 1 DMA32: 43*4kB (UEH) 196*8kB (UEH) 157*16kB (UEH) 106*32kB (UEH) 247*64kB (UMEH) 107*128kB (UEH) 103*256kB (UE) 89*512kB (UM) 89*1024kB (UM) 4*2048kB (U) 0*4096kB = 208412kB
[  341.272345][T11306] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  341.275018][T11306] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  341.277619][T11306] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  341.280510][T11306] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  341.283283][T11306] 11567 total pagecache pages
[  341.284642][T11306] 208 pages in swap cache
[  341.285888][T11306] Free swap  = 110944kB
[  341.287119][T11306] Total swap = 124996kB
[  341.288349][T11306] 524155 pages RAM
[  341.289414][T11306] 0 pages HighMem/MovableOnly
[  341.290778][T11306] 207816 pages reserved
[  341.291943][T11306] 0 pages cma reserved
[  341.936721][T11341] block nbd0: shutting down sockets
[  342.061023][T11344] 9p: Unknown Cache mode or invalid value fscach
[  345.209470][T11410] 9p: Unknown Cache mode or invalid value fscach
[  345.619282][    C3] vkms_vblank_simulate: vblank timer overrun
[  345.751324][    C3] vkms_vblank_simulate: vblank timer overrun
[  345.855886][    C3] vkms_vblank_simulate: vblank timer overrun
[  345.871551][T11416] random: crng reseeded on system resumption
[  345.886831][T11416] Restarting kernel threads ... done.
[  346.154562][    C3] vkms_vblank_simulate: vblank timer overrun
[  346.429328][    C3] vkms_vblank_simulate: vblank timer overrun
[  347.686036][    C3] vkms_vblank_simulate: vblank timer overrun
[  348.834542][    C3] vkms_vblank_simulate: vblank timer overrun
[  349.101313][    C3] vkms_vblank_simulate: vblank timer overrun
[  349.290647][    C3] vkms_vblank_simulate: vblank timer overrun
[  349.835822][    C3] vkms_vblank_simulate: vblank timer overrun
[  350.826530][    C3] vkms_vblank_simulate: vblank timer overrun
[  351.900844][    C3] vkms_vblank_simulate: vblank timer overrun
[  352.610594][    C3] vkms_vblank_simulate: vblank timer overrun
[  353.442223][   T30] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  353.512260][    C3] vkms_vblank_simulate: vblank timer overrun
[  353.592241][   T30] usb 7-1: Using ep0 maxpacket: 8
[  353.603500][   T30] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  353.606901][   T30] usb 7-1: config 0 has no interface number 0
[  353.609665][   T30] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  353.615318][   T30] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  353.620296][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.626594][   T30] usb 7-1: config 0 descriptor??
[  353.633573][   T30] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  353.839265][ T1487] usb 7-1: USB disconnect, device number 41
[  353.957110][    C3] vkms_vblank_simulate: vblank timer overrun
[  354.364480][ T1487] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  354.554884][ T1487] usb 7-1: config index 0 descriptor too short (expected 92, got 76)
[  354.560728][ T1487] usb 7-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  354.578912][ T1487] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  354.586086][ T1487] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  354.596646][ T1487] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  354.610540][ T1487] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.616748][ T1487] usb 7-1: Product: syz
[  354.621543][ T1487] usb 7-1: Manufacturer: syz
[  354.624622][ T1487] usb 7-1: SerialNumber: syz
[  354.860296][ T1487] usb 7-1: USB disconnect, device number 42
[  355.722315][ T6007] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  355.875403][ T6007] usb 7-1: Using ep0 maxpacket: 8
[  355.902995][ T6007] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  355.914286][ T6007] usb 7-1: config 0 has no interface number 0
[  355.920306][ T6007] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  355.936481][ T6007] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  355.945303][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.988632][ T6007] usb 7-1: config 0 descriptor??
[  356.992808][ T6007] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  357.092542][ T6007] usb 7-1: USB disconnect, device number 43
[  359.851878][T11526] random: crng reseeded on system resumption
[  359.896195][T11526] Restarting kernel threads ... done.
[  359.908581][T11527] block nbd0: shutting down sockets
[  361.870379][    C2] vkms_vblank_simulate: vblank timer overrun
[  362.087805][T11562] block nbd1: shutting down sockets
[  362.570419][    C2] vkms_vblank_simulate: vblank timer overrun
[  362.662463][    C2] vkms_vblank_simulate: vblank timer overrun
[  363.219377][    C2] vkms_vblank_simulate: vblank timer overrun
[  364.075645][T11577] random: crng reseeded on system resumption
[  364.117570][T11577] Restarting kernel threads ... done.
[  366.387872][T11595] block nbd3: shutting down sockets
[  366.605387][    C2] vkms_vblank_simulate: vblank timer overrun
[  372.761330][    C0] vkms_vblank_simulate: vblank timer overrun
[  373.013676][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.529475][    C0] vkms_vblank_simulate: vblank timer overrun
[  376.106877][T11622] random: crng reseeded on system resumption
[  376.138116][T11622] Restarting kernel threads ... done.
[  377.269024][T11627] 9p: Unknown Cache mode or invalid value fscach
[  377.385416][T11628] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1258'.
[  378.173024][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  378.226266][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  380.309911][T11645] block nbd2: shutting down sockets
[  381.836723][T11652] random: crng reseeded on system resumption
[  381.858147][T11652] Restarting kernel threads ... done.
[  386.859027][T11664] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1269'.
[  387.202518][ T5950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  387.223672][ T5950] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  387.230438][ T5950] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  387.254825][ T5950] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  387.275260][ T5950] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  387.279976][ T5950] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  387.531440][T11676] block nbd1: shutting down sockets
[  387.778635][T11671] chnl_net:caif_netlink_parms(): no params data found
[  387.904229][T11671] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.908995][T11671] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.915260][T11671] bridge_slave_0: entered allmulticast mode
[  387.919544][T11671] bridge_slave_0: entered promiscuous mode
[  387.930462][T11671] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.933775][T11671] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.937196][T11671] bridge_slave_1: entered allmulticast mode
[  387.941711][T11671] bridge_slave_1: entered promiscuous mode
[  388.056003][T11671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  388.062191][T11671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  388.313501][T11671] team0: Port device team_slave_0 added
[  388.350479][T11671] team0: Port device team_slave_1 added
[  388.866393][T11671] batman_adv: batadv0: Adding interface: batadv_slave_0
[  388.881358][T11671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.923414][T11671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  388.941044][T11671] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.945327][T11671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.958872][T11671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.224955][T11671] hsr_slave_0: entered promiscuous mode
[  389.232861][T11671] hsr_slave_1: entered promiscuous mode
[  389.239714][T11671] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  389.260515][T11671] Cannot create hsr debugfs directory
[  389.327294][ T5300] Bluetooth: hci4: command tx timeout
[  389.539009][T11671] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  389.553435][T11671] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  389.566316][T11671] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  389.586075][T11671] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  389.718245][T11671] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.737831][T11671] 8021q: adding VLAN 0 to HW filter on device team0
[  390.017102][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.023696][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.090720][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.093353][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.374811][T11671] 8021q: adding VLAN 0 to HW filter on device batadv0
[  390.848920][T11671] veth0_vlan: entered promiscuous mode
[  390.864625][T11671] veth1_vlan: entered promiscuous mode
[  390.902575][T11671] veth0_macvtap: entered promiscuous mode
[  390.910814][T11671] veth1_macvtap: entered promiscuous mode
[  390.934183][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.938939][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.945463][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.959118][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.963983][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  390.971444][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  390.985116][T11671] batman_adv: batadv0: Interface activated: batadv_slave_0
[  390.996869][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  391.004274][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.039833][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  391.063158][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.067984][T11671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  391.076946][T11671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  391.104714][T11671] batman_adv: batadv0: Interface activated: batadv_slave_1
[  391.125903][T11671] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.129714][T11671] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.134625][T11671] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.152085][T11671] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  391.388677][  T105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.400584][  T105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.439022][ T5300] Bluetooth: hci4: command tx timeout
[  391.473421][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.477773][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.559461][   T39] audit: type=1326 audit(1740532566.589:31242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11702 comm="syz.3.1274" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f81579 code=0x0
[  391.805283][T11709] random: crng reseeded on system resumption
[  391.831761][T11709] Restarting kernel threads ... done.
[  392.933503][T11717] netlink: 18128 bytes leftover after parsing attributes in process `syz.1.1277'.
[  393.497670][ T5300] Bluetooth: hci4: command tx timeout
[  393.532935][    C1] vkms_vblank_simulate: vblank timer overrun
[  393.739038][    C1] vkms_vblank_simulate: vblank timer overrun
[  393.882109][    C1] vkms_vblank_simulate: vblank timer overrun
[  394.403177][    C1] vkms_vblank_simulate: vblank timer overrun
[  394.624195][    C1] vkms_vblank_simulate: vblank timer overrun
[  395.382075][    C1] vkms_vblank_simulate: vblank timer overrun
[  395.582370][ T5300] Bluetooth: hci4: command tx timeout
[  396.291877][T11732] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  400.719568][T11739] 9p: Unknown Cache mode or invalid value fscach
[  401.554745][T11752] netlink: 18128 bytes leftover after parsing attributes in process `syz.1.1286'.
[  402.424959][T11760] 9p: Unknown Cache mode or invalid value fscach
[  403.148543][ T1134] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.354823][ T1134] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.773716][ T1134] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.063705][ T1134] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.680256][ T1134] bridge_slave_1: left allmulticast mode
[  404.701784][ T1134] bridge_slave_1: left promiscuous mode
[  404.707822][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.845296][ T1134] bridge_slave_0: left allmulticast mode
[  404.849939][ T1134] bridge_slave_0: left promiscuous mode
[  404.857890][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.555036][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.577945][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  406.611767][ T1134] bond0 (unregistering): Released all slaves
[  406.972544][   T59] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  407.166001][   T59] usb 6-1: Using ep0 maxpacket: 8
[  407.171083][   T59] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  407.186468][   T59] usb 6-1: config 0 has no interface number 0
[  407.190542][   T59] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  407.198470][   T59] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  407.208930][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.229565][   T59] usb 6-1: config 0 descriptor??
[  407.236623][   T59] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  407.444955][   T59] usb 6-1: USB disconnect, device number 32
[  407.895486][   T59] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  408.139108][   T59] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  408.159446][   T59] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  408.175579][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  408.183272][   T59] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  408.228827][   T59] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  408.246355][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.251285][   T59] usb 6-1: Product: syz
[  408.257960][   T59] usb 6-1: Manufacturer: syz
[  408.259686][   T59] usb 6-1: SerialNumber: syz
[  408.468183][T11828] 9p: Unknown Cache mode or invalid value fscach
[  408.894516][   T59] usb 6-1: USB disconnect, device number 33
[  409.392193][   T59] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  409.666490][   T59] usb 6-1: Using ep0 maxpacket: 8
[  409.679063][   T59] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  409.685831][   T59] usb 6-1: config 0 has no interface number 0
[  409.688481][   T59] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  409.695466][   T59] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  409.737904][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.743187][   T59] usb 6-1: config 0 descriptor??
[  409.759795][   T59] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  409.915519][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  409.918501][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[  409.922367][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  409.925920][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  409.975668][   T59] usb 6-1: USB disconnect, device number 34
[  409.979508][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  410.027352][ T1134] veth1_macvtap: left promiscuous mode
[  410.030671][ T1134] veth0_macvtap: left promiscuous mode
[  410.033423][ T1134] veth1_vlan: left promiscuous mode
[  410.036331][ T1134] veth0_vlan: left promiscuous mode
[  414.114975][ T1134] team0 (unregistering): Port device team_slave_1 removed
[  415.219975][ T1134] team0 (unregistering): Port device team_slave_0 removed
[  419.827327][   T59] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  419.972241][   T59] usb 6-1: Using ep0 maxpacket: 8
[  419.976573][   T59] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  419.993276][   T59] usb 6-1: config 0 has no interface number 0
[  419.996587][   T59] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  420.014018][   T59] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  420.017188][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.052203][   T59] usb 6-1: config 0 descriptor??
[  420.075848][   T59] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  420.299364][   T59] usb 6-1: USB disconnect, device number 35
[  420.860150][   T59] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  421.031817][   T59] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  421.041897][   T59] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  421.062128][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  421.067235][   T59] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  421.094563][   T59] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  421.100795][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.110922][   T59] usb 6-1: Product: syz
[  421.121088][   T59] usb 6-1: Manufacturer: syz
[  421.144567][   T59] usb 6-1: SerialNumber: syz
[  421.389405][   T59] usb 6-1: USB disconnect, device number 36
[  422.042317][ T6005] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  422.202266][ T6005] usb 6-1: Using ep0 maxpacket: 8
[  422.208103][ T6005] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  422.214380][ T6005] usb 6-1: config 0 has no interface number 0
[  422.218594][ T6005] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  422.226990][ T6005] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  422.262439][ T6005] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.279007][ T6005] usb 6-1: config 0 descriptor??
[  422.293648][ T6005] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  422.503596][ T6005] usb 6-1: USB disconnect, device number 37
[  422.513922][    C2] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  422.937679][T11921] 9p: Unknown Cache mode or invalid value fscach
[  423.155243][T11921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1308'.
[  423.289898][    C0] vkms_vblank_simulate: vblank timer overrun
[  423.610724][T11926] random: crng reseeded on system resumption
[  423.632375][T11926] Restarting kernel threads ... done.
[  423.704176][    C0] vkms_vblank_simulate: vblank timer overrun
[  424.068129][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  424.080532][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  424.198115][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  424.302602][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  424.327910][ T5950] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  424.333095][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  424.450012][    C0] vkms_vblank_simulate: vblank timer overrun
[  424.720437][T11932] chnl_net:caif_netlink_parms(): no params data found
[  425.080101][T11932] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.102393][T11932] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.105563][T11932] bridge_slave_0: entered allmulticast mode
[  425.126087][T11932] bridge_slave_0: entered promiscuous mode
[  425.171812][T11932] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.174988][T11932] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.192538][T11932] bridge_slave_1: entered allmulticast mode
[  425.215210][T11932] bridge_slave_1: entered promiscuous mode
[  425.305473][T11932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  425.330894][T11932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  425.701477][T11932] team0: Port device team_slave_0 added
[  425.741360][T11932] team0: Port device team_slave_1 added
[  425.819746][T11932] batman_adv: batadv0: Adding interface: batadv_slave_0
[  425.823452][T11932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.833321][T11932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  425.855746][T11932] batman_adv: batadv0: Adding interface: batadv_slave_1
[  425.859600][T11932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  425.898384][T11932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  425.970313][T11932] hsr_slave_0: entered promiscuous mode
[  425.975839][T11932] hsr_slave_1: entered promiscuous mode
[  425.980410][T11932] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  425.988100][T11932] Cannot create hsr debugfs directory
[  426.230855][T11932] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  426.241551][T11932] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  426.249813][T11932] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  426.260091][T11932] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  426.387921][T11932] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.453601][ T5950] Bluetooth: hci3: command tx timeout
[  426.557454][    C0] vkms_vblank_simulate: vblank timer overrun
[  426.612502][T11932] 8021q: adding VLAN 0 to HW filter on device team0
[  426.763701][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.766771][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.794965][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.810605][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  426.964093][T11932] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  426.970598][T11932] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  427.100156][T11955] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1315'.
[  427.468631][T11932] 8021q: adding VLAN 0 to HW filter on device batadv0
[  427.873422][T11932] veth0_vlan: entered promiscuous mode
[  427.910291][T11932] veth1_vlan: entered promiscuous mode
[  427.982897][T11932] veth0_macvtap: entered promiscuous mode
[  427.999514][T11932] veth1_macvtap: entered promiscuous mode
[  428.020399][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.027282][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.032636][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.039141][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.045807][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  428.053532][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.071730][T11932] batman_adv: batadv0: Interface activated: batadv_slave_0
[  428.099106][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.110406][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.116597][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.121665][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.145712][T11932] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  428.151754][T11932] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  428.169427][T11932] batman_adv: batadv0: Interface activated: batadv_slave_1
[  428.179310][T11932] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  428.184418][T11932] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  428.189425][T11932] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  428.194614][T11932] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  428.551405][ T5950] Bluetooth: hci3: command tx timeout
[  428.963361][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  428.974318][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.019180][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.044192][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.602323][ T5950] Bluetooth: hci3: command tx timeout
[  430.613617][   T35] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  430.774563][   T35] usb 6-1: Using ep0 maxpacket: 8
[  430.808085][   T35] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  430.814140][   T35] usb 6-1: config 0 has no interface number 0
[  430.833801][   T35] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  430.851884][   T35] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  430.857353][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.930532][   T35] usb 6-1: config 0 descriptor??
[  430.947306][   T35] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  431.137144][   T35] usb 6-1: USB disconnect, device number 38
[  431.584229][   T35] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  431.753684][   T35] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  431.772945][   T35] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  431.783615][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  431.792141][   T35] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  431.799499][   T35] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  431.804650][   T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.810732][   T35] usb 6-1: Product: syz
[  431.818902][   T35] usb 6-1: Manufacturer: syz
[  431.823040][   T35] usb 6-1: SerialNumber: syz
[  432.078296][   T35] usb 6-1: USB disconnect, device number 39
[  432.683507][ T5950] Bluetooth: hci3: command tx timeout
[  432.764020][  T834] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  432.915446][  T834] usb 6-1: Using ep0 maxpacket: 8
[  432.937742][  T834] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  432.941681][  T834] usb 6-1: config 0 has no interface number 0
[  432.945519][  T834] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  432.950123][  T834] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  432.960523][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.971419][  T834] usb 6-1: config 0 descriptor??
[  432.978247][  T834] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  433.181361][  T834] usb 6-1: USB disconnect, device number 40
[  433.184620][    C2] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  433.784055][T12053] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.1323'.
[  434.991608][T12076] netlink: 'syz.5.1327': attribute type 21 has an invalid length.
[  436.035490][T12089] 9p: Unknown Cache mode or invalid value fscach
[  436.230146][T12081] block nbd5: shutting down sockets
[  439.682947][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  439.685853][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  440.232231][   T59] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  440.402608][   T59] usb 6-1: Using ep0 maxpacket: 8
[  440.415436][   T59] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  440.418428][   T59] usb 6-1: config 0 has no interface number 0
[  440.420454][   T59] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  440.430491][   T59] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  440.434185][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.450399][   T59] usb 6-1: config 0 descriptor??
[  440.458813][   T59] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  440.742307][T11969] usb 6-1: USB disconnect, device number 41
[  441.277726][   T65] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  441.486763][   T65] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  441.490358][   T65] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  441.496773][   T65] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  441.523667][   T65] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  441.543466][   T65] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  441.550204][   T65] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.554172][   T65] usb 6-1: Product: syz
[  441.571226][   T65] usb 6-1: Manufacturer: syz
[  441.573588][   T65] usb 6-1: SerialNumber: syz
[  441.792393][   T65] usb 6-1: USB disconnect, device number 42
[  442.383622][   T66] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.462291][  T834] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  442.581892][   T66] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.638432][  T834] usb 6-1: Using ep0 maxpacket: 8
[  442.642337][  T834] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  442.645534][  T834] usb 6-1: config 0 has no interface number 0
[  442.652606][  T834] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  442.664685][  T834] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  442.674946][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.695195][  T834] usb 6-1: config 0 descriptor??
[  442.746083][  T834] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  442.809810][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.838944][   T66] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.857726][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.005700][   T59] usb 6-1: USB disconnect, device number 43
[  443.016924][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  443.077486][   T66] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.602304][   T66] bridge_slave_1: left allmulticast mode
[  443.632806][   T66] bridge_slave_1: left promiscuous mode
[  443.636341][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.705963][   T66] bridge_slave_0: left allmulticast mode
[  443.709140][   T66] bridge_slave_0: left promiscuous mode
[  443.711551][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.741103][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.793711][    C0] vkms_vblank_simulate: vblank timer overrun
[  444.729791][    C0] vkms_vblank_simulate: vblank timer overrun
[  444.810609][    C0] vkms_vblank_simulate: vblank timer overrun
[  444.878227][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.045742][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.224257][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  445.296225][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  445.340392][   T66] bond0 (unregistering): Released all slaves
[  445.353693][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.514511][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.641760][    C0] vkms_vblank_simulate: vblank timer overrun
[  445.731965][T12144] random: crng reseeded on system resumption
[  445.796798][T12144] Restarting kernel threads ... done.
[  446.623152][   T66] hsr_slave_0: left promiscuous mode
[  446.645728][   T66] hsr_slave_1: left promiscuous mode
[  446.649363][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  446.663067][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[  446.692916][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  446.696866][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[  446.769701][    C0] vkms_vblank_simulate: vblank timer overrun
[  446.776922][   T66] veth1_macvtap: left promiscuous mode
[  446.780800][   T66] veth0_macvtap: left promiscuous mode
[  446.795905][   T66] veth1_vlan: left promiscuous mode
[  446.798070][   T66] veth0_vlan: left promiscuous mode
[  446.893710][    C0] vkms_vblank_simulate: vblank timer overrun
[  447.158744][    C0] vkms_vblank_simulate: vblank timer overrun
[  447.459575][    C0] vkms_vblank_simulate: vblank timer overrun
[  449.843336][T12175] block nbd1: shutting down sockets
[  451.992241][ T5985] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  452.174190][ T5985] usb 8-1: Using ep0 maxpacket: 8
[  452.196174][ T5985] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  452.207879][ T5985] usb 8-1: config 0 has no interface number 0
[  452.222833][ T5985] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  452.228508][ T5985] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  452.232876][ T5985] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.249290][ T5985] usb 8-1: config 0 descriptor??
[  452.277548][ T5985] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  452.494784][ T5985] usb 8-1: USB disconnect, device number 23
[  452.796437][   T66] team0 (unregistering): Port device team_slave_1 removed
[  452.932293][ T6469] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  453.150125][   T66] team0 (unregistering): Port device team_slave_0 removed
[  453.174497][ T6469] usb 8-1: config index 0 descriptor too short (expected 92, got 76)
[  453.177302][ T6469] usb 8-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  453.182840][ T6469] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  453.188439][ T6469] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  453.219658][ T6469] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  453.223075][ T6469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.225938][ T6469] usb 8-1: Product: syz
[  453.228254][ T6469] usb 8-1: Manufacturer: syz
[  453.231413][ T6469] usb 8-1: SerialNumber: syz
[  453.479998][ T6469] usb 8-1: USB disconnect, device number 24
[  454.212595][   T65] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  454.382202][   T65] usb 8-1: Using ep0 maxpacket: 8
[  454.386450][   T65] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  454.389383][   T65] usb 8-1: config 0 has no interface number 0
[  454.393889][   T65] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  454.398207][   T65] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  454.401776][   T65] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.419871][   T65] usb 8-1: config 0 descriptor??
[  454.430683][   T65] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  454.631664][    C2] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  454.641675][   T65] usb 8-1: USB disconnect, device number 25
[  456.167111][T12169] netlink: 'syz.1.1345': attribute type 21 has an invalid length.
[  456.469344][T12197] random: crng reseeded on system resumption
[  457.469982][    C0] vkms_vblank_simulate: vblank timer overrun
[  457.749609][    C0] vkms_vblank_simulate: vblank timer overrun
[  458.336120][T12230] 9p: Unknown Cache mode or invalid value fscach
[  458.385568][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.026143][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.838304][    C0] vkms_vblank_simulate: vblank timer overrun
[  461.589689][   T35] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  461.752202][   T35] usb 6-1: Using ep0 maxpacket: 8
[  461.755780][   T35] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  461.760273][   T35] usb 6-1: config 0 has no interface number 0
[  461.764540][   T35] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  461.770530][   T35] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  461.775981][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.798238][   T35] usb 6-1: config 0 descriptor??
[  461.809400][   T35] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  462.006472][   T59] usb 6-1: USB disconnect, device number 44
[  462.502275][   T59] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  462.674250][   T59] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  462.677930][   T59] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  462.684228][   T59] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  462.688178][   T59] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  462.697446][   T59] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  462.701717][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.705787][   T59] usb 6-1: Product: syz
[  462.707957][   T59] usb 6-1: Manufacturer: syz
[  462.710871][   T59] usb 6-1: SerialNumber: syz
[  462.947779][   T59] usb 6-1: USB disconnect, device number 45
[  463.693301][   T30] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  463.866718][   T30] usb 6-1: Using ep0 maxpacket: 8
[  463.883190][   T30] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  463.887694][   T30] usb 6-1: config 0 has no interface number 0
[  463.900897][   T30] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  463.921730][   T30] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  463.925751][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.977081][   T30] usb 6-1: config 0 descriptor??
[  464.051269][   T30] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  464.275834][   T65] usb 6-1: USB disconnect, device number 46
[  464.293205][    C2] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  466.096210][T12300] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1362'.
[  466.877439][    C2] vkms_vblank_simulate: vblank timer overrun
[  467.340571][T12313] random: crng reseeded on system resumption
[  467.368843][T12313] Restarting kernel threads ... done.
[  468.992591][T12283] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  469.175055][T12283] usb 10-1: Using ep0 maxpacket: 8
[  469.185437][T12283] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  469.197936][T12283] usb 10-1: config 0 has no interface number 0
[  469.200749][T12283] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  469.206509][T12283] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  469.212651][T12283] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.244529][T12283] usb 10-1: config 0 descriptor??
[  469.266279][T12283] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  469.465534][T12283] usb 10-1: USB disconnect, device number 2
[  469.992249][T12283] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  470.146270][T12283] usb 10-1: config index 0 descriptor too short (expected 92, got 76)
[  470.150172][T12283] usb 10-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  470.158668][T12283] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  470.185626][T12283] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  470.209843][T12283] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  470.212826][T12283] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.215460][T12283] usb 10-1: Product: syz
[  470.216851][T12283] usb 10-1: Manufacturer: syz
[  470.219350][T12283] usb 10-1: SerialNumber: syz
[  470.444259][T12283] usb 10-1: USB disconnect, device number 3
[  471.218424][T12283] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  471.383556][T12283] usb 10-1: Using ep0 maxpacket: 8
[  471.415625][T12283] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  471.418617][T12283] usb 10-1: config 0 has no interface number 0
[  471.420656][T12283] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  471.429442][T12283] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  471.454336][T12283] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.469734][T12283] usb 10-1: config 0 descriptor??
[  471.496362][T12283] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  471.704999][    C1] iowarrior 10-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  471.723673][   T30] usb 10-1: USB disconnect, device number 4
[  473.057173][T12377] netlink: 18128 bytes leftover after parsing attributes in process `syz.5.1371'.
[  473.384108][T12390] random: crng reseeded on system resumption
[  473.516442][T12390] Restarting kernel threads ... done.
[  476.425949][T12418] random: crng reseeded on system resumption
[  477.322284][   T30] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  477.502498][   T30] usb 8-1: Using ep0 maxpacket: 8
[  477.509465][   T30] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  477.539089][   T30] usb 8-1: config 0 has no interface number 0
[  477.579296][   T30] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  477.641357][   T30] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  477.695016][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.701601][   T30] usb 8-1: config 0 descriptor??
[  477.719877][   T30] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  477.914414][   T30] usb 8-1: USB disconnect, device number 26
[  478.077790][T12432] netlink: 18128 bytes leftover after parsing attributes in process `syz.1.1382'.
[  478.520235][   T30] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  478.808335][   T30] usb 8-1: config index 0 descriptor too short (expected 92, got 76)
[  478.825729][   T30] usb 8-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  478.829400][   T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  478.860472][   T30] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  478.906111][   T30] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  478.910343][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.923094][   T30] usb 8-1: Product: syz
[  478.926161][   T30] usb 8-1: Manufacturer: syz
[  478.937844][   T30] usb 8-1: SerialNumber: syz
[  479.297640][   T30] usb 8-1: USB disconnect, device number 27
[  479.912171][   T65] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  480.082976][   T65] usb 8-1: Using ep0 maxpacket: 8
[  480.086665][   T65] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  480.091838][   T65] usb 8-1: config 0 has no interface number 0
[  480.096673][   T65] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  480.115765][   T65] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  480.124147][   T65] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.158189][   T65] usb 8-1: config 0 descriptor??
[  480.185080][   T65] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  480.398982][    C2] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  480.404348][  T834] usb 8-1: USB disconnect, device number 28
[  481.472231][T12445] netlink: 'syz.3.1385': attribute type 21 has an invalid length.
[  481.658715][T12447] netlink: 'syz.5.1386': attribute type 21 has an invalid length.
[  482.129292][T12454] block nbd5: shutting down sockets
[  482.339307][T12456] block nbd3: shutting down sockets
[  482.710678][T12453] syz.5.1386: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  482.718801][T12453] CPU: 2 UID: 0 PID: 12453 Comm: syz.5.1386 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  482.718823][T12453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  482.718832][T12453] Call Trace:
[  482.718883][T12453]  <TASK>
[  482.718890][T12453]  dump_stack_lvl+0x16c/0x1f0
[  482.719130][T12453]  warn_alloc+0x24d/0x3a0
[  482.719256][T12453]  ? __pfx_warn_alloc+0x10/0x10
[  482.719285][T12453]  ? __get_vm_area_node+0x1b0/0x2f0
[  482.719380][T12453]  ? __get_vm_area_node+0x1dc/0x2f0
[  482.719410][T12453]  __vmalloc_node_range_noprof+0x1102/0x1530
[  482.719438][T12453]  ? hash_netiface_create+0x3ea/0x1250
[  482.719611][T12453]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  482.719635][T12453]  ? rcu_is_watching+0x12/0xc0
[  482.719694][T12453]  ? trace_kmalloc+0x2d/0xd0
[  482.719711][T12453]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  482.719771][T12453]  ? hash_netiface_create+0x3ea/0x1250
[  482.719796][T12453]  __kvmalloc_node_noprof+0x14f/0x1a0
[  482.719819][T12453]  ? hash_netiface_create+0x3ea/0x1250
[  482.719845][T12453]  hash_netiface_create+0x3ea/0x1250
[  482.719872][T12453]  ? __nla_validate_parse+0x2866/0x2880
[  482.720026][T12453]  ? __pfx_hash_netiface_create+0x10/0x10
[  482.720052][T12453]  ip_set_create+0x7cb/0x14d0
[  482.720072][T12453]  ? __pfx_ip_set_create+0x10/0x10
[  482.720105][T12453]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  482.720164][T12453]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  482.720191][T12453]  ? find_held_lock+0x2d/0x110
[  482.720237][T12453]  netlink_rcv_skb+0x16b/0x440
[  482.720284][T12453]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  482.720307][T12453]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  482.720326][T12453]  ? __pfx_aa_get_newest_label+0x10/0x10
[  482.720386][T12453]  ? bpf_lsm_capable+0x9/0x10
[  482.720405][T12453]  ? security_capable+0x7e/0x260
[  482.720447][T12453]  ? ns_capable+0xd7/0x110
[  482.720472][T12453]  nfnetlink_rcv+0x1b4/0x430
[  482.720495][T12453]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  482.720514][T12453]  ? netlink_deliver_tap+0x1ae/0xd30
[  482.720533][T12453]  netlink_unicast+0x53c/0x7f0
[  482.720553][T12453]  ? __pfx_netlink_unicast+0x10/0x10
[  482.720570][T12453]  ? __phys_addr_symbol+0x30/0x80
[  482.720584][T12453]  ? __check_object_size+0x488/0x710
[  482.720601][T12453]  netlink_sendmsg+0x8b8/0xd70
[  482.720622][T12453]  ? __pfx_netlink_sendmsg+0x10/0x10
[  482.720646][T12453]  ____sys_sendmsg+0xaaf/0xc90
[  482.720688][T12453]  ? __pfx_____sys_sendmsg+0x10/0x10
[  482.720705][T12453]  ? get_compat_msghdr+0x11b/0x170
[  482.720754][T12453]  ___sys_sendmsg+0x135/0x1e0
[  482.720779][T12453]  ? __pfx____sys_sendmsg+0x10/0x10
[  482.720809][T12453]  ? __pfx_lock_release+0x10/0x10
[  482.720831][T12453]  ? trace_lock_acquire+0x14e/0x1f0
[  482.720854][T12453]  ? __fget_files+0x206/0x3a0
[  482.720882][T12453]  __sys_sendmsg+0x16e/0x220
[  482.720903][T12453]  ? __pfx___sys_sendmsg+0x10/0x10
[  482.720921][T12453]  ? __ia32_sys_futex_time32+0x1da/0x460
[  482.720952][T12453]  __do_fast_syscall_32+0x73/0x120
[  482.720999][T12453]  do_fast_syscall_32+0x32/0x80
[  482.721018][T12453]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  482.721044][T12453] RIP: 0023:0xf7f14579
[  482.721059][T12453] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  482.721073][T12453] RSP: 002b:00000000f4bd155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  482.721088][T12453] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000100
[  482.721096][T12453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  482.721103][T12453] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  482.721111][T12453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.721118][T12453] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  482.721134][T12453]  </TASK>
[  482.721142][T12453] Mem-Info:
[  483.014488][T12453] active_anon:2497 inactive_anon:715 isolated_anon:0
[  483.014488][T12453]  active_file:1269 inactive_file:11054 isolated_file:0
[  483.014488][T12453]  unevictable:1768 dirty:215 writeback:0
[  483.014488][T12453]  slab_reclaimable:7328 slab_unreclaimable:56971
[  483.014488][T12453]  mapped:29156 shmem:2121 pagetables:950
[  483.014488][T12453]  sec_pagetables:325 bounce:0
[  483.014488][T12453]  kernel_misc_reclaimable:0
[  483.014488][T12453]  free:60846 free_pcp:814 free_cma:0
[  483.056772][T12453] Node 0 active_anon:4516kB inactive_anon:1488kB active_file:2792kB inactive_file:6856kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5144kB dirty:0kB writeback:0kB shmem:4804kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9564kB pagetables:1164kB sec_pagetables:1148kB all_unreclaimable? yes
[  483.351411][T12453] Node 1 active_anon:16976kB inactive_anon:1372kB active_file:2284kB inactive_file:37360kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:122932kB dirty:860kB writeback:0kB shmem:15092kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2604kB pagetables:2604kB sec_pagetables:152kB all_unreclaimable? no
[  483.403146][T12453] Node 0 DMA free:2844kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:148kB inactive_anon:24kB active_file:172kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:224kB local_pcp:156kB free_cma:0kB
[  483.417845][T12453] lowmem_reserve[]: 0 294 0 0 0
[  483.420657][T12453] Node 0 DMA32 free:20476kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:4356kB inactive_anon:1464kB active_file:2620kB inactive_file:6848kB unevictable:3536kB writepending:0kB present:1032196kB managed:301744kB mlocked:0kB bounce:0kB free_pcp:764kB local_pcp:200kB free_cma:0kB
[  483.437271][T12453] lowmem_reserve[]: 0 0 0 0 0
[  483.439951][T12453] Node 1 DMA32 free:209168kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:16988kB inactive_anon:1372kB active_file:2284kB inactive_file:37368kB unevictable:3536kB writepending:868kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:2036kB local_pcp:408kB free_cma:0kB
[  483.457918][T12453] lowmem_reserve[]: 0 0 0 0 0
[  483.460113][T12453] Node 0 DMA: 1*4kB (M) 17*8kB (UME) 25*16kB (UME) 34*32kB (UME) 19*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2844kB
[  483.480181][T12453] Node 0 DMA32: 195*4kB (UME) 40*8kB (UE) 55*16kB (UE) 124*32kB (UMEH) 77*64kB (UMEH) 23*128kB (UMEH) 12*256kB (UMH) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 20476kB
[  483.494900][T12453] Node 1 DMA32: 60*4kB (UMEH) 54*8kB (UMEH) 49*16kB (UMEH) 265*32kB (UMEH) 334*64kB (UMEH) 155*128kB (UMEH) 79*256kB (UME) 61*512kB (UM) 98*1024kB (UM) 3*2048kB (UM) 0*4096kB = 209104kB
[  483.518358][T12453] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  483.529443][T12453] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  483.538360][T12453] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  483.552580][T12453] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  483.562227][T12453] 17773 total pagecache pages
[  483.566803][T12453] 454 pages in swap cache
[  483.568640][T12453] Free swap  = 112112kB
[  483.570272][T12453] Total swap = 124996kB
[  483.572196][T12453] 524155 pages RAM
[  483.573866][T12453] 0 pages HighMem/MovableOnly
[  483.575951][T12453] 207816 pages reserved
[  483.596290][T12453] 0 pages cma reserved
[  484.135048][T12464] random: crng reseeded on system resumption
[  484.662220][T12283] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  484.826135][T12283] usb 6-1: Using ep0 maxpacket: 8
[  484.831776][T12283] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  484.837469][T12283] usb 6-1: config 0 has no interface number 0
[  484.840579][T12283] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  484.846000][T12283] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  484.851784][T12283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.864955][T12283] usb 6-1: config 0 descriptor??
[  484.874049][T12283] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  485.111111][   T30] usb 6-1: USB disconnect, device number 47
[  485.419785][T12476] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1391'.
[  485.942266][   T65] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  486.110686][   T65] usb 8-1: Using ep0 maxpacket: 8
[  486.151352][   T65] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  486.169681][   T65] usb 8-1: config 0 has no interface number 0
[  486.172206][   T30] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  486.174619][   T65] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  486.229680][   T65] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  486.240717][   T65] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.249544][   T65] usb 8-1: config 0 descriptor??
[  486.270384][   T65] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  486.338249][T12485] 9p: Unknown Cache mode or invalid value fscach
[  486.396033][T12487] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1395'.
[  486.449811][   T30] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  486.454136][   T30] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  486.470735][   T65] usb 8-1: USB disconnect, device number 29
[  486.472585][   T30] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  486.534918][   T30] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  486.568449][   T30] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  486.571781][   T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.574791][   T30] usb 6-1: Product: syz
[  486.576403][   T30] usb 6-1: Manufacturer: syz
[  486.594028][   T30] usb 6-1: SerialNumber: syz
[  486.863911][   T30] usb 6-1: USB disconnect, device number 48
[  487.206180][   T65] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  487.387602][   T65] usb 8-1: config index 0 descriptor too short (expected 92, got 76)
[  487.393314][   T65] usb 8-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  487.417563][   T65] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  487.425645][   T65] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  487.478561][   T65] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  487.482822][   T65] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.486125][   T65] usb 8-1: Product: syz
[  487.488855][   T65] usb 8-1: Manufacturer: syz
[  487.494468][   T65] usb 8-1: SerialNumber: syz
[  487.582816][  T834] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  487.762470][  T834] usb 6-1: Using ep0 maxpacket: 8
[  487.767457][  T834] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  487.776318][  T834] usb 6-1: config 0 has no interface number 0
[  487.780508][  T834] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  487.788019][  T834] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  487.802852][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.808985][   T65] usb 8-1: USB disconnect, device number 30
[  487.828433][  T834] usb 6-1: config 0 descriptor??
[  487.855075][  T834] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  487.927605][T12499] netlink: 'syz.5.1398': attribute type 21 has an invalid length.
[  488.058438][   T59] usb 6-1: USB disconnect, device number 49
[  488.062504][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  488.447408][T12504] block nbd5: shutting down sockets
[  488.693496][T11648] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  488.854108][T11648] usb 8-1: Using ep0 maxpacket: 8
[  488.903356][T11648] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  488.912653][T11648] usb 8-1: config 0 has no interface number 0
[  488.930984][T11648] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  488.983212][T11648] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  488.986159][T11648] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.294212][T11648] usb 8-1: config 0 descriptor??
[  489.433800][T11648] usb 8-1: can't set config #0, error -71
[  489.462030][T11648] usb 8-1: USB disconnect, device number 31
[  489.817058][  T834] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  490.002296][  T834] usb 6-1: Using ep0 maxpacket: 8
[  490.009376][  T834] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  490.015443][  T834] usb 6-1: config 0 has no interface number 0
[  490.044152][  T834] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  490.061770][  T834] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  490.079161][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.128284][  T834] usb 6-1: config 0 descriptor??
[  490.148006][  T834] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  490.352112][  T834] usb 6-1: USB disconnect, device number 50
[  490.671214][T12522] random: crng reseeded on system resumption
[  490.682529][T12522] Restarting kernel threads ... done.
[  490.912133][  T834] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  490.930409][T12524] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1401'.
[  491.076389][T12528] netlink: 'syz.5.1403': attribute type 21 has an invalid length.
[  491.082741][  T834] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  491.098733][  T834] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  491.113478][  T834] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  491.140958][  T834] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  491.168763][  T834] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  491.174033][  T834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.182726][  T834] usb 6-1: Product: syz
[  491.190430][  T834] usb 6-1: Manufacturer: syz
[  491.193861][  T834] usb 6-1: SerialNumber: syz
[  491.442985][  T834] usb 6-1: USB disconnect, device number 51
[  491.598414][T12537] netlink: 'syz.2.1405': attribute type 21 has an invalid length.
[  492.157722][T12283] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  492.316775][T12283] usb 6-1: Using ep0 maxpacket: 8
[  492.320618][T12283] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  492.324269][T12283] usb 6-1: config 0 has no interface number 0
[  492.326587][T12283] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  492.358939][T12542] block nbd2: shutting down sockets
[  492.366143][T12283] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  492.382092][T12283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.396118][T12283] usb 6-1: config 0 descriptor??
[  492.403509][T12283] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  492.595645][T12532] block nbd5: shutting down sockets
[  492.606615][T12283] usb 6-1: USB disconnect, device number 52
[  492.609263][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  493.314630][T12541] warn_alloc: 3 callbacks suppressed
[  493.314654][T12541] syz.2.1405: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  493.341655][T12541] CPU: 3 UID: 0 PID: 12541 Comm: syz.2.1405 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  493.341940][T12541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  493.341953][T12541] Call Trace:
[  493.341961][T12541]  <TASK>
[  493.341970][T12541]  dump_stack_lvl+0x16c/0x1f0
[  493.342168][T12541]  warn_alloc+0x24d/0x3a0
[  493.342204][T12541]  ? __pfx_warn_alloc+0x10/0x10
[  493.342241][T12541]  ? __get_vm_area_node+0x1b0/0x2f0
[  493.342263][T12541]  ? __get_vm_area_node+0x1dc/0x2f0
[  493.342291][T12541]  __vmalloc_node_range_noprof+0x1102/0x1530
[  493.342324][T12541]  ? hash_netiface_create+0x3ea/0x1250
[  493.342445][T12541]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  493.342473][T12541]  ? rcu_is_watching+0x12/0xc0
[  493.342495][T12541]  ? trace_kmalloc+0x2d/0xd0
[  493.342513][T12541]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  493.342536][T12541]  ? hash_netiface_create+0x3ea/0x1250
[  493.342993][T12541]  __kvmalloc_node_noprof+0x14f/0x1a0
[  493.343855][T12541]  ? hash_netiface_create+0x3ea/0x1250
[  493.343907][T12541]  hash_netiface_create+0x3ea/0x1250
[  493.343940][T12541]  ? __nla_validate_parse+0x2866/0x2880
[  493.343965][T12541]  ? __pfx_hash_netiface_create+0x10/0x10
[  493.343996][T12541]  ip_set_create+0x7cb/0x14d0
[  493.344018][T12541]  ? __pfx_ip_set_create+0x10/0x10
[  493.344060][T12541]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  493.344096][T12541]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  493.344124][T12541]  ? find_held_lock+0x2d/0x110
[  493.344174][T12541]  netlink_rcv_skb+0x16b/0x440
[  493.344201][T12541]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  493.344230][T12541]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  493.344254][T12541]  ? __pfx_aa_get_newest_label+0x10/0x10
[  493.344287][T12541]  ? bpf_lsm_capable+0x9/0x10
[  493.344306][T12541]  ? security_capable+0x7e/0x260
[  493.344336][T12541]  ? ns_capable+0xd7/0x110
[  493.344364][T12541]  nfnetlink_rcv+0x1b4/0x430
[  493.344396][T12541]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  493.344422][T12541]  ? netlink_deliver_tap+0x1ae/0xd30
[  493.344449][T12541]  netlink_unicast+0x53c/0x7f0
[  493.344476][T12541]  ? __pfx_netlink_unicast+0x10/0x10
[  493.344502][T12541]  ? __phys_addr_symbol+0x30/0x80
[  493.344522][T12541]  ? __check_object_size+0x488/0x710
[  493.344545][T12541]  netlink_sendmsg+0x8b8/0xd70
[  493.344573][T12541]  ? __pfx_netlink_sendmsg+0x10/0x10
[  493.344606][T12541]  ____sys_sendmsg+0xaaf/0xc90
[  493.344627][T12541]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.344643][T12541]  ? get_compat_msghdr+0x11b/0x170
[  493.344673][T12541]  ___sys_sendmsg+0x135/0x1e0
[  493.344696][T12541]  ? __pfx____sys_sendmsg+0x10/0x10
[  493.344729][T12541]  ? __pfx_lock_release+0x10/0x10
[  493.344753][T12541]  ? trace_lock_acquire+0x14e/0x1f0
[  493.344781][T12541]  ? __fget_files+0x206/0x3a0
[  493.344813][T12541]  __sys_sendmsg+0x16e/0x220
[  493.344838][T12541]  ? __pfx___sys_sendmsg+0x10/0x10
[  493.344862][T12541]  ? __ia32_sys_futex_time32+0x1da/0x460
[  493.344902][T12541]  __do_fast_syscall_32+0x73/0x120
[  493.344944][T12541]  do_fast_syscall_32+0x32/0x80
[  493.344968][T12541]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  493.344998][T12541] RIP: 0023:0xf7f70579
[  493.345014][T12541] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  493.345032][T12541] RSP: 002b:00000000f4c3155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  493.345050][T12541] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000100
[  493.345060][T12541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  493.345070][T12541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  493.345080][T12541] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  493.345110][T12541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  493.345133][T12541]  </TASK>
[  493.566325][T12541] Mem-Info:
[  493.567973][T12541] active_anon:1513 inactive_anon:1620 isolated_anon:0
[  493.567973][T12541]  active_file:1201 inactive_file:8679 isolated_file:0
[  493.567973][T12541]  unevictable:1768 dirty:162 writeback:0
[  493.567973][T12541]  slab_reclaimable:7320 slab_unreclaimable:56676
[  493.567973][T12541]  mapped:27220 shmem:2127 pagetables:970
[  493.567973][T12541]  sec_pagetables:325 bounce:0
[  493.567973][T12541]  kernel_misc_reclaimable:0
[  493.567973][T12541]  free:53850 free_pcp:9586 free_cma:0
[  493.606172][T12541] Node 0 active_anon:4392kB inactive_anon:1488kB active_file:2792kB inactive_file:6864kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4896kB dirty:0kB writeback:0kB shmem:4804kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9520kB pagetables:1040kB sec_pagetables:1148kB all_unreclaimable? yes
[  493.657421][T12541] Node 1 active_anon:1660kB inactive_anon:4992kB active_file:2012kB inactive_file:27852kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:103984kB dirty:648kB writeback:0kB shmem:3704kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2676kB pagetables:2840kB sec_pagetables:152kB all_unreclaimable? no
[  493.688157][T12541] Node 0 DMA free:2972kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:152kB inactive_anon:24kB active_file:172kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB
[  493.721644][T12541] lowmem_reserve[]: 0 294 0 0 0
[  493.724146][T12541] Node 0 DMA32 free:20540kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:4240kB inactive_anon:1464kB active_file:2620kB inactive_file:6856kB unevictable:3536kB writepending:0kB present:1032196kB managed:301744kB mlocked:0kB bounce:0kB free_pcp:384kB local_pcp:16kB free_cma:0kB
[  493.744280][T12541] lowmem_reserve[]: 0 0 0 0 0
[  493.750290][T12541] Node 1 DMA32 free:191888kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:1660kB inactive_anon:4992kB active_file:2012kB inactive_file:27852kB unevictable:3536kB writepending:648kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:37924kB local_pcp:3552kB free_cma:0kB
[  493.762560][T12541] lowmem_reserve[]: 0 0 0 0 0
[  493.764351][T12541] Node 0 DMA: 17*4kB (UM) 23*8kB (UME) 26*16kB (UME) 34*32kB (UME) 19*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2972kB
[  493.770289][T12541] Node 0 DMA32: 181*4kB (UME) 91*8kB (UME) 69*16kB (UME) 108*32kB (UMEH) 77*64kB (UMEH) 23*128kB (UMEH) 12*256kB (UMH) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 20540kB
[  493.842302][T12541] Node 1 DMA32: 61*4kB (UMEH) 635*8kB (MEH) 408*16kB (UMEH) 285*32kB (UMEH) 172*64kB (UMEH) 86*128kB (UMEH) 65*256kB (UME) 58*512kB (UM) 101*1024kB (UM) 1*2048kB (U) 0*4096kB = 194796kB
[  493.857542][T12541] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  493.892184][T12541] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  493.929528][T12541] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  493.942163][T12541] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  493.959273][T12541] 12412 total pagecache pages
[  494.016470][T12541] 402 pages in swap cache
[  494.164950][T12541] Free swap  = 111356kB
[  494.167042][T12541] Total swap = 124996kB
[  494.169191][T12541] 524155 pages RAM
[  494.194801][T12541] 0 pages HighMem/MovableOnly
[  494.218327][T12541] 207816 pages reserved
[  494.223686][T12541] 0 pages cma reserved
[  495.573525][T12557] 9p: Unknown Cache mode or invalid value fscach
[  495.767695][T12558] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1410'.
[  496.254722][T12562] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  496.524029][T12568] random: crng reseeded on system resumption
[  496.555333][    C0] vkms_vblank_simulate: vblank timer overrun
[  496.715139][    C0] vkms_vblank_simulate: vblank timer overrun
[  497.623411][T12579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  497.694701][T12579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  498.013204][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.128462][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.279728][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.332259][  T834] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  498.492273][  T834] usb 10-1: Using ep0 maxpacket: 8
[  498.501589][  T834] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  498.505129][  T834] usb 10-1: config 0 has no interface number 0
[  498.513936][  T834] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  498.524313][  T834] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  498.530131][  T834] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.543857][  T834] usb 10-1: config 0 descriptor??
[  498.565536][  T834] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  498.777564][  T834] usb 10-1: USB disconnect, device number 5
[  498.825512][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.945931][    C0] vkms_vblank_simulate: vblank timer overrun
[  498.981123][    C0] vkms_vblank_simulate: vblank timer overrun
[  499.020180][    C0] vkms_vblank_simulate: vblank timer overrun
[  499.337483][  T834] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  499.497603][  T834] usb 10-1: config index 0 descriptor too short (expected 92, got 76)
[  499.501394][  T834] usb 10-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  499.518116][  T834] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  499.523442][  T834] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  499.552046][  T834] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  499.555805][  T834] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.572444][  T834] usb 10-1: Product: syz
[  499.574306][  T834] usb 10-1: Manufacturer: syz
[  499.576585][  T834] usb 10-1: SerialNumber: syz
[  499.801619][  T834] usb 10-1: USB disconnect, device number 6
[  500.276684][T12594] random: crng reseeded on system resumption
[  500.304763][T12594] Restarting kernel threads ... done.
[  500.642371][ T6001] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  500.802529][ T6001] usb 10-1: Using ep0 maxpacket: 8
[  500.806588][ T6001] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  500.810085][ T6001] usb 10-1: config 0 has no interface number 0
[  500.812566][ T6001] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  500.817644][ T6001] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  500.822460][ T6001] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.835447][ T6001] usb 10-1: config 0 descriptor??
[  500.853187][ T6001] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  501.032543][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.047113][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  501.050902][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  501.071638][T11978] usb 10-1: USB disconnect, device number 7
[  501.127475][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.127681][    C0] iowarrior 10-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  501.277035][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.331237][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.374286][T12613] random: crng reseeded on system resumption
[  502.410193][T12613] Restarting kernel threads ... done.
[  502.631571][T12616] netlink: 18128 bytes leftover after parsing attributes in process `syz.1.1426'.
[  502.796918][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.913806][T12618] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  503.735287][T12622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  503.781843][T12621] netlink: 'syz.5.1428': attribute type 21 has an invalid length.
[  503.801141][T12622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  503.864404][T12626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  504.212815][T12630] block nbd5: shutting down sockets
[  504.907125][T12633] random: crng reseeded on system resumption
[  504.929093][T12633] Restarting kernel threads ... done.
[  507.142245][T11969] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  507.322199][T11969] usb 8-1: Using ep0 maxpacket: 8
[  507.326055][T11969] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  507.342303][T11969] usb 8-1: config 0 has no interface number 0
[  507.345604][T11969] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  507.369521][T11969] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  507.394544][T11969] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.518849][T11969] usb 8-1: config 0 descriptor??
[  507.540434][T11969] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  507.752622][ T6001] usb 8-1: USB disconnect, device number 32
[  508.127786][T12649] netlink: 18128 bytes leftover after parsing attributes in process `syz.5.1435'.
[  508.222241][   T59] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  508.260423][T12652] random: crng reseeded on system resumption
[  508.280387][T12652] Restarting kernel threads ... done.
[  508.395330][   T59] usb 8-1: config index 0 descriptor too short (expected 92, got 76)
[  508.398977][   T59] usb 8-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  508.414374][   T59] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  508.418216][   T59] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  508.504660][   T59] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  508.518948][   T59] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.523641][   T59] usb 8-1: Product: syz
[  508.525681][   T59] usb 8-1: Manufacturer: syz
[  508.527806][   T59] usb 8-1: SerialNumber: syz
[  508.801820][   T59] usb 8-1: USB disconnect, device number 33
[  509.115689][T12659] netlink: 18128 bytes leftover after parsing attributes in process `syz.5.1439'.
[  509.505929][   T59] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  509.683901][   T59] usb 8-1: Using ep0 maxpacket: 8
[  509.697279][   T59] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  509.711248][   T59] usb 8-1: config 0 has no interface number 0
[  509.730336][   T59] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  509.734501][   T59] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  509.741311][   T59] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.763823][   T59] usb 8-1: config 0 descriptor??
[  509.776922][   T59] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  509.989502][   T59] usb 8-1: USB disconnect, device number 34
[  509.989506][    C0] iowarrior 8-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  511.020141][T12665] netlink: 'syz.3.1441': attribute type 21 has an invalid length.
[  511.310915][T12668] block nbd3: shutting down sockets
[  511.515014][T12671] netlink: 'syz.1.1442': attribute type 21 has an invalid length.
[  511.570487][T12673] random: crng reseeded on system resumption
[  511.598853][T12673] Restarting kernel threads ... done.
[  512.566113][T12675] block nbd1: shutting down sockets
[  512.978148][T12680] netlink: 18128 bytes leftover after parsing attributes in process `syz.5.1444'.
[  512.986116][T12676] warn_alloc: 1 callbacks suppressed
[  512.986135][T12676] syz.1.1442: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  513.024350][T12676] CPU: 1 UID: 0 PID: 12676 Comm: syz.1.1442 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  513.024376][T12676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  513.024386][T12676] Call Trace:
[  513.024391][T12676]  <TASK>
[  513.024399][T12676]  dump_stack_lvl+0x16c/0x1f0
[  513.024722][T12676]  warn_alloc+0x24d/0x3a0
[  513.024866][T12676]  ? __pfx_warn_alloc+0x10/0x10
[  513.024895][T12676]  ? __get_vm_area_node+0x1b0/0x2f0
[  513.024936][T12676]  ? __get_vm_area_node+0x1dc/0x2f0
[  513.024962][T12676]  __vmalloc_node_range_noprof+0x1102/0x1530
[  513.024995][T12676]  ? hash_netiface_create+0x3ea/0x1250
[  513.025136][T12676]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  513.025154][T12676]  ? rcu_is_watching+0x12/0xc0
[  513.025204][T12676]  ? trace_kmalloc+0x2d/0xd0
[  513.025218][T12676]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  513.025271][T12676]  ? hash_netiface_create+0x3ea/0x1250
[  513.025292][T12676]  __kvmalloc_node_noprof+0x14f/0x1a0
[  513.025311][T12676]  ? hash_netiface_create+0x3ea/0x1250
[  513.025331][T12676]  hash_netiface_create+0x3ea/0x1250
[  513.025352][T12676]  ? __nla_validate_parse+0x2865/0x2880
[  513.025466][T12676]  ? __pfx_hash_netiface_create+0x10/0x10
[  513.025486][T12676]  ip_set_create+0x7cb/0x14d0
[  513.025503][T12676]  ? __pfx_ip_set_create+0x10/0x10
[  513.025532][T12676]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  513.025577][T12676]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  513.025596][T12676]  ? find_held_lock+0x2d/0x110
[  513.025632][T12676]  netlink_rcv_skb+0x16b/0x440
[  513.025673][T12676]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  513.025696][T12676]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  513.025715][T12676]  ? __pfx_aa_get_newest_label+0x10/0x10
[  513.025771][T12676]  ? bpf_lsm_capable+0x9/0x10
[  513.025788][T12676]  ? security_capable+0x7e/0x260
[  513.025825][T12676]  ? ns_capable+0xd7/0x110
[  513.025850][T12676]  nfnetlink_rcv+0x1b4/0x430
[  513.025867][T12676]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  513.025885][T12676]  ? netlink_deliver_tap+0x1ae/0xd30
[  513.025904][T12676]  netlink_unicast+0x53c/0x7f0
[  513.025922][T12676]  ? __pfx_netlink_unicast+0x10/0x10
[  513.025940][T12676]  ? __phys_addr_symbol+0x30/0x80
[  513.025956][T12676]  ? __check_object_size+0x488/0x710
[  513.025973][T12676]  netlink_sendmsg+0x8b8/0xd70
[  513.025997][T12676]  ? __pfx_netlink_sendmsg+0x10/0x10
[  513.026019][T12676]  ____sys_sendmsg+0xaaf/0xc90
[  513.026056][T12676]  ? __pfx_____sys_sendmsg+0x10/0x10
[  513.026069][T12676]  ? get_compat_msghdr+0x11b/0x170
[  513.026110][T12676]  ___sys_sendmsg+0x135/0x1e0
[  513.026130][T12676]  ? __pfx____sys_sendmsg+0x10/0x10
[  513.026155][T12676]  ? __pfx_lock_release+0x10/0x10
[  513.026172][T12676]  ? trace_lock_acquire+0x14e/0x1f0
[  513.026192][T12676]  ? __fget_files+0x206/0x3a0
[  513.026215][T12676]  __sys_sendmsg+0x16e/0x220
[  513.026233][T12676]  ? __pfx___sys_sendmsg+0x10/0x10
[  513.026252][T12676]  ? __ia32_sys_futex_time32+0x1da/0x460
[  513.026281][T12676]  __do_fast_syscall_32+0x73/0x120
[  513.026320][T12676]  do_fast_syscall_32+0x32/0x80
[  513.026336][T12676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  513.026357][T12676] RIP: 0023:0xf7fb2579
[  513.026369][T12676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  513.026382][T12676] RSP: 002b:00000000f4c7155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  513.026398][T12676] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000100
[  513.026406][T12676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  513.026413][T12676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  513.026421][T12676] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  513.026428][T12676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  513.026444][T12676]  </TASK>
[  513.026451][T12676] Mem-Info:
[  513.382453][T12676] active_anon:4903 inactive_anon:1014 isolated_anon:23
[  513.382453][T12676]  active_file:1182 inactive_file:7442 isolated_file:25
[  513.382453][T12676]  unevictable:1768 dirty:205 writeback:0
[  513.382453][T12676]  slab_reclaimable:7318 slab_unreclaimable:56937
[  513.382453][T12676]  mapped:30027 shmem:5006 pagetables:977
[  513.382453][T12676]  sec_pagetables:325 bounce:0
[  513.382453][T12676]  kernel_misc_reclaimable:0
[  513.382453][T12676]  free:61348 free_pcp:1198 free_cma:0
[  513.772220][T12676] Node 0 active_anon:4656kB inactive_anon:1488kB active_file:2792kB inactive_file:6864kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5344kB dirty:0kB writeback:0kB shmem:5080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9456kB pagetables:1040kB sec_pagetables:1148kB all_unreclaimable? yes
[  513.870907][T12676] Node 1 active_anon:15084kB inactive_anon:2560kB active_file:1968kB inactive_file:23000kB unevictable:3536kB isolated(anon):8kB isolated(file):72kB mapped:118788kB dirty:852kB writeback:0kB shmem:14948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2736kB pagetables:2764kB sec_pagetables:152kB all_unreclaimable? no
[  513.922266][T12676] Node 0 DMA free:2944kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:212kB inactive_anon:24kB active_file:172kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:60kB local_pcp:60kB free_cma:0kB
[  514.042263][T12676] lowmem_reserve[]: 0 294 0 0 0
[  514.044828][T12676] Node 0 DMA32 free:20672kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:4444kB inactive_anon:1464kB active_file:2620kB inactive_file:6856kB unevictable:3536kB writepending:0kB present:1032196kB managed:301744kB mlocked:0kB bounce:0kB free_pcp:848kB local_pcp:0kB free_cma:0kB
[  514.165851][T12676] lowmem_reserve[]: 0 0 0 0 0
[  514.172659][T12676] Node 1 DMA32 free:222320kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:15084kB inactive_anon:2560kB active_file:1968kB inactive_file:23000kB unevictable:3536kB writepending:852kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:2596kB local_pcp:1400kB free_cma:0kB
[  514.228240][T12676] lowmem_reserve[]: 0 0 0 0 0
[  514.230418][T12676] Node 0 DMA: 32*4kB (UM) 18*8kB (UME) 21*16kB (UME) 35*32kB (UME) 19*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2944kB
[  514.248985][T12676] Node 0 DMA32: 148*4kB (UE) 68*8kB (UE) 65*16kB (UME) 124*32kB (UMEH) 77*64kB (UMEH) 23*128kB (UMEH) 12*256kB (UMH) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 20672kB
[  514.268423][T12676] Node 1 DMA32: 120*4kB (UMEH) 135*8kB (UMEH) 206*16kB (UMEH) 235*32kB (UMEH) 318*64kB (UMEH) 175*128kB (UMEH) 89*256kB (UME) 74*512kB (UM) 102*1024kB (UM) 1*2048kB (M) 0*4096kB = 222296kB
[  514.282267][T12676] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  514.286515][T12676] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  514.322234][T12676] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  514.326576][T12676] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  514.373370][T12676] 14135 total pagecache pages
[  514.377638][T12676] 454 pages in swap cache
[  514.380017][T12676] Free swap  = 111372kB
[  514.411226][T12676] Total swap = 124996kB
[  514.413229][T12676] 524155 pages RAM
[  514.414680][T12676] 0 pages HighMem/MovableOnly
[  514.444147][T12676] 207816 pages reserved
[  514.445668][T12676] 0 pages cma reserved
[  514.624430][T12688] random: crng reseeded on system resumption
[  514.657180][T12688] Restarting kernel threads ... done.
[  515.046986][T12689] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1446'.
[  515.157149][ T5985] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[  515.333355][ T5985] usb 7-1: Using ep0 maxpacket: 8
[  515.343015][ T5985] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  515.347440][ T5985] usb 7-1: config 0 has no interface number 0
[  515.359760][ T5985] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  515.425883][ T5985] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  515.517550][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.582863][ T5985] usb 7-1: config 0 descriptor??
[  515.615679][ T5985] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  515.819736][ T1329] usb 7-1: USB disconnect, device number 44
[  516.296651][  T834] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[  516.469497][  T834] usb 7-1: config index 0 descriptor too short (expected 92, got 76)
[  516.495069][  T834] usb 7-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  516.514582][  T834] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  516.522087][  T834] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  516.554479][  T834] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  516.558729][  T834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.561310][  T834] usb 7-1: Product: syz
[  516.563117][  T834] usb 7-1: Manufacturer: syz
[  516.564561][  T834] usb 7-1: SerialNumber: syz
[  516.825037][  T834] usb 7-1: USB disconnect, device number 45
[  517.542992][ T5985] usb 7-1: new high-speed USB device number 46 using dummy_hcd
[  517.702325][ T5985] usb 7-1: Using ep0 maxpacket: 8
[  517.755422][ T5985] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  517.767839][ T5985] usb 7-1: config 0 has no interface number 0
[  517.774807][ T5985] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  517.799504][ T5985] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  517.816048][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.823800][ T5985] usb 7-1: config 0 descriptor??
[  517.848225][ T5985] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  518.077783][ T5985] usb 7-1: USB disconnect, device number 46
[  518.087646][    C0] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  519.192320][T12707] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.1453'.
[  519.255025][T12709] netlink: 'syz.2.1454': attribute type 21 has an invalid length.
[  519.957339][T12713] block nbd2: shutting down sockets
[  520.170049][T12717] random: crng reseeded on system resumption
[  520.280626][T12720] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  520.932309][T12725] netlink: 'syz.5.1458': attribute type 21 has an invalid length.
[  521.965071][T12739] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  522.052455][T12740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  522.143542][ T5950] block nbd5: Receive control failed (result -104)
[  522.223647][T12726] block nbd5: shutting down sockets
[  522.260137][T12738] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.1459'.
[  522.267195][T12739] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  525.491283][T12759] random: crng reseeded on system resumption
[  525.556576][T12759] Restarting kernel threads ... done.
[  527.941494][T12775] netlink: 'syz.1.1468': attribute type 21 has an invalid length.
[  528.044175][T12778] random: crng reseeded on system resumption
[  528.087953][T12778] Restarting kernel threads ... done.
[  528.421369][T12784] block nbd1: shutting down sockets
[  530.037644][T12798] random: crng reseeded on system resumption
[  530.063632][T12798] Restarting kernel threads ... done.
[  530.336086][T12803] netlink: 'syz.3.1475': attribute type 21 has an invalid length.
[  531.302203][ T5950] block nbd3: Receive control failed (result -104)
[  531.356825][T12806] block nbd3: shutting down sockets
[  534.362342][ T6001] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  534.512125][ T6001] usb 6-1: Using ep0 maxpacket: 8
[  534.531299][ T6001] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  534.535079][ T6001] usb 6-1: config 0 has no interface number 0
[  534.546667][ T6001] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  534.560146][ T6001] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  534.563989][ T6001] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.576514][ T6001] usb 6-1: config 0 descriptor??
[  534.598208][ T6001] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  534.797688][ T6001] usb 6-1: USB disconnect, device number 53
[  535.248566][ T6001] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  535.483686][ T6001] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  535.491365][ T6001] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  535.499357][ T6001] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  535.504271][ T6001] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  535.588515][ T6001] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  535.593758][ T6001] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.603188][T12834] random: crng reseeded on system resumption
[  535.608822][ T6001] usb 6-1: Product: syz
[  535.612561][ T6001] usb 6-1: Manufacturer: syz
[  535.614533][ T6001] usb 6-1: SerialNumber: syz
[  535.846659][T12834] Restarting kernel threads ... done.
[  535.848975][ T6001] usb 6-1: USB disconnect, device number 54
[  536.577145][T12283] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  536.722228][T12283] usb 6-1: Using ep0 maxpacket: 8
[  536.735758][T12283] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  536.758237][T12283] usb 6-1: config 0 has no interface number 0
[  536.761952][T12283] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  536.788936][T12283] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  536.798259][T12283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.834088][T12283] usb 6-1: config 0 descriptor??
[  536.882763][T12283] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  537.047967][T12842] netlink: 18128 bytes leftover after parsing attributes in process `syz.3.1484'.
[  537.060051][T12283] usb 6-1: USB disconnect, device number 55
[  537.062965][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  537.247877][T12846] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.1486'.
[  537.308817][T12848] random: crng reseeded on system resumption
[  537.355054][T12848] Restarting kernel threads ... done.
[  539.435173][T12871] random: crng reseeded on system resumption
[  539.472275][T12871] Restarting kernel threads ... done.
[  539.662272][ T6007] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[  539.834600][ T6007] usb 7-1: Using ep0 maxpacket: 8
[  539.870445][ T6007] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  539.875663][ T6007] usb 7-1: config 0 has no interface number 0
[  539.880731][ T6007] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  539.888305][ T6007] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  539.896410][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.932196][ T6007] usb 7-1: config 0 descriptor??
[  539.981913][ T6007] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  540.204823][ T6007] usb 7-1: USB disconnect, device number 47
[  540.755583][ T5985] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[  540.792544][    C3] vkms_vblank_simulate: vblank timer overrun
[  540.951120][ T5985] usb 7-1: config index 0 descriptor too short (expected 92, got 76)
[  540.954665][ T5985] usb 7-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  540.959454][ T5985] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  540.970026][ T5985] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  540.996926][ T5985] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  541.007231][ T5985] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.012431][ T5985] usb 7-1: Product: syz
[  541.018828][ T5985] usb 7-1: Manufacturer: syz
[  541.036105][ T5985] usb 7-1: SerialNumber: syz
[  541.385245][ T5985] usb 7-1: USB disconnect, device number 48
[  541.516440][    C3] vkms_vblank_simulate: vblank timer overrun
[  541.759248][    C3] vkms_vblank_simulate: vblank timer overrun
[  541.998193][ T5985] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  542.003466][ T6007] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  542.172196][ T5985] usb 7-1: Using ep0 maxpacket: 8
[  542.176468][ T6007] usb 6-1: Using ep0 maxpacket: 8
[  542.184402][ T5985] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  542.205155][ T5985] usb 7-1: config 0 has no interface number 0
[  542.208698][ T6007] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  542.212294][ T5985] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  542.229615][ T6007] usb 6-1: config 0 has no interface number 0
[  542.232986][ T6007] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  542.237919][ T6007] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  542.250718][ T5985] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  542.254499][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.270753][ T6007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.282659][ T6007] usb 6-1: config 0 descriptor??
[  542.308059][ T5985] usb 7-1: config 0 descriptor??
[  542.327805][ T5985] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  542.360095][ T6007] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  542.522472][    C1] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  542.531143][T11648] usb 7-1: USB disconnect, device number 49
[  542.546941][   T30] usb 6-1: USB disconnect, device number 56
[  542.699719][    C3] vkms_vblank_simulate: vblank timer overrun
[  543.096679][   T30] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  543.264616][   T30] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  543.267744][   T30] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  543.291857][   T30] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  543.301158][   T30] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  543.348961][   T30] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  543.355904][   T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.368395][   T30] usb 6-1: Product: syz
[  543.370672][   T30] usb 6-1: Manufacturer: syz
[  543.384193][   T30] usb 6-1: SerialNumber: syz
[  543.644000][   T30] usb 6-1: USB disconnect, device number 57
[  544.044789][    C3] vkms_vblank_simulate: vblank timer overrun
[  544.319290][T12283] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  544.492351][T12283] usb 6-1: Using ep0 maxpacket: 8
[  544.528413][T12283] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  544.533375][T12283] usb 6-1: config 0 has no interface number 0
[  544.550533][T12283] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  544.563786][T12283] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  544.571981][T12283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.585862][T12283] usb 6-1: config 0 descriptor??
[  544.608868][T12283] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  544.800067][T12283] usb 6-1: USB disconnect, device number 58
[  544.808322][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  544.990152][T12899] random: crng reseeded on system resumption
[  548.114138][T12929] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  548.665948][T12936] netlink: 'syz.3.1510': attribute type 21 has an invalid length.
[  548.980651][T12933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  549.087045][T12940] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  549.245898][ T5950] Bluetooth: hci3: command 0x0406 tx timeout
[  549.382475][T12283] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  549.538253][T12283] usb 6-1: Using ep0 maxpacket: 8
[  549.557282][T12283] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  549.628937][T12936] block nbd3: shutting down sockets
[  549.648288][T12283] usb 6-1: config 0 has no interface number 0
[  549.688302][T12283] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  549.694077][T12283] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  549.703856][T12283] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.722776][T12283] usb 6-1: config 0 descriptor??
[  549.733497][T12283] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  549.965261][  T834] usb 6-1: USB disconnect, device number 59
[  550.392391][T12283] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  550.557832][T12283] usb 6-1: config index 0 descriptor too short (expected 92, got 76)
[  550.565399][T12283] usb 6-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  550.574819][T12283] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  550.595899][T12283] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  550.615486][T12283] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  550.623212][T12283] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.628552][T12283] usb 6-1: Product: syz
[  550.631283][T12283] usb 6-1: Manufacturer: syz
[  550.637406][T12283] usb 6-1: SerialNumber: syz
[  550.872594][T12947] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.1512'.
[  550.881990][T12283] usb 6-1: USB disconnect, device number 60
[  550.967047][T12949] random: crng reseeded on system resumption
[  551.642437][ T5985] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  551.980727][ T5985] usb 6-1: Using ep0 maxpacket: 8
[  552.052999][ T5985] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  552.056356][ T5985] usb 6-1: config 0 has no interface number 0
[  552.059000][ T5985] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  552.064409][ T5985] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  552.077569][ T5985] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.106454][ T5985] usb 6-1: config 0 descriptor??
[  552.125318][ T5985] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  552.315240][    C3] iowarrior 6-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  552.328902][ T6001] usb 6-1: USB disconnect, device number 61
[  553.509720][T12972] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  555.094161][T12981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  555.280773][T12987] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  557.047435][T12999] 9p: Unknown Cache mode or invalid value fscach
[  557.419879][T12998] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1523'.
[  559.002219][T11648] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  559.162623][T11648] usb 8-1: Using ep0 maxpacket: 8
[  559.171062][T11648] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  559.179549][T11648] usb 8-1: config 0 has no interface number 0
[  559.186462][T11648] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  559.190290][T11648] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  559.215043][T11648] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.225385][T11648] usb 8-1: config 0 descriptor??
[  559.247269][T11648] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  559.364612][T13014] netlink: 'syz.2.1527': attribute type 21 has an invalid length.
[  559.435892][ T6469] usb 8-1: USB disconnect, device number 35
[  559.917453][T13018] block nbd2: shutting down sockets
[  560.333914][ T6469] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[  560.864806][ T6469] usb 8-1: config index 0 descriptor too short (expected 92, got 76)
[  560.868975][T13021] random: crng reseeded on system resumption
[  560.869272][ T6469] usb 8-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  560.878835][ T6469] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  560.905727][T13021] Restarting kernel threads ... done.
[  560.913057][ T6469] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  561.021676][ T6469] usb 8-1: string descriptor 0 read error: -71
[  561.202739][ T6469] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  561.209507][ T6469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.312324][ T6469] usb 8-1: can't set config #1, error -71
[  561.315874][ T6469] usb 8-1: USB disconnect, device number 36
[  562.079106][T13032] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  562.461176][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  562.464018][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  562.882752][T13045] 9p: Unknown Cache mode or invalid value fscach
[  563.248873][T13036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1533'.
[  564.103679][T13051] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1535'.
[  565.791486][T13053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  565.963254][T13053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.024804][T13053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.594229][T13064] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  566.686928][T13066] random: crng reseeded on system resumption
[  567.635765][T13073] netlink: 'syz.1.1541': attribute type 21 has an invalid length.
[  567.786261][T13071] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.854442][T13071] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.892197][T13071] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  568.330095][T13077] block nbd1: shutting down sockets
[  569.352160][T13088] netlink: 18128 bytes leftover after parsing attributes in process `syz.1.1543'.
[  570.477747][T13111] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  571.485048][T13113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  571.544450][T13113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  571.657172][T13121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  571.885881][T13120] 9p: Unknown Cache mode or invalid value fscach
[  572.360443][T13117] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1550'.
[  572.888432][    C0] vkms_vblank_simulate: vblank timer overrun
[  572.888708][T13127] netlink: 'syz.3.1554': attribute type 21 has an invalid length.
[  573.017620][T13130] netlink: 'syz.5.1553': attribute type 21 has an invalid length.
[  573.482204][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.510561][T13142] block nbd3: shutting down sockets
[  573.529452][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.544883][T13144] block nbd5: shutting down sockets
[  573.612496][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.843401][ T1329] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  573.882508][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.957277][T13141] syz.5.1553: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  573.993388][T13141] CPU: 2 UID: 0 PID: 13141 Comm: syz.5.1553 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  573.993423][T13141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  573.993433][T13141] Call Trace:
[  573.993440][T13141]  <TASK>
[  573.993448][T13141]  dump_stack_lvl+0x16c/0x1f0
[  573.993707][T13141]  warn_alloc+0x24d/0x3a0
[  573.993833][T13141]  ? __pfx_warn_alloc+0x10/0x10
[  573.993862][T13141]  ? __get_vm_area_node+0x1b0/0x2f0
[  573.993884][T13141]  ? __get_vm_area_node+0x1dc/0x2f0
[  573.993909][T13141]  __vmalloc_node_range_noprof+0x1102/0x1530
[  573.993942][T13141]  ? hash_netiface_create+0x3ea/0x1250
[  573.994088][T13141]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  573.994112][T13141]  ? rcu_is_watching+0x12/0xc0
[  573.994169][T13141]  ? trace_kmalloc+0x2d/0xd0
[  573.994189][T13141]  ? __kmalloc_node_noprof.cold+0x5a/0x5f
[  573.994251][T13141]  ? hash_netiface_create+0x3ea/0x1250
[  573.994279][T13141]  __kvmalloc_node_noprof+0x14f/0x1a0
[  573.994303][T13141]  ? hash_netiface_create+0x3ea/0x1250
[  573.994330][T13141]  hash_netiface_create+0x3ea/0x1250
[  573.994359][T13141]  ? __nla_validate_parse+0x2866/0x2880
[  573.994487][T13141]  ? __pfx_hash_netiface_create+0x10/0x10
[  573.994510][T13141]  ip_set_create+0x7cb/0x14d0
[  573.994526][T13141]  ? __pfx_ip_set_create+0x10/0x10
[  573.994565][T13141]  nfnetlink_rcv_msg+0x9c3/0x11e0
[  573.994621][T13141]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  573.994655][T13141]  ? find_held_lock+0x2d/0x110
[  573.994702][T13141]  netlink_rcv_skb+0x16b/0x440
[  573.994750][T13141]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  573.994779][T13141]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  573.994800][T13141]  ? __pfx_aa_get_newest_label+0x10/0x10
[  573.994862][T13141]  ? bpf_lsm_capable+0x9/0x10
[  573.994878][T13141]  ? security_capable+0x7e/0x260
[  573.994921][T13141]  ? ns_capable+0xd7/0x110
[  573.994947][T13141]  nfnetlink_rcv+0x1b4/0x430
[  573.994971][T13141]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  573.994992][T13141]  ? netlink_deliver_tap+0x1ae/0xd30
[  573.995014][T13141]  netlink_unicast+0x53c/0x7f0
[  573.995035][T13141]  ? __pfx_netlink_unicast+0x10/0x10
[  573.995055][T13141]  ? __phys_addr_symbol+0x30/0x80
[  573.995073][T13141]  ? __check_object_size+0x488/0x710
[  573.995093][T13141]  netlink_sendmsg+0x8b8/0xd70
[  573.995117][T13141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  573.995146][T13141]  ____sys_sendmsg+0xaaf/0xc90
[  573.995190][T13141]  ? __pfx_____sys_sendmsg+0x10/0x10
[  573.995209][T13141]  ? get_compat_msghdr+0x11b/0x170
[  573.995259][T13141]  ___sys_sendmsg+0x135/0x1e0
[  573.995285][T13141]  ? __pfx____sys_sendmsg+0x10/0x10
[  573.995320][T13141]  ? __pfx_lock_release+0x10/0x10
[  573.995345][T13141]  ? trace_lock_acquire+0x14e/0x1f0
[  573.995373][T13141]  ? __fget_files+0x206/0x3a0
[  573.995403][T13141]  __sys_sendmsg+0x16e/0x220
[  573.995426][T13141]  ? __pfx___sys_sendmsg+0x10/0x10
[  573.995447][T13141]  ? __ia32_sys_futex_time32+0x1da/0x460
[  573.995483][T13141]  __do_fast_syscall_32+0x73/0x120
[  573.995530][T13141]  do_fast_syscall_32+0x32/0x80
[  573.995553][T13141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.995582][T13141] RIP: 0023:0xf7f14579
[  573.995597][T13141] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  573.995612][T13141] RSP: 002b:00000000f4bd155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  573.995629][T13141] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000100
[  573.995645][T13141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  573.995655][T13141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  573.995664][T13141] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  573.995674][T13141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  573.995694][T13141]  </TASK>
[  573.995701][T13141] Mem-Info:
[  574.092241][ T1329] usb 7-1: Using ep0 maxpacket: 8
[  574.094904][ T1329] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  574.108972][T13141] active_anon:4188 inactive_anon:783 isolated_anon:0
[  574.108972][T13141]  active_file:1103 inactive_file:2789 isolated_file:0
[  574.108972][T13141]  unevictable:1768 dirty:276 writeback:0
[  574.108972][T13141]  slab_reclaimable:7285 slab_unreclaimable:56377
[  574.108972][T13141]  mapped:30510 shmem:4978 pagetables:933
[  574.108972][T13141]  sec_pagetables:326 bounce:0
[  574.108972][T13141]  kernel_misc_reclaimable:0
[  574.108972][T13141]  free:64339 free_pcp:4395 free_cma:0
[  574.132442][ T1329] usb 7-1: config 0 has no interface number 0
[  574.138728][T13141] Node 0 active_anon:4388kB inactive_anon:1488kB active_file:2840kB inactive_file:6864kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4848kB dirty:48kB writeback:0kB shmem:4812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9456kB pagetables:1032kB sec_pagetables:1148kB all_unreclaimable? yes
[  574.176863][ T1329] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  574.181607][T13141] Node 1 active_anon:12364kB inactive_anon:1644kB active_file:1572kB inactive_file:4292kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:117192kB dirty:1056kB writeback:0kB shmem:15100kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2648kB pagetables:2700kB sec_pagetables:156kB all_unreclaimable? no
[  574.184881][ T1329] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  574.187535][T13141] Node 0 DMA free:2968kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:152kB inactive_anon:24kB active_file:172kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:128kB local_pcp:4kB free_cma:0kB
[  574.194011][ T1329] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.194324][T13141] lowmem_reserve[]:
[  574.230468][ T1329] usb 7-1: config 0 descriptor??
[  574.234759][T13141]  0
[  574.336632][ T1329] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  574.342221][T13141]  294 0 0 0
[  574.342264][T13141] Node 0 DMA32 free:20316kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:4236kB inactive_anon:1464kB active_file:2668kB inactive_file:6856kB unevictable:3536kB writepending:48kB present:1032196kB managed:301744kB mlocked:0kB bounce:0kB free_pcp:1384kB local_pcp:424kB free_cma:0kB
[  574.342310][T13141] lowmem_reserve[]: 0 0 0 0 0
[  574.342350][T13141] Node 1 DMA32 free:233636kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:12364kB inactive_anon:1644kB active_file:1564kB inactive_file:4300kB unevictable:3536kB writepending:1056kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:16140kB local_pcp:14680kB free_cma:0kB
[  574.342392][T13141] lowmem_reserve[]: 0 0 0 0 0
[  574.342427][T13141] Node 0 DMA: 30*4kB (U) 18*8kB (UME) 21*16kB (UME) 36*32kB (UME) 19*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2968kB
[  574.342543][T13141] Node 0 DMA32: 155*4kB (UME) 68*8kB (UE) 55*16kB (UME) 129*32kB (UMEH) 71*64kB (UMEH) 23*128kB (UMEH) 12*256kB (UMH) 3*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 20316kB
[  574.347016][T13141] Node 1 DMA32: 197*4kB (UMEH) 128*8kB (UMEH) 103*16kB (UMEH) 308*32kB (MEH) 330*64kB (UMEH) 195*128kB (UMEH) 104*256kB (UME) 78*512kB (UM) 105*1024kB (UM) 0*2048kB 0*4096kB = 233476kB
[  574.347186][T13141] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  574.347196][T13141] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  574.347205][T13141] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  574.347213][T13141] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  574.347221][T13141] 9073 total pagecache pages
[  574.347226][T13141] 207 pages in swap cache
[  574.347230][T13141] Free swap  = 108840kB
[  574.347234][T13141] Total swap = 124996kB
[  574.347239][T13141] 524155 pages RAM
[  574.347243][T13141] 0 pages HighMem/MovableOnly
[  574.347247][T13141] 207816 pages reserved
[  574.347251][T13141] 0 pages cma reserved
[  574.554409][T13149] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  574.577539][ T1329] usb 7-1: USB disconnect, device number 50
[  575.076237][T11969] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[  575.253299][T11969] usb 7-1: config index 0 descriptor too short (expected 92, got 76)
[  575.258220][T11969] usb 7-1: config 1 has an invalid descriptor of length 214, skipping remainder of the config
[  575.288041][T11969] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  575.297345][T11969] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  575.357795][T11969] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  575.364053][T11969] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.369374][T11969] usb 7-1: Product: syz
[  575.394867][T11969] usb 7-1: Manufacturer: syz
[  575.398328][T11969] usb 7-1: SerialNumber: syz
[  575.550401][T13158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  575.677888][T11969] usb 7-1: USB disconnect, device number 51
[  575.698392][T13159] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  575.769836][T13158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  576.383416][ T5985] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[  576.562587][ T5985] usb 7-1: Using ep0 maxpacket: 8
[  576.571507][ T5985] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  576.573996][T13163] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  576.577777][ T5985] usb 7-1: config 0 has no interface number 0
[  576.587465][ T5985] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  576.595838][ T5985] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  576.599015][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.630506][ T5985] usb 7-1: config 0 descriptor??
[  576.676848][ T5985] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  576.740712][T13165] random: crng reseeded on system resumption
[  576.757983][T13165] Restarting kernel threads ... done.
[  576.800260][    C0] vkms_vblank_simulate: vblank timer overrun
[  576.852485][    C0] vkms_vblank_simulate: vblank timer overrun
[  576.961370][    C0] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  576.967958][ T6007] usb 7-1: USB disconnect, device number 52
[  577.008564][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.356077][T13167] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  577.576438][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.768502][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.971436][T13166] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  578.420417][    C0] vkms_vblank_simulate: vblank timer overrun
[  578.599168][T13177] 9p: Unknown Cache mode or invalid value fscach
[  578.656498][    C0] vkms_vblank_simulate: vblank timer overrun
[  578.901410][T13179] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  579.932437][T13184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  579.968415][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.033806][T13187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  580.076803][T13189] netlink: 'syz.1.1567': attribute type 21 has an invalid length.
[  580.093236][T13187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  580.104850][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.433783][    C0] vkms_vblank_simulate: vblank timer overrun
[  580.626478][T13195] block nbd1: shutting down sockets
[  581.144153][T13200] netlink: 'syz.3.1569': attribute type 21 has an invalid length.
[  581.733671][T13208] netlink: 'syz.5.1570': attribute type 21 has an invalid length.
[  581.736910][T13200] block nbd3: shutting down sockets
[  582.126732][T13212] block nbd5: shutting down sockets
[  583.615179][T13226] netlink: 'syz.1.1573': attribute type 21 has an invalid length.
[  583.929401][T13231] block nbd1: shutting down sockets
[  584.196505][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.212648][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.340333][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.480795][    C1] vkms_vblank_simulate: vblank timer overrun
[  585.825269][T13243] 9p: Unknown Cache mode or invalid value fscach
[  585.827879][T13243] 9pnet: Tag 65535 still in use
[  585.844293][    C0] ------------[ cut here ]------------
[  585.847401][    C0] refcount_t: underflow; use-after-free.
[  585.850153][    C0] WARNING: CPU: 0 PID: 13240 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[  585.853842][    C0] Modules linked in:
[  585.855228][    C0] CPU: 0 UID: 0 PID: 13240 Comm: syz.3.1575 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  585.868220][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  585.889857][    C0] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  585.891961][    C0] Code: ff 89 de e8 d8 6b f7 fc 84 db 0f 85 66 ff ff ff e8 2b 71 f7 fc c6 05 d2 94 88 0b 01 90 48 c7 c7 c0 f3 d2 8b e8 57 a2 b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 08 71 f7 fc 0f b6 1d ad 94 88 0b 31
[  585.899235][    C0] RSP: 0018:ffffc90000007d90 EFLAGS: 00010082
[  585.901727][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a1229
[  585.904945][    C0] RDX: ffff8880254e2440 RSI: ffffffff817a1236 RDI: 0000000000000001
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  585.923036][    C0] RBP: ffff888069b13cb8 R08: 0000000000000001 R09: 0000000000000000
[  585.926960][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069b13cb8
[  585.930192][    C0] R13: ffff88804e627000 R14: 0000000000000015 R15: 0000000000000000
[  585.942307][    C0] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5085b40
[  585.956725][    C0] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  585.959322][    C0] CR2: 0000000080030000 CR3: 00000000712c4000 CR4: 0000000000352ef0
[  585.962565][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  585.976375][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  585.980403][    C0] Call Trace:
[  585.982081][    C0]  <IRQ>
[  585.983281][    C0]  ? __warn+0xea/0x3c0
[  585.985022][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  585.987468][    C0]  ? refcount_warn_saturate+0x14a/0x210
[  585.989780][    C0]  ? report_bug+0x3c0/0x580
[  585.991687][    C0]  ? handle_bug+0x54/0xa0
[  585.993516][    C0]  ? exc_invalid_op+0x17/0x50
[  585.995503][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[  585.995891][    C1] vkms_vblank_simulate: vblank timer overrun
[  586.010243][    C0]  ? __warn_printk+0x199/0x350
[  586.010318][    C0]  ? __warn_printk+0x1a6/0x350
[  586.010334][    C0]  ? refcount_warn_saturate+0x14a/0x210
[  586.010357][    C0]  p9_req_put+0x1ec/0x250
[  586.010469][    C0]  req_done+0x1e7/0x2f0
[  586.010490][    C0]  ? __pfx_req_done+0x10/0x10
[  586.010511][    C0]  ? __pfx_req_done+0x10/0x10
[  586.010528][    C0]  vring_interrupt+0x31b/0x400
[  586.010563][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  586.010576][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  586.010596][    C0]  handle_irq_event+0xab/0x1e0
[  586.010610][    C0]  handle_edge_irq+0x263/0xd10
[  586.010627][    C0]  __common_interrupt+0xdf/0x250
[  586.010645][    C0]  common_interrupt+0xba/0xe0
[  586.010666][    C0]  </IRQ>
[  586.010672][    C0]  <TASK>
[  586.010678][    C0]  asm_common_interrupt+0x26/0x40
[  586.010698][    C0] RIP: 0010:__might_sleep+0x18/0x170
[  586.010719][    C0] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 41 54 65 4c 8b 25 e8 dd 7b 7e <55> 89 f5 53 48 89 fb 49 8d 7c 24 18 48 83 ec 10 48 89 fa 48 c1 ea
[  586.010732][    C0] RSP: 0018:ffffc90002ec7680 EFLAGS: 00000246
[  586.010747][    C0] RAX: dffffc0000000000 RBX: ffff888027fbaea8 RCX: 0000000000000000
[  586.010755][    C0] RDX: 0000000000000000 RSI: 0000000000000232 RDI: ffffffff8b6cd720
[  586.010764][    C0] RBP: ffffc90002ec77d0 R08: ffffffff89fa8ae7 R09: 0000000000000000
[  586.010772][    C0] R10: ffffc90002ec77f0 R11: 0000000000000000 R12: ffff8880254e2440
[  586.010781][    C0] R13: 0000000000000002 R14: 0000000000000000 R15: ffffc90002ec7710
[  586.010793][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.010855][    C0]  __mutex_lock+0x108/0xb10
[  586.010873][    C0]  ? mark_lock+0xb5/0xc60
[  586.010890][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.010909][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  586.010924][    C0]  ? __skb_try_recv_datagram+0x236/0x4f0
[  586.010944][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  586.010968][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.010985][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  586.011000][    C0]  __unix_dgram_recvmsg+0x267/0xe50
[  586.011022][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  586.011040][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.011055][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  586.011078][    C0]  ? find_held_lock+0x2d/0x110
[  586.011096][    C0]  unix_dgram_recvmsg+0xd0/0x110
[  586.011115][    C0]  ____sys_recvmsg+0x5f8/0x6b0
[  586.011133][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  586.011153][    C0]  ? try_to_wake_up+0x949/0x1490
[  586.011173][    C0]  ___sys_recvmsg+0x115/0x1a0
[  586.011191][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  586.011207][    C0]  ? __fget_files+0x1fc/0x3a0
[  586.011235][    C0]  ? __pfx___might_resched+0x10/0x10
[  586.011252][    C0]  ? do_recvmmsg+0x568/0x740
[  586.011271][    C0]  do_recvmmsg+0x55d/0x740
[  586.011294][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  586.011312][    C0]  ? __sched_setaffinity+0x175/0x280
[  586.011330][    C0]  ? rcu_is_watching+0x12/0xc0
[  586.011349][    C0]  ? sched_setaffinity+0xdd/0x430
[  586.011365][    C0]  ? __pfx_sched_setaffinity+0x10/0x10
[  586.011384][    C0]  __sys_recvmmsg+0x21e/0x280
[  586.011402][    C0]  ? __pfx___sys_recvmmsg+0x10/0x10
[  586.011419][    C0]  ? xfd_validate_state+0x5d/0x180
[  586.011437][    C0]  ? rcu_is_watching+0x12/0xc0
[  586.011452][    C0]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  586.011469][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.011484][    C0]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  586.011499][    C0]  __do_fast_syscall_32+0x73/0x120
[  586.011517][    C0]  do_fast_syscall_32+0x32/0x80
[  586.011533][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.011551][    C0] RIP: 0023:0xf7f81579
[  586.011563][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  586.011575][    C0] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  586.011588][    C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  586.011596][    C0] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  586.011604][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  586.011612][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  586.011619][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  586.011635][    C0]  </TASK>
[  586.011643][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  586.011652][    C0] CPU: 0 UID: 0 PID: 13240 Comm: syz.3.1575 Not tainted 6.14.0-rc4-syzkaller-00015-g2a1944bff549 #0
[  586.011667][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  586.011675][    C0] Call Trace:
[  586.011680][    C0]  <IRQ>
[  586.011685][    C0]  dump_stack_lvl+0x3d/0x1f0
[  586.011703][    C0]  panic+0x71d/0x800
[  586.011715][    C0]  ? __pfx_panic+0x10/0x10
[  586.011729][    C0]  ? show_trace_log_lvl+0x29d/0x3d0
[  586.011750][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  586.011764][    C0]  ? refcount_warn_saturate+0x14a/0x210
[  586.011776][    C0]  check_panic_on_warn+0xab/0xb0
[  586.011790][    C0]  __warn+0xf6/0x3c0
[  586.011802][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  586.011816][    C0]  ? refcount_warn_saturate+0x14a/0x210
[  586.011829][    C0]  report_bug+0x3c0/0x580
[  586.011844][    C0]  handle_bug+0x54/0xa0
[  586.011859][    C0]  exc_invalid_op+0x17/0x50
[  586.011875][    C0]  asm_exc_invalid_op+0x1a/0x20
[  586.011890][    C0] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  586.011903][    C0] Code: ff 89 de e8 d8 6b f7 fc 84 db 0f 85 66 ff ff ff e8 2b 71 f7 fc c6 05 d2 94 88 0b 01 90 48 c7 c7 c0 f3 d2 8b e8 57 a2 b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 08 71 f7 fc 0f b6 1d ad 94 88 0b 31
[  586.011914][    C0] RSP: 0018:ffffc90000007d90 EFLAGS: 00010082
[  586.011924][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a1229
[  586.011931][    C0] RDX: ffff8880254e2440 RSI: ffffffff817a1236 RDI: 0000000000000001
[  586.011939][    C0] RBP: ffff888069b13cb8 R08: 0000000000000001 R09: 0000000000000000
[  586.011946][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888069b13cb8
[  586.011953][    C0] R13: ffff88804e627000 R14: 0000000000000015 R15: 0000000000000000
[  586.011965][    C0]  ? __warn_printk+0x199/0x350
[  586.011977][    C0]  ? __warn_printk+0x1a6/0x350
[  586.011993][    C0]  p9_req_put+0x1ec/0x250
[  586.012006][    C0]  req_done+0x1e7/0x2f0
[  586.012024][    C0]  ? __pfx_req_done+0x10/0x10
[  586.012043][    C0]  ? __pfx_req_done+0x10/0x10
[  586.012060][    C0]  vring_interrupt+0x31b/0x400
[  586.012071][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  586.012083][    C0]  __handle_irq_event_percpu+0x229/0x7d0
[  586.012099][    C0]  handle_irq_event+0xab/0x1e0
[  586.012113][    C0]  handle_edge_irq+0x263/0xd10
[  586.012127][    C0]  __common_interrupt+0xdf/0x250
[  586.012142][    C0]  common_interrupt+0xba/0xe0
[  586.012158][    C0]  </IRQ>
[  586.012162][    C0]  <TASK>
[  586.012168][    C0]  asm_common_interrupt+0x26/0x40
[  586.012183][    C0] RIP: 0010:__might_sleep+0x18/0x170
[  586.012199][    C0] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 41 54 65 4c 8b 25 e8 dd 7b 7e <55> 89 f5 53 48 89 fb 49 8d 7c 24 18 48 83 ec 10 48 89 fa 48 c1 ea
[  586.012209][    C0] RSP: 0018:ffffc90002ec7680 EFLAGS: 00000246
[  586.012219][    C0] RAX: dffffc0000000000 RBX: ffff888027fbaea8 RCX: 0000000000000000
[  586.012227][    C0] RDX: 0000000000000000 RSI: 0000000000000232 RDI: ffffffff8b6cd720
[  586.012255][    C0] RBP: ffffc90002ec77d0 R08: ffffffff89fa8ae7 R09: 0000000000000000
[  586.012263][    C0] R10: ffffc90002ec77f0 R11: 0000000000000000 R12: ffff8880254e2440
[  586.012271][    C0] R13: 0000000000000002 R14: 0000000000000000 R15: ffffc90002ec7710
[  586.012286][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.012307][    C0]  __mutex_lock+0x108/0xb10
[  586.012321][    C0]  ? mark_lock+0xb5/0xc60
[  586.012336][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.012354][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  586.012368][    C0]  ? __skb_try_recv_datagram+0x236/0x4f0
[  586.012383][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  586.012405][    C0]  ? __unix_dgram_recvmsg+0x267/0xe50
[  586.012420][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  586.012435][    C0]  __unix_dgram_recvmsg+0x267/0xe50
[  586.012455][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  586.012472][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.012486][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  586.012507][    C0]  ? find_held_lock+0x2d/0x110
[  586.012523][    C0]  unix_dgram_recvmsg+0xd0/0x110
[  586.012542][    C0]  ____sys_recvmsg+0x5f8/0x6b0
[  586.012557][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  586.012576][    C0]  ? try_to_wake_up+0x949/0x1490
[  586.012595][    C0]  ___sys_recvmsg+0x115/0x1a0
[  586.012611][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  586.012626][    C0]  ? __fget_files+0x1fc/0x3a0
[  586.012651][    C0]  ? __pfx___might_resched+0x10/0x10
[  586.012667][    C0]  ? do_recvmmsg+0x568/0x740
[  586.012685][    C0]  do_recvmmsg+0x55d/0x740
[  586.012703][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  586.012720][    C0]  ? __sched_setaffinity+0x175/0x280
[  586.012737][    C0]  ? rcu_is_watching+0x12/0xc0
[  586.012754][    C0]  ? sched_setaffinity+0xdd/0x430
[  586.012770][    C0]  ? __pfx_sched_setaffinity+0x10/0x10
[  586.012788][    C0]  __sys_recvmmsg+0x21e/0x280
[  586.012805][    C0]  ? __pfx___sys_recvmmsg+0x10/0x10
[  586.012820][    C0]  ? xfd_validate_state+0x5d/0x180
[  586.012836][    C0]  ? rcu_is_watching+0x12/0xc0
[  586.012851][    C0]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  586.012865][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  586.012878][    C0]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  586.012893][    C0]  __do_fast_syscall_32+0x73/0x120
[  586.012909][    C0]  do_fast_syscall_32+0x32/0x80
[  586.012923][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  586.012940][    C0] RIP: 0023:0xf7f81579
[  586.012949][    C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  586.012960][    C0] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  586.012972][    C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  586.012979][    C0] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  586.012987][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  586.012994][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  586.013001][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  586.013016][    C0]  </TASK>
[  586.672266][    C0] Kernel Offset: disabled
[  586.673936][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:19:21  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000043 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853e5a35 RDI=ffffffff9ab6ee60 RBP=ffffffff9ab6ee20 RSP=ffffc90000007718
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=0000000000000043 R14=ffffffff9ab6ee20 R15=0000000000000000
RIP=ffffffff853e5a5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080030000 CR3=00000000712c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016c00000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000080000 RBX=0000000000000001 RCX=ffffc90025e69000 RDX=0000000000080000
RSI=ffffffff81adea35 RDI=0000000000000005 RBP=ffffc90002dd7928 RSP=ffffc90002dd7860
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=1ffff920005baf10 R13=0000000000000000 R14=0000000000000001 R15=ffff88802b43fd00
RIP=ffffffff81adea37 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73aabc4 CR3=00000000712c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000008509ed RBX=0000000000000002 RCX=ffffffff8b552469 RDX=0000000000000000
RSI=ffffffff8b6ced20 RDI=ffffffff8bd346c0 RBP=ffffed1003ad5000 RSP=ffffc9000048fe08
R8 =0000000000000001 R9 =ffffed10056c6f85 R10=ffff88802b637c2b R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6a8000 R14=ffffffff90627810 R15=0000000000000000
RIP=ffffffff8b55384f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00000000
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802b600000 ffffffff 00000000
LDT=0000 0000000000000000 ffffffff 00000000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558b09c41000 CR3=0000000024e92000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830
ZMM22=5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40
ZMM23=c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353
ZMM24=ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34
ZMM25=354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8
ZMM26=3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8
ZMM27=8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767
ZMM28=000000500000004f 0000004e0000004d 0000004c0000004b 0000004a00000049 0000004800000047 0000004600000045 0000004400000043 0000004200000041
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000
info registers vcpu 3

CPU#3
RAX=0000000080000001 RBX=0000000000000024 RCX=dffffc0000000000 RDX=ffff888000d8a440
RSI=ffffffff84c8d180 RDI=0000000000000001 RBP=ffffc90003b47450 RSP=ffffc90003b47310
R8 =0000000000000001 R9 =0000000000000019 R10=0000000000000004 R11=0000000000000002
R12=ffffffff8bd39e30 R13=1ffff92000768e6c R14=ffff8880218d2b44 R15=0000000000000000
RIP=ffffffff81b9df8b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc97aa97d00 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558b09c4c000 CR3=0000000024e92000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830 f67ad830f67ad830
ZMM22=5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40 5f871f405f871f40
ZMM23=c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353 c683c353c683c353
ZMM24=ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34 ffc81f34ffc81f34
ZMM25=354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8 354568f8354568f8
ZMM26=3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8 3ba9e4e83ba9e4e8
ZMM27=8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767 8b3bf7678b3bf767
ZMM28=000000500000004f 0000004e0000004d 0000004c0000004b 0000004a00000049 0000004800000047 0000004600000045 0000004400000043 0000004200000041
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000 da0c0000da0c0000