last executing test programs:

1m33.828171972s ago: executing program 2 (id=312):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0xe01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24000084)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x85)
r9 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r9, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
sendmmsg$inet(r9, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)
socket$unix(0x1, 0x1, 0x0)

1m27.86693184s ago: executing program 2 (id=324):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="7a0af8ff7525736cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e2e3b8f2d0da70e524832ab04dec9ce66a62ceffbb15b1857c93666fe043a266a451f9a1e1f054211b9ae566b58f4f356c7a4"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x3, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {0xf, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x240440c0)
sendto$packet(r3, &(0x7f0000000c00)="768495b42ca1b7360fbaa881e9913ba3ea16358d6e6f1f8025f6f04fcc0ee47f5ca3cb645827ddc8cd31c5a599f5dbb012d2f5e07dc5ce5f1647c1a225874fafe7ee5f19f36a014860c1e78cc25ab474e0b6117f15ddc0513928fefb0f9d05e8ad82b77db4a83843ae37472772651fa0460689cf92c7f75498a7068483659303b925ec109995708c645e19457aa6b754b6484a5782133f18dac4e0b736609754ba8d426cb7a8444067031265ea16bae4bf0a9821bdd09606240e7bb3c113252848e781c8058a062da6131f27f71bcaab602f1c25b1e8027bee75a7d7fd45d9a726d0fbd83cc500a46c69ab93f66094c2ce5ac58618544c9afb02307482d64c4d9f8987baeb8cd75cb1b44986df520ce19640604d7e399da0b47b47b19f7ca2cb06b0e554161aa5ebe0ed5a5997d9e790453ca86af4a48bc98d2f162d83b4d7de4b97689cc7c83ec87b1029a1d6e532432b8a38f55d7418f427747057913b2d027ec75ad6d4b49d44107a83c7612b4056c5eb5f336276cf9a3a70c4d68de64f91adee1cc3eba7b1a2da3458d248a259f2603f72307424ff7c01f049db1ef1cfe485569a4884fde409de1a4b18cd08057f66e0db98fdc4248a6230b762d98b155d01d731e44ff6536aa77b00744a88eff035e41745f01a33046094bab76254b9b0dafcb9f4ebfa6eb6e9823821b9ca7ca5a01ad5d2ba1c143253c2ec9f074065cd274fc5afe32a82fb67c53ec245a996bd38ba03fd5fd5108dfddd7cf62334340d41b25be0fbe4be719d5a4ee30ce7082e05ddeb59d529d5e956cfaeab87fe5860207bfbb1b6248083770d89e3bce02494ea6d9f3a416d046ce20c68b61af42ba8c8c03f659714aa27aed0f659e9ccde1719b355c945f435c23a00c94fd545ab9cf9904fb85b3f3e9ccc00165dcb69976163a3ce9988ba07c8e99bd77e59975140e1bf58659a766c5f3ee87d0c36d266b09a96d6b025454f1e31dd155bb5d3f1b2011d5e8f403608d2c1aa582ac8f82c5b638ba7c3ab474aec11ae0083dade8ca91622f4b1da61a798627ada345e19a970f824543c072a12497ac9396f81511e3732e2878d7bfe5c7c366527d7b5c12525d7bf7083807a31a60ae27900d66bd1dfa4b98208876502b6a11d057411ede0943c5dd70dc8fd60ade744314b29e58e2fff01b6271fd5ce41530263a50c1bc026bbe601140603bf7b85a7820cba082dc31d72288ac718cab5212b93470927d6c1e9290dbd9f34b55fa2f58295d68b98e5c8ff086be3ebdf15b0945a6129bdd5f0d9a1fb445ce709cbcce22d9a11a347e2f9cc3f9662c78282d9133dae648cdb7ccb1ab5b6dab26a94d4ae400e4763d5e478f56daa64c38a5f99b5a47686f52ab69d6151c00610d042438580e6101789d94a7f4f926b5de924206981482633d1ece8885268d5d9dda888ac55f8262efe2ec6936cd939ec34f163c6e2077887d084170d7a8552a089bfadedc70062ca1e26fc09a4c079d3e4d8210b57c488c55b07c3bcff7323ba6a634a5bd568c8cb9dbb91f652c20836b4492f2065eb15a58a2f4ad4d47143340821033fa16ae671e8e7768095e53e88ff2641c36ac7b550c6667e206f885fd7a6c8939e21b67c3d351774450909a25da652b9f0d98e7ddfb99ec3b359dd95b9d436e55f40e15f811df66bd453b169dc6a81d955c6ea7a36383250990680046634648f41c957a28f34a33d0a804cca84da1864ca082adb267bef97cdbeb29f9a86c46063047abb32922347ed1aac0044ad9d4259e24c4fa879ed7c1819d74d7225d3c0f8e8dbdf7774b2ab41eeeddf42391c9105b88bca8ddf98c59d43921f890b65ce792297db6939d2a2769dbbbb5a724a69051890f98f2682b2a3cc5007c3bff687228f32a3156f7229b76ed9d5ca53cddd248f3382713b96dfe5325aed1a7f2f136990e73c34dcbc11d2625070a0b03e862a17572c0b96c0a7e60315606f2e0909bac34032862f6a1f0129f7ed628d47e5991233a45dd171754c52d107030a8e97eb3c02740b0fb8a07adb78b263fb273848044dfc20a8d8dc6de859b52858ef285b6181f3a8fa55a47923cd99cf1b55902288d37f78501ecc4bc81f817fe47d0ee760dfb5730b43eea039a29d7faf3659bac42e3791226bc5423176930910797f70f4f4ef968a73b9bcae7b9fcff5fee6fda64c67bbf43fcd61f7c8a049d70dcad213ffefa071578d3247a855a9e9a41a73efa88d0520d734f336a3cb8c9cb6cfe9eb29a783687002013638adf1e8e05f086ab566740157fb7c2044b3b372db79321db66280a0012a4cbf6c46210ce3f6f571086f0cb8f4ca8c57b4f0f95f5d2c4e2b7a214b3293c94ba67de945485014617f4c068e8df3271f744cb258c5d8a3ba01dbfe41186268c70e5a08bc4c3aaffdd651a8ff3a5a8d74eb1facba84ff67dab3eabfe5071e59725327e1b44e99b3922317d2b90e7876140183a44097aff4b1d90410b490c463d6546b7c28d29e6ee775ddbf6f12cff7477dce5c71b59595999b24b054878e3f19f49a53fd8be9cf465b6f2b27c8db0cc03cb2e2d3348540b05549db9c5e32494daec24d7b613cd7d2fcee256b9009244ce4e742db6e49071fedabdb1f2968c44ea036e87829df0fb2353ad12170e5881bd983abd3c5a9d848e34a2dda27ad99e969ff86eccf04e032bee8434119659f6ededff55287db5c188d4c72a9df5b6a6847120e6243c86344de250947cde537969bae41a83bd072a49322617500b7aa96f84a160526a2fd33ee834d3ad8f7489a21fc7588eb60a43fe4128584bc4c2cefc45bbf5cf80b297e31dff556a6af055c88b49610bd575477d3559d01242e79a00befe632877d4806e57d61e1260510b6a75c6e87b76989abeae9e9ce28b249d2c02f315799edde99e79844592d64fc2873a9c2abedb34530c74e17257d6d542f8dd682fe29c4a8c884d5c22cba2b7d126c2f4231f86f2338b1b16231ae7ea95dee8266f211c703cc4e253dfe8aefaaf6c53440f8f1a95004a725d15c942aa237977853a0d2aca67f944b052219f40e90b10a485ef999d6f431ae88b499a797e6163389def7a24e4cc11a529380144fa00b139fab1812b24f6d86a872b8d0e66dcf49a029899bd8dc59f99763cdfb33cbdaabfd89e09fd51ae95104ed3c03430707681e816be2551548531f3e7886d983a4b4541eba255a55f9522b27e970faacda71f9df60d2b8d3c3dae32bf54b4deeecbd47ab0a2b384ae2e4bf79448ecc1f11b018bbc2666760fc92e92428b52734f26ceab65601c79183a67e4b7886d74f4f545d1144a04668489907269ef38255b3321619ad1d7681cd948952f11e01d27de95814cf6757981571217500a6c6262c4bf41b88a6619ff0fe7ac48cca089e901832cbe2c1efac73d34c9a37a0eadeea794c8825125cfcc970e764546342bc52ff85aa9ad16cd2e3571918bebef37cce590ff728ffc13bf79c397bfb4562efd7f48bc88b28c5e88a3fa7195841ebc0f17a1c65d361e3bc2686d3bf1066e59dca6198cd8dc1d293022c931d52db7122e7fcbaa65cc8fae362bbfcff99e3ef2196b21798e71e69387a029af80c2006965a1b1a35afd2764cf5254fe4e39fe1463803c36d4e075e26cd2f1e97718c29ee1c8638041b67a64b728217a57055a5ec90b1c9e3c18080f97179fc24fb7de36003e5651b6999171abee59b2c5517938e4499649e96f6245cff2f75af5802d4a92eeb710f7e59124282fe3f4928497986565da28d09664048383457a72989f27b4753c31f7f28f2b7fa8bf9ca078cd078b56c77764ccedbe0d18b9ca18fd275aeec95307e1abd091e844688c897681ce2fe344c21be2bcb0f61349ac46ba53b272417ec7d72db2d6c0d5b9c3b43fa788339451aef117ae178072ba9edb41ff797a713bf916764b604418ae12cc4eac2885670dbb148ab14bbfdb44e7d13e984fa34355e30ab996dd7bf237453c8f38ed5dffb45a3d188aed0458d881de0176abcf2368da30d23224778d21d5a9bb59430563b08a4e6717cee9f92c1902c4ad84aa1e5cf84081cd5794c9ca0e594f529bdd2fdc4c5ee226cdbf4a2119077a305804c8c456fc9ce400640bea9b93e2522e55946a63375e5b90fd46b2368ff4f7e6bf34014f88fd0f8c3eeb680cf2e01d841d0a56408bfc5903a5002b297be8ae183abcb852593c34fa9755bde8ebf91a4f29844a900e572561f8fa5bb896e5e8e482df34fd4c71fcbbb0edbf9278e7344cc3f56e3cf3e6188a0405af6d3dc2ed963fd86cd40016e76aae8ee8ffd50f6db4a962dbe5963d4369a5b5ba39febb86790e2656703b00ae70c5837304ac375d85beec0fee9597082f717673ccc94b4b48050fc601805b545d557194c9984c5b4351d8a041b65dfb724730bef6f350cd77b2c11e1656ce054dfa99c915b731b6c6efdb87db7a27155507ce695ad069b8b84d9ec337497656e62004386f53059ea3e840ff9937727f50e365f561b4667133e6c924ac29b1b312c92ec1093bda53b0e1cbd23d5790fca6a3cebdb7b4d1261dc2735c1cea1d7df4f20ec2f08ae5218261d0f6a1c1bb71f4ed8eb0b3690943bd2de09532859f8b4d81ecfefe3d2e7e5e5a5cf80583a076803f0658223b181ef8c1f037662f73019822c3924fd5faca78ecf75fc1a0fdd4f473585901fd0c6a5c7dfc7abd8176cf2bbe0e4233b07079a65c42e86262f7c1a4841f3fb9cf0fe9dfc72db3d71c586dd8f53b3a380c70d38edc56beb7192e62d4c01000600b87b5c5c49dc1c6b7f1ce3f9af5438b45af8942deb08c32a10809c5293f81aa544f716a1a45be928500f491473f03a5ea194716b7f1e9004fc4635b4ef8961660c9b15dc7511b307b7996f6de053baf1d0da976a7a75363134170ad1be547c3dde96efddf4ec412bf24e891606ddd0707176cf33daecfbaff00db2d3f1317da7acb4d264b2637f34eb5cbe600d81a5495bb27a9519853dc90d130789444137ee335153d825b9c8102933cb57ba7135b12489c3c031840b3527886a6a85dfd0e2884130525a559a8fde5e86c4a3141350b174b93d0c89c7914b6d8b82609c6d9199964fc85814034e46fa3828233a1a8a1034cbdd5356aa7cd24d271dea49867faea070357493acecdf0991163b91fd57f693c6f28907357f40b5b63f5452f4236cc1887692530b7334f88df489c443dd1b1d520561a3444399d307607bafbdce135515c167df3695b9411b8ccd3b22e52cc0d03267792c18e66ebde279d0c3f0fda756c47b5cdaa21288f6b46e50afef584a05ec9671a3e39d479f05fc9c8bd70bfdfba8200d6193155f6fb3177726ad0096f35673acf6f65ce06af4c0639debb16ff1e6276447d8e53e3f997555d5f5936f606f95498f411ff39d084296ed82c38666ebf6f352ad0d07d78a56b4e77f34a0674e62c572b647fead5eafae4ba4e4ec47974760b12189ff46aa52508040797e7cf598d96d3e56aefe288ea65ecb0bffc0eae1c9b8a1acecd054560f47e62c562e40ab70adbbca2f51c79bccb0ce1d9b5ba6ba35e04cec33719623778efc2a07274ca519793aef4e40cee7856033dcb81ac5e09f1409ca77625a131e2f84dc4b43da2c5251c97ce78e1c8cd43bdb61881d190f84e5ab35ca676c37b1841de892d542cc3e86eb23afda8aad88f5f4e76eeba9477f9af4f3e65b13f637fb2c6c7c687ac7b1125dd94a135f3d78de32481673696726b3ad90cb4e4a487a556dc648da6c5b5e967cf0f010feedf192b38b834c545cd7748190a809a4e512065ef993", 0x1000, 0x40008800, &(0x7f0000001c00)={0x11, 0x1a, 0x0, 0x1, 0x1, 0x6, @broadcast}, 0x14)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000340)=r2, 0x4)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x20040800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x4000)
syz_emit_ethernet(0x2b, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffff0180c2000003080045f8001d0068000003019078ac1414bbac1414350800907800080000de61e997712205b99ac3578355cfc0f26eedffe0291756563326f1cf275ca8899646008b1950f3f4dbaf1c6242d6d9"], 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setitimer(0x0, 0x0, 0x0)

1m26.475143083s ago: executing program 2 (id=332):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_io_uring_setup(0x2, &(0x7f0000000180)={0x0, 0xd0e8, 0x10006, 0x1, 0x31f}, &(0x7f0000000000), &(0x7f0000000200), &(0x7f0000000000))
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB='trans=fd,', @ANYRESHEX=r1])
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, 0x0)
getegid()
r2 = openat$tcp_congestion(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_misc(r0, &(0x7f0000000100)="f1b8c873b00af68d680a67e89dec3c9cbea153b4e9192430d45fbb47663ea83c63d2bd933c74c669097f14a002666dd7c6e2a8c3ffa53065544f4c01860635764f6b1985222779ffb6169e2bd7c0b496ef397b84515577109e9e1dda09f72cfb92f6d63c6c8a5d20ff1db5494d5a6fe1745d352ebab13b627bdce40d7308102161bde0f60ed4bfaa71cde221beb4a6df78396301707ada1d633a3d8f7d17714a5f8f470d04732e03f720f562bcfb593549f7b8eb96b1b9b646478d8147fe321559762dc46e0dd7bbced5c98296cf6b6bfb2dd9d9e6d5969a84beaad01e8754d8fd77216364a9c737564afa9090800b144bf27e4081160e7df7bf", 0xfa)
write$tcp_congestion(r2, &(0x7f0000000040)='nv\x00', 0x3)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000080)=0x50000)
r3 = inotify_init()
dup3(r3, r1, 0x80000)

1m26.230072677s ago: executing program 2 (id=333):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0)
close(r0) (async)
close(r0)
socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x4, 0x2, 0x3, 0x0, {0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x97}}}, 0x80, 0x0}, 0x2000f765) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x4, 0x2, 0x3, 0x0, {0xa, 0x4e23, 0x9, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x97}}}, 0x80, 0x0}, 0x2000f765)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r0)
ioctl$SIOCSIFHWADDR(r0, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00', @random="1dc0b697a30b"})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) (async)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000080), 0xfff80000, 0x800)

1m26.161955248s ago: executing program 2 (id=334):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000018000000180000000209000000d9000000180003000000000300000002000000ffffff4183ff0000"], 0x0, 0x32}, 0x28)
r1 = syz_open_dev$vim2m(&(0x7f0000000200), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x410000, 0x2, 0x2})
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000080)={0x2, @sliced={0x88, [0x1, 0x7, 0x5, 0x3ff, 0x0, 0x2, 0x6, 0x9, 0x1ff, 0xdd, 0x494, 0x139, 0x7, 0x5, 0x5, 0x7, 0x6, 0x9, 0x1, 0x5, 0x1, 0x1, 0xd, 0x6, 0x9, 0x8, 0xf6, 0xd, 0x7, 0x9, 0x4, 0x5, 0x9, 0x9, 0x5, 0x258d, 0x2, 0x9, 0x6, 0x4, 0xe, 0x40, 0x7ff, 0x7, 0x0, 0xdea, 0x5, 0xbb], 0x80000000}})
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r2=>r0, {0x4, 0x3}}, './file0\x00'})
connect$inet(r2, &(0x7f0000000380)={0x2, 0x4e22, @loopback}, 0x10)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x17)
r4 = openat$zero(0xffffff9c, &(0x7f0000000040), 0x20aa01, 0x0)
ioctl$XFS_IOC_DIOINFO(r3, 0x800c581e, &(0x7f0000000300))
ioctl$SG_GET_NUM_WAITING(r4, 0x227d, &(0x7f0000000080))
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f0000000140)={'syztnl2\x00', <r6=>0x0, 0x4, 0x53, 0x8b, 0x401, 0x8, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x19}}, @mcast2, 0x10, 0x7800, 0x80}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x1000000, &(0x7f0000000380)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000009b40)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49b55ba4c2c444bef36d98df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b783ef7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a78908145295777dbbc4e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053b63972d2e9a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8064d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, &(0x7f0000000040)={&(0x7f0000006400)={0x50, 0x0, 0x1ff, {0x7, 0x29, 0x1, 0x24ff87199bf0dde5, 0xdd1, 0x4005, 0xf, 0x800, 0x0, 0x0, 0x2, 0xb3a}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
removexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000440)=@known='user.incfs.size\x00')
setxattr$trusted_overlay_opaque(&(0x7f0000000100)='./file0\x00', &(0x7f0000000300), 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="0d9ec529eb18ec94a35378619cb10ff8c913f67139447b7ee0cca809e36c363ba1d3975a7446b70c6bdd99e2cff540eda7589ea89efeb498df568916036f0848ede5f089bf502b483c67c0432c34b98b1bc085a99e2981103397e0b0eed2ec64c1075798b56a42ea532091f5326c97622a47c53fbf42e71c3ed4b954c559424b49a13598c6c63ef65b62384b038b3e6e98ebecd178289831eaecd986a01c751e8cca7a57c009f2b5310fe9dd8a63b91c4b5b13d1c44d2b874b32ae3e961b9e96a511ffaa3ed20248dfb470460d305e44ffcd287b355380319fd31f7538c6d00de06ddb8f72b3a59c4699c94d7379e1e190c6dd7786e12096f9e963a038b6b4375535047135ecc07b16035ceeb27ed09d77f52b6eae27a03071e060b05bf347b9ba44a984e5db346d230ae9c5324ecfd4e7725bc5019a9f4d20237c820359d73b82f9c668ae71f6b85d5350140a16f988bb2b8010effb52636e0b728be1b1ed37c1b8868ec67edd52951dbf65b479aa25e92667a98c755d88995e6303a48a64317bd4b201fc6dea59381abfb5e0fb1035bbd32a97a6324b08f404fe3991879a0c6362032864031737941d9cc534697da61a43c8723ecd1062906b65c504d86383cdf9631f228372b13aee64f8ea8db00dffc37fa092ab5daeb7431dab37091c44f91c9202df60876a6e06ceee3e6a095406fe5cc1f83de1a4adf36fbef5a94a622132cc85e56fb53a9cff67bc69a24d8c259ccfe19b1925061f0cad95d6b4158c1394b8acfa9a8f52a566c6cb4e0b14dd30c85b309289a5f395e01d981735f6fce6ab30994643d70b2f322b7a233a339e621ea2eb00a0082a175c231b330a58062680546c28db8ff5b7e66c0e3df0a9b74ab72abfd241fcbe1e3d27a2d1eab44cf88180dcef4482c866324133f9e4780b891a7c5000b005cab0c131c225e944fd1aab5de9e8d17b8770b4472b6e4a13b6cce90ba152e5144acf74cd8a9821ce3eae72dc7ddc81b76482226098329c3a8ecb923822610aa0b086f44329522dd8f9ae355b4666d1a10911ef8e21377578b42fe6ee0b2a77917157488d6e0bb388951f80551dcaebf212b396d1f922aec595bd340390d310f6006c4b3efdd80838f39d25470db39d6205ba8f52bac634f8145a3c10ed007acc2f25c5dbfe911f18f44a0c57cee33725eb8c5f2d9112f91787c2c323b67b67d9d1f593d26430d77189d4678fd8d7c11c1f2d744ad59a03a8cffc52ee0293c90b00d61897c80184aa63fcf43c109b06af20c808035af0a0bf9cbe544681768f92a2ebe3b4458dd020fb0550822bc2f769631e00d63bd91e7100299bbc4ce53a35e993e24028dc5c81d46f5377d21f2f38a9688ed981044346b865161b68f3390a50c2e625052396cdb6637e9434904c63d8ca45aa2325626293cdd9cd0179b1d995be10281fa8d281db16320f520e42af268ff30dc2d8885aa3d9e7f294eadb4d827d195cd5d18632928f2153261345c231efd143288b881638b61dc5dab8114c1948d83b8ac4e278f131ec3eef4e87e43a36f4b41a699a741ef3a7cd4f0bc5dbd2dffb1d223a5c5b38b98e49092631a176d15c4f3c077d639726a3482bf2fdc73c2bdb09208aaf90bc64b5fee89d231bb1679de3e5d31662db2c5824ce9941f94500e5a11b8fe79da548efed8cc44e9bc1d5175dd77fc16f8219a83b83ccca2181bf411b0945312598817e08e5277530eccffff17d198613cc8c991349141ced56e79031ab6cb98f3f39e5f20bac76017083041a1ee99ca257d0e0cf95e59617139afb08cf0c6a607d3f2ac2b5d3f4394a4a063c9769bb884ec522d46138228c7e9b5c7ea5e3a6c70815b565ce15a13fd0a5deb28e710c15fe25c744b430b4f6482532fb96566381c56e12632cab5acb5e08d6f973003c96a7d81ff76966e0f93c83c462bfcef230939e48c4983bfed78f68b0f540d1fff2196cbd1f1c1a1c310ec10f5a2745407000bc6db1fcc8540282cc7e96cf5582c4eaf874a2fe6369534176429b7505eb0aade883260806be2d86a42e76b315a76e5f686ca669f49e1f9054a77b8eaff14a43e9a9801244e8e94ff50a17b60dee0122ea70819bae3375070466c7f202c4ea0fc0c9aaae50c43c554e937f67689b3e18ed543749a7ef0997a7a7530b91a24ef935137137e1ee7e6a8919fb76a8f008ddcc2d8b2e18f3eb90f7a13cf4f49170ccf50c75de82e92a5e2d1f311e59071ff202b6cae4d6243fc3787cb9fbd401938cc18dcf5620f8b8f74e9e3b13dcde85ef896f31f5a2458118addae77206ab1506882f91873b4828950a7b91ddae74888155a9c486c7c60492813ac0e33362dc4e21e00538e5b05b78271d82486a0d156d4a5a07085bb1cd74f5d63763f18648a489352b5d05107909fe54b5d332cde2900c82c150b11071e028eeb275cc9a9614f1eda4e4830b128870e732d473100c24152aff2aa1659daa65d7e9591ebfcae5dca4e84c9a0965a01668e59843ef4a093d9b01067a0ae9d09e3d810c2cb63600ee05b10fc8685e8cb150e2d6d75baecfb8762f7a7d131417eb0721e19e1d21f5adcc1e09489f06b81d91b48608107fc7b3853e214a3c786a9812113ccbcf09907506d0e9cd72c79793584b4fe06a18a627bd969f628a5936367961f1e7d117d03a8fabc85f5ecdd0ddcfae49aa293893a2e5ae376be11031abc0e05ff250b35926345b52f8d3dc02b7497f7513e759247353db9b8e493120e73981aef4c4c9747621537a089848754c14cda1cad18084274e98ea2bf7400ca846184e0e31a571f9bd770222b1038a4ce60dcf8fe9cca4d60048cc29c37c1345de992e9dc7128ef093c1ce80232a88a3da7ae8bc87120c5b1f405d5186141288998fed9e021cd0ad6b12b51c217849390be3ea00cbd6c755958140bfb9b2a2765ad1f51ac045fdc5c28ee5886b1436015b88bd90d19328f91394110b0d891678e63b63d6cc4d35279f6f616d7692c6fe177a79d80ae8f7e4ad5078d8d7096f3ee664dcdb2f634eba98f4788de1f5e34f32ef09e2f0aee4fdc5bec4bc4aeec5721ac3a2da1bf52da017c3312095403d50dcde39671242b610f11832773796557f71455376a7741ab242a9fc94464180bf224d5e8c79b462e3a816f6c08ab0f5503386d34ddfd808b4b8d5d333548d4b873923c6c297b2fa1abe433ec9264385c50dca40316c37ed85db382e7c853ba331c727043cb3345de9f89b1c804e98205eda3d6b6e042c9c41877d456dcb8f12663e6dc1ba809229536fbcc4c58d01a137eb80af8596dfc7b5fa7a044cd141238aa82e440526e55a28c4ed2f4b26157a0eebb4a77c5ab66fcce2602e1a70aea07e5e7e7e5321d58ad128a5ea6b574730037f24a7300e0ad6fc96bd18e03763bbbf21bd3c388aff1cc5ea13728ba2f8e1eb70148d2603e55bb01cce0763c2020b5627a0ccb35ae3a9b3df380e6d9800d9506219a90971a3b8bde1dae6a43fce2aaecbc026be8f4e9bd749e10c87ed7d78f92014342fa449eef28e7175548e5a8ec4fe7d31fc86737aee63ef40b54485380b6898161676f0d82f76113b12a529fbce4482dd278a90aa416077c677aea623ddb3761bc81527ab7e3d73a3b4c8c3e4352c7c083cee8953ebd972a83caed837587e8d7cf360f28ce64e8744ba1098513bb6c7fdc6a3c7c8e5870223d6cc0b18b5d6edea926d5376aeb85488d3712e8f67128f0d3fb2b42f82363a0d4c1c806ff283f6e4ddc10ce4a0803be66a247207d6606c7dd67cd293dada159016d7fd7e88c4df53d09bdd9fd9fa3c732da45fb92bdf6f442eda15edd97bf1928a7699008f0b482240a684ff5efef0cadbf1b4f16888650d59b2bdaeae0d1112a79c5522dd0933ccc16fed7cd0ccabe929f625de8947b3b1532dc04253cca988a1584df2b31492b19410d6f681d614eaa20029592c00c948a98973a9fba87f1397f8859ba543edeb5c0b0db92f65462a1103947d780b539433332d65bd1418bc00c9e815f73e0cc0aca5fcc9f95f707c455013a55a0c4a29093b05b94edc5b5284ec7ccf3ec091002b4229036c174e2927127f40769ece890612bbeb960d9392f442765a2ca8990c52ad7d4441e975a7cf079d139945f2b2a8a34f0e85d76cbc96efbb52cf8b5ae681234e14b6648244d41cfee2d9b189cd831cc2f31ae7e5f11aaaff1629f8c2cf73494ac38e58da7010dd986f8b6134ee0dabfdcb30617d15720cffbec7651f22253aea21696d2ece4fe026543ea2f3473e4c12e65dbb3cbf764ffa0b3a396382b9b7f0c24eaaf3495554b2319b66f3cabf01a8d6cfd1382d94ab71cd11eae2a42e4dc841d4a9732c395688d3377c8ccff7e3f88a3129855a5f41a7de6b6a9ac40a87c288f4821295edfc4f5b8fe5a1fc0162e9820205c809935cc6047e8a835c651be02fb41c21de30ac770d7a7f2108c6a3f1cf2649cac444f028a6ebf4db422cbbdb7fd0cb39109a3130ffae17810bb58f5c557c99670224c2678fa07f1064911e6c665c0d1c26cd2f40f7089789208a48eb339bb8885910e035b4b8c69b1c3ad79270ac6e70b963493a6628b90501822878cdfac866268d914d8af2814612b0198f9e4c6b48e739e414d61f34e2f69ff7cdc4fc7ffe45a64c5faf191ef6c4e31cecebe09a2f6a63d60926ebaa7e925ccea5c93e403c7ec0ee55423ce4893471440006d4c09c141e489dda5577f73b57ecfc764ee5bc1bc88f7866dc6a494e3ee560c956dc12ae51842030251f1cedf2caca15549d0bb4ee3bef03702197350cd7586b5916ef6a0abcb5f30548d22ce5d8c4dbd82030b8d7b5481c51676b7d14d35c20346c74dcc7d96ea0b13f890f755a219993e88739da8246283ebbd82eb1b15956b5ec16ad523768c19ceba9199f97d7bb43b85fa11349ff7fb89a97b463b34c584ae9e2af6c8f20ab528750a22ff6c2297e400065fbd9a4660ec2c658afff6db9b67070352d2aa5e6cfe534eeb5ff271575b828dfd7f537e3627a1a6419ed0c84297fc3d362a52f3860a2eb7ae0a50f06d3c68c4a1463ec331ead7af2dba792332218b04d5b585de1a471d296df6e10316852d50f211e07643f749a1d75410e66e47db40bfcefe4b708d0b2879a50ccbd85939b89fe4b905a6a0d000000e28d18c048e66108a06d8b6a64ec5737b5ae283d914484167c8ac7dde7ec007aad1999854c4d6a0e5f887f99de3662610d5e8d49bac7d41d6fb7d90b4b04939638e2151ba67e75362aded50edfb7d9919b00000f00f6a909190000000000000000c68bd764968f4d8a5779ffd9a35e58558272a214ae26a094360b9f2ec97c5e0a7693f4b7509b962cd8537e90ce7be70b54e9531e7295f894b94566df49c50c2265842392dff50e17ed3f7beb9ba4ad0520a73db1d8d3b39759e7fffcbf26517316bc74437fef944fc915ec24affc1a53748cfc883e3ddea9e25063ea8383b06f0d5c9db13a0ff335f52699226b391543060ae5e2c25b585b9ef7d5ff9495a4873cac58b5feff5f08717b04e81bfea349accc58fcc6a6505de3aa6ff4985d9c38bb83e8daa663ccb356df3ed52343ed7723687e416816f987c565eae22c7548c1d6b56a5b6819583da0ddf92739f65e604e37b3275a6cb1252d4ef7a515c4b1e9068d714be80066bf0d422f1e4d2ce6f95c9eac081d6e4596a6a8e16a57b732b575b7de16f176ff0e34e84b293d3fd77fa30a7b7cf12a1edd54170e56bf7f2d40620ad56acbc5cc615556300ff9e95ce3dda93c8333f23f0d97a5e666c438f5d0f40f911f614563d343ac6e4f9fee1d149c94fc75a97ac839b6d8d7b27c5efb870d2bfc6dbe6b688490b23597d83982d7858215c59011042b1957a0b386842621c72f89a9b524008794ffa0c179753ab48d0f73e5ff13624b3b90287edaf6a5367dcfe4094a21ffad3e881b428b77ccac6924d5bde9c781d4189654d8f29885fbde07e6334c6406dd3ece359c6ac7c6147f5c4906e56764e9980a669bfd00d9eb780e7f9988630d1eb098b3e4fd4c795f11441fb6d0ff7cf086eb291b1ec8d90092e1eaf9722ccdcd15408617cdb8c49043bf71a6eafaf22754fcb363f6c630501b619bbd87cc13d5df0948a176771d2d69236eb50dd313817d9687967e7d71f854db6bff803f4501d999dfe3da37ccfdf894a7914c4c113fa7a18c3468a52d646a5070614a6f02b7ff21c9f6927f5de55be85ba815f4bb9e29f26a94423c58338947c804e0627d69bc5a6e93fc5fe8cae851700253f2d494622c6127b4d77bf54a1ac27957234628cbe2fea1729ec53be7d90806d510ccddfd76fab1b9bf1207db8b05c3eaa88fa4c0a5db13cec9310f4e02c1d8114705446fd6649df3829aa12786b8d10b4540d8c1f1c8208c4b41998435e3fa1ec5199cb2d3d0c5c04c5e0b3ffd69112252106bb39333ff23b38d167a9b45ad1bdabf434c8695e2676d461b34c5f048e70b67a44d824baa090c8be13a22ef0d0970cc7a94ed4b77bfc3a40427c6c11abd2b415817243f6801d535a3adc9924a1671b645100e822a0c1876a37d9c9e230e3d762f1cfbb89a8b28255ba4cc5b46cb1635cf185578fa068b68bac93991982b48e7faacc09745a7e33bb12de6b25a2342a7e03cff06dde29b4d05de84e56c78fc6d9dcd180438da3136767d5846bfe7168faeac5b9434394bd747126c5c1ecc6621d10817ce9b6540433828a3bb8f6da0cd8f2b54a47cd5473f6bc3dc1234bd115a6890aa678d1bce7840d7a4559cda556740860079e46217c20e45ee59b8b7078d9b70cb6a249eb2e5e4071d044f456fb61649f261689b8d7a532afaf88eb30041242ce491fb7e654a1f06add370e2706f75c2fe1afe8e065804414c660ec4d96f496b1ad87592de8b7d04baa7ab142f580f262c64c57fce8ef933f18904f00064ca2ccf5eaf61bb7841bd408ae213deeb15d860f7ee7224b9d2dd38ee9f6c3fca6590335715c218db8f8c98e6339a6944817a1ce2e115ae984699861631b9893c143f594d6dde0895a0c7edb9912fe9cd8fd0765227b3963033306d15711387044bc373ac10d7be73cd80f1a79cf1ea0989ea9ae8a0dbbd1227bc33df652792a6bd95f1d21c6497c4c35b9a1eadc0217e322285a2eb832753aae74ef42fc983e58a126b7c23e4b0bac16f0de1eff7d41477bb25052f32cc9cc956ebd209d6b945b1fa9182857e180672a6be7edeb5234830668b1ea749d0a0dd3a244684d4dd76221c3bdf98c2f1eacb7a6dcccafd249b0ba2592c88790de40895799ea4dfb045cc2392dbb623bfe420b24e5a425b84a4b24d787a68bbec9db363ac4e9453df597f0224d8b7b2e4e552cc9e53accbae97e189cf9b59ebf8bb89591fe3fda450af548ffc46eff98b5216e238a9246e2fb95810f8f4d89504633a6d223484a765b9e6e5497159b31c51fa6cc10641bafa81b10c5ab853f3136fa1b4334bcbde99cb4689f077ca3c29c2f1aca2a05762943073d5992aac4d9b0d411ba25905c34fd02b8eb7b9db375a6f6516446cc195eb55eda1e007e26328e9e2642a9c4e90c56440cc60a1db77713860a56820901b3022d55c621e9d54f759dd17fc5b59331c63cf30e07081bf0cdee6cc94ddfe8c6179e7ed86607d4ba7d5f1e97fbc1139b43ae5fd04c1c715f4600f028d0852a421d472b1b48e591b6edfebcd86be3db2caf967b06776096e14f0deffc9bb126ec329c49ada996b963e942d9c404967dc23bdbd0eee951b2879f2ef7ae224d4ff25edac4ddeb2c0b8e579af283e87c625d3fae5286fa855930e45207af7054763937a9247dc38e37e6dee2e325b617280846012e463707b6ccfa2fc399a66e534221a456281d18c79d46f5c77c2d359e19ea870cd230709b5e33cd52fd43388ef91dea0a1e0df6c72688d9fd32bb67f489a3618604ef1dfa0d7f569d40cc68e39994e4ed8830d00008998f59485ce4723c1eeb7c72f7e833418bab47735a91c7ab24e8555d2ccf3a812b6c634c0c3a68271ec8b536aaa442e056945feca6fb4e54d2cf60a0334f494b2bdb6fbd59fde0ce9d2cf03333a0c7121e086aa4c657360fbfb60f3ce0fc0d90ff12b03464e8ff0e5e546ff79735c5c800a0f9b680a478c772f60173a760e280d8287681986038444f2103e2894d5809d062cfe8380e34bca86475da3d7634131c2a8cdc98c5927bc137db61f94eaf9a74f87cc85072c201766eae17fbd5b732859fb1b1c980b36e377aa41a95bca18ccea529420e742899af7b968c1fb890d181da9f86358dbeea877c3e9123a9289c362fa61d96c707ac94b427318a1e5f21078aa9d1fd7a52704e0d73e527f3ca65b7b459734dd30db5335c450f1dbcc1e4259d657d13b6d6b4adddc3d0eae034d1878cd0aa1825991d75f8e6b5b4c0d6d17e8ce709b19ff794a8ef856abdfac65cd13631f1b66b20f2ebf2f3122d18e03cbfff88206a5998fc3cb2b40634fcecdb8f5bdbfe044dbf169ccd2cd60f7bf033272f38f587943fcc75d2d65d9028c02891c8415706c2b2459b7a3c5cc82b0446088d3b3bcc033ad453136afd4ac4678320fc17288dbfa1c5180ad57508a2a298ed4ebc716ede34fded574d9779be5d56517d4dd40f197312390c488f46914b0927b13901ce70c1684801f2811168fab53391af2fdabbb6e683abfa021f6b80077f19455c34cecf5dbdb2fa6e3930eb5940cb14504050cc74249424310dff81116b8f2076b8ecace84c302e758fa90af5a1888aa8a5a2bff4aeb7ebd1c7a216bdbb84bf9c021caf3c8efbfdc5d3aede46381bcda372a5398c89868ad57287736fec2a70bed638974fde5875eafa506a6bd7f772d2b221f4bde4920fe0c56f8e0847e2a7e8387c64ddef4203d77a526c46d7871befe0c5f9128bd67319acd963fc040185aac4e7815d928bbd7ffd8f3d125e63320182f202fa9a52505be9585556a5d1308c118ccdf01978027cbace7ab339d6f53d15e795b7f3fedae4f86c3f257ed80ee634375dc2333ceed1ccaeab1b6be7a9611ff33d79dccdec2007558c06dfc06612d56d37882e5f1de340cf05f4fffbe1a5def6d045bc5bdaf633f07360f9028cedd103bf03fec8beb9fdbf8c5fc684d12efae1859c53e2cc3e2f508a9cd0410ec036648d3760dd591f7ae04e4cdd61a2566319c943f0b63d87e422dfe5c0d1edcb2dc515778a0d7bb2c93ced3b1435adbc51d3fdca9c13679397bc4260093d64869998d6a28bb862ead0fa411585289cc00dc199eac6c607b8a84123dad3be80dd8fd86aa202113131046336352235f34c05f5ea6d5265adda98edbbfd11d6839c5b1bfe4fad4e688558d633d4a281df44d9c0a35abd464e01f8ab01a1e272cc8cd155a40b8aca4c6b1dc894c0fdc02f15a8f67ce94c7f99b6fcc0e4a3a8a71365645ad7809d47bb26f46ed8bd02f6e8f3d237224f82f3d41695f367e343ac6d507413f4bdacf9e344a49156c4de36d68c075415f8004748055b38b8a4110f869fafcc59cdae5663eda72a05be365a50e98bfd4b00e35aef687afae7bd6622cdd725326776f6fb1476c8cf8c20a0e5223e2bea494a1bbe4e79b25a5e48ba34bc66a84ecc4a0aba98e74ca2b1f61893e61a29498d855a778a2a9ce7b7fcaa44b4aedcbd0e28d6c49bdb6776975bf69161f372b964e4288ce6a3b877c3126f90c4c9749d45b8c5c840983b035993e484a945be5fc9d2d1bd3f3de4e6de7bc74a7a07b13e9e82acc11db85454f1d928fe52ad42ca783fd20dd3e94471b498c2736af40d2a45ff74f9ef874639e33306daa8a667674571e2ed93a48f49b57e9e3382fa8090774bc795609ee510b6a1ca48d9833819cbe8ac77eeebb0e3b6c59ced2d1ab355264934ff1914a3f654249bba60a692dd36368b8a866b333320e57e9c7d3646c375696ff14e303780ffd7b957d89ccdf57823d2d1e158773c2075233dd2f331eafe3802da683c293eaa24cd8b63a7582ddb202cd6f8c837c74f823727641c7eb680fe51ce7f250adb34956e4cab17b8a5f10edf144c700e376c682dd46c8fc89830fee1a3cfafe0a5a2e7581d5d16ad6267d1dc2d5be8547f9352d1591b42de94f2559b44a80038360c6394541a77d95b196558a479b609882fc597b9cbe285ad7c7a41133ed85c8ab6e6dec5bf70f9e787985512d48865022705098a6703b255a6f2b05b62fc7ab32e67f06d785ccb33fb348205a76939e6c2991486c5aae8ec1556b2f8e30ca445a4a495cbf2c6013042b8cea615e58899fccbbf1fc4f17a6dc37e46b17ada0be033dc67904fbd7903086d3417e423af64338426a84ca0c2a3252db62695f9cdf10ebc09b9da5747d30e7f4adfb374e1d2bb24542b0373b1fb897690b49fe24d8575ec9800f019c9c76459421c11f002989ac82c13c04a202cf7f9f38b053f9a680d4d5012887a11d25cad201df20a4eee6d2c0474055579ac729c7514a88b1675bbf6b773448c6c1a5ccd157f44f7e032a6b848f2e734d773f029e48fd13c90d41666f9bd4e9bea91950737b6e7502f9d2677938f240e3f905d6095bb0f8bbe961b99b2d025538c3888bfff8957e3592ee5b26a75399b59c697f59fcdfbbe3bcffb8777340875611bf75486d2378e68de771800bfffe0572fb36ca855ec5fc8cb90c76455773c36ec40b101fb30c48f8a8e775f5220e024b4da9dddc2fcf4da413e7c5db9e0567cbb5fad0c91d779a0939debd9247d3f7d8107fd986f73a9c9067e6594fabde0b9e887040cfbe7d31332f41259de57b38f33275597725392efea51f290b8e1b5c243ffd9eb4c0231600f9b4b204344736849d527156c4720a463bbe88fbbdc333099d949853d5c6fda98bcd35ad3f1fb1d5a7d00541a8a202c8590e35360bb9d25d6431476649e1898f901fad37975d6dce9833956e7a78d0306f533d4aa3c9676017c7abc7e1f8a3f117774a4f5beba55d1c3cd580fb18defccc349cce24e94a4cf1f4c6f45d783ee0167a55369c9b5e1eb6d0a836f3eb2354fad3cd771a9d777ff84c63120baee86ddc52b3e6817dce339ac9c240e75f3e2f77afbffbc1d54eb5936d045370ce3b77365c5320892dc7bc36e488019461d2e552969de9f25bd8de049d693be450c43c5d22d7569fc384e8d56ddb577c5f3c3471f5ba2998bc0c697a06b6d8ba5f2f7236e78aaed69b468e761a5f07145c0326ebb94f50aaa8c5666c92006d8d139036f981003933f8e2eba106a0e251fa9f5407544e44aedbbb271a3bf1c660a9cb8c74dbd0713aaebba2dd046af8b9428709646521d6bf387a92996b35748e1e67b602309b7da0fb642e89de19f550925f4db082ef7e9821ac4b2aee93c9cf791c086751c4cb4172608a4f903dc40727858046851529205b45786e294c17abf5e5f6bc730cbfb8fd977c5501a8140ac7984a267880b53cb94157be9ac157be1cf12d8a9e5612947772b734ed6ae30e548a3b2faecf94a7e03f86317f52ac797aefb957d2a29de8f8ced414ce22c800e0dc7e49d3672fca633248f3e68c00", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x1, {0xb, 0x0, 0x0, {0x5, 0x0, 0xe418000000, 0x80000001, 0x0, 0x1, 0x9e9, 0xfffffffe, 0x5, 0x1000, 0x7893b06e, 0xffffffffffffffff, 0xee01, 0x3d, 0x1, 0xff0f}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
ioctl$AUTOFS_IOC_PROTOSUBVER(r8, 0x40049366, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r4, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r5, 0x228, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x24004080}, 0x80)

1m26.061862741s ago: executing program 2 (id=335):
socket$inet(0x2, 0x3, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=@newtaction={0x294, 0x30, 0x1, 0x0, 0x0, {}, [{0x280, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc}}}, @m_tunnel_key={0xe4, 0x14, 0x0, 0x0, {{0xf}, {0x4c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e22}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x81}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x9}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x80000000}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @rand_addr=' \x01\x00'}]}, {0x6c, 0x6, "6212f4bb11ef0c4015f36c1e319e64057b282019191b3805c064be8149a6594073495e3431d3de9d0e835bb040a27263e867ac9f12735407417261b34d5c191319db311527d880d30acda3c952bb80a07e81eeaec7151175e9de5ff9748d4b386709685ac9952bb8"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x78, 0x1d, 0x0, 0x0, {{0x7}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CT_LABELS_MASK={0x14, 0x8, "95fd2a8027911381f5fd8ef224bad2ac"}, @TCA_CT_PARMS={0x18, 0x1, {0x12f, 0xfffffffb, 0x20000002, 0x5, 0x4}}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}]}, {0x5, 0x6, "da"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ife={0x94, 0x5, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x3, 0x3, 0xfffffff7, 0x10001}}}, @TCA_IFE_SMAC={0xa}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xc, 0x0, 0x3ff, 0x2}, 0x1}}]}, {0x16, 0x6, "0d38117f8a800c22873554c21228d90e9a8b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x294}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0x20000000000001db, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x46ac01, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd60122d920000000000000000bbff020000000000000000000000000001890090780000000000bbfc0100000000000000000000000000fd"], 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x3f, 0x1})
mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000200)='ext2\x00', 0x21000d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x24}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xe}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x4, 0x1, 0x4000221, 0xc1, 0x1}, 0x50)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})

1m11.01518544s ago: executing program 32 (id=335):
socket$inet(0x2, 0x3, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=@newtaction={0x294, 0x30, 0x1, 0x0, 0x0, {}, [{0x280, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc}}}, @m_tunnel_key={0xe4, 0x14, 0x0, 0x0, {{0xf}, {0x4c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e22}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x81}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x9}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x80000000}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @rand_addr=' \x01\x00'}]}, {0x6c, 0x6, "6212f4bb11ef0c4015f36c1e319e64057b282019191b3805c064be8149a6594073495e3431d3de9d0e835bb040a27263e867ac9f12735407417261b34d5c191319db311527d880d30acda3c952bb80a07e81eeaec7151175e9de5ff9748d4b386709685ac9952bb8"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x78, 0x1d, 0x0, 0x0, {{0x7}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CT_LABELS_MASK={0x14, 0x8, "95fd2a8027911381f5fd8ef224bad2ac"}, @TCA_CT_PARMS={0x18, 0x1, {0x12f, 0xfffffffb, 0x20000002, 0x5, 0x4}}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}]}, {0x5, 0x6, "da"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ife={0x94, 0x5, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x3, 0x3, 0xfffffff7, 0x10001}}}, @TCA_IFE_SMAC={0xa}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xc, 0x0, 0x3ff, 0x2}, 0x1}}]}, {0x16, 0x6, "0d38117f8a800c22873554c21228d90e9a8b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x294}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0x20000000000001db, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x46ac01, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000001340)=ANY=[@ANYBLOB="ffffffffffff0180c200000086dd60122d920000000000000000bbff020000000000000000000000000001890090780000000000bbfc0100000000000000000000000000fd"], 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x3f, 0x1})
mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000200)='ext2\x00', 0x21000d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x24}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xe}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x4, 0x1, 0x4000221, 0xc1, 0x1}, 0x50)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})

8.889540259s ago: executing program 0 (id=591):
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c09425, &(0x7f0000000380)={"b8e50a31a002b94fcd8fc4db3056309d", 0x0, 0x0, {0x7, 0x100}, {0x0, 0x5}, 0x51, [0x7, 0x3, 0xe, 0x2, 0x9, 0x1, 0xd8e, 0x7fc0000, 0x5, 0x0, 0x6, 0x3, 0x5, 0x49, 0xfffffffffffffffe, 0xc]})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="05000000010000", 0x7)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0xffffffffffffff7c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r1, 0xfffffffffffffeef, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2000000000000015000200002000103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff070067020000030000001606000000000078bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e23, @loopback}}, 0x0, 0x20000000005, 0x4a}, 0xd8)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x240087f9, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10)

7.880820533s ago: executing program 1 (id=597):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40840}, 0x4010)
r1 = syz_open_dev$radio(0x0, 0x3, 0x2)
ioctl$AUTOFS_IOC_SETTIMEOUT(r1, 0x80049367, &(0x7f00000000c0)=0x100000001)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000002240)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a0, 0xec, 0x111, 0x4b4, 0xec, 0x700, 0x1d8, 0x278, 0x278, 0x1d8, 0x278, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0xec}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0xffff, {0x80000000}}}}, {{@ipv6={@empty, @private1, [0xff, 0xffffffff, 0xff, 0xff], [0xffffffff, 0xffffffff, 0x1ff000180, 0xffffffff], 'bond_slave_0\x00', 'macsec0\x00', {}, {}, 0x1d, 0x4, 0x6}, 0x0, 0xa4, 0xec}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x66, {0x4}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2fc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x40800, 0x0)
fstat(r3, &(0x7f0000000380))
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04023c20"], 0x7)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x2})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000180)={0x7, 0xfffffffffffffff9})
dup3(0xffffffffffffffff, r4, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10000, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r6, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r7 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r7, &(0x7f0000006d40)=[{{&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000140)='j', 0x1}], 0x1}}, {{&(0x7f0000000840)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000002a00)=[{&(0x7f0000000880)='*', 0x1}], 0x1}}], 0x2, 0x48000)

7.795116486s ago: executing program 1 (id=598):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb01001800000000000000fc000000fc000000080000000e0000000000000200000000010000000000000700000000000000000700000d000000000b00000005000000080000000000000009000000030000000a0000000000000101000000000000000b000000030000000c000000020000000d0000000000000e04000000020000001000000004000004070000000e000000020000005d0300000e000000040000000010000006000000040000000700000005000000050000000f0000000300000004000085390100000a00000000000000060000000c00000000000000ff0100000c00000004000000050000000400000002000000050000000d0000000000000a01000000060000000000000c0200000000615f5f76613000"], &(0x7f0000000300)=""/6, 0x11c, 0x6, 0x1, 0x9}, 0x28)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0xfffffffd, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0xd6, 0x1, {{0x0, 0x9, 0x0, 0x0, 0x16e}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x914, 0x80)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000000000b0ff0000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
pipe(0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000002c00070165fa00000000000001000000080001800400060004000235daf92a657dce"], 0x20}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
listen(0xffffffffffffffff, 0xfffffffa)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x20028cc5)

7.681684442s ago: executing program 0 (id=599):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xa3, 0x0, &(0x7f0000000500)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x310, 0x4, 0xa, 0x10, 0x40, 0x80}, 0x5, &(0x7f0000000680)=ANY=[@ANYBLOB="0000002b16fff05dc14e5d5712b9ac3d091af80d61f770354dd60f18a781"], 0x2, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x414}}, {0xec, &(0x7f00000003c0)=ANY=[@ANYBLOB="ec03c8d9ed2e794e9c5d5bedca12da35c239ef831cbe1acff1c90d225c6d7ed9f2ce3fde8a13fbe0765d57d50f628e456493589fe773f501a9bfdd9ac5a8222f80e0aae5e3cb85d505fb7f3fa452b17af6934e798d0ed2801e0f17bebbcfbb653330521e7fee1de4ae410020536ac6729138f0b3e43df2dbb9360ea14d99a3fccad9fe5baac8ca6ede567651899338fac40a9a785565fe21b7ac2062065390ef2d6788eedc8cb995e70bd1c5580ae08e4cdebb836eeef1d64859d30427f9e2416ba81ebf6de66b0f396aff85317ca003437b31c2cbfe1330d9c2eaeb1ad308baf96b01f58edae1d51e7a5956"]}]})
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_GET_XCRS(r3, 0x8188aea6, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r4, 0xee01, 0xee00)
keyctl$chown(0x4, r4, 0x0, 0x0)
r5 = add_key$keyring(0x0, &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, r4)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, 0x0, 0x0, r5)
r6 = syz_clone(0x0, 0x0, 0x14, 0x0, 0x0, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
ptrace(0x4206, r6)
ptrace(0x8, r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440))
ptrace(0x4207, r6)
ptrace$ARCH_SET_CPUID(0x1e, r6, 0x1, 0x1012)

7.501588489s ago: executing program 3 (id=601):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x32b, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x10, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1000}, [@snprintf={{}, {}, {}, {}, {0x7, 0x1, 0xb, 0x1, 0xa, 0x0, 0xff000000}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00', 0x2}, 0x94)

7.373262711s ago: executing program 3 (id=602):
r0 = socket(0x1, 0x80000, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000280)={0xaa, 0x10})
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x202}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0xfff)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
listen(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x20, r9, 0x1, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8014}, 0x4008880)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001420192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028928000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff000000000000000000", 0x58}], 0x1)
r10 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r10, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x9, @mcast2, 0x38}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0)
recvmsg(r10, &(0x7f0000001a00)={0x0, 0x0, 0x0}, 0x40)
write(r10, &(0x7f0000000000)="5c28c7805ad7b20f7c1f98ee19f4b606a09c1500cfa5a5a83fc594cb1eed3693fc17fbc3ed19419f5c4badafc6ef77a91ee32fd161603b518f2406f9b01a08d43f896a17efadaf58140fffe3a2f7ad3be5e0a0e46d58c30d6490f2abe28141ed47d0fa93c61abbce66d51f", 0x6b)

7.372497532s ago: executing program 4 (id=603):
r0 = openat$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', 0x400000, 0x8)
openat(r0, &(0x7f0000000480)='./file0\x00', 0x440, 0x55)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
io_setup(0x9, &(0x7f0000000340)=<r2=>0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
io_submit(r2, 0x2000000000000211, &(0x7f0000000840)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x8, 0x9, r3, 0x0}])
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresuid(0x0, 0xee01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r6, 0x0, 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000015000100bfa932d92a74f90000fcffffff070000000800020009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x20048080)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r10 = memfd_create(&(0x7f0000000380)='D\xa3\xd5Wj\x00\x00x0\xc1\xac*\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9\xd0\xc0\xa9\b\x98\xfc:\x1b\xc4\x80!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x00\x02\xdf\b~\xd5)\xa4\x80\xad\x97\'\x1b\xfd}\x96&\xd2\x0eGp\x8e\x1a\x19o\xf1\x14\xe2]J\xf2\xb5h\x9bt*\xd2\xfbT\x01ci\x87\x18\xc9\x13=\x1b\xadl;}\x9d\xbe\x9a\xee\x1a\xfc\x96 \x93\x12@\x19|f\x98\xdc,\x82SlA\x19\xcb\xfe\xccSKO}\xb2U\xd6\xc5\xa7=\xf8s\x1dp\xe0\x14\xe5\x92\xfd)\bB\xcd\xc2\xb6\x85$%nV\xd3*\x00`OE\x8e\xf0\xf9\xd2!KZ%\xad\xa1\x92b\x1e%\x9f!\xd8mV$\x1d?\xc2\f\xcc\xc5x\x9fJ#\xce\x90\xc5\x82\xfb\x97\xd2\xb7\xb5\xed\xb5\'J\xfc\xf4Z.\rS\x88\f\xd0zK\xc7\x81\xbe\xd5\xc2\xce\x89\xbc\x1e\xb78\xf6Z\xd5\x1b\xf1\x9bMD\f\xf6\xc5V\xe1\x12j\xdfW\x87\xf09\n\x1e\x1b\f\xe5p\xab\x9e\xe5}\x96\x9b\xea\x86\x0f\xca\xcf\x16\x96\x0e6\x8d\x11\xd2&\"eKKV\x8b?]<\xa7]\x93\xad\x1d\xfe\x13\xee\xca\xdc\x97\xa9\a\b\xac\xdd\xa0\xfe\x97\xa1?\xa2F\xae\xb7f\x85\xda', 0x0)
write(r10, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r10, 0x0)
r11 = dup3(r9, r8, 0x0)
fchdir(r11)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

7.18421191s ago: executing program 3 (id=604):
r0 = syz_usb_connect$printer(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x0, 0x40800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getdents(0xffffffffffffffff, &(0x7f00000003c0)=""/191, 0x76)
syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = socket(0xa, 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000002d00)={0x2, {{0xa, 0x4e22, 0x3, @mcast1, 0x3}}, {{0xa, 0x4e23, 0x5, @loopback, 0xebcc}}}, 0x104)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xbf7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x104)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2c, &(0x7f0000000180)={0x0, {{0xa, 0x4e22, 0x6ef, @mcast1, 0xfffffffd}}, {{0xa, 0x4e24, 0x21, @loopback, 0xfffffe01}}}, 0x108)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xa0502, 0x49)
io_setup(0x1, &(0x7f00000016c0))
sendfile(r2, 0xffffffffffffffff, 0x0, 0x20000023896)
ppoll(&(0x7f00000001c0)=[{r1, 0x80}, {}], 0x2, &(0x7f0000000240)={0x0, 0x3938700}, 0x0, 0x0)
read$char_usb(r1, &(0x7f0000000040)=""/191, 0xbf)

6.195812686s ago: executing program 1 (id=605):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x73, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd81, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$PTP_PIN_SETFUNC(0xffffffffffffffff, 0x40603d07, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
r3 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f00000005c0)={0x80000000, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r3, 0xc0347c03, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0xcb}, 0x0, 0xfffffffffffffff9)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$instantiate(0xc, r4, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', '\xa9\x06\x00\x00\x00\b\x00\x00'}, 0x20, r4)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mount$9p_virtio(&(0x7f0000000300), &(0x7f0000000580)='./file0\x00', &(0x7f00000005c0), 0x2, &(0x7f0000000600)={'trans=virtio,', {[{@noextend}]}})
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

5.64845653s ago: executing program 4 (id=606):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd25, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000004c0)="aefdda9d24031f005a90f57f07703aefd0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a0f36888665384265089552c9db9d47cfe5b62828413a254bcaffffdf1b7d547b2b82feca877fe9038edd6182980200000000000000576e8cb3917a8ab262ff98c7052729a0efdb5807c6c1ba5802c3aa", 0x7a}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x41, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0xe})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x6, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x1, 0x4, 0xd, 0x20000004}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x5, 0x4}, {0x10001, 0x4, 0x9, 0x0, 0x0, 0x1d, 0x0, 0x10, 0x2, 0x0, 0x0, 0x0, 0x20000000000000}]})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0x4, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4.907014936s ago: executing program 3 (id=607):
syz_emit_ethernet(0xbe, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000500)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x700, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe10804000000af8e0e3dc11d875397bdb22d0000b420a1a93e527d3d458d080000000000000000000000000000000000000000004300", "f4bd00000080190000efffca0000000000001a000000ff00", [0x2]}})

4.820010442s ago: executing program 3 (id=608):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
unshare(0x6a040000)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000611990000000000095000000000000006cbf4fd669bd860bac3d861430526dfa687ba28940b2cf264b867f5965b6a529f98aeebcd8395eea6519feec38e33bad1f713ced3a557396f3955f4edef2125c8510d641d9c05111a55d007485d6fa6436088deb3020e067d826407136"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000600)={r1, r1, 0x2008, 0x0, 0x0, 0x6, 0xbe, 0x10cf, 0x5, 0x5, 0x2, 0x1, 'syz0\x00'})
r6 = socket$kcm(0x29, 0x2, 0x0)
ioctl$USBDEVFS_WAIT_FOR_RESUME(0xffffffffffffffff, 0x5523)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$NILFS_IOCTL_GET_SUSTAT(r6, 0x80306e85, &(0x7f0000000000))

2.551364773s ago: executing program 0 (id=609):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRESDEC=r1, @ANYRES16=r1, @ANYBLOB="01000000000000000000047400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x4000)

2.500958872s ago: executing program 1 (id=610):
socket$nl_generic(0x10, 0x3, 0x10)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x124)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
write$P9_RSTATu(r0, &(0x7f00000008c0)=ANY=[@ANYBLOB="370200007d02000005f600000000000005000000000008000000000000000000404100000000e0e5000005000000000000001b00046e6f6465767b65766f6f7e0545c60005080037d93a8b920000003300bf310867c602007dfa673effeb09b5351f5bde054000000000187b8200b500002b595fcb1403f196a51cd5157adc8103b494e13700cfc36d07c500f04cd85f2a70f5e9930e5e989cd5ef4d51f60da7582c4a05c8f828f68dc1774d5de2e820862381f6686dd1bb8fd70000003e00f8f669fb716dcf315ecaf385409ac65b9408678c3c3b9e1d52c36cde7ba4a400b4b077dc74000000000000000007ec21cabff20f9c0089f90600000000002c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1372d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6", @ANYRES32=0x0, @ANYRES64=r0, @ANYRES32=0x0], 0x237)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x420})
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454ce, 0x300)
capget(&(0x7f0000000440)={0x20071026}, &(0x7f0000000480)={0x1, 0x6, 0x40, 0x1ff, 0x5, 0x2})
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, 0x0, 0x0)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x153082, 0x138)
fallocate(r3, 0x20, 0x4, 0x7fffffffffffffff)
syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = socket$inet(0x2, 0xa, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, 0x0)
getpid()
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x5, 0x0, &(0x7f00000002c0)="00154e0132", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$GIO_UNISCRNMAP(r3, 0x4b69, &(0x7f00000007c0)=""/206)

2.45826261s ago: executing program 4 (id=611):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x32b, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x10, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1000}, [@snprintf={{}, {}, {}, {}, {0x7, 0x1, 0xb, 0x1, 0xa, 0x0, 0xff0f0000}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00', 0x2}, 0x94)

2.360185876s ago: executing program 0 (id=612):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="19ffffff120001003dbd70000019000007000000", @ANYRES32=0x0, @ANYBLOB="0000000002000400"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x44841)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x100, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0x0, 0x7}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_LIMIT={0x8, 0x2, 0x4}, @TCA_CODEL_INTERVAL={0x8, 0x3, 0x3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}, 0x1, 0x0, 0x0, 0x20008801}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r3, 0x0, 0x4ffe6, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x400000000003, 0x7ffff, &(0x7f0000006680))
stat(0x0, 0x0)
userfaultfd(0x1)

2.030655717s ago: executing program 4 (id=613):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @multicast})
write$tun(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000c00000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b800294429118927"], 0xfdef)

1.800437691s ago: executing program 1 (id=614):
socket$nl_route(0x10, 0x3, 0x0) (async)
openat$vicodec0(0xffffff9c, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
syz_emit_ethernet(0x6e, &(0x7f0000000740)=ANY=[@ANYBLOB="ffe6ffdfffff6c7621d7cc9406dd60fec400003864e31cd5a0eada0600000000000000000001ff0200000000000000000000000000f602009978000000006098a35000000000fe800000000000000000000000000002fc010000000000000000001c0000090000fafb17a503001c193ea0badb506e53f766ede1"], 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0xdb, @empty, 0x8}}, 0xffb, 0x203, 0xffff18b6, 0x6, 0x330, 0x80000005, 0xdb}, 0x9c)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000000c0)={0xa, 0x4e24, 0x8004, @loopback, 0x7fff}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000100)="f0", 0x1}], 0x1}, 0x400d4) (async)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x8, @private1, 0x9}}, 0xabb6, 0x67, 0xa4f, 0xc4, 0xa, 0x1ff, 0xa9}, 0x9c) (async)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000700)={0xfffff09b, 0xc56, 0x6, 0x0, 0x1, "06669c9e313f17eb626f4938a04f55f3dd5d31", 0x4, 0x7}) (async)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
r1 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x64, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x28, 0x11, 0x0, 0x1, @match={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_NAME={0xa, 0x1, 'quota\x00'}]}}}]}], {0x14, 0x10}}, 0xac}}, 0x0) (async)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="020000000400f3ff6d6246c801005311000080000080c96c2239efd3af267fad237cc8c0811a5e13515952c0285958acbcc123c8e67f654e76988a718d42d931bb7f96781aebdfdf9bd233f0aaace72c292ba85df4f3d1f618e575069eaa566ab004d5a8fcefbcadcb5c73", @ANYBLOB="00000100"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50) (async, rerun: 32)
r4 = openat$sndseq(0xffffff9c, &(0x7f0000000640), 0x12c80) (rerun: 32)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r4, 0xc02c5341, &(0x7f0000000680))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r3, r3}, 0x4) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x1d, &(0x7f00000009c0)=ANY=[@ANYBLOB="180000000008000000000000ff030000b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000b7080000000000007b8af8ff00000000b7080000ff0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7052d440000000000000000a50000009500000000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1}) (async)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548) (async)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, r6, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, 0x0, 0x3, 0x5, 0x0, 0x10000, 0x406, 0x0, "427f4d0561864078b7f952fc7ebbfea1deee063e520cc38c6a002000"}}) (async, rerun: 32)
close(r1) (rerun: 32)

1.658162519s ago: executing program 4 (id=615):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd25, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000004c0)="aefdda9d24031f005a90f57f07703aefd0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a0f36888665384265089552c9db9d47cfe5b62828413a254bcaffffdf1b7d547b2b82feca877fe9038edd6182980200000000000000576e8cb3917a8ab262ff98c7052729a0efdb5807c6c1ba5802c3aa", 0x7a}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r2, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x41, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0xe})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x6, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x1, 0x4, 0xd, 0x20000004}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x5, 0x4}, {0x10001, 0x4, 0x9, 0x0, 0x0, 0x1d, 0x0, 0x10, 0x2, 0x0, 0x0, 0x0, 0x20000000000000}]})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0x4, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.464538229s ago: executing program 1 (id=616):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000d8a601654cfc8e9fb326f93d64fbb8b7e948c1f27c000000ed00000000a14d5fda2e7091f44d0e3c14e579a1348fda3bc451984fd029b4719385cd439abe90439784b3c9ac3b12d9fe818e7afbb5f1b137590e7b3d473d9b622110175731a179fd2c8f30dc4d4dde8dbda5465c87c56f92021753a8a7b379c416a96561a9a069637437e1cbda132649fbac03f38d66a1e0c01237f9aadd9327fa1de5ee86e72e7e038d6dbfc5d9d89c00779d6d9209eb89ffbddb3a90ea8578e3dbdba5972b911180ba16067260085674da4252e097c8dd1c3f3f32908fcfb2af0cd3303a200c6d870f1eeb300d2045584ad653fbe2721681c54d3de12bf9e0277d97511d29b43e3a27202d6b746071f863be1b9270b5773a15c2dff56da516484f9860546a671f50d4815d844b846882b381fca15bf548840e9cbf7776a19d764f0f6717c48ada9676d1615cbfc5a3a206109f6f9d5e5478a2a61b7eb488dc06bc3e0dad7b0e4621dd6561", @ANYRES32=r1, @ANYBLOB="233526227388796664", @ANYRESOCT=r0, @ANYRESHEX, @ANYBLOB="00000e0000000000ef8201770700"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xe, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r2, @ANYRESHEX, @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000004608efff76000000bf9800000000000056090000000000008500000000000000b7000000000000009500de0000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r3})
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = openat(r2, &(0x7f0000000240)='./file0\x00', 0x460042, 0x1)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r5, 0x5501)
close(r4)
userfaultfd(0x80001)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04130100bd50c428ed1cdae45a20ce905f89bf8451d997fa3d6ac83c4efd72189a30d2f40d0bdda500542dfd5590ccbd74b85de7bfa5e4e858422ccbf66056e28ea83968a4d89e690dd325c78c07817c3205209a148b142ee2c970bca988b0a2cc9ef88f0331f0dc58f3258937bdbe4dc819c075a611cc90fe762c6dcd075b6dcc1b0cbfbd0470a64dec2ce2c942247c05f996fef11d97af84b2c9a484822574e86da34149979f406c4a40a39a2ef6554a6ccc24b0d63048dfcae5e8e09e5775da9e4fee4c5e9bc8ba9cb02ec3a4a1dbb9cb7246cecefc344826bd34599c94c49182160540d44d903ee5506463a6fa0af56b7460410ccaafe8d673997fa4"], 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffff", 0xb)

1.459135454s ago: executing program 0 (id=617):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd25, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r1, &(0x7f00000002c0)=[{&(0x7f00000004c0)="aefdda9d24031f005a90f57f07703aefd0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a0f36888665384265089552c9db9d47cfe5b62828413a254bcaffffdf1b7d547b2b82feca877fe9038edd6182980200000000000000576e8cb3917a8ab262ff98c7052729a0efdb5807c6c1ba5802c3aa", 0x7a}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x2010000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, 0x0, 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x41, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x6, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x1, 0x4, 0xd, 0x20000004}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0x5, 0x4}, {0x10001, 0x4, 0x9, 0x0, 0x0, 0x1d, 0x0, 0x10, 0x2, 0x0, 0x0, 0x0, 0x20000000000000}]})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0x4, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

146.620985ms ago: executing program 3 (id=618):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket(0x28, 0x5, 0x0)
syz_ublk_setup_io_uring(0x1659, 0x0, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0))
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffed8}, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
sendmsg$NFT_BATCH(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400846c05d819f688d400001000010000000000000000000300000a6c000000060a0104000000000000000002000005400004803c0001800a0001006c696d69740000002c00028008000340000000050c000140fffffffffffffffe0c000240000000000000000408000440000000010900010073797a30000000000900020073797a3200000000140000001100010000000000"], 0x94}}, 0x8810)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r1)
sendmsg$ETHTOOL_MSG_EEE_SET(r4, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f00000002c0)={0x1c, r5, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0xc000)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000c80)={0x50, 0x1, 0x2, 0x3, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x14, 0x4, @private0}}}]}]}, 0x50}}, 0x0)
listen(r1, 0x0)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
accept4$unix(r1, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, 0x0, 0x4001)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x19, 0x4, 0x8, 0x9}, 0x50)
close(0x3)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0e00"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000003000000000000000040000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000001100000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r8, r7}, 0xc)
openat$panthor(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)

79.395566ms ago: executing program 4 (id=619):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x73, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd81, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$PTP_PIN_SETFUNC(0xffffffffffffffff, 0x40603d07, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
r3 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f00000005c0)={0x80000000, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r3, 0xc0347c03, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0xcb}, 0x0, 0xfffffffffffffff9)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$instantiate(0xc, r4, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', '\xa9\x06\x00\x00\x00\b\x00\x00'}, 0x20, r4)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mount$9p_virtio(&(0x7f0000000300), &(0x7f0000000580)='./file0\x00', &(0x7f00000005c0), 0x2, &(0x7f0000000600)={'trans=virtio,', {[{@noextend}]}})
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)

0s ago: executing program 0 (id=620):
mkdir(&(0x7f0000000080)='./file1\x00', 0x8) (async)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f00000000c0)='./file1\x00') (async)
r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x6}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000500)=[{&(0x7f0000000880)="769160c7059aa06bf49dc1e4fa6602ff73204c08bcd4717dd3302ea9355da8064980306af009229447c57577643a171f20fdd479088e9d2efe1b1e8b6938e4cfd471daa5ba8d1e73bfc018334a8cc79c53a8bb9047c792d8b8d8bbe11f7a845c6c2de8ef62ad3737fe829bc7a634a902be49d7cacc65871294610183b20e619bc061a0be234da7692ed24647f553560a1e22a175cc9813c991aed398a63d56274a96410081448f2715ea7be14379f2e075e0ca1f625d83e9976363ec0ce9405f4bbcaf01f83cb2fe9e6a121959bbbbe299cedb2f1cf509f0036349ead7aeb7225b8e91c8c8371926b688d15713bf33c6ac30afa9caa7498a7ecb43a05a78f1d31d500c65d7e191d6737d3c3c429695e8527137dad8f7e688c3a62edf11213c20553102c657131b607acf440543df58438793a38790f2a6651107170cc6b51bda50eb72ccc258566911a73b8134d638f3d7fd0000000000000005e0f11e9d85df7133f68cd9803aa3e81edd42e3113501aba49461c78b481544ccfcafdcdb9c233065be05e61ccd2603ec4e689ae0", 0x18e}, {0x0}], 0x2) (async)
socket(0xa, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4000045) (async)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x0) (async)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280), 0x0) (async)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) (async)
writev(r4, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r4, &(0x7f0000000100)=[{&(0x7f00000000c0)="cd", 0x1}], 0x1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x11, r0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)="29978ed3f3fba9f29c02bd393c8af3ce90a870d78296cbae820fb13a9c42f9a065ea8af1f62492810a94552a99a074ccb600d4c1333bf20c9f25db90cc60a7fa1407409a424f816d43b841ececcb25703b0306a18ecb7e037ceab8ee664aed12b40fa0823a355564a3df9f1dee22226eb30e61390fcd53a0d512498a6ead7e", &(0x7f0000000140), 0x1003}, 0x38) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
mkdir(&(0x7f00000001c0)='./file1\x00', 0xa0)

kernel console output (not intermixed with test programs):

449036][ T6100]  ? fput+0x79/0x100
[   99.449059][ T6100]  ? ksys_write+0x1ac/0x250
[   99.449082][ T6100]  __ia32_sys_bpf+0x79/0xf0
[   99.449100][ T6100]  ? lockdep_hardirqs_on+0x78/0x100
[   99.449126][ T6100]  __do_fast_syscall_32+0xe7/0x950
[   99.449151][ T6100]  ? lockdep_hardirqs_on+0x78/0x100
[   99.449176][ T6100]  do_fast_syscall_32+0x32/0x70
[   99.449202][ T6100]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   99.449223][ T6100] RIP: 0023:0xf707efcc
[   99.449238][ T6100] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   99.449253][ T6100] RSP: 002b:00000000f546d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[   99.449287][ T6100] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 0000000080000280
[   99.449297][ T6100] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[   99.449306][ T6100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   99.449315][ T6100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.449325][ T6100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   99.449346][ T6100]  </TASK>
[  100.021692][ T6110] netlink: 'syz.1.56': attribute type 10 has an invalid length.
[  100.038407][ T6110] team0: Port device dummy0 added
[  100.123947][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  101.113594][ T6105] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  101.119084][ T6105] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  101.126211][ T6105] vhci_hcd vhci_hcd.0: Device attached
[  101.152996][ T6105] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  102.151067][ T6128] netlink: 'syz.3.59': attribute type 10 has an invalid length.
[  102.162125][ T6120] vhci_hcd: connection closed
[  102.584093][ T6129] netlink: 'syz.3.59': attribute type 10 has an invalid length.
[  102.954451][   T40] usb 42-1: SetAddress Request (2) to port 0
[  102.957679][   T40] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  103.132829][   T71] vhci_hcd vhci_hcd.2: stop threads
[  103.136370][   T71] vhci_hcd vhci_hcd.2: release socket
[  103.140881][   T71] vhci_hcd vhci_hcd.2: disconnect device
[  103.162252][ T6122] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.360166][ T6129] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  103.441465][ T6122] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.526823][ T6122] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.539183][ T6132] loop2: detected capacity change from 0 to 3
[  103.552577][ T6132] ldm_validate_privheads(): Disk read failed.
[  103.556450][ T6132] Dev loop2: unable to read RDB block 3
[  103.558948][ T6132]  loop2: unable to read partition table
[  103.561449][ T6132] loop2: partition table beyond EOD, truncated
[  103.568254][ T6132] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  103.614895][ T6122] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.796284][ T6137] xt_nat: multiple ranges no longer supported
[  104.306004][   T13] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.330191][  T196] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.334422][ T6146] warning: `syz.3.66' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  104.391524][   T13] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.463670][ T6147] ip6tnl0: Caught tx_queue_len zero misconfig
[  104.464662][ T6151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.68'.
[  104.471681][   T13] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.477269][ T6147] exFAT-fs (nbd1): unable to read boot sector
[  104.480006][ T6147] exFAT-fs (nbd1): failed to read boot sector
[  104.485132][ T6147] exFAT-fs (nbd1): failed to recognize exfat type
[  106.106991][ T6169] netlink: 'syz.2.72': attribute type 10 has an invalid length.
[  106.114226][ T6169] netlink: 'syz.2.72': attribute type 10 has an invalid length.
[  106.171441][ T6169] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  106.525462][ T6171] capability: warning: `syz.0.70' uses deprecated v2 capabilities in a way that may be insecure
[  106.820107][ T6174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.74'.
[  107.069236][   T41] kauditd_printk_skb: 218 callbacks suppressed
[  107.069257][   T41] audit: type=1326 audit(1778662572.417:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.070629][ T6182] loop2: detected capacity change from 0 to 3
[  107.078854][ T6180] syz.1.73 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  107.091398][   T41] audit: type=1326 audit(1778662572.427:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.101386][   T41] audit: type=1326 audit(1778662572.427:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.106529][ T6182] ldm_validate_privheads(): Disk read failed.
[  107.112028][   T41] audit: type=1326 audit(1778662572.427:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.115227][ T6182] Dev loop2: unable to read RDB block 3
[  107.125258][   T41] audit: type=1326 audit(1778662572.447:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.128285][ T6182]  loop2: unable to read partition table
[  107.138798][ T6182] loop2: partition table beyond EOD, truncated
[  107.146143][   T41] audit: type=1326 audit(1778662572.487:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.148666][ T6182] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  107.166036][   T41] audit: type=1326 audit(1778662572.497:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.191449][   T41] audit: type=1326 audit(1778662572.517:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.194144][ T5152] ldm_validate_privheads(): Disk read failed.
[  107.208903][   T41] audit: type=1326 audit(1778662572.517:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.219611][   T41] audit: type=1326 audit(1778662572.527:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6175 comm="syz.1.73" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  107.233227][ T5152] Dev loop2: unable to read RDB block 3
[  107.238982][ T5152]  loop2: unable to read partition table
[  107.243338][ T5152] loop2: partition table beyond EOD, truncated
[  107.279754][ T6159] ALSA: mixer_oss: invalid OSS volume ''
[  107.460058][ T6183] process 'syz.0.74' launched '/dev/fd/5' with NULL argv: empty string added
[  108.015187][   T40] usb 42-1: device descriptor read/8, error -110
[  108.464752][   T40] usb usb42-port1: attempt power cycle
[  108.641800][ T6202] netlink: 4 bytes leftover after parsing attributes in process `syz.0.79'.
[  108.660834][ T6202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.79'.
[  108.820522][ T6214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.83'.
[  108.872953][ T6217] netlink: 12 bytes leftover after parsing attributes in process `syz.0.84'.
[  109.051947][   T40] usb usb42-port1: unable to enumerate USB device
[  109.264045][ T6224] netlink: 4 bytes leftover after parsing attributes in process `syz.0.87'.
[  109.335656][ T6226] trusted_key: encrypted_key: master key parameter is missing
[  110.186420][ T6237] netlink: 'syz.2.90': attribute type 13 has an invalid length.
[  110.399733][ T6238] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  110.403787][ T6238] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  110.430986][ T6238] vhci_hcd vhci_hcd.0: Device attached
[  110.436873][ T5896] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  110.607189][ T6226] capability: warning: `syz.3.86' uses 32-bit capabilities (legacy support in use)
[  110.645671][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.645705][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.645722][ T5896] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  110.645755][ T5896] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  110.645774][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.664678][ T5896] usb 5-1: config 0 descriptor??
[  110.674349][ T5897] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  110.830099][ T6239] vhci_hcd: connection reset by peer
[  110.836618][   T13] vhci_hcd vhci_hcd.3: stop threads
[  110.838741][   T13] vhci_hcd vhci_hcd.3: release socket
[  110.842192][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  111.300415][ T5896] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  111.618144][ T6254] exFAT-fs (nbd2): unable to read boot sector
[  111.621332][ T6254] exFAT-fs (nbd2): failed to read boot sector
[  111.624471][ T6254] exFAT-fs (nbd2): failed to recognize exfat type
[  111.943744][   T34] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  112.033531][ T6263] exFAT-fs (nbd3): unable to read boot sector
[  112.036481][ T6263] exFAT-fs (nbd3): failed to read boot sector
[  112.039747][ T6263] exFAT-fs (nbd3): failed to recognize exfat type
[  112.073835][   T34] usb 6-1: device descriptor read/64, error -71
[  112.314607][   T34] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  112.473942][   T34] usb 6-1: device descriptor read/64, error -71
[  112.487607][    C0] plantronics 0003:047F:FFFF.0003: usb_submit_urb(ctrl) failed: -1
[  112.633030][   T34] usb usb6-port1: attempt power cycle
[  112.654428][ T5896] usb 5-1: reset high-speed USB device number 2 using dummy_hcd
[  112.793851][ T5896] usb 5-1: device descriptor read/64, error -32
[  113.033868][ T5896] usb 5-1: reset high-speed USB device number 2 using dummy_hcd
[  113.034125][   T34] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  113.058548][   T34] usb 6-1: device descriptor read/8, error -71
[  113.164614][ T5896] usb 5-1: device descriptor read/64, error -32
[  113.304380][   T34] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  113.337936][   T34] usb 6-1: device descriptor read/8, error -71
[  113.413788][ T5896] usb 5-1: reset high-speed USB device number 2 using dummy_hcd
[  113.434063][ T5896] usb 5-1: device descriptor read/8, error -32
[  113.450766][   T34] usb usb6-port1: unable to enumerate USB device
[  114.230935][ T6274] netlink: 'syz.3.100': attribute type 13 has an invalid length.
[  114.340095][  T150] usb 5-1: USB disconnect, device number 2
[  115.245325][ T6287] netlink: 'syz.0.102': attribute type 10 has an invalid length.
[  115.251651][ T6287] netlink: 'syz.0.102': attribute type 10 has an invalid length.
[  115.483034][ T6292] Bluetooth: MGMT ver 1.23
[  115.754238][ T5897] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  116.229728][ T6305] syz.3.108 uses obsolete (PF_INET,SOCK_PACKET)
[  116.233166][ T6305] syzkaller1: entered promiscuous mode
[  116.236331][ T6305] syzkaller1: entered allmulticast mode
[  116.348276][ T6303] netlink: 'syz.0.107': attribute type 1 has an invalid length.
[  116.357767][ T6303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.107'.
[  116.813124][ T6309] netlink: 'syz.0.109': attribute type 13 has an invalid length.
[  117.009437][ T6317] loop2: detected capacity change from 0 to 7
[  117.017374][ T6317] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  117.023668][ T6317] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  117.027063][ T6317] Dev loop2: unable to read RDB block 7
[  117.029822][ T6317]  loop2: unable to read partition table
[  117.032482][ T6317] loop2: partition table beyond EOD, truncated
[  117.037354][ T6317] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  117.445210][ T5896] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  117.524007][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  117.551873][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.583991][ T5896] usb 8-1: device descriptor read/64, error -71
[  117.836867][ T5896] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[  117.902612][   T41] kauditd_printk_skb: 133 callbacks suppressed
[  117.902634][   T41] audit: type=1326 audit(1778662583.247:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.920335][   T41] audit: type=1326 audit(1778662583.257:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.947523][   T41] audit: type=1326 audit(1778662583.257:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.971130][   T41] audit: type=1326 audit(1778662583.257:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.977448][ T5896] usb 8-1: device descriptor read/64, error -71
[  117.989477][   T41] audit: type=1326 audit(1778662583.267:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.989590][   T41] audit: type=1326 audit(1778662583.267:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.989690][   T41] audit: type=1326 audit(1778662583.267:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.989727][   T41] audit: type=1326 audit(1778662583.267:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.989797][   T41] audit: type=1326 audit(1778662583.267:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  117.989865][   T41] audit: type=1326 audit(1778662583.267:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf6ffefcc code=0x7ffc0000
[  118.114136][ T5896] usb usb8-port1: attempt power cycle
[  118.308359][ T6333] netlink: 'syz.0.115': attribute type 10 has an invalid length.
[  118.367874][ T6334] netlink: 'syz.0.115': attribute type 10 has an invalid length.
[  118.463751][ T5896] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  118.656765][ T5896] usb 8-1: device descriptor read/8, error -71
[  119.042517][ T6338] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  119.365932][ T6346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.119'.
[  119.370576][ T6347] netlink: 12 bytes leftover after parsing attributes in process `syz.0.119'.
[  119.421379][ T6350] loop2: detected capacity change from 0 to 3
[  119.428243][ T6350] ldm_validate_privheads(): Disk read failed.
[  119.432811][ T6350] Dev loop2: unable to read RDB block 3
[  119.443852][ T6350]  loop2: unable to read partition table
[  119.446687][ T6350] loop2: partition table beyond EOD, truncated
[  119.449332][ T6350] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  119.537302][ T5896] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  119.540575][ T6352] netlink: 'syz.0.121': attribute type 13 has an invalid length.
[  119.565075][ T5896] usb 8-1: device descriptor read/8, error -71
[  119.685720][ T5896] usb usb8-port1: unable to enumerate USB device
[  119.802524][ T6357] loop2: detected capacity change from 0 to 7
[  119.812092][ T6357] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  119.818598][ T6357] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  119.822178][ T6357] Dev loop2: unable to read RDB block 7
[  119.826840][ T6357]  loop2: unable to read partition table
[  119.829014][ T6357] loop2: partition table beyond EOD, truncated
[  119.831053][ T6357] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  119.882179][ T6359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.124'.
[  120.425541][ T6364] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  120.429286][ T6364] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  120.519847][ T6364] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  120.537826][ T6364] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  120.545453][ T6364] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.554221][ T6364] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.561002][ T6364] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  120.564078][ T6364] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  120.578986][ T6364] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  120.590704][ T6364] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  120.593747][ T6364] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  120.599033][ T6364] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  120.720469][ T6363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.125'.
[  120.737985][ T6363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.125'.
[  121.067072][ T6374] syzkaller1: entered promiscuous mode
[  121.069646][ T6374] syzkaller1: entered allmulticast mode
[  121.075927][ T6373] 
: renamed from bond_slave_0 (while UP)
[  121.138730][ T6378] ubi16: attaching mtd0
[  121.148976][ T6378] ubi16: scanning is finished
[  121.151189][ T6378] ubi16: empty MTD device detected
[  121.243810][ T6381] netlink: 'syz.1.131': attribute type 13 has an invalid length.
[  121.323729][ T6378] ubi16: attached mtd0 (name "mtdram test device", size 0 MiB)
[  121.327031][ T6378] ubi16: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  121.330280][ T6378] ubi16: min./max. I/O unit sizes: 1/64, sub-page size 1
[  121.333559][ T6378] ubi16: VID header offset: 64 (aligned 64), data offset: 128
[  121.338553][ T6378] ubi16: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  121.341645][ T6378] ubi16: user volume: 0, internal volumes: 1, max. volumes count: 23
[  121.345363][ T6378] ubi16: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2950895764
[  121.349851][ T6378] ubi16: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  121.358480][ T6382] ubi16: background thread "ubi_bgt16d" started, PID 6382
[  121.761334][ T5855] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  121.867890][ T6387] lo speed is unknown, defaulting to 1000
[  121.871583][ T6387] lo speed is unknown, defaulting to 1000
[  121.878255][ T6387] lo speed is unknown, defaulting to 1000
[  121.886847][ T6387] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  121.893765][ T5855] usb 6-1: device descriptor read/64, error -71
[  121.897080][ T6387] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  121.904607][ T6387] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  121.913805][ T6387] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  121.925559][ T6387] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  121.961347][ T6387] lo speed is unknown, defaulting to 1000
[  121.965369][ T6387] lo speed is unknown, defaulting to 1000
[  121.969596][ T6387] lo speed is unknown, defaulting to 1000
[  121.974646][ T6387] lo speed is unknown, defaulting to 1000
[  121.979664][ T6387] lo speed is unknown, defaulting to 1000
[  122.133821][ T5855] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  122.264029][ T5855] usb 6-1: device descriptor read/64, error -71
[  122.374698][ T5855] usb usb6-port1: attempt power cycle
[  122.483711][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  122.563816][ T5757] Bluetooth: hci2: command 0x0c1a tx timeout
[  122.563852][   T64] Bluetooth: hci1: command 0x0c1a tx timeout
[  122.643987][ T5757] Bluetooth: hci3: command 0x0c1a tx timeout
[  122.713746][ T5855] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  122.734490][ T5855] usb 6-1: device descriptor read/8, error -71
[  122.985521][ T5855] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  123.035610][ T5855] usb 6-1: device descriptor read/8, error -71
[  123.209402][ T6403] xt_nat: multiple ranges no longer supported
[  124.051088][ T6417] syz.3.141 (6417): /proc/6416/oom_adj is deprecated, please use /proc/6416/oom_score_adj instead.
[  124.214070][ T5855] usb usb6-port1: unable to enumerate USB device
[  124.563778][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  124.644087][ T5757] Bluetooth: hci1: command 0x0c1a tx timeout
[  124.653812][ T5757] Bluetooth: hci2: command 0x0c1a tx timeout
[  124.734970][ T5757] Bluetooth: hci3: command 0x0c1a tx timeout
[  124.837138][ T6432] =======================================================
[  124.837138][ T6432] WARNING: The mand mount option has been deprecated and
[  124.837138][ T6432]          and is ignored by this kernel. Remove the mand
[  124.837138][ T6432]          option from the mount to silence this warning.
[  124.837138][ T6432] =======================================================
[  124.916469][ T6433] Driver unsupported XDP return value 0 on prog  (id 13) dev N/A, expect packet loss!
[  125.963919][ T6453] netlink: 'syz.0.152': attribute type 2 has an invalid length.
[  126.085853][   T50] bridge0: entered promiscuous mode
[  126.143448][ T6458] netlink: 'syz.0.153': attribute type 2 has an invalid length.
[  126.150472][ T6458] netlink: 'syz.0.153': attribute type 1 has an invalid length.
[  126.157553][   T50] IPVS: starting estimator thread 0...
[  126.243934][ T6462] IPVS: using max 27 ests per chain, 64800 per kthread
[  126.318799][ T6466] syzkaller1: entered promiscuous mode
[  126.321684][ T6466] syzkaller1: entered allmulticast mode
[  126.454400][ T5832] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  126.593760][ T5832] usb 5-1: device descriptor read/64, error -71
[  126.643774][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  126.648794][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  126.724066][ T5757] Bluetooth: hci2: command 0x0c1a tx timeout
[  126.724113][   T64] Bluetooth: hci1: command 0x0c1a tx timeout
[  126.813866][   T64] Bluetooth: hci3: command 0x0c1a tx timeout
[  126.863715][ T5832] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  126.864781][ T6482] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  126.869674][ T6482] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  126.894090][ T6482] vhci_hcd vhci_hcd.0: Device attached
[  127.024056][ T5832] usb 5-1: device descriptor read/64, error -71
[  127.144067][ T5832] usb usb5-port1: attempt power cycle
[  127.304370][ T5833] usb 42-1: SetAddress Request (6) to port 0
[  127.307763][ T5833] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[  127.420945][ T6484] vhci_hcd: connection reset by peer
[  127.424947][   T71] vhci_hcd vhci_hcd.2: stop threads
[  127.427466][   T71] vhci_hcd vhci_hcd.2: release socket
[  127.431814][   T71] vhci_hcd vhci_hcd.2: disconnect device
[  127.493818][ T5832] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  127.516579][ T5832] usb 5-1: device descriptor read/8, error -71
[  127.763862][ T5832] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  127.786023][ T5832] usb 5-1: device descriptor read/8, error -71
[  127.894821][ T5832] usb usb5-port1: unable to enumerate USB device
[  128.723809][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.726541][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  128.730039][ T6502] netlink: 'syz.1.164': attribute type 13 has an invalid length.
[  129.350544][ T6506] syzkaller1: entered promiscuous mode
[  129.358091][ T6506] syzkaller1: entered allmulticast mode
[  130.650313][ T6510] loop2: detected capacity change from 0 to 3
[  130.655059][ T6510] ldm_validate_privheads(): Disk read failed.
[  130.657869][ T6510] Dev loop2: unable to read RDB block 3
[  130.660288][ T6510]  loop2: unable to read partition table
[  130.663079][ T6510] loop2: partition table beyond EOD, truncated
[  130.667405][ T6510] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  130.756411][ T6516] netlink: 32 bytes leftover after parsing attributes in process `syz.0.169'.
[  130.804101][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.839690][ T6518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.167'.
[  130.850221][ T6518] exFAT-fs (nbd2): unable to read boot sector
[  130.853014][ T6518] exFAT-fs (nbd2): failed to read boot sector
[  130.855796][ T6518] exFAT-fs (nbd2): failed to recognize exfat type
[  131.045588][ T6525] usb 2-1: USB disconnect, device number 2
[  131.482101][ T6529] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  131.482101][ T6529]    program syz.3.172 not setting count and/or reply_len properly
[  131.537469][   T41] kauditd_printk_skb: 942 callbacks suppressed
[  131.537484][   T41] audit: type=1326 audit(1778662596.887:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6527 comm="syz.3.172" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  132.405376][ T5833] usb 42-1: device descriptor read/8, error -110
[  132.795204][ T5833] usb usb42-port1: attempt power cycle
[  133.354556][ T5833] usb usb42-port1: unable to enumerate USB device
[  133.903263][ T6538] syzkaller1: entered promiscuous mode
[  133.905928][ T6538] syzkaller1: entered allmulticast mode
[  133.975325][ T6543] netlink: 'syz.2.176': attribute type 13 has an invalid length.
[  134.100865][ T6549] lo speed is unknown, defaulting to 1000
[  134.133913][   T61] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  134.273822][   T61] usb 8-1: device descriptor read/64, error -71
[  134.448468][ T6563] lo speed is unknown, defaulting to 1000
[  134.543744][   T61] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  134.673931][   T61] usb 8-1: device descriptor read/64, error -71
[  134.805497][   T61] usb usb8-port1: attempt power cycle
[  134.896131][ T6580] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  134.896131][ T6580]    program syz.0.185 not setting count and/or reply_len properly
[  134.971443][   T41] audit: type=1326 audit(1778662600.317:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6575 comm="syz.0.185" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  135.143839][   T61] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  135.174536][   T61] usb 8-1: device descriptor read/8, error -71
[  135.443804][   T61] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  135.464466][   T61] usb 8-1: device descriptor read/8, error -71
[  135.584346][   T61] usb usb8-port1: unable to enumerate USB device
[  136.293485][ T6592] mmap: syz.0.188 (6592) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  136.402656][ T6596] loop2: detected capacity change from 0 to 3
[  136.406522][ T6596] ldm_validate_privheads(): Disk read failed.
[  136.409269][ T6596] Dev loop2: unable to read RDB block 3
[  136.412200][ T6596]  loop2: unable to read partition table
[  136.416094][ T6596] loop2: partition table beyond EOD, truncated
[  136.418909][ T6596] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  136.507652][ T6599] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  136.507652][ T6599]    program syz.2.191 not setting count and/or reply_len properly
[  137.109967][   T41] audit: type=1326 audit(1778662602.457:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.2.191" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707efcc code=0x0
[  138.152729][ T6607] vxcan1: entered allmulticast mode
[  138.163352][ T6607] netlink: 4 bytes leftover after parsing attributes in process `syz.3.193'.
[  138.208498][ T6607] vxcan1 (unregistering): left allmulticast mode
[  138.253141][   T64] Bluetooth: hci2: unexpected event for opcode 0x2016
[  139.158511][ T6619] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.195'.
[  139.228057][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.195'.
[  139.233377][ T6620] exFAT-fs (nbd3): unable to read boot sector
[  139.236639][ T6620] exFAT-fs (nbd3): failed to read boot sector
[  139.239146][ T6620] exFAT-fs (nbd3): failed to recognize exfat type
[  139.693040][ T6623] netlink: 'syz.1.196': attribute type 1 has an invalid length.
[  139.696884][ T6623] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  139.910040][ T6627] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.055208][ T6627] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.058437][ T6633] loop2: detected capacity change from 0 to 3
[  140.069998][ T6633] ldm_validate_privheads(): Disk read failed.
[  140.077625][ T6633] Dev loop2: unable to read RDB block 3
[  140.080953][ T6633]  loop2: unable to read partition table
[  140.083511][ T6633] loop2: partition table beyond EOD, truncated
[  140.092411][ T6633] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  140.264528][ T6637] netlink: 'syz.0.199': attribute type 10 has an invalid length.
[  140.329399][ T6627] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.330553][ T6638] binder: BINDER_SET_CONTEXT_MGR already set
[  140.341024][ T6638] binder: 6636:6638 ioctl 4018620d 80004a80 returned -16
[  140.366837][ T6641] netlink: 'syz.0.199': attribute type 10 has an invalid length.
[  140.457818][ T6627] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.471156][ T6644] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  140.471156][ T6644]    program syz.3.202 not setting count and/or reply_len properly
[  140.614142][   T41] audit: type=1326 audit(1778662605.907:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.3.202" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  141.036045][  T196] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.055259][  T196] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.093044][  T196] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.116461][  T196] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.186073][ T6655] ADFS-fs (loop0): error: unable to read block 3, try 0
[  143.458681][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  143.463994][ T1433] ieee802154 phy1 wpan1: encryption failed: -22
[  143.810347][ T6674] loop2: detected capacity change from 0 to 3
[  143.822666][ T6674] ldm_validate_privheads(): Disk read failed.
[  143.826337][ T6674] Dev loop2: unable to read RDB block 3
[  143.829182][ T6674]  loop2: unable to read partition table
[  143.832216][ T6674] loop2: partition table beyond EOD, truncated
[  143.851300][ T6674] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  143.900381][ T6675] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  143.900381][ T6675]    program syz.2.209 not setting count and/or reply_len properly
[  144.122048][ T6678] af_packet: tpacket_rcv: packet too big, clamped from 68211 to 3944. macoff=96
[  144.221877][   T41] audit: type=1326 audit(1778662609.567:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6671 comm="syz.2.209" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707efcc code=0x0
[  144.472799][ T6685] netlink: 'syz.3.212': attribute type 10 has an invalid length.
[  144.481432][ T6685] netlink: 'syz.3.212': attribute type 10 has an invalid length.
[  144.919079][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.922686][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  145.486819][ T6697] pimreg: entered allmulticast mode
[  145.574333][ T6695] 0x000000000005-0x000004000008 : ""
[  145.578802][ T6695] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fffb
[  145.610167][ T6695] ftl_cs: FTL header corrupt!
[  145.613267][ T6696] pimreg: left allmulticast mode
[  146.043806][ T6706] loop2: detected capacity change from 0 to 3
[  146.050109][ T6706] ldm_validate_privheads(): Disk read failed.
[  146.053416][ T6706] Dev loop2: unable to read RDB block 3
[  146.057631][ T6706]  loop2: unable to read partition table
[  146.060685][ T6706] loop2: partition table beyond EOD, truncated
[  146.063351][ T6706] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  146.159861][ T6709] trusted_key: encrypted_key: insufficient parameters specified
[  146.180831][ T6709] trusted_key: encrypted_key: keylen parameter is missing
[  146.292435][ T6718] netlink: 'syz.2.223': attribute type 27 has an invalid length.
[  146.298528][ T6718] netlink: 164 bytes leftover after parsing attributes in process `syz.2.223'.
[  146.672150][ T6719] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  146.677127][ T6719] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  146.688197][ T6719] vhci_hcd vhci_hcd.0: Device attached
[  146.979973][   T40] usb 44-1: SetAddress Request (2) to port 0
[  146.983941][   T40] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  147.047356][ T6729] netlink: 'syz.0.225': attribute type 10 has an invalid length.
[  147.088597][ T6721] vhci_hcd: connection reset by peer
[  147.115567][   T12] vhci_hcd vhci_hcd.3: stop threads
[  147.120546][   T12] vhci_hcd vhci_hcd.3: release socket
[  147.129209][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  147.162128][ T6730] netlink: 'syz.0.225': attribute type 10 has an invalid length.
[  148.047146][ T6735] lo speed is unknown, defaulting to 1000
[  148.275571][ T6740] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  148.304867][  T150] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  148.517580][  T150] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  148.521602][  T150] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.528575][  T150] usb 6-1: Product: syz
[  148.532348][  T150] usb 6-1: Manufacturer: syz
[  148.536670][  T150] usb 6-1: SerialNumber: syz
[  148.542763][  T150] usb 6-1: config 0 descriptor??
[  148.762858][ T6760] loop2: detected capacity change from 0 to 3
[  148.768110][ T6760] ldm_validate_privheads(): Disk read failed.
[  148.783859][ T5853] usb 6-1: USB disconnect, device number 10
[  148.824669][ T6760] Dev loop2: unable to read RDB block 3
[  148.831941][ T6760]  loop2: unable to read partition table
[  148.836089][ T6760] loop2: partition table beyond EOD, truncated
[  148.842243][ T6760] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  149.186648][ T6774] netlink: 'syz.2.236': attribute type 10 has an invalid length.
[  149.478191][ T6774] bond0: (slave dummy0): Releasing backup interface
[  149.496032][ T6774] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  149.500243][ T6774] team0: Failed to send options change via netlink (err -105)
[  149.505229][ T6774] team0: Port device dummy0 added
[  150.051272][ T6778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  150.425080][ T6785] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  150.425080][ T6785]    program syz.1.239 not setting count and/or reply_len properly
[  150.575390][  T299] Bluetooth: hci4: Frame reassembly failed (-84)
[  150.883796][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  150.887081][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  151.383858][   T61] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  151.544652][ T6792] loop2: detected capacity change from 0 to 3
[  151.548342][ T6792] ldm_validate_privheads(): Disk read failed.
[  151.554481][ T6792] Dev loop2: unable to read RDB block 3
[  151.556868][ T6792]  loop2: unable to read partition table
[  151.564429][   T61] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  151.568159][   T61] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  151.574181][ T6792] loop2: partition table beyond EOD, truncated
[  151.577821][   T61] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.582109][ T6792] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  151.594494][   T61] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[  151.600084][   T61] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  151.604271][   T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.612062][   T61] usb 5-1: config 0 descriptor??
[  152.084472][   T40] usb 44-1: device descriptor read/8, error -110
[  152.182672][ T6812] netlink: 'syz.1.248': attribute type 10 has an invalid length.
[  152.191954][ T6812] netlink: 'syz.1.248': attribute type 10 has an invalid length.
[  152.219378][ T6812] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  152.225868][ T6812] team0: Port device dummy0 removed
[  152.240947][ T6812] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  152.475280][   T40] usb usb44-port1: attempt power cycle
[  152.569974][ T5757] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  152.962879][ T6820] netlink: 28 bytes leftover after parsing attributes in process `syz.3.249'.
[  153.039530][   T40] usb usb44-port1: unable to enumerate USB device
[  153.079251][ T6818] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  153.079251][ T6818]    program syz.1.251 not setting count and/or reply_len properly
[  153.884673][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  153.893764][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  154.586995][ T6838] loop2: detected capacity change from 0 to 3
[  154.591534][ T6838] ldm_validate_privheads(): Disk read failed.
[  154.594889][ T6838] Dev loop2: unable to read RDB block 3
[  154.602083][ T6838]  loop2: unable to read partition table
[  154.617167][ T6838] loop2: partition table beyond EOD, truncated
[  154.640699][   T29] usb 5-1: USB disconnect, device number 7
[  154.679724][ T6838] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  155.461384][ T6853] syzkaller1: entered promiscuous mode
[  155.464233][ T6853] syzkaller1: entered allmulticast mode
[  155.465344][ T6855] vivid-002: =================  START STATUS  =================
[  155.472501][ T6855] vivid-002: RDS Tx I/O Mode: Controls
[  155.478185][ T6855] vivid-002: RDS Program ID: 32904
[  155.480685][ T6855] vivid-002: RDS Program Type: 3
[  155.483140][ T6855] vivid-002: RDS PS Name: VIVID-TX
[  155.490932][ T6855] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  155.496184][ T6855] vivid-002: RDS Stereo: true
[  155.498655][ T6855] vivid-002: RDS Artificial Head: false
[  155.501542][ T6855] vivid-002: RDS Compressed: false
[  155.508166][ T6855] vivid-002: RDS Dynamic PTY: false
[  155.517418][ T6855] vivid-002: RDS Traffic Announcement: false
[  155.519613][ T6855] vivid-002: RDS Traffic Program: true
[  155.522244][ T6855] vivid-002: RDS Music: true
[  155.526978][ T6855] vivid-002: ==================  END STATUS  ==================
[  155.924157][ T5855] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  156.085662][ T5855] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  156.089440][ T5855] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  156.093194][ T5855] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.098769][ T5855] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  156.103234][ T5855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  156.106984][ T5855] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  156.111748][ T5855] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  156.117053][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.125535][ T5855] usb 5-1: config 0 descriptor??
[  156.486795][ T6867] loop2: detected capacity change from 0 to 3
[  156.493063][ T6867] ldm_validate_privheads(): Disk read failed.
[  156.496730][ T6867] Dev loop2: unable to read RDB block 3
[  156.501217][ T6867]  loop2: unable to read partition table
[  156.506102][ T6867] loop2: partition table beyond EOD, truncated
[  156.510207][ T6867] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  156.650258][ T6873] pimreg: entered allmulticast mode
[  156.656667][ T6869] netlink: 'syz.1.266': attribute type 4 has an invalid length.
[  156.707933][ T6873] pimreg: left allmulticast mode
[  156.825256][ T6881] lo speed is unknown, defaulting to 1000
[  157.603860][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  157.604473][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  157.736882][ T6893] xt_nat: multiple ranges no longer supported
[  158.875292][ T6907] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  158.882188][ T6907] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  158.887232][ T6907] overlayfs: failed to set uuid (71/file0, err=-13); falling back to uuid=null.
[  158.912119][ T6911] loop2: detected capacity change from 0 to 3
[  158.921387][ T6911] ldm_validate_privheads(): Disk read failed.
[  158.924659][ T6911] Dev loop2: unable to read RDB block 3
[  158.927398][ T6911]  loop2: unable to read partition table
[  158.930179][ T6911] loop2: partition table beyond EOD, truncated
[  158.932717][ T6911] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  159.001090][ T6913] netlink: 40 bytes leftover after parsing attributes in process `syz.3.278'.
[  159.055516][ T6915] netlink: 'syz.2.279': attribute type 7 has an invalid length.
[  159.091660][   T54] usb 5-1: USB disconnect, device number 8
[  159.184428][ T6920] xt_nat: multiple ranges no longer supported
[  160.004087][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  160.004695][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  161.410559][ T6937] lo speed is unknown, defaulting to 1000
[  161.528849][ T6943] loop2: detected capacity change from 0 to 3
[  161.535695][ T6943] ldm_validate_privheads(): Disk read failed.
[  161.545063][ T6943] Dev loop2: unable to read RDB block 3
[  161.549636][ T6943]  loop2: unable to read partition table
[  161.553218][ T6943] loop2: partition table beyond EOD, truncated
[  161.578866][ T6943] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  162.253711][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  162.404741][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  162.597591][ T6977] xt_nat: multiple ranges no longer supported
[  162.875637][ T6981] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  162.875637][ T6981]    program syz.3.295 not setting count and/or reply_len properly
[  162.919175][   T41] audit: type=1326 audit(1778662628.267:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.295" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  164.736386][ T6993] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  164.736386][ T6993]    program syz.2.297 not setting count and/or reply_len properly
[  164.860599][ T6995] 9p: Bad value for 'rfdno'
[  165.992773][ T7003] veth0_to_batadv: Caught tx_queue_len zero misconfig
[  166.178486][ T7014] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  166.178486][ T7014]    program syz.1.303 not setting count and/or reply_len properly
[  166.234187][ T7013] loop2: detected capacity change from 0 to 7
[  166.240693][ T7013]  loop2:
[  166.242091][ T7013] loop2: partition table partially beyond EOD, truncated
[  166.370149][ T7018] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  166.611034][ T7021] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  166.611034][ T7021]    program syz.0.306 not setting count and/or reply_len properly
[  166.998140][   T41] audit: type=1326 audit(1778662632.337:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7019 comm="syz.0.306" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  168.551491][ T7043] netlink: 4 bytes leftover after parsing attributes in process `syz.2.312'.
[  170.338393][ T7061] netlink: 'syz.3.315': attribute type 10 has an invalid length.
[  170.348898][ T7061] bond0: (slave dummy0): Releasing backup interface
[  170.381997][ T7061] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  170.389790][ T7061] team0: Failed to send options change via netlink (err -105)
[  170.398703][ T7061] team0: Port device dummy0 added
[  170.425390][ T7062] netlink: 'syz.3.315': attribute type 10 has an invalid length.
[  170.436281][ T7062] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  170.492216][ T7062] team0: Failed to send options change via netlink (err -105)
[  170.498806][ T7062] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  170.507351][ T7062] team0: Port device dummy0 removed
[  170.589918][ T7062] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  171.096154][ T7071] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  171.096154][ T7071]    program syz.3.317 not setting count and/or reply_len properly
[  171.157237][   T41] audit: type=1326 audit(1778662636.507:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7069 comm="syz.3.317" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  171.503186][ T7075] xt_nat: multiple ranges no longer supported
[  171.650531][ T7078] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  171.650531][ T7078]    program syz.0.319 not setting count and/or reply_len properly
[  171.675814][   T41] audit: type=1326 audit(1778662637.027:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7076 comm="syz.0.319" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  173.555949][ T7097] netlink: 'syz.0.322': attribute type 10 has an invalid length.
[  173.589138][ T7097] bond0: (slave dummy0): Releasing backup interface
[  173.645983][ T7098] netlink: 'syz.0.322': attribute type 10 has an invalid length.
[  173.654933][ T7097] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  173.660508][ T7097] team0: Failed to send options change via netlink (err -105)
[  173.664776][ T7097] team0: Port device dummy0 added
[  173.674162][ T7098] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  173.688677][ T7098] team0: Failed to send options change via netlink (err -105)
[  173.692981][ T7098] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  173.707258][ T7098] team0: Port device dummy0 removed
[  173.753528][ T7098] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  174.294517][ T7106] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  174.294517][ T7106]    program syz.3.325 not setting count and/or reply_len properly
[  174.708138][   T41] audit: type=1326 audit(1778662639.917:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7103 comm="syz.3.325" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  175.221328][ T7129] netlink: 'syz.0.331': attribute type 1 has an invalid length.
[  175.242572][ T7129] bond1: entered promiscuous mode
[  175.246657][ T7129] 8021q: adding VLAN 0 to HW filter on device bond1
[  175.392012][ T7133] netlink: 28 bytes leftover after parsing attributes in process `syz.0.331'.
[  175.496693][ T7134] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  175.496693][ T7134]    program syz.1.330 not setting count and/or reply_len properly
[  175.584692][ T7136] 9pnet_fd: Insufficient options for proto=fd
[  175.790939][ T7144] fuse: Bad value for 'fd'
[  176.018797][ T7147] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  176.018797][ T7147]    program syz.3.336 not setting count and/or reply_len properly
[  176.176031][   T41] audit: type=1326 audit(1778662641.527:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.3.336" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  176.394850][   T41] audit: type=1326 audit(1778662641.747:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7124 comm="syz.1.330" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  177.491595][ T7166] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  177.491595][ T7166]    program syz.1.341 not setting count and/or reply_len properly
[  177.635918][   T41] audit: type=1326 audit(1778662642.987:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7164 comm="syz.1.341" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  177.778915][ T5897] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  177.988384][ T5897] usb 5-1: config index 0 descriptor too short (expected 1572, got 36)
[  177.994086][ T5897] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.012716][ T5897] usb 5-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40
[  178.017924][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.021800][ T5897] usb 5-1: Product: syz
[  178.025129][ T5897] usb 5-1: Manufacturer: syz
[  178.029170][ T5897] usb 5-1: SerialNumber: syz
[  178.115232][ T5897] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/input/input7
[  178.475919][ T5137] bcm5974 5-1:1.0: could not read from device
[  178.482575][ T5137] bcm5974 5-1:1.0: could not read from device
[  178.980222][ T7172] tunl0: Caught tx_queue_len zero misconfig
[  178.983271][ T7172] sch_tbf: peakrate 1144786952152247913 is lower than or equals to rate 14721371165588982144 !
[  178.995644][ T5897] bcm5974 5-1:1.0: could not read from device
[  179.011314][ T5897] input: failed to attach handler mousedev to device input7, error: -5
[  179.031763][ T5137] bcm5974 5-1:1.0: could not read from device
[  179.044792][ T5897] usb 5-1: USB disconnect, device number 9
[  179.188907][ T7178] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  179.188907][ T7178]    program syz.1.344 not setting count and/or reply_len properly
[  179.261960][   T41] audit: type=1326 audit(1778662644.607:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7176 comm="syz.1.344" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  180.199986][ T7186] netlink: 36 bytes leftover after parsing attributes in process `syz.3.346'.
[  180.210274][ T7186] dummy0: Caught tx_queue_len zero misconfig
[  180.419800][ T7190] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  180.419800][ T7190]    program syz.3.347 not setting count and/or reply_len properly
[  180.461335][   T41] audit: type=1326 audit(1778662645.807:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7188 comm="syz.3.347" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  180.852944][ T7203] netlink: 'syz.0.348': attribute type 10 has an invalid length.
[  180.862215][ T7203] bond0: (slave dummy0): Releasing backup interface
[  180.897566][ T7203] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  180.897824][ T7203] team0: Failed to send options change via netlink (err -105)
[  180.897843][ T7203] team0: Port device dummy0 added
[  180.939653][ T7203] netlink: 'syz.0.348': attribute type 10 has an invalid length.
[  180.941440][ T7203] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  180.959718][ T7203] team0: Failed to send options change via netlink (err -105)
[  180.974903][ T7203] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  180.994192][ T7203] team0: Port device dummy0 removed
[  181.028922][ T7203] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  181.805047][ T7209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.350'.
[  181.829932][   T41] audit: type=1326 audit(1778662647.177:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7205 comm="syz.1.350" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  181.923961][   T54] IPVS: starting estimator thread 0...
[  182.023951][ T7218] IPVS: using max 21 ests per chain, 50400 per kthread
[  182.717468][ T7226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.356'.
[  182.723338][ T7226] netlink: 196 bytes leftover after parsing attributes in process `syz.1.356'.
[  182.737510][ T7226] netlink: 28 bytes leftover after parsing attributes in process `syz.1.356'.
[  182.741675][ T7226] netlink: 196 bytes leftover after parsing attributes in process `syz.1.356'.
[  182.801067][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.356'.
[  182.875266][ T7227] netlink: 36 bytes leftover after parsing attributes in process `syz.1.356'.
[  183.149250][ T7236] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  183.149250][ T7236]    program syz.0.359 not setting count and/or reply_len properly
[  183.216681][   T41] audit: type=1326 audit(1778662648.567:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7233 comm="syz.0.359" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  183.514221][ T7241] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached
[  183.795199][ T7246] netlink: 'syz.1.363': attribute type 1 has an invalid length.
[  184.259240][ T7246] 8021q: adding VLAN 0 to HW filter on device bond1
[  184.295718][ T7250] bond1: entered allmulticast mode
[  184.742192][ T7252] bond1: (slave ip6gretap1): making interface the new active one
[  184.753703][ T7252] ip6gretap1: entered allmulticast mode
[  184.762400][ T7252] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  185.240724][ T7260] loop2: detected capacity change from 0 to 3
[  185.248033][ T7260] ldm_validate_privheads(): Disk read failed.
[  185.251897][ T7260] Dev loop2: unable to read RDB block 3
[  185.254927][ T7260]  loop2: unable to read partition table
[  185.261474][ T7260] loop2: partition table beyond EOD, truncated
[  185.269258][ T7260] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  185.403888][ T7264] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  185.403888][ T7264]    program syz.0.367 not setting count and/or reply_len properly
[  185.581883][   T41] audit: type=1326 audit(1778662650.927:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7261 comm="syz.0.367" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  185.959783][ T7269] netlink: 'syz.1.368': attribute type 13 has an invalid length.
[  187.117635][ T7275] xt_nat: multiple ranges no longer supported
[  188.430822][ T7305] syzkaller1: entered promiscuous mode
[  188.434000][ T7305] syzkaller1: entered allmulticast mode
[  188.684057][ T7308] could not allocate digest TFM handle md5
[  188.742056][ T7308] fuse: Bad value for 'fd'
[  190.254030][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  190.256996][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  190.916631][ T7330] syzkaller1: entered promiscuous mode
[  190.919233][ T7330] syzkaller1: entered allmulticast mode
[  191.070732][   T64] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  191.075767][   T64] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  191.081960][   T64] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  191.092943][   T64] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  191.096715][   T64] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  191.236961][ T7344] xt_bpf: check failed: parse error
[  191.453973][   T34] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  191.622250][   T34] usb 8-1: Using ep0 maxpacket: 8
[  191.641577][   T34] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  191.659933][   T34] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  191.681758][   T34] usb 8-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  191.696543][   T34] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  191.704869][   T34] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  191.711619][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.750640][   T34] usbtmc 8-1:16.0: bulk endpoints not found
[  191.835520][   T71] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.165841][   T71] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.210933][ T7336] lo speed is unknown, defaulting to 1000
[  192.349687][   T71] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.369750][ T7357] loop2: detected capacity change from 0 to 7
[  192.380371][ T7357] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  192.390905][ T7357] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  192.395179][ T7357] Dev loop2: unable to read RDB block 7
[  192.399014][ T7357]  loop2: unable to read partition table
[  192.406219][ T7357] loop2: partition table beyond EOD, truncated
[  192.408858][ T7357] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  192.505360][ T7359] loop2: detected capacity change from 0 to 7
[  192.510097][   T71] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.525966][ T7359] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  192.531110][ T7359] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  192.542432][ T7359] Dev loop2: unable to read RDB block 7
[  192.550831][ T7359]  loop2: unable to read partition table
[  192.556493][ T7359] loop2: partition table beyond EOD, truncated
[  192.560490][ T7359] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  192.962854][   T71] bridge_slave_1: left allmulticast mode
[  192.967443][   T71] bridge_slave_1: left promiscuous mode
[  192.974458][   T71] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.989973][   T71] bridge_slave_0: left allmulticast mode
[  192.992761][   T71] bridge_slave_0: left promiscuous mode
[  193.002530][   T71] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.147382][ T5757] Bluetooth: hci4: command tx timeout
[  194.445053][ T5853] usb 8-1: USB disconnect, device number 10
[  194.548064][ T7373] Invalid logical block size (-4)
[  194.725699][   T71] bond0 (unregistering): (slave 
3
0
): Releasing backup interface
[  194.747955][   T71] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  194.755647][   T71] bond0 (unregistering): Released all slaves
[  194.880497][ T7376] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  194.880497][ T7376]    program syz.3.395 not setting count and/or reply_len properly
[  195.204140][ T5757] Bluetooth: hci4: command tx timeout
[  195.214467][ T7369] lo speed is unknown, defaulting to 1000
[  195.698014][ T7380] loop2: detected capacity change from 0 to 7
[  195.720491][ T7380]  loop2:
[  195.722438][ T7380] loop2: partition table partially beyond EOD, truncated
[  196.253172][ T7336] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.262823][ T7336] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.306169][ T7336] bridge_slave_0: entered allmulticast mode
[  196.365376][ T7336] bridge_slave_0: entered promiscuous mode
[  196.407889][ T7336] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.411342][ T7336] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.415334][ T7336] bridge_slave_1: entered allmulticast mode
[  196.420363][ T7336] bridge_slave_1: entered promiscuous mode
[  196.453330][ T7393] 8021q: adding VLAN 0 to HW filter on device bond2
[  196.458731][ T5454] 8021q: adding VLAN 0 to HW filter on device eth3
[  196.530565][ T7336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.538639][ T7336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.567913][ T7336] team0: Port device team_slave_0 added
[  196.570788][ T7400] xt_nat: multiple ranges no longer supported
[  196.597677][ T7336] team0: Port device team_slave_1 added
[  196.681728][ T7336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.685692][ T7336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  196.698924][ T7336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.713934][   T71] hsr_slave_0: left promiscuous mode
[  196.718493][   T71] hsr_slave_1: left promiscuous mode
[  196.721758][   T71] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.726137][   T71] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.735341][   T71] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.739439][   T71] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.757575][   T71] veth1_macvtap: left promiscuous mode
[  196.762649][   T71] veth0_macvtap: left promiscuous mode
[  196.766675][   T71] veth1_vlan: left promiscuous mode
[  196.770022][   T71] veth0_vlan: left promiscuous mode
[  197.003804][ T5896] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  197.111060][   T71] team0 (unregistering): Port device team_slave_1 removed
[  197.130142][   T71] team0 (unregistering): Port device team_slave_0 removed
[  197.156386][ T5896] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  197.162184][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.168614][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.173759][ T5896] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  197.181049][ T5896] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  197.187261][ T5896] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  197.193702][ T5896] usb 5-1: Manufacturer: syz
[  197.222549][ T5896] usb 5-1: config 0 descriptor??
[  197.250894][   T71] team0 (unregistering): Port device dummy0 removed
[  197.273426][ T7336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  197.276744][ T7336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  197.291196][ T5757] Bluetooth: hci4: command tx timeout
[  197.291445][ T7336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.303739][ T5454] 8021q: adding VLAN 0 to HW filter on device eth2
[  197.337126][ T7405] lo speed is unknown, defaulting to 1000
[  197.365325][ T7336] hsr_slave_0: entered promiscuous mode
[  197.368915][ T7336] hsr_slave_1: entered promiscuous mode
[  197.375158][ T7336] debugfs: 'hsr0' already exists in 'hsr'
[  197.378010][ T7336] Cannot create hsr debugfs directory
[  197.672621][ T5896] hid_parser_main: 5 callbacks suppressed
[  197.672649][ T5896] appleir 0003:05AC:8243.0004: unknown main item tag 0x0
[  197.742414][ T7424] loop7: detected capacity change from 0 to 7
[  197.792765][ T5454] 8021q: adding VLAN 0 to HW filter on device eth4
[  197.794549][ T7425] binder: 7417:7425 ioctl c0285840 80000000 returned -22
[  197.806153][ T7424]  loop7: [CUMANA/ADFS] p1 [ADFS] p1
[  197.808952][ T7424] loop7: partition table partially beyond EOD, truncated
[  197.816479][ T7424] loop7: p1 size 487441168 extends beyond EOD, truncated
[  197.927095][ T7336] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  197.947946][ T7336] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  197.952418][ T7336] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  197.973336][ T7336] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  197.979605][ T7336] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  197.987616][ T7336] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  197.994061][ T7336] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  198.001141][ T7336] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  198.052368][ T6603] udevd[6603]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[  198.130649][ T7336] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.160389][ T7336] 8021q: adding VLAN 0 to HW filter on device team0
[  198.168774][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.172258][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.189612][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.192744][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  198.231377][ T7439] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'.
[  198.409626][ T5454] 8021q: adding VLAN 0 to HW filter on device eth5
[  198.682550][   T41] audit: type=1326 audit(1778662664.017:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7442 comm="syz.3.406" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  198.715357][ T5896] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  199.078932][ T7457] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  199.078932][ T7457]    program syz.1.407 not setting count and/or reply_len properly
[  199.249612][ T7336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.414102][ T5757] Bluetooth: hci4: command tx timeout
[  199.488411][ T7336] veth0_vlan: entered promiscuous mode
[  199.500214][ T7336] veth1_vlan: entered promiscuous mode
[  199.546889][ T7336] veth0_macvtap: entered promiscuous mode
[  199.554586][ T7336] veth1_macvtap: entered promiscuous mode
[  199.577152][ T7336] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.587130][ T7336] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.749644][   T61] usb 5-1: USB disconnect, device number 10
[  199.866456][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.943078][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.948314][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.175733][   T41] audit: type=1326 audit(1778662665.407:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7454 comm="syz.1.407" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  200.463713][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.044521][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.111471][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.198154][ T7489] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  201.198154][ T7489]    program syz.0.411 not setting count and/or reply_len properly
[  201.252933][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.258986][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.384060][   T41] audit: type=1326 audit(1778662666.697:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.0.411" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  202.986094][ T7501] lo: Caught tx_queue_len zero misconfig
[  203.002983][ T7501] binder: 7499:7501 ioctl c0285840 80000000 returned -22
[  203.613741][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  203.684020][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  203.719926][ T7504] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  203.719955][ T7504] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  203.722934][ T7504] vhci_hcd vhci_hcd.0: Device attached
[  204.203149][ T5832] libceph: connect (1)[c::]:6789 error -101
[  204.205849][ T5832] libceph: mon0 (1)[c::]:6789 connect error
[  204.208931][ T5832] libceph: connect (1)[c::]:6789 error -101
[  204.209056][ T5832] libceph: mon0 (1)[c::]:6789 connect error
[  204.300249][ T7510] ceph: No mds server is up or the cluster is laggy
[  204.893254][ T1433] ieee802154 phy0 wpan0: encryption failed: -22
[  204.893308][ T1433] ieee802154 phy1 wpan1: encryption failed: -22
[  204.972861][   T40] usb 40-1: SetAddress Request (2) to port 0
[  204.972947][   T40] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  205.401231][ T7488] wg2 speed is unknown, defaulting to 1000
[  205.471583][ T7488] wg2 speed is unknown, defaulting to 1000
[  205.925025][ T7488] wg2 speed is unknown, defaulting to 1000
[  206.556905][ T6144] wg2 speed is unknown, defaulting to 1000
[  206.559704][ T7488] infiniband syz2: set active
[  206.568921][ T7488] infiniband syz2: added wg2
[  206.611883][ T7488] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  206.628291][ T7488] infiniband syz2: Couldn't open port 1
[  206.648611][ T7488] smbdirect: ib_dev[syz2]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  206.661958][ T7488] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  206.686932][ T7488] smbdirect: ib_dev[syz2]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  206.874509][ T7488] RDS/IB: syz2: added
[  206.899466][ T7488] smc: adding ib device syz2 with port count 1
[  206.942337][ T7488] smc:    ib device syz2 port 1 has no pnetid
[  206.996762][ T7488] wg2 speed is unknown, defaulting to 1000
[  207.049137][ T6144] wg2 speed is unknown, defaulting to 1000
[  207.349043][ T7532] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  207.349043][ T7532]    program syz.3.418 not setting count and/or reply_len properly
[  207.442016][ T7534] loop2: detected capacity change from 0 to 3
[  207.450266][ T7534] ldm_validate_privheads(): Disk read failed.
[  207.456186][ T7534] Dev loop2: unable to read RDB block 3
[  207.463976][ T7534]  loop2: unable to read partition table
[  207.466643][ T7534] loop2: partition table beyond EOD, truncated
[  207.474095][ T7534] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  207.512818][   T41] audit: type=1326 audit(1778662672.847:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7528 comm="syz.3.418" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  207.607174][ T7537] loop2: detected capacity change from 0 to 7
[  207.624134][ T7537] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  207.635238][ T7488] wg2 speed is unknown, defaulting to 1000
[  207.638182][ T7537] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  207.649083][ T7537] Dev loop2: unable to read RDB block 7
[  207.656287][ T7537]  loop2: unable to read partition table
[  207.661311][ T7537] loop2: partition table beyond EOD, truncated
[  207.671569][ T7537] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  207.954172][ T7540] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  207.954172][ T7540]    program syz.0.422 not setting count and/or reply_len properly
[  207.968515][ T7488] wg2 speed is unknown, defaulting to 1000
[  208.054843][   T41] audit: type=1326 audit(1778662673.397:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7538 comm="syz.0.422" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  208.227514][ T7488] wg2 speed is unknown, defaulting to 1000
[  208.833406][ T7550] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  208.833406][ T7550]    program syz.3.423 not setting count and/or reply_len properly
[  208.921739][ T7505] vhci_hcd: connection reset by peer
[  208.946753][   T71] vhci_hcd vhci_hcd.1: stop threads
[  208.959269][   T71] vhci_hcd vhci_hcd.1: release socket
[  208.968822][   T71] vhci_hcd vhci_hcd.1: disconnect device
[  210.019865][   T40] usb 40-1: device descriptor read/8, error -110
[  210.019898][ T7567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  210.256201][ T7574] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  210.284099][ T5855] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  210.297300][ T7574] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  210.438928][ T7582] tmpfs: Cannot change global quota limit on remount
[  210.465726][ T5855] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  210.473350][ T5855] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  210.491129][ T5855] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  210.495656][ T5855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  210.505166][ T5855] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  210.517673][ T5855] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  210.524578][ T5855] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  210.525589][   T40] usb usb40-port1: attempt power cycle
[  210.528622][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.531655][ T5855] usb 5-1: config 0 descriptor??
[  210.760513][ T5855] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  211.054591][ T5853] usb 5-1: USB disconnect, device number 11
[  211.075801][ T5853] usblp0: removed
[  211.255386][   T40] usb usb40-port1: unable to enumerate USB device
[  211.454524][ T7605] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  211.454524][ T7605]    program syz.1.431 not setting count and/or reply_len properly
[  211.476362][   T41] audit: type=1326 audit(1778662676.827:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7603 comm="syz.1.431" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  213.124039][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  213.131988][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  213.218679][ T7616] loop2: detected capacity change from 0 to 3
[  213.229968][ T7616] ldm_validate_privheads(): Disk read failed.
[  213.243358][ T7616] Dev loop2: unable to read RDB block 3
[  213.252575][ T7616]  loop2: unable to read partition table
[  213.264097][ T7616] loop2: partition table beyond EOD, truncated
[  213.269527][ T7616] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  213.323022][ T7618] lo speed is unknown, defaulting to 1000
[  213.341393][ T7618] wg2 speed is unknown, defaulting to 1000
[  213.895604][ T7627] netlink: 24 bytes leftover after parsing attributes in process `syz.4.438'.
[  214.890820][ T7633] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  214.890820][ T7633]    program syz.3.439 not setting count and/or reply_len properly
[  215.239332][   T41] audit: type=1326 audit(1778662680.577:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7631 comm="syz.3.439" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  216.343001][ T7645] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  216.343001][ T7645]    program syz.3.443 not setting count and/or reply_len properly
[  216.399091][   T41] audit: type=1326 audit(1778662681.747:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7643 comm="syz.3.443" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  216.486169][ T7648] loop2: detected capacity change from 0 to 3
[  216.495623][ T7648] ldm_validate_privheads(): Disk read failed.
[  216.498362][ T7648] Dev loop2: unable to read RDB block 3
[  216.500623][ T7648]  loop2: unable to read partition table
[  216.502947][ T7648] loop2: partition table beyond EOD, truncated
[  216.505717][ T7648] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  216.848884][ T7659] [U] 
[  216.850254][ T7659] [U] 
[  216.851440][ T7659] [U] 
[  216.852682][ T7659] [U] 
[  216.860259][ T7659] [U] 
[  216.861477][ T7659] [U] 
[  216.862665][ T7659] [U] 
[  216.863845][ T7659] [U] 
[  216.867983][ T7659] [U] 
[  216.869298][ T7659] [U] 
[  216.870517][ T7659] [U] 
[  216.871707][ T7659] [U] 
[  216.878118][ T7659] [U] 
[  216.879492][ T7659] [U] 
[  216.880761][ T7659] [U] 
[  216.882045][ T7659] [U] 
[  216.888360][ T7659] [U] 
[  216.889562][ T7659] [U] 
[  216.890613][ T7659] [U] 
[  216.891794][ T7659] [U] 
[  216.898579][ T7659] [U] 
[  216.899838][ T7659] [U] 
[  216.901165][ T7659] [U] 
[  216.902390][ T7659] [U] 
[  216.912380][ T7659] [U] 
[  216.913615][ T7659] [U] 
[  216.914782][ T7659] [U] 
[  216.915917][ T7659] [U] 
[  216.940991][ T7659] [U] 
[  216.942473][ T7659] [U] 
[  216.943887][ T7659] [U] 
[  216.945186][ T7659] [U] 
[  216.949620][ T7659] [U] 
[  216.950866][ T7659] [U] 
[  216.953024][ T7659] [U] 
[  216.954239][ T7659] [U] 
[  216.983683][ T7659] [U] 
[  216.984975][ T7659] [U] 
[  216.986974][ T7659] [U] 
[  216.988153][ T7659] [U] 
[  217.034507][ T7659] [U] 
[  217.035801][ T7659] [U] 
[  217.036969][ T7659] [U] 
[  217.038359][ T7659] [U] 
[  217.043058][ T7659] [U] 
[  217.045871][ T7659] [U] 
[  217.049940][ T7659] [U] 
[  217.058753][ T7659] [U] 
[  217.081181][ T7659] [U] 
[  217.082371][ T7659] [U] 
[  217.083506][ T7659] [U] 
[  217.084674][ T7659] [U] 
[  217.086212][ T7659] [U] 
[  217.087428][ T7659] [U] 
[  217.089741][ T7659] [U] 
[  217.091078][ T7659] [U] 
[  217.093831][ T7659] [U] 
[  217.095094][ T7659] [U] 
[  217.096356][ T7659] [U] 
[  217.097568][ T7659] [U] 
[  217.102226][ T7659] [U] 
[  217.103658][ T7659] [U] 
[  217.104868][ T7659] [U] 
[  217.106065][ T7659] [U] 
[  217.114784][ T7659] [U] 
[  217.116338][ T7659] [U] 
[  217.117678][ T7659] [U] 
[  217.119019][ T7659] [U] 
[  217.121202][ T7659] [U] 
[  217.122448][ T7659] [U] 
[  217.123630][ T7659] [U] 
[  217.124830][ T7659] [U] 
[  217.135771][ T7659] [U] 
[  217.136974][ T7659] [U] 
[  217.138088][ T7659] [U] 
[  217.139418][ T7659] [U] 
[  217.143494][ T7659] [U] 
[  217.144642][ T7659] [U] 
[  217.145701][ T7659] [U] 
[  217.146741][ T7659] [U] 
[  217.151136][ T7659] [U] 
[  217.152463][ T7659] [U] 
[  217.153810][ T7659] [U] 
[  217.155070][ T7659] [U] 
[  217.157672][ T7659] [U] 
[  217.158967][ T7659] [U] 
[  217.160106][ T7659] [U] 
[  217.161255][ T7659] [U] 
[  217.163309][ T7659] [U] 
[  217.164276][ T7659] [U] 
[  217.165275][ T7659] [U] 
[  217.166505][ T7659] [U] 
[  217.180576][ T7659] [U] 
[  217.181651][ T7659] [U] 
[  217.182655][ T7659] [U] 
[  217.183702][ T7659] [U] 
[  217.186069][ T7659] [U] 
[  217.187421][ T7659] [U] 
[  217.188761][ T7659] [U] 
[  217.190347][ T7659] [U] 
[  217.192383][ T7659] [U] 
[  217.193958][ T7659] [U] 
[  217.195517][ T7659] [U] 
[  217.197054][ T7659] [U] 
[  217.199262][ T7659] [U] 
[  217.200777][ T7659] [U] 
[  217.202035][ T7659] [U] 
[  217.203351][ T7659] [U] 
[  217.205313][ T7659] [U] 
[  217.206587][ T7659] [U] 
[  217.207845][ T7659] [U] 
[  217.208994][ T7659] [U] 
[  217.221344][ T7659] [U] 
[  217.222722][ T7659] [U] 
[  217.224039][ T7659] [U] 
[  217.225287][ T7659] [U] 
[  217.226859][ T7659] [U] 
[  217.228215][ T7659] [U] 
[  217.234355][ T7659] [U] 
[  217.235587][ T7659] [U] 
[  217.249168][ T7659] [U] 
[  217.252643][ T7659] [U] 
[  217.256310][ T7659] [U] 
[  217.257652][ T7659] [U] 
[  217.274165][ T7659] [U] 
[  217.275575][ T7659] [U] 
[  217.276840][ T7659] [U] 
[  217.341398][ T7658] [U] 
[  217.507974][ T7664] loop2: detected capacity change from 0 to 7
[  217.534574][ T7664]  loop2:
[  217.535970][ T7664] loop2: partition table partially beyond EOD, truncated
[  217.672777][ T7670] xt_nat: multiple ranges no longer supported
[  217.703777][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  217.703996][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  217.832502][ T7672] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  217.844734][ T7672] CIFS mount error: No usable UNC path provided in device string!
[  217.844734][ T7672] 
[  217.849449][ T7672] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  218.755009][ T7686] loop2: detected capacity change from 0 to 3
[  218.770991][ T7686] ldm_validate_privheads(): Disk read failed.
[  218.774395][ T7686] Dev loop2: unable to read RDB block 3
[  218.776681][ T7686]  loop2: unable to read partition table
[  218.778941][ T7686] loop2: partition table beyond EOD, truncated
[  218.781867][ T7686] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  218.865031][ T7690] loop2: detected capacity change from 0 to 7
[  218.869630][ T7690] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  218.875652][ T7690] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  218.878880][ T7690] Dev loop2: unable to read RDB block 7
[  218.881455][ T7690]  loop2: unable to read partition table
[  218.884954][ T7690] loop2: partition table beyond EOD, truncated
[  218.888217][ T7690] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  219.105042][ T7696] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  219.105042][ T7696]    program syz.3.458 not setting count and/or reply_len properly
[  219.193425][   T41] audit: type=1326 audit(1778662684.537:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7694 comm="syz.3.458" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  219.223802][ T5899] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  219.374516][ T7699] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  219.378205][ T7699] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  219.384051][ T7699] vhci_hcd vhci_hcd.0: Device attached
[  219.512163][ T5899] usb 5-1: unable to read config index 0 descriptor/start: -61
[  219.519028][ T5899] usb 5-1: can't read configurations, error -61
[  219.676509][ T5899] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  219.697722][ T7705] loop2: detected capacity change from 0 to 7
[  219.701869][ T7705]  loop2:
[  219.703516][ T7705] loop2: partition table partially beyond EOD, truncated
[  219.728047][ T7697] random: crng reseeded on system resumption
[  219.940547][ T7700] vhci_hcd: connection closed
[  219.943498][  T299] vhci_hcd vhci_hcd.4: stop threads
[  219.950703][  T299] vhci_hcd vhci_hcd.4: release socket
[  219.953999][  T299] vhci_hcd vhci_hcd.4: disconnect device
[  219.964687][   T40] usb 46-1: enqueue for inactive port 0
[  220.014157][   T50] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  220.055036][ T5899] usb 5-1: unable to read config index 0 descriptor/start: -61
[  220.059054][ T5899] usb 5-1: can't read configurations, error -61
[  220.065845][ T5899] usb usb5-port1: attempt power cycle
[  220.175739][   T50] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  220.179531][   T50] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  220.183860][   T50] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  220.197043][   T50] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  220.217787][   T50] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  220.221716][   T50] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  220.227034][   T50] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  220.231071][   T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.243829][   T50] usb 6-1: config 0 descriptor??
[  220.423775][ T5899] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  220.447338][ T5899] usb 5-1: unable to read config index 0 descriptor/start: -61
[  220.450379][ T5899] usb 5-1: can't read configurations, error -61
[  220.457755][   T50] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  220.467002][   T40] usb usb46-port1: attempt power cycle
[  220.573781][ T5757] Bluetooth: hci0: command 0x0c1a tx timeout
[  220.576747][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  220.579731][ T7711] netlink: 830 bytes leftover after parsing attributes in process `syz.4.462'.
[  220.594732][ T5899] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  220.623904][  T150] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  220.632618][ T5899] usb 5-1: unable to read config index 0 descriptor/start: -61
[  220.636046][ T5899] usb 5-1: can't read configurations, error -61
[  220.639456][ T5899] usb usb5-port1: unable to enumerate USB device
[  220.757130][ T5855] usb 6-1: USB disconnect, device number 11
[  220.809012][  T150] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  220.813354][  T150] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  220.814986][ T5855] usblp0: removed
[  220.821959][  T150] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  220.826591][  T150] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  220.826619][  T150] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  220.835893][  T150] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  220.841493][  T150] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  220.845678][  T150] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.887169][  T150] usb 8-1: config 0 descriptor??
[  221.025824][   T40] usb usb46-port1: unable to enumerate USB device
[  221.114994][  T150] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  221.388565][  T150] usb 8-1: USB disconnect, device number 11
[  221.398649][  T150] usblp0: removed
[  221.555302][ T7716] syz.4.463 (7716) used greatest stack depth: 18736 bytes left
[  222.663852][   T41] audit: type=1326 audit(1778662688.007:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.673510][   T41] audit: type=1326 audit(1778662688.007:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.754679][   T41] audit: type=1326 audit(1778662688.107:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.766820][   T41] audit: type=1326 audit(1778662688.107:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.777238][   T41] audit: type=1326 audit(1778662688.107:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.786419][   T41] audit: type=1326 audit(1778662688.107:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.810987][   T41] audit: type=1326 audit(1778662688.107:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.821090][   T41] audit: type=1326 audit(1778662688.107:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.840400][   T41] audit: type=1326 audit(1778662688.107:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709efcc code=0x7ffc0000
[  222.861769][   T41] audit: type=1326 audit(1778662688.107:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7726 comm="syz.0.466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709efcc code=0x7ffc0000
[  223.318963][ T7747] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  223.318963][ T7747]    program syz.3.469 not setting count and/or reply_len properly
[  224.637454][ T7774] lo speed is unknown, defaulting to 1000
[  224.655648][ T7774] wg2 speed is unknown, defaulting to 1000
[  224.662636][ T7778] netlink: 204 bytes leftover after parsing attributes in process `syz.3.477'.
[  224.699717][ T7780] netlink: 'syz.0.476': attribute type 10 has an invalid length.
[  224.731460][ T7780] bond0: (slave dummy0): Releasing backup interface
[  224.791688][ T7781] netlink: 'syz.0.476': attribute type 10 has an invalid length.
[  224.866474][ T7783] 9pnet_fd: Insufficient options for proto=fd
[  224.888031][ T7780] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  224.895130][ T7780] team0: Failed to send options change via netlink (err -105)
[  224.899577][ T7780] team0: Port device dummy0 added
[  224.925179][ T7781] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  225.023085][ T7781] team0: Failed to send options change via netlink (err -105)
[  225.028581][ T7781] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  225.038816][ T7781] team0: Port device dummy0 removed
[  225.062686][ T7781] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  225.083359][ T7788] netlink: 76 bytes leftover after parsing attributes in process `syz.1.480'.
[  225.358218][ T7791] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  225.921236][ T7796] netlink: 168 bytes leftover after parsing attributes in process `syz.4.483'.
[  225.925640][ T7796] netlink: 168 bytes leftover after parsing attributes in process `syz.4.483'.
[  226.263732][ T5853] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  226.441506][ T5853] usb 5-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99
[  226.446651][ T5853] usb 5-1: config 0 interface 0 has no altsetting 0
[  226.452185][ T5853] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  226.457226][ T5853] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  226.462367][ T5853] usb 5-1: Product: syz
[  226.468479][ T5853] usb 5-1: Manufacturer: syz
[  226.471741][ T5853] usb 5-1: SerialNumber: syz
[  226.487353][ T5853] usb 5-1: config 0 descriptor??
[  226.491892][ T7798] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  226.525381][ T5853] usb 5-1: selecting invalid altsetting 0
[  226.611949][ T7801] netlink: 'syz.1.482': attribute type 10 has an invalid length.
[  226.758537][ T7798] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[  226.766841][ T7798] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[  226.812473][ T7811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.487'.
[  226.853113][ T7812] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  226.882733][ T7817] netlink: 'syz.3.488': attribute type 1 has an invalid length.
[  227.198033][ T7817] 8021q: adding VLAN 0 to HW filter on device bond1
[  227.409904][ T7823] bond1: (slave veth3): Enslaving as an active interface with a down link
[  227.545193][ T7817] 8021q: adding VLAN 0 to HW filter on device batadv1
[  227.565138][ T7817] bond1: (slave batadv1): making interface the new active one
[  227.576080][ T7817] batadv1: entered promiscuous mode
[  227.616925][ T7817] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  227.853740][   T54] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[  228.015919][   T54] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  228.019793][   T54] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  228.026102][   T54] usb 6-1: config 0 has no interface number 0
[  228.032757][   T54] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  228.038275][   T54] usb 6-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  228.048097][   T54] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  228.052060][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.063122][   T54] usb 6-1: config 0 descriptor??
[  228.087641][   T54] ldusb 6-1:0.55: Interrupt in endpoint not found
[  228.295457][ T5832] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  228.481776][ T5832] usb 8-1: config 0 has an invalid descriptor of length 156, skipping remainder of the config
[  228.492393][ T5832] usb 8-1: too many endpoints for config 0 interface 0 altsetting 219: 45, using maximum allowed: 30
[  228.503190][ T5832] usb 8-1: config 0 interface 0 altsetting 219 has 0 endpoint descriptors, different from the interface descriptor's value: 45
[  228.519167][ T5832] usb 8-1: config 0 interface 0 has no altsetting 0
[  228.529964][ T5832] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[  228.538250][ T5832] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.544957][ T5832] usb 8-1: Product: syz
[  228.547072][ T5832] usb 8-1: Manufacturer: syz
[  228.549607][ T5832] usb 8-1: SerialNumber: syz
[  228.554978][ T5832] usb 8-1: config 0 descriptor??
[  228.852755][ T7844] lo speed is unknown, defaulting to 1000
[  228.928016][ T7844] wg2 speed is unknown, defaulting to 1000
[  231.430660][  T150] usb 6-1: USB disconnect, device number 12
[  231.482554][ T7812] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[  231.511429][ T7812] snd-usb-audio 5-1:0.0: Runtime PM usage count underflow!
[  231.539144][ T5853] usb 5-1: USB disconnect, device number 16
[  231.552193][ T5832] usb 8-1: USB disconnect, device number 12
[  231.913987][ T5832] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  232.077827][ T5832] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  232.085495][ T5832] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  232.098806][ T5832] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  232.149720][ T5832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.162163][ T7856] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  232.177101][ T5832] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  232.196522][ T7870] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  232.196522][ T7870]    program syz.1.497 not setting count and/or reply_len properly
[  232.385611][   T41] kauditd_printk_skb: 36 callbacks suppressed
[  232.385631][   T41] audit: type=1326 audit(1778662697.737:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7867 comm="syz.1.497" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  233.680853][ T1348] usb 8-1: USB disconnect, device number 13
[  235.088553][ T7891] netlink: 'syz.0.499': attribute type 10 has an invalid length.
[  235.221026][ T7892] netlink: 'syz.0.499': attribute type 10 has an invalid length.
[  235.314123][ T7891] bond0: (slave dummy0): Releasing backup interface
[  235.397303][ T7891] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  235.413841][ T7891] team0: Failed to send options change via netlink (err -105)
[  235.417458][ T7891] team0: Port device dummy0 added
[  235.421391][ T7892] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  235.434479][ T7892] team0: Port device dummy0 removed
[  235.440661][ T7892] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  235.615545][ T7897] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  235.967382][ T7906] gtp0: entered allmulticast mode
[  235.969928][ T7909] xt_nat: multiple ranges no longer supported
[  236.115572][   T64] Bluetooth: hci2: unexpected event for opcode 0x203c
[  236.262575][ T7916] ipip0: entered allmulticast mode
[  236.268276][ T7917] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  236.268276][ T7917]    program syz.1.506 not setting count and/or reply_len properly
[  236.352172][ T7916] overlayfs: failed to resolve './file1': -2
[  236.908529][ T7921] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  236.988130][ T7925] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  236.988130][ T7925]    program syz.0.508 not setting count and/or reply_len properly
[  237.497691][ T7937] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  237.619334][ T7940] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  237.619334][ T7940]    program syz.3.512 not setting count and/or reply_len properly
[  237.966153][   T41] audit: type=1326 audit(1778662703.317:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7938 comm="syz.3.512" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb5fcc code=0x0
[  238.176223][ T7944] xt_nat: multiple ranges no longer supported
[  238.238512][ T7948] syzkaller1: entered promiscuous mode
[  238.241537][ T7948] syzkaller1: entered allmulticast mode
[  238.795646][ T7959] input: syz0 as /devices/virtual/input/input8
[  239.397306][ T7962] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  239.397306][ T7962]    program syz.4.518 not setting count and/or reply_len properly
[  239.445583][   T41] audit: type=1326 audit(1778662704.787:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7960 comm="syz.4.518" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  239.801903][ T7965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.519'.
[  240.334727][  T196] batadv1: left promiscuous mode
[  240.492413][ T7976] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  240.492413][ T7976]    program syz.4.521 not setting count and/or reply_len properly
[  240.728756][   T41] audit: type=1326 audit(1778662706.077:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.4.521" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  240.957373][ T7979] loop2: detected capacity change from 0 to 3
[  240.977273][ T7979] ldm_validate_privheads(): Disk read failed.
[  240.981702][ T7979] Dev loop2: unable to read RDB block 3
[  240.985148][ T7981] xt_nat: multiple ranges no longer supported
[  240.987885][ T7979]  loop2: unable to read partition table
[  240.993505][ T7979] loop2: partition table beyond EOD, truncated
[  241.026147][ T7979] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  241.161407][ T5853] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  241.166355][ T5853] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  241.187103][ T5853] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  241.320146][ T7987] fido_id[7987]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  241.432073][ T7993] program syz.3.527 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.925440][   T41] audit: type=1326 audit(1778662707.277:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  241.945394][   T41] audit: type=1326 audit(1778662707.277:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  241.966065][   T41] audit: type=1326 audit(1778662707.277:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  241.986166][   T41] audit: type=1326 audit(1778662707.277:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  242.023863][   T41] audit: type=1326 audit(1778662707.277:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  242.043300][   T41] audit: type=1326 audit(1778662707.287:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  242.063309][   T41] audit: type=1326 audit(1778662707.287:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7992 comm="syz.3.527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5fcc code=0x7ffc0000
[  242.377071][ T8015] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  242.377071][ T8015]    program syz.1.529 not setting count and/or reply_len properly
[  242.769510][   T50] usb 8-1: new low-speed USB device number 14 using dummy_hcd
[  242.801718][ T8021] syzkaller1: entered promiscuous mode
[  242.806827][ T8021] syzkaller1: entered allmulticast mode
[  242.927321][   T50] usb 8-1: config 0 has an invalid interface number: 181 but max is 0
[  242.931306][   T50] usb 8-1: config 0 has no interface number 0
[  242.934119][   T50] usb 8-1: config 0 interface 181 has no altsetting 0
[  242.941649][   T50] usb 8-1: string descriptor 0 read error: -22
[  242.955515][   T50] usb 8-1: New USB device found, idVendor=12d1, idProduct=14f0, bcdDevice=19.87
[  242.961232][   T50] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.999565][   T50] usb 8-1: config 0 descriptor??
[  243.231724][ T8023] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  243.253378][ T8023] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  243.257274][ T5853] usb 8-1: USB disconnect, device number 14
[  243.343189][ T8029] xt_nat: multiple ranges no longer supported
[  243.599498][ T8036] overlayfs: missing 'workdir'
[  243.733818][ T8037] nbd0: detected capacity change from 0 to 63
[  243.751786][   T64] block nbd0: Receive control failed (result -32)
[  243.752394][ T5984] block nbd0: Send control failed (result -32)
[  243.759476][ T5984] block nbd0: Request send failed, requeueing
[  243.772421][ T5929] block nbd0: Dead connection, failed to find a fallback
[  243.778924][ T5929] block nbd0: shutting down sockets
[  243.781920][ T5929] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.783940][ T5984] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.790916][ T5929] Buffer I/O error on dev nbd0, logical block 0, async page read
[  243.796490][ T5984] Buffer I/O error on dev nbd0, logical block 1, async page read
[  243.796721][ T5984] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.796742][ T5984] Buffer I/O error on dev nbd0, logical block 2, async page read
[  243.796837][ T5984] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.796856][ T5984] Buffer I/O error on dev nbd0, logical block 3, async page read
[  243.842642][ T5984] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.849978][ T5984] Buffer I/O error on dev nbd0, logical block 0, async page read
[  243.857870][ T5984] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.868667][ T5984] Buffer I/O error on dev nbd0, logical block 1, async page read
[  243.882470][ T5984] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.891384][ T5984] Buffer I/O error on dev nbd0, logical block 2, async page read
[  243.909881][ T8038] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  243.910044][ T5984] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.913024][ T8038] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  243.928196][ T8038] vhci_hcd vhci_hcd.0: Device attached
[  243.931875][ T5984] Buffer I/O error on dev nbd0, logical block 3, async page read
[  243.942964][ T5984] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.955580][ T8045] loop2: detected capacity change from 0 to 3
[  243.955619][ T5984] Buffer I/O error on dev nbd0, logical block 0, async page read
[  243.955879][ T5984] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  243.955903][ T5984] Buffer I/O error on dev nbd0, logical block 1, async page read
[  243.956814][ T8045] ldm_validate_privheads(): Disk read failed.
[  243.956877][ T8045] Dev loop2: unable to read RDB block 3
[  243.956908][ T8045]  loop2: unable to read partition table
[  243.957081][ T8045] loop2: partition table beyond EOD, truncated
[  243.957099][ T8045] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  243.962151][ T5984] ldm_validate_partition_table(): Disk read failed.
[  243.970247][ T8038] netlink: 'syz.0.532': attribute type 12 has an invalid length.
[  244.003012][ T5984] Dev nbd0: unable to read RDB block 0
[  244.009104][ T5984]  nbd0: unable to read partition table
[  244.018343][ T5984] ldm_validate_partition_table(): Disk read failed.
[  244.026372][ T5984] Dev nbd0: unable to read RDB block 0
[  244.031131][ T5984]  nbd0: unable to read partition table
[  244.099934][ T8052] loop2: detected capacity change from 0 to 7
[  244.105324][ T8052]  loop2:
[  244.106811][ T8052] loop2: partition table partially beyond EOD, truncated
[  244.116945][ T8053] syzkaller1: entered promiscuous mode
[  244.120064][ T8053] syzkaller1: entered allmulticast mode
[  244.170363][ T8055] loop2: detected capacity change from 0 to 7
[  244.174713][ T8055] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  244.179934][ T8055] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  244.183436][ T8055] Dev loop2: unable to read RDB block 7
[  244.186811][ T8055]  loop2: unable to read partition table
[  244.190093][ T8055] loop2: partition table beyond EOD, truncated
[  244.192625][ T8055] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  244.206946][ T5853] usb 38-1: SetAddress Request (2) to port 0
[  244.213825][ T5853] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  244.309516][ T8041] vhci_hcd: connection reset by peer
[  244.351914][  T299] vhci_hcd vhci_hcd.0: stop threads
[  244.351955][  T299] vhci_hcd vhci_hcd.0: release socket
[  244.352165][  T299] vhci_hcd vhci_hcd.0: disconnect device
[  244.513963][  T847] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  244.514804][ T8061] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  244.514804][ T8061]    program syz.1.544 not setting count and/or reply_len properly
[  244.665596][  T847] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  244.672601][   T41] kauditd_printk_skb: 5 callbacks suppressed
[  244.672619][   T41] audit: type=1326 audit(1778662710.017:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8059 comm="syz.1.544" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffefcc code=0x0
[  244.691846][  T847] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  244.701798][  T847] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  244.712173][  T847] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  244.743949][  T847] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  244.749345][  T847] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  244.755836][  T847] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  244.762608][  T847] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.770427][  T847] usb 9-1: config 0 descriptor??
[  244.781912][ T8058] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  245.009712][  T847] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  245.212449][    C3] usblp0: nonzero read bulk status received: -71
[  245.291884][ T8066] usblp0: error -71 reading from printer
[  245.303878][    C2] usblp0: nonzero read bulk status received: -71
[  245.369615][ T5832] usb 9-1: USB disconnect, device number 2
[  245.412600][ T5832] usblp0: removed
[  245.471092][ T8069] xt_nat: multiple ranges no longer supported
[  245.659727][ T8071] bridge1: entered allmulticast mode
[  245.785871][ T8073] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'.
[  246.103134][   T64] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  246.106432][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  246.112821][ T8077] A link change request failed with some changes committed already. Interface sit1 may have been left with an inconsistent configuration, please check.
[  246.135620][ T8077] netlink: 16 bytes leftover after parsing attributes in process `syz.0.549'.
[  246.135777][ T8079] netlink: 16 bytes leftover after parsing attributes in process `syz.0.549'.
[  246.321635][ T8099] xt_nat: multiple ranges no longer supported
[  246.380086][ T8101] faux_driver vkms: [drm] Unknown color mode 11; guessing buffer size.
[  246.543879][ T5899] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  246.706697][ T5899] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  246.710963][ T5899] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  246.722183][ T5899] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  246.726194][ T5899] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  246.731734][ T5899] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  246.738384][ T5899] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  246.743032][ T5899] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  246.747274][ T5899] usb 9-1: Product: syz
[  246.749337][ T5899] usb 9-1: Manufacturer: syz
[  246.762922][ T5899] cdc_wdm 9-1:1.0: skipping garbage
[  246.766472][ T5899] cdc_wdm 9-1:1.0: skipping garbage
[  246.778120][ T5899] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  246.782572][ T5899] cdc_wdm 9-1:1.0: Unknown control protocol
[  246.805797][ T8115] netlink: 40 bytes leftover after parsing attributes in process `syz.0.560'.
[  246.833888][  T150] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  246.996174][  T150] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  247.000636][  T150] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  247.012238][  T150] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  247.022615][  T150] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  247.031007][  T150] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  247.041040][  T150] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  247.050778][  T150] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  247.057613][  T150] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.066554][  T150] usb 6-1: config 0 descriptor??
[  247.070596][ T8109] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  247.289103][  T150] usblp 6-1:0.0: usblp1: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  247.515465][ T8125] CIFS: iocharset name too long
[  247.848911][    C0] vcan0: j1939_tp_rxtimer: 0xffff888026b5a400: rx timeout, send abort
[  247.861987][ T8130] xt_nat: multiple ranges no longer supported
[  248.206481][ T8136] netlink: 'syz.3.566': attribute type 1 has an invalid length.
[  248.230225][ T8136] bond2: entered promiscuous mode
[  248.232875][ T8136] 8021q: adding VLAN 0 to HW filter on device bond2
[  248.349231][    C0] vcan0: j1939_tp_rxtimer: 0xffff888013569400: rx timeout, send abort
[  248.355258][    C0] vcan0: j1939_tp_rxtimer: 0xffff888026b5a400: abort rx timeout. Force session deactivation
[  248.858519][    C0] vcan0: j1939_tp_rxtimer: 0xffff888013569400: abort rx timeout. Force session deactivation
[  249.283847][ T5853] usb 38-1: device descriptor read/8, error -110
[  249.289977][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  249.290071][ T5855] usb 9-1: USB disconnect, device number 3
[  249.293259][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  249.297624][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  249.319185][   T54] usb 6-1: USB disconnect, device number 13
[  249.342603][   T54] usblp1: removed
[  249.704086][ T5853] usb usb38-port1: attempt power cycle
[  249.883954][   T61] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  250.033891][   T61] usb 8-1: device descriptor read/64, error -71
[  250.113930][  T150] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  250.264757][ T5853] usb usb38-port1: unable to enumerate USB device
[  250.276794][ T8174] random: crng reseeded on system resumption
[  250.289369][ T8173] netlink: 8 bytes leftover after parsing attributes in process `syz.4.579'.
[  250.292887][ T8173] netlink: 24 bytes leftover after parsing attributes in process `syz.4.579'.
[  250.305864][  T150] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  250.309808][  T150] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  250.316735][  T150] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  250.324484][  T150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  250.341799][  T150] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  250.358116][ T8171] netlink: 8 bytes leftover after parsing attributes in process `syz.1.578'.
[  250.367590][ T8171] netlink: 36 bytes leftover after parsing attributes in process `syz.1.578'.
[  250.368715][  T150] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  250.372692][ T8171] netlink: 36 bytes leftover after parsing attributes in process `syz.1.578'.
[  250.390359][ T8178] tunl0: entered promiscuous mode
[  250.390379][  T150] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  250.397072][ T8178] netlink: 'syz.4.580': attribute type 4 has an invalid length.
[  250.400476][  T150] usb 5-1: Product: syz
[  250.401359][ T8178] netlink: 9 bytes leftover after parsing attributes in process `syz.4.580'.
[  250.403307][  T150] usb 5-1: Manufacturer: syz
[  250.424273][  T150] cdc_wdm 5-1:1.0: skipping garbage
[  250.427529][  T150] cdc_wdm 5-1:1.0: skipping garbage
[  250.435738][  T150] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  250.438769][  T150] cdc_wdm 5-1:1.0: Unknown control protocol
[  250.463679][   T61] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  250.833766][   T61] usb 8-1: device descriptor read/64, error -71
[  251.024049][   T61] usb usb8-port1: attempt power cycle
[  251.363767][   T61] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  251.395711][   T61] usb 8-1: device descriptor read/8, error -71
[  251.633781][   T61] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  251.654578][   T61] usb 8-1: device descriptor read/8, error -71
[  251.764104][   T61] usb usb8-port1: unable to enumerate USB device
[  251.802865][  T150] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  251.995597][  T150] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  251.999550][  T150] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  252.004827][  T150] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  252.009634][  T150] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  252.015536][  T150] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  252.021201][  T150] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  252.032195][  T150] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  252.037827][  T150] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.045551][  T150] usb 6-1: config 0 descriptor??
[  252.050597][ T8203] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  252.262015][  T150] usblp 6-1:0.0: usblp1: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  252.894047][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.897183][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.900385][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.903659][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.907173][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.910131][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.913201][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.916257][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.919277][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.922274][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.925310][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.928295][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.931203][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.933996][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.936788][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.939544][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.942159][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  252.944736][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  252.964625][   T54] usb 5-1: USB disconnect, device number 17
[  252.967390][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  253.106987][  T150] usb 6-1: USB disconnect, device number 14
[  253.117157][  T150] usblp1: removed
[  254.055848][   T64] Bluetooth: hci3: unexpected event for opcode 0x203c
[  254.352730][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.4.600'.
[  254.431777][ T8251] hsr_slave_1 (unregistering): left promiscuous mode
[  255.363820][ T5757] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  255.363972][   T64] Bluetooth: hci0: command 0x0c1a tx timeout
[  255.376048][  T150] usb 8-1: new full-speed USB device number 19 using dummy_hcd
[  255.546239][  T150] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  255.550434][  T150] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  255.556736][  T150] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  255.566244][  T150] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  255.578635][  T150] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  255.589701][  T150] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  255.607682][  T150] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  255.611853][  T150] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.628025][  T150] usb 8-1: config 0 descriptor??
[  255.637705][ T8272] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  255.853982][  T150] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  256.104344][    C1] usblp0: nonzero read bulk status received: -71
[  256.372625][ T8278] usblp0: error -71 reading from printer
[  256.376641][    C2] usblp0: nonzero read bulk status received: -71
[  256.385337][ T5853] usb 8-1: USB disconnect, device number 19
[  256.392593][ T5853] usblp0: removed
[  256.625971][ T8281] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  256.625971][ T8281]    program syz.4.606 not setting count and/or reply_len properly
[  257.014968][ T8283] loop2: detected capacity change from 0 to 3
[  257.019973][ T8283] ldm_validate_privheads(): Disk read failed.
[  257.022557][ T8283] Dev loop2: unable to read RDB block 3
[  257.028715][ T8283]  loop2: unable to read partition table
[  257.031224][ T8283] loop2: partition table beyond EOD, truncated
[  257.033835][ T8283] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  257.584301][   T41] audit: type=1326 audit(1778662722.937:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8279 comm="syz.4.606" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  257.847249][ T8287] lo speed is unknown, defaulting to 1000
[  257.858597][ T8287] wg2 speed is unknown, defaulting to 1000
[  258.406788][ T8288] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input9
[  259.758688][ T8301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.612'.
[  259.977580][ T8301] vxlan0: entered promiscuous mode
[  260.094969][  T196] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  260.103461][  T196] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  260.108514][  T196] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  260.113799][  T196] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  260.118036][ T8308] syzkaller1: entered promiscuous mode
[  260.120071][ T8308] syzkaller1: entered allmulticast mode
[  260.401566][ T8319] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  260.401566][ T8319]    program syz.4.615 not setting count and/or reply_len properly
[  260.456726][ T8321] input: syz1 as /devices/virtual/input/input10
[  260.461467][ T8321] input: failed to attach handler leds to device input10, error: -6
[  260.560547][ T8325] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in;
[  260.560547][ T8325]    program syz.0.617 not setting count and/or reply_len properly
[  260.902687][   T41] audit: type=1326 audit(1778662726.247:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8322 comm="syz.0.617" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709efcc code=0x0
[  262.190953][    C0] ==================================================================
[  262.194854][    C0] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  262.198319][    C0] Read of size 1 at addr ffff8880521bec18 by task swapper/0/0
[  262.204818][    C0] 
[  262.206165][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  262.206195][    C0] Tainted: [L]=SOFTLOCKUP
[  262.206202][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  262.206214][    C0] Call Trace:
[  262.206223][    C0]  <IRQ>
[  262.206232][    C0]  dump_stack_lvl+0x100/0x190
[  262.206263][    C0]  print_report+0x13d/0x4b0
[  262.206290][    C0]  ? __virt_addr_valid+0x239/0x430
[  262.206319][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.206343][    C0]  kasan_report+0xdf/0x1d0
[  262.206365][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.206388][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.206419][    C0]  __kasan_check_byte+0x36/0x50
[  262.206438][    C0]  lock_acquire+0x12a/0x370
[  262.206456][    C0]  ? do_raw_spin_unlock+0x53/0x1e0
[  262.206475][    C0]  ? .slowpath+0x9/0x18
[  262.206543][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  262.206567][    C0]  ? p9_req_put+0xaf/0x250
[  262.206595][    C0]  p9_req_put+0xaf/0x250
[  262.206622][    C0]  req_done+0x1dc/0x2e0
[  262.206647][    C0]  ? __pfx_req_done+0x10/0x10
[  262.206673][    C0]  ? __pfx_req_done+0x10/0x10
[  262.206696][    C0]  vring_interrupt+0x2ef/0x650
[  262.206726][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  262.206751][    C0]  __handle_irq_event_percpu+0x235/0x8c0
[  262.206777][    C0]  handle_irq_event+0xab/0x1e0
[  262.206800][    C0]  handle_edge_irq+0x35e/0x960
[  262.206827][    C0]  __common_interrupt+0xd8/0x2f0
[  262.206857][    C0]  common_interrupt+0xb9/0xe0
[  262.206879][    C0]  </IRQ>
[  262.206885][    C0]  <TASK>
[  262.206893][    C0]  asm_common_interrupt+0x26/0x40
[  262.206911][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  262.206934][    C0] Code: e6 94 02 e9 c3 42 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 8f 23 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  262.206949][    C0] RSP: 0000:ffffffff8e407e00 EFLAGS: 00000202
[  262.206965][    C0] RAX: 00000000005271a1 RBX: ffffffff8e4955c0 RCX: ffffffff8b880095
[  262.206975][    C0] RDX: 0000000000000000 RSI: ffffffff8df1c469 RDI: ffffffff8c1c2800
[  262.206985][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed10056467b5
[  262.206995][    C0] R10: ffff88802b233dab R11: 0000000000000000 R12: 0000000000000000
[  262.207005][    C0] R13: fffffbfff1c92ab8 R14: 0000000000000000 R15: ffffffff90d7dc50
[  262.207019][    C0]  ? ct_kernel_exit+0x125/0x180
[  262.207043][    C0]  default_idle+0x9/0x10
[  262.207059][    C0]  default_idle_call+0x6c/0xb0
[  262.207074][    C0]  do_idle+0x464/0x590
[  262.207095][    C0]  ? __pfx_do_idle+0x10/0x10
[  262.207118][    C0]  cpu_startup_entry+0x4f/0x60
[  262.207138][    C0]  rest_init+0x251/0x260
[  262.207152][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  262.207180][    C0]  start_kernel+0x484/0x490
[  262.207203][    C0]  x86_64_start_reservations+0x24/0x30
[  262.207225][    C0]  x86_64_start_kernel+0x12b/0x130
[  262.207246][    C0]  common_startup_64+0x13e/0x148
[  262.207272][    C0]  </TASK>
[  262.207278][    C0] 
[  262.330277][    C0] Allocated by task 8338:
[  262.332179][    C0]  kasan_save_stack+0x30/0x50
[  262.334224][    C0]  kasan_save_track+0x14/0x30
[  262.336452][    C0]  __kasan_kmalloc+0xaa/0xb0
[  262.338803][    C0]  p9_client_create+0xaf/0xd40
[  262.340990][    C0]  v9fs_session_init+0x3c/0xd20
[  262.343216][    C0]  v9fs_get_tree+0xb8/0xb50
[  262.345139][    C0]  vfs_get_tree+0x92/0x320
[  262.347189][    C0]  path_mount+0x7d0/0x23d0
[  262.349269][    C0]  __ia32_sys_mount+0x292/0x310
[  262.351549][    C0]  __do_fast_syscall_32+0xe7/0x950
[  262.354353][    C0]  do_fast_syscall_32+0x32/0x70
[  262.356631][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.359212][    C0] 
[  262.360143][    C0] Freed by task 8338:
[  262.361706][    C0]  kasan_save_stack+0x30/0x50
[  262.363628][    C0]  kasan_save_track+0x14/0x30
[  262.365342][    C0]  kasan_save_free_info+0x3b/0x70
[  262.367293][    C0]  __kasan_slab_free+0x5f/0x80
[  262.369589][    C0]  kfree+0x223/0x6c0
[  262.371448][    C0]  p9_client_create+0x72d/0xd40
[  262.373444][    C0]  v9fs_session_init+0x3c/0xd20
[  262.375384][    C0]  v9fs_get_tree+0xb8/0xb50
[  262.377179][    C0]  vfs_get_tree+0x92/0x320
[  262.379021][    C0]  path_mount+0x7d0/0x23d0
[  262.381009][    C0]  __ia32_sys_mount+0x292/0x310
[  262.383320][    C0]  __do_fast_syscall_32+0xe7/0x950
[  262.385473][    C0]  do_fast_syscall_32+0x32/0x70
[  262.387294][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  262.389828][    C0] 
[  262.390777][    C0] The buggy address belongs to the object at ffff8880521bec00
[  262.390777][    C0]  which belongs to the cache kmalloc-512 of size 512
[  262.396537][    C0] The buggy address is located 24 bytes inside of
[  262.396537][    C0]  freed 512-byte region [ffff8880521bec00, ffff8880521bee00)
[  262.402574][    C0] 
[  262.403623][    C0] The buggy address belongs to the physical page:
[  262.406307][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x521bc
[  262.409974][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  262.413523][    C0] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  262.416331][    C0] page_type: f5(slab)
[  262.417809][    C0] raw: 04fff00000000040 ffff88801b842c80 dead000000000100 dead000000000122
[  262.421655][    C0] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  262.424997][    C0] head: 04fff00000000040 ffff88801b842c80 dead000000000100 dead000000000122
[  262.429295][    C0] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  262.433835][    C0] head: 04fff00000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  262.437633][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  262.443009][    C0] page dumped because: kasan: bad access detected
[  262.445902][    C0] page_owner tracks the page as allocated
[  262.448221][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5756, tgid 5756 (syz-executor), ts 82618343130, free_ts 82479014554
[  262.457531][    C0]  post_alloc_hook+0x153/0x170
[  262.459711][    C0]  get_page_from_freelist+0x11a6/0x33b0
[  262.461711][    C0]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  262.464188][    C0]  new_slab+0xa6/0x6c0
[  262.465918][    C0]  refill_objects+0x277/0x420
[  262.467994][    C0]  __pcs_replace_empty_main+0x375/0x650
[  262.471474][    C0]  __kmalloc_noprof+0x688/0x850
[  262.473855][    C0]  fib6_info_alloc+0x40/0x160
[  262.475912][    C0]  ip6_route_info_create+0x14c/0xad0
[  262.478130][    C0]  ip6_route_add+0x4b/0x1d0
[  262.480023][    C0]  addrconf_prefix_route+0x2fb/0x510
[  262.481959][    C0]  inet6_addr_add+0x575/0x9a0
[  262.483738][    C0]  inet6_rtm_newaddr+0x1475/0x1bb0
[  262.485140][    C0]  rtnetlink_rcv_msg+0x95e/0xe90
[  262.486849][    C0]  netlink_rcv_skb+0x159/0x420
[  262.488774][    C0]  netlink_unicast+0x585/0x850
[  262.490685][    C0] page last free pid 5756 tgid 5756 stack trace:
[  262.493429][    C0]  __free_frozen_pages+0x747/0x1040
[  262.495487][    C0]  qlist_free_all+0x47/0xf0
[  262.496965][    C0]  kasan_quarantine_reduce+0x1a0/0x1f0
[  262.498952][    C0]  __kasan_slab_alloc+0x69/0x90
[  262.500431][    C0]  kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  262.502279][    C0]  __alloc_skb+0x140/0x710
[  262.504409][    C0]  netlink_ack+0x117/0xb80
[  262.506506][    C0]  netlink_rcv_skb+0x333/0x420
[  262.509033][    C0]  netlink_unicast+0x585/0x850
[  262.511457][    C0]  netlink_sendmsg+0x8b0/0xda0
[  262.513717][    C0]  __sys_sendto+0x468/0x4b0
[  262.515857][    C0]  __ia32_compat_sys_socketcall+0x59a/0x770
[  262.519312][    C0]  do_int80_emulation+0x141/0x700
[  262.522184][    C0]  asm_int80_emulation+0x1a/0x20
[  262.524498][    C0] 
[  262.525715][    C0] Memory state around the buggy address:
[  262.527909][    C0]  ffff8880521beb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  262.531151][    C0]  ffff8880521beb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  262.534567][    C0] >ffff8880521bec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  262.538423][    C0]                             ^
[  262.540546][    C0]  ffff8880521bec80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  262.544099][    C0]  ffff8880521bed00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  262.547504][    C0] ==================================================================
[  262.551285][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  262.554790][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  262.558913][    C0] Tainted: [L]=SOFTLOCKUP
[  262.560641][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  262.565486][    C0] Call Trace:
[  262.566982][    C0]  <IRQ>
[  262.568172][    C0]  dump_stack_lvl+0x100/0x190
[  262.570144][    C0]  vpanic+0x552/0x970
[  262.571736][    C0]  ? __pfx_vpanic+0x10/0x10
[  262.574231][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  262.576497][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.578782][    C0]  panic+0xd1/0xe0
[  262.580551][    C0]  ? __pfx_panic+0x10/0x10
[  262.582958][    C0]  ? end_report.part.0+0x23/0x90
[  262.585084][    C0]  ? rcu_is_watching+0x12/0xc0
[  262.586884][    C0]  ? end_report.part.0+0x23/0x90
[  262.588755][    C0]  ? check_panic_on_warn+0x1f/0x90
[  262.591087][    C0]  check_panic_on_warn.cold+0x19/0x34
[  262.593234][    C0]  end_report.part.0+0x3a/0x90
[  262.595547][    C0]  kasan_report.cold+0xe/0x18
[  262.598210][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.600896][    C0]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  262.603049][    C0]  __kasan_check_byte+0x36/0x50
[  262.605111][    C0]  lock_acquire+0x12a/0x370
[  262.606823][    C0]  ? do_raw_spin_unlock+0x53/0x1e0
[  262.609387][    C0]  ? .slowpath+0x9/0x18
[  262.611116][    C0]  _raw_spin_lock_irqsave+0x3a/0x60
[  262.613575][    C0]  ? p9_req_put+0xaf/0x250
[  262.615875][    C0]  p9_req_put+0xaf/0x250
[  262.618517][    C0]  req_done+0x1dc/0x2e0
[  262.620320][    C0]  ? __pfx_req_done+0x10/0x10
[  262.622182][    C0]  ? __pfx_req_done+0x10/0x10
[  262.623659][    C0]  vring_interrupt+0x2ef/0x650
[  262.625136][    C0]  ? __pfx_vring_interrupt+0x10/0x10
[  262.626765][    C0]  __handle_irq_event_percpu+0x235/0x8c0
[  262.628785][    C0]  handle_irq_event+0xab/0x1e0
[  262.631335][    C0]  handle_edge_irq+0x35e/0x960
[  262.634227][    C0]  __common_interrupt+0xd8/0x2f0
[  262.636666][    C0]  common_interrupt+0xb9/0xe0
[  262.639319][    C0]  </IRQ>
[  262.640701][    C0]  <TASK>
[  262.642158][    C0]  asm_common_interrupt+0x26/0x40
[  262.645898][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  262.648428][    C0] Code: e6 94 02 e9 c3 42 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 8f 23 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  262.656445][    C0] RSP: 0000:ffffffff8e407e00 EFLAGS: 00000202
[  262.659266][    C0] RAX: 00000000005271a1 RBX: ffffffff8e4955c0 RCX: ffffffff8b880095
[  262.663512][    C0] RDX: 0000000000000000 RSI: ffffffff8df1c469 RDI: ffffffff8c1c2800
[  262.666419][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed10056467b5
[  262.669474][    C0] R10: ffff88802b233dab R11: 0000000000000000 R12: 0000000000000000
[  262.672712][    C0] R13: fffffbfff1c92ab8 R14: 0000000000000000 R15: ffffffff90d7dc50
[  262.676224][    C0]  ? ct_kernel_exit+0x125/0x180
[  262.678635][    C0]  default_idle+0x9/0x10
[  262.680705][    C0]  default_idle_call+0x6c/0xb0
[  262.682864][    C0]  do_idle+0x464/0x590
[  262.684572][    C0]  ? __pfx_do_idle+0x10/0x10
[  262.686418][    C0]  cpu_startup_entry+0x4f/0x60
[  262.688377][    C0]  rest_init+0x251/0x260
[  262.690127][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  262.692518][    C0]  start_kernel+0x484/0x490
[  262.694640][    C0]  x86_64_start_reservations+0x24/0x30
[  262.697085][    C0]  x86_64_start_kernel+0x12b/0x130
[  262.699288][    C0]  common_startup_64+0x13e/0x148
[  262.701379][    C0]  </TASK>
[  262.703244][    C0] Kernel Offset: disabled
[  262.704771][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:58:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff857c1685 RDI=ffffffff9b462820 RBP=ffffffff9b4627e0 RSP=ffffc90000007710
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000065 R14=0000000000000010 R15=ffffffff857c1620
RIP=ffffffff857c16af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097177000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5455da4 CR3=0000000058918000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffff88802b23b3c8 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000002 RDI=ffff88802b23b3ca RBP=dffffc0000000000 RSP=ffffc90002cbfb40
R8 =0000000000000001 R9 =ffffed1005647679 R10=ffff88802b23b3cb R11=0000000000000000
R12=0000000000007ed4 R13=ffffed1005647679 R14=ffff88802b33c340 R15=0000000000000000
RIP=ffffffff8b8af844 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097277000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5454ff4 CR3=0000000058918000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000024fead RBX=ffff88801c7dca00 RCX=ffffffff8b880095 RDX=0000000000000000
RSI=ffffffff8df1c469 RDI=ffffffff8c1c2800 RBP=0000000000000000 RSP=ffffc9000047fdf0
R8 =0000000000000001 R9 =ffffed10056867b5 R10=ffff88802b433dab R11=0000000000000000
R12=0000000000000002 R13=ffffed10038fb940 R14=0000000000000002 R15=ffffffff90d7dc50
RIP=ffffffff8b87e87f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097377000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000209e0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=fffff5200059bf60 RBX=1ffff9200059bf60 RCX=0000000080000002 RDX=ffffc90002cdfd30
RSI=0000000080091180 RDI=ffff888012b41840 RBP=ffffc90002cdfc50 RSP=ffffc90002cdfae8
R8 =000000000000488a R9 =0000000000000000 R10=0000000080000002 R11=0000000000000000
R12=0000000000000000 R13=0000000080000002 R14=ffffc90002cdfd30 R15=0000000080091180
RIP=ffffffff820802c0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097477000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53cbff4 CR3=000000005f687000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000