last executing test programs:

1.325980568s ago: executing program 0 (id=257):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x3, 0x0}}, 0x20)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x1, 0xfffffffd, 0x1, 0xfffffffffffffff9, 0x3ffffffff, 0x0, 0x1, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffe, 0x2})
write$P9_RVERSION(r2, 0x0, 0xfffffeb5)

937.954348ms ago: executing program 1 (id=258):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r2 = dup(r1)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)

874.134407ms ago: executing program 1 (id=259):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0x80109, "fa02946a000000001dda524f03000000000000000000003673000000002000", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45bebe3f5b53e0ca34dd02acecdc67c5e3126628168", r0})

804.368553ms ago: executing program 1 (id=260):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_MAP_DUMB(r0, 0xc01064b3, &(0x7f0000000200))

804.097681ms ago: executing program 0 (id=261):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x80000000000004, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x1, @pix={0x5, 0x7, 0x59565955, 0x6, 0x9aa5, 0x6, 0x7, 0xf20e, 0x1, 0x0, 0x1, 0x7}})

720.657207ms ago: executing program 1 (id=262):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00')
fchdir(r0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/211, 0xd3)

720.485105ms ago: executing program 0 (id=263):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x2c)

665.933235ms ago: executing program 1 (id=264):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)={0x34, r1, 0x5, 0x0, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x4}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac04}]]}, 0x34}}, 0x0)

665.297117ms ago: executing program 1 (id=265):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

605.341649ms ago: executing program 0 (id=266):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xfffdffff})
syz_mount_image$ext4(&(0x7f0000000580)='ext3\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000340)={[{@init_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d7, &(0x7f0000001200)="$eJzs3c9vVEUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aAAleTIwXY0w8eRD/CyVy5aQnD148GRKihqOJa952H3Tbty0tbV/lfT7JdufN7MvMY/l2ZqczbwOorMHsRy1id0RMp4j+dGXpCwbnn+7+/cnJ7JGiXn/jzxSpmZe/NDWf+7IfnRE9EfHzTyl2dSytd2bu0tnxqanJi83j4dlz08Mzc5f2nzk3fnry9OT50ZdGjxw+dPjIyIE1Xdflgrzj197/sP+zsbe/++afNPL9b2MpjsarzRcuvI71MhiDjX+TtLSo78h6V1aSjvm3Oha+xamzxAaxKvn71xURT0V/dMT9N68/Pn2t1MYBG6qeIupARSXxDxWVjwPyz/aLPwfXShmVAJvhzrH5CYCl8d85PzcYPY25ge13Uyyc1kkRsbaZuVY7IuLWzbFrp26OXYsNmocDil25GhFPF8V/asT/QPTEQCP+ay3xn40LTjSfs/zX11j/4qli8Q+bZz7+e5aN/2gT/+8siP9311j/4P3ke70t8d+71ksCAAAAAACAyrpxLCJeLPr7f+3e+p8oWP/TFxFH16H+wUXHS//+X7u9DtUABe4ci3ilcP1vLV/9O9DRTD3WWA/QlU6dmZo8EBGPR8S+6NqWHY8sU8f+z3d93a5ssLn+L39k9d9qrgVstuN257bWcybGZ8cf9rqBiDtXI54pXP+b7vX/qaD/z34fTD9gHbuev36iXdnK8Q9slPq3EXsL+//7d61Iy9+fY7gxHhjORwVLPfvxFz+0q3+t8e8WE/Dwsv5/+/LxP5AW3q9nZvV1HJzrrLcrW+v4vzu92bjlTHcz76Px2dmLIxHd6XhHltuSP7r6NsOjKI+HPF6y+N/33PLzf0Xj/96IWHSnsEh/te4pzj35b9/v7dpj/A/lyeJ/YlX9/+oTo9cHfmxX/4P1/4caff2+Zo75P5j3VR6m3a35BeHYWVS02e0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdBLSJ2RKoN3UvXakNDEX0R8URsr01dmJl94dSFD85PZGWN7/+v5d/02z9/nPLv/x9YcDy66PhgROyMiC87ehvHQycvTE2UffEAAAAAAAAAAAAAAAAAAACwRfS12f+f+aOj7NYBG66z7AYApSmI/1/KaAew+fT/UF3iH6pL/EN1iX+oLvEP1SX+obrEP1SX+AcAAAAAgEfKzj03fk0RceXl3sYj090s6yq1ZcBGq5XdAKA0bvED1WXpD1SXz/hAWqG8p+1JK525nOmTD3EyAAAAAAAAAAAAAFTO3t32/0NV2f8P1WX/P1RXvv9/T8ntADafz/hArLCTv3D//4pnAQAAAAAAAAAAAADraWbu0tnxqanJixJvbY1mbGaiXq9fzv4XbJX2/M8T+VL4rdKeRYl8r9+DnVXe7yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDVfwEAAP//tsck3w==")
socket$isdn_base(0x22, 0x3, 0x0)

507.908023ms ago: executing program 0 (id=267):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)={0x1c, 0x24, 0x301, 0x70bd25, 0xfffffffc, {0x1}, [@typed={0x5, 0x14e, 0x0, 0x0, @pid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)

446.731789ms ago: executing program 0 (id=268):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3a616dc4010203010902120001000000000904"], 0x0)

306.943289ms ago: executing program 2 (id=271):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x28, 0x16, 0x1, 0x0, 0x0, {0xa}, [@typed={0x14, 0x1, 0x0, 0x0, @ipv6=@mcast1}]}, 0x28}}, 0x0)

257.386548ms ago: executing program 2 (id=272):
r0 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000240)={r0, r1, r1}, &(0x7f0000000400)=""/189, 0xbd, &(0x7f00000003c0)={&(0x7f00000001c0)={'sha3-224-generic\x00'}})

198.151021ms ago: executing program 2 (id=273):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1a)

127.198041ms ago: executing program 2 (id=274):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000380)={r0, 0xffffffffffffffff, 0x13, 0x0, @val=@perf_event={0x4}}, 0x18)

126.812826ms ago: executing program 2 (id=275):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000007c0)=ANY=[@ANYBLOB="696f636861727365743d6d61636963656c616e642c756d61736b3d30303030303030303030303030303030303030303030352c757466382c6572726f72733d636f6e74696e75652c696f636861727365743d6d616363656e746575726f2c646973636172642c696f636861727365743d63703836302c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6572726f72733d636f6e74696e75652c00d40644f916f42b6b63a3ddd3e96cc13f37556b6c48e92c5489e97fc7d832bee08705079918afb2d81bad43ba444490ffc574f6efdeb56a0e7132b223a9c8d5187fa5140d22265ea35c924720bef432e5229293514046bb39bf66c18191d79d3028e0aa057fed10deae393038b6e5a9e6754a38d872927b96a057495482"], 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

0s ago: executing program 2 (id=276):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00'})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000000)
syz_clone3(&(0x7f0000002340)={0x828080, 0x0, 0x0, 0x0, {0x30}, 0x0, 0x0, 0x0, 0x0}, 0x58)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:39622' (ED25519) to the list of known hosts.
syzkaller login: [   64.298762][ T5834] cgroup: Unknown subsys name 'net'
[   64.414007][ T5834] cgroup: Unknown subsys name 'cpuset'
[   64.421612][ T5834] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   66.365983][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   71.233827][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.236751][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   76.784716][ T5922] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   80.892448][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.909017][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.913187][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.917133][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.921527][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.952903][   T56] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.957050][   T56] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.961124][   T56] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.964765][   T56] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.968095][   T56] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.990203][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.995503][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   81.003007][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   81.008505][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   81.014718][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   81.408448][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   81.506310][ T5946] chnl_net:caif_netlink_parms(): no params data found
[   81.587599][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   81.647870][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.652630][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.656053][ T5952] bridge_slave_0: entered allmulticast mode
[   81.660997][ T5952] bridge_slave_0: entered promiscuous mode
[   81.701666][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.704691][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.707764][ T5952] bridge_slave_1: entered allmulticast mode
[   81.713756][ T5952] bridge_slave_1: entered promiscuous mode
[   81.776503][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.779335][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.782385][ T5946] bridge_slave_0: entered allmulticast mode
[   81.785454][ T5946] bridge_slave_0: entered promiscuous mode
[   81.814235][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.817044][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.821171][ T5946] bridge_slave_1: entered allmulticast mode
[   81.824620][ T5946] bridge_slave_1: entered promiscuous mode
[   81.852795][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.856938][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.859452][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.862384][ T5949] bridge_slave_0: entered allmulticast mode
[   81.865594][ T5949] bridge_slave_0: entered promiscuous mode
[   81.884707][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.890524][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.894216][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.896991][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.900755][ T5949] bridge_slave_1: entered allmulticast mode
[   81.905070][ T5949] bridge_slave_1: entered promiscuous mode
[   81.911771][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.985547][ T5952] team0: Port device team_slave_0 added
[   82.004197][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.009832][ T5946] team0: Port device team_slave_0 added
[   82.013791][ T5952] team0: Port device team_slave_1 added
[   82.017687][ T5946] team0: Port device team_slave_1 added
[   82.061588][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.093092][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.095864][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.107104][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.114157][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.117323][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.130598][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.151463][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.153953][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.164061][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.174039][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.176701][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.188324][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.195578][ T5949] team0: Port device team_slave_0 added
[   82.202039][ T5949] team0: Port device team_slave_1 added
[   82.263252][ T5952] hsr_slave_0: entered promiscuous mode
[   82.265724][ T5952] hsr_slave_1: entered promiscuous mode
[   82.301390][ T5946] hsr_slave_0: entered promiscuous mode
[   82.304281][ T5946] hsr_slave_1: entered promiscuous mode
[   82.306621][ T5946] debugfs: 'hsr0' already exists in 'hsr'
[   82.309330][ T5946] Cannot create hsr debugfs directory
[   82.312290][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.315251][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.325816][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.345696][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.348211][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.358730][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.467234][ T5949] hsr_slave_0: entered promiscuous mode
[   82.470300][ T5949] hsr_slave_1: entered promiscuous mode
[   82.473200][ T5949] debugfs: 'hsr0' already exists in 'hsr'
[   82.475401][ T5949] Cannot create hsr debugfs directory
[   82.752906][ T5952] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.760483][ T5952] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.773527][ T5952] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.783077][ T5952] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.882503][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.901298][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.925502][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.945841][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.985867][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   82.989533][ T5950] Bluetooth: hci1: command tx timeout
[   82.989540][ T5947] Bluetooth: hci0: command tx timeout
[   83.011645][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   83.028104][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   83.036501][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   83.069409][ T5950] Bluetooth: hci2: command tx timeout
[   83.094458][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.144281][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   83.171498][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.174605][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.196703][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.200104][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.254255][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.284342][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.313480][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[   83.333210][ T1401] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.336043][ T1401] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.347044][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   83.356601][ T1401] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.359726][ T1401] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.374232][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.377054][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.413465][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.416438][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.550969][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.613021][ T5952] veth0_vlan: entered promiscuous mode
[   83.631793][ T5952] veth1_vlan: entered promiscuous mode
[   83.683595][ T5952] veth0_macvtap: entered promiscuous mode
[   83.701601][ T5952] veth1_macvtap: entered promiscuous mode
[   83.742158][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.762797][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.788225][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.796581][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.804936][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.811794][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.824812][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.916024][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.976449][ T5949] veth0_vlan: entered promiscuous mode
[   83.986831][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.994978][ T5949] veth1_vlan: entered promiscuous mode
[   84.005127][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.066672][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.071567][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.083761][ T5946] veth0_vlan: entered promiscuous mode
[   84.107833][ T5946] veth1_vlan: entered promiscuous mode
[   84.128426][ T5949] veth0_macvtap: entered promiscuous mode
[   84.145078][ T5949] veth1_macvtap: entered promiscuous mode
[   84.174352][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.203220][ T5946] veth0_macvtap: entered promiscuous mode
[   84.211162][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.243757][ T5946] veth1_macvtap: entered promiscuous mode
[   84.255349][ T5973] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.265754][ T5973] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.289695][ T5973] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.306508][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.310873][ T5973] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.321241][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.364539][ T5973] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.370856][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.374792][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.416455][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.462795][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.469495][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.515680][ T1325] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.523941][ T1325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.579997][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.583259][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.606502][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.611850][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.069463][ T5950] Bluetooth: hci0: command tx timeout
[   85.079951][ T5950] Bluetooth: hci1: command tx timeout
[   85.155313][ T6032] netlink: 'syz.2.86': attribute type 1 has an invalid length.
[   85.160016][ T5950] Bluetooth: hci2: command tx timeout
[   85.210874][ T6012] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   85.382034][ T6012] usb 1-1: too many configurations: 151, using maximum allowed: 8
[   85.437875][ T6012] usb 1-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[   85.446184][ T6012] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[   85.447510][ T6044] loop2: detected capacity change from 0 to 2048
[   85.477215][ T6012] usb 1-1: Product: syz
[   85.485202][ T6012] usb 1-1: Manufacturer: syz
[   85.487606][ T6012] usb 1-1: SerialNumber: syz
[   85.503302][ T6012] usb 1-1: config 0 descriptor??
[   85.508744][ T6044] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.718985][ T6012] usb 1-1: USB disconnect, device number 2
[   86.028972][ T6065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.101'.
[   86.400331][ T6075] syz.1.106 uses old SIOCAX25GETINFO
[   86.414847][ T1278] kernel write not supported for file /amidi2 (pid: 1278 comm: kworker/0:2)
[   86.451803][ T6079] binder: 6078:6079 unknown command 0
[   86.459221][ T6079] binder: 6078:6079 ioctl c0306201 200000000080 returned -22
[   86.631929][  T978] cfg80211: failed to load regulatory.db
[   86.940690][ T6097] loop1: detected capacity change from 0 to 4096
[   87.015621][ T6100] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.159240][ T6104] nbd0: detected capacity change from 0 to 127
[   87.160671][ T5950] Bluetooth: hci1: command tx timeout
[   87.162694][ T5947] Bluetooth: hci0: command tx timeout
[   87.178044][   T57] block nbd0: Receive control failed (result -32)
[   87.198313][ T5925] block nbd0: Dead connection, failed to find a fallback
[   87.213379][ T5925] block nbd0: shutting down sockets
[   87.215962][ T5925] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.221268][ T5925] Buffer I/O error on dev nbd0, logical block 0, async page read
[   87.224455][ T5925] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.227675][ T5925] Buffer I/O error on dev nbd0, logical block 1, async page read
[   87.231254][ T5925] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.234897][ T5925] Buffer I/O error on dev nbd0, logical block 2, async page read
[   87.237320][ T5947] Bluetooth: hci2: command tx timeout
[   87.237836][ T5925] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.243675][ T5925] Buffer I/O error on dev nbd0, logical block 3, async page read
[   87.246957][ T5925] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.251821][ T5925] Buffer I/O error on dev nbd0, logical block 0, async page read
[   87.255318][ T5925] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.272497][ T5925] Buffer I/O error on dev nbd0, logical block 1, async page read
[   87.280735][ T5925] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.284088][ T5925] Buffer I/O error on dev nbd0, logical block 2, async page read
[   87.287160][ T5925] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.309239][ T5925] Buffer I/O error on dev nbd0, logical block 3, async page read
[   87.312802][ T5925] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.325543][ T5925] Buffer I/O error on dev nbd0, logical block 0, async page read
[   87.339162][ T5925] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   87.343198][ T5925] Buffer I/O error on dev nbd0, logical block 1, async page read
[   87.357061][ T5925] ldm_validate_partition_table(): Disk read failed.
[   87.371455][ T5925] Dev nbd0: unable to read RDB block 0
[   87.385028][ T5925]  nbd0: unable to read partition table
[   87.393216][ T6112] loop2: detected capacity change from 0 to 4096
[   87.416471][ T6112] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[   87.421746][ T5925] ldm_validate_partition_table(): Disk read failed.
[   87.427634][ T6116] netlink: 12 bytes leftover after parsing attributes in process `syz.0.125'.
[   87.434752][ T5925] Dev nbd0: unable to read RDB block 0
[   87.438557][ T5925]  nbd0: unable to read partition table
[   87.453318][ T6116] netlink: 12 bytes leftover after parsing attributes in process `syz.0.125'.
[   87.456762][ T6116] Zero length message leads to an empty skb
[   87.460742][ T5973] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   87.464981][ T5924] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   87.485408][ T5924] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   87.498453][ T5924] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   87.575853][ T6121] netlink: 16 bytes leftover after parsing attributes in process `syz.0.127'.
[   88.467655][ T6138] loop1: detected capacity change from 0 to 256
[   88.475477][ T6138] =======================================================
[   88.475477][ T6138] WARNING: The mand mount option has been deprecated and
[   88.475477][ T6138]          and is ignored by this kernel. Remove the mand
[   88.475477][ T6138]          option from the mount to silence this warning.
[   88.475477][ T6138] =======================================================
[   88.564410][ T6138] FAT-fs (loop1): Directory bread(block 64) failed
[   88.569565][ T6138] FAT-fs (loop1): Directory bread(block 65) failed
[   88.572604][ T6138] FAT-fs (loop1): Directory bread(block 66) failed
[   88.577522][ T6138] FAT-fs (loop1): Directory bread(block 67) failed
[   88.581120][ T6138] FAT-fs (loop1): Directory bread(block 68) failed
[   88.584121][ T6138] FAT-fs (loop1): Directory bread(block 69) failed
[   88.587564][ T6138] FAT-fs (loop1): Directory bread(block 70) failed
[   88.592056][ T6138] FAT-fs (loop1): Directory bread(block 71) failed
[   88.595005][ T6138] FAT-fs (loop1): Directory bread(block 72) failed
[   88.598192][ T6138] FAT-fs (loop1): Directory bread(block 73) failed
[   88.744922][ T6144] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.231125][ T5950] Bluetooth: hci1: command tx timeout
[   89.234879][ T5947] Bluetooth: hci0: command tx timeout
[   89.268398][ T6164] netlink: 'syz.2.142': attribute type 21 has an invalid length.
[   89.304181][ T6164] netlink: 132 bytes leftover after parsing attributes in process `syz.2.142'.
[   89.310966][ T5947] Bluetooth: hci2: command tx timeout
[   92.567101][ T6221] vcan0: tx drop: invalid da for name 0x0000000000000002
[   92.671430][ T6225] loop0: detected capacity change from 0 to 256
[   92.706977][ T6225] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   92.762072][   T33] audit: type=1800 audit(1757507414.348:2): pid=6225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.170" name="file1" dev="loop0" ino=1048650 res=0 errno=0
[   93.040039][ T6246] loop2: detected capacity change from 0 to 512
[   93.045552][ T6246] EXT4-fs: Ignoring removed nomblk_io_submit option
[   93.065508][ T6246] EXT4-fs (loop2): Test dummy encryption mode enabled
[   93.103697][ T6246] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 17. Delete some EAs or run e2fsck.
[   93.112260][ T6246] EXT4-fs (loop2): 1 truncate cleaned up
[   93.116628][ T6246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.291565][ T6250] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[   94.593256][ T5949] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.645077][ T6263] netlink: 'syz.2.182': attribute type 4 has an invalid length.
[   94.658994][ T6263] netlink: 'syz.2.182': attribute type 4 has an invalid length.
[   94.884621][   T33] audit: type=1326 audit(1757507416.478:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.183" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44c898eba9 code=0x0
[   95.241804][ T6259] loop1: detected capacity change from 0 to 32768
[   95.246753][ T6259] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section members_v2: device 0: bucket size 0 smaller than block size 8
[   95.246753][ T6259] members_v2 (size 152):
[   95.246753][ T6259] Device:                        0
[   95.246753][ T6259]   Label:                       (none)
[   95.246753][ T6259]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[   95.246753][ T6259]   Size:                        0
[   95.246753][ T6259]   read errors:                 0
[   95.246753][ T6259]   write errors:                0
[   95.246753][ T6259]   checksum errors:             0
[   95.246753][ T6259]   seqread iops:                0
[   95.246753][ T6259]   seqwrite iops:               1048320
[   95.246753][ T6259]   randread iops:               0
[   95.246753][ T6259]   randwrite iops:              0
[   95.246753][ T6259]   Bucket size:                 0
[   95.246753][ T6259]   First bucket:                0
[   95.246753][ T6259]   Buckets:                     128
[   95.246753][ T6259]   Last mount:                  9223372038569457075
[   95.246753][ T6259]   Last superblock write:       42
[   95.246753][ T6259]   State:                       unknown
[   95.246753][ T6259]   Data allowed:                (none)
[   95.246753][ T6259]   Has data:                    (none)
[   95.246753][ T6259]   Btree allocated bitmap blocksize:256
[   95.246753][ T6259]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[   95.246753][ T6259]   Durability
[   95.246859][ T6259] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[   95.662819][ T6279] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.817235][ T6290] sctp: [Deprecated]: syz.2.195 (pid 6290) Use of struct sctp_assoc_value in delayed_ack socket option.
[   95.817235][ T6290] Use struct sctp_sack_info instead
[   95.986646][   T33] audit: type=1326 audit(1757507417.578:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6301 comm="syz.0.201" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44c898eba9 code=0x0
[   95.995721][ T6006] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   96.086417][ T6308] loop0: detected capacity change from 0 to 512
[   96.120253][ T6311] futex_wake_op: syz.2.203 tries to shift op by -1; fix this program
[   96.126302][ T6308] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   96.132145][ T6308] System zones: 0-2, 18-18, 34-34
[   96.147793][ T6308] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.204: bg 0: block 248: padding at end of block bitmap is not set
[   96.158268][ T6308] Quota error (device loop0): write_blk: dquota write failed
[   96.162217][ T6308] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   96.166333][ T6308] EXT4-fs error (device loop0): ext4_acquire_dquot:6943: comm syz.0.204: Failed to acquire dquot type 1
[   96.181361][ T6308] EXT4-fs (loop0): 1 truncate cleaned up
[   96.185934][ T6308] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.203655][ T6308] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.376999][ T6308] EXT4-fs error (device loop0): ext4_lookup:1791: inode #2: comm syz.0.204: deleted inode referenced: 12
[   96.483814][ T5946] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.496555][ T6006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   96.515175][ T6006] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[   96.524484][ T6006] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.548069][ T6006] usb 2-1: config 0 descriptor??
[   97.010074][ T6006] lua 0003:1E7D:2C2E.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.1-1/input0
[   97.132058][  T974] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   97.359372][  T974] usb 1-1: Using ep0 maxpacket: 8
[   97.417674][ T6006] usb 2-1: USB disconnect, device number 2
[   97.442826][  T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.448804][  T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.454057][  T974] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[   97.459362][  T974] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.478311][  T974] usb 1-1: config 0 descriptor??
[   97.893860][  T974] kye 0003:0458:5010.0002: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[   97.901851][  T974] kye 0003:0458:5010.0002: hidraw0: USB HID v0.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0
[   97.908089][  T974] kye 0003:0458:5010.0002: tablet-enabling feature report not found
[   97.914325][  T974] kye 0003:0458:5010.0002: tablet enabling failed
[   98.013929][ T6334] capability: warning: `syz.1.213' uses 32-bit capabilities (legacy support in use)
[   98.097120][ T6006] usb 1-1: USB disconnect, device number 3
[   98.108369][ T6338] loop1: detected capacity change from 0 to 256
[   98.117764][ T6338] exfat: Deprecated parameter 'namecase'
[   98.120624][ T6338] exfat: Deprecated parameter 'utf8'
[   98.134465][ T6338] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   98.336449][ T6343] loop1: detected capacity change from 0 to 16
[   98.348277][ T6343] erofs (device loop1): unidentified incompatible feature 1000000, please upgrade kernel
[   98.856703][ T6347] loop2: detected capacity change from 0 to 64
[   99.086189][ T6351] loop2: detected capacity change from 0 to 16
[   99.109899][ T6351] erofs (device loop2): mounted with root inode @ nid 36.
[   99.351364][ T6351] syz.2.220 (6351) used greatest stack depth: 19656 bytes left
[   99.677964][ T6359] loop2: detected capacity change from 0 to 1024
[   99.708412][ T6359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.718116][ T6361] netlink: 'syz.1.225': attribute type 2 has an invalid length.
[   99.733186][ T6359] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.224: missing EA_INODE flag
[   99.743270][ T6359] EXT4-fs (loop2): Remounting filesystem read-only
[   99.757674][ T6355] loop0: detected capacity change from 0 to 32768
[   99.765377][ T6355] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.222 (6355)
[   99.812543][ T6355] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   99.814642][ T5949] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.816470][ T6355] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   99.932527][ T6355] BTRFS info (device loop0): enabling ssd optimizations
[   99.940843][ T6355] BTRFS info (device loop0): enabling free space tree
[  100.062461][ T5946] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  100.214919][ T6381] loop2: detected capacity change from 0 to 32768
[  100.219442][ T6381] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.226 (6381)
[  100.270845][   T33] audit: type=1800 audit(1757507421.868:5): pid=6392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.231" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  100.281871][ T6381] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.285872][ T6381] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  100.401627][ T6381] BTRFS info (device loop2): enabling ssd optimizations
[  100.404452][ T6381] BTRFS info (device loop2): enabling free space tree
[  100.417355][ T6406] Bluetooth: hci3: received HCILL_GO_TO_SLEEP_ACK in state 2
[  100.423607][ T1092] Bluetooth: hci3: Frame reassembly failed (-84)
[  100.480295][ T6006] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  100.510331][ T5949] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.638708][ T6006] usb 1-1: Using ep0 maxpacket: 32
[  100.643569][ T6006] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.655571][ T6006] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.668900][ T6006] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  100.674938][ T6006] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.694560][ T6006] usb 1-1: config 0 descriptor??
[  100.794597][ T6412] netlink: 'syz.2.233': attribute type 1 has an invalid length.
[  101.119033][ T6006] ft260 0003:0403:6030.0003: unknown main item tag 0x7
[  101.314905][ T6006] ft260 0003:0403:6030.0003: failed to retrieve chip version
[  101.318382][ T6006] ft260 0003:0403:6030.0003: probe with driver ft260 failed with error -71
[  101.327768][ T6006] usb 1-1: USB disconnect, device number 4
[  102.065981][ T6006] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  102.238826][ T6006] usb 3-1: Using ep0 maxpacket: 16
[  102.314087][ T6006] usb 3-1: too many configurations: 97, using maximum allowed: 8
[  102.469762][ T5950] Bluetooth: hci3: command 0x1003 tx timeout
[  102.499022][ T5947] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  102.553231][ T6006] usb 3-1: string descriptor 0 read error: -71
[  102.555821][ T6006] usb 3-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c
[  102.560843][ T6006] usb 3-1: New USB device strings: Mfr=249, Product=204, SerialNumber=224
[  102.572893][ T6006] usb 3-1: rejected 8 configurations due to insufficient available bus power
[  102.579225][ T6006] usb 3-1: no configuration chosen from 8 choices
[  102.588101][ T6006] usb 3-1: USB disconnect, device number 2
[  102.918894][ T1278] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  102.949344][ T6429] loop0: detected capacity change from 0 to 1024
[  102.967924][ T6429] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  102.981232][ T6429] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869)
[  102.991081][ T6429] EXT4-fs (loop0): journal inode is deleted
[  103.092896][ T1278] usb 2-1: config 11 has an invalid interface number: 62 but max is 0
[  103.096697][ T1278] usb 2-1: config 11 has no interface number 0
[  103.105986][ T1278] usb 2-1: New USB device found, idVendor=22b8, idProduct=2d9a, bcdDevice=bf.dc
[  103.115379][ T6434] netlink: 'syz.2.242': attribute type 6 has an invalid length.
[  103.118485][ T6434] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.242'.
[  103.121427][ T1278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.125733][ T1278] usb 2-1: Product: syz
[  103.127577][ T1278] usb 2-1: Manufacturer: syz
[  103.130549][ T1278] usb 2-1: SerialNumber: syz
[  103.365151][ T1278] hub 2-1:11.62: bad descriptor, ignoring hub
[  103.373250][ T1278] hub 2-1:11.62: probe with driver hub failed with error -5
[  103.406146][ T1278] usb 2-1: USB disconnect, device number 3
[  103.991829][ T6445] loop0: detected capacity change from 0 to 512
[  104.018548][ T6445] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.024747][ T6445] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.045266][   T33] audit: type=1800 audit(1757507425.638:6): pid=6445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.246" name="file1" dev="loop0" ino=15 res=0 errno=0
[  104.057415][   T33] audit: type=1800 audit(1757507425.648:7): pid=6445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.246" name="file2" dev="loop0" ino=16 res=0 errno=0
[  104.066991][   T33] audit: type=1800 audit(1757507425.658:8): pid=6445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.246" name="file1" dev="loop0" ino=15 res=0 errno=0
[  104.095535][ T5946] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.599762][ T6012] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  104.884745][ T6012] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  104.889979][ T6012] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  104.897875][ T6012] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  104.908225][ T6012] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.917133][ T6012] usb 3-1: Product: syz
[  104.921318][ T6012] usb 3-1: Manufacturer: syz
[  104.923870][ T6012] usb 3-1: SerialNumber: syz
[  105.349492][ T6012] usb 3-1: cannot find UAC_HEADER
[  105.378064][ T6012] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  105.391389][ T6012] usb 3-1: USB disconnect, device number 3
[  105.424221][ T5927] udevd[5927]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  105.725170][ T6492] loop0: detected capacity change from 0 to 1024
[  106.004006][ T6503] netlink: 16 bytes leftover after parsing attributes in process `syz.2.271'.
[  106.109085][ T6012] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  106.222004][ T6512] loop2: detected capacity change from 0 to 256
[  106.225436][ T6512] exfat: Deprecated parameter 'utf8'
[  106.236884][ T6512] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  106.270888][ T6012] usb 1-1: Using ep0 maxpacket: 8
[  106.285389][ T6012] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  106.293110][ T6012] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.300430][ T6012] usb 1-1: Product: syz
[  106.305176][ T6012] usb 1-1: Manufacturer: syz
[  106.307525][ T6012] usb 1-1: SerialNumber: syz
[  106.313098][ T6012] usb 1-1: config 0 descriptor??
[  106.322955][ T6012] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  106.722088][ T6516] ==================================================================
[  106.725466][ T6516] BUG: KASAN: slab-out-of-bounds in change_page_attr_set_clr+0x625/0xfc0
[  106.728755][ T6516] Read of size 8 at addr ffff88811f83fd20 by task syz.2.276/6516
[  106.732494][ T6516] 
[  106.733885][ T6516] CPU: 1 UID: 0 PID: 6516 Comm: syz.2.276 Not tainted syzkaller #0 PREEMPT(full) 
[  106.733905][ T6516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.733916][ T6516] Call Trace:
[  106.733925][ T6516]  <TASK>
[  106.733933][ T6516]  dump_stack_lvl+0x189/0x250
[  106.733961][ T6516]  ? __kasan_check_byte+0x12/0x40
[  106.733983][ T6516]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.734000][ T6516]  ? lock_release+0x4b/0x3e0
[  106.734021][ T6516]  ? __virt_addr_valid+0x4a5/0x5c0
[  106.734039][ T6516]  print_report+0xca/0x240
[  106.734053][ T6516]  ? change_page_attr_set_clr+0x625/0xfc0
[  106.734071][ T6516]  kasan_report+0x118/0x150
[  106.734090][ T6516]  ? change_page_attr_set_clr+0x625/0xfc0
[  106.734112][ T6516]  change_page_attr_set_clr+0x625/0xfc0
[  106.734133][ T6516]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  106.734152][ T6516]  ? __pfx_pagerange_is_ram_callback+0x10/0x10
[  106.734168][ T6516]  ? memtype_reserve+0x874/0xb30
[  106.734187][ T6516]  ? __pfx___ww_mutex_lock+0x10/0x10
[  106.734202][ T6516]  _set_pages_array+0x145/0x270
[  106.734225][ T6516]  drm_gem_shmem_get_pages_locked+0x2d0/0x440
[  106.734245][ T6516]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  106.734263][ T6516]  ? ww_mutex_lock+0x3f/0x1c0
[  106.734276][ T6516]  drm_gem_shmem_mmap+0x193/0x460
[  106.734294][ T6516]  drm_gem_mmap_obj+0x18a/0x4e0
[  106.734317][ T6516]  drm_gem_mmap+0x384/0x640
[  106.734338][ T6516]  ? __pfx_drm_gem_mmap+0x10/0x10
[  106.734357][ T6516]  ? __pfx_drm_gem_mmap+0x10/0x10
[  106.734379][ T6516]  mmap_region+0x18a8/0x2100
[  106.734401][ T6516]  ? __pfx_mmap_region+0x10/0x10
[  106.734416][ T6516]  ? finish_task_switch+0x18b/0x950
[  106.734436][ T6516]  ? finish_task_switch+0x266/0x950
[  106.734452][ T6516]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.734487][ T6516]  ? __pfx___schedule+0x10/0x10
[  106.734505][ T6516]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  106.734532][ T6516]  ? bpf_lsm_mmap_addr+0x9/0x20
[  106.734547][ T6516]  ? security_mmap_addr+0x71/0x270
[  106.734564][ T6516]  ? shmem_mapping+0xd/0x50
[  106.734577][ T6516]  ? memfd_check_seals_mmap+0xc5/0x200
[  106.734621][ T6516]  do_mmap+0xc45/0x10d0
[  106.734642][ T6516]  ? __pfx_do_mmap+0x10/0x10
[  106.734657][ T6516]  ? down_write_killable+0x178/0x230
[  106.734674][ T6516]  ? __pfx_down_write_killable+0x10/0x10
[  106.734690][ T6516]  ? __sanitizer_cov_trace_pc+0x11/0x70
[  106.734709][ T6516]  vm_mmap_pgoff+0x2a6/0x4d0
[  106.734726][ T6516]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  106.734741][ T6516]  ? __fget_files+0x2a/0x420
[  106.734760][ T6516]  ? __fget_files+0x2a/0x420
[  106.734778][ T6516]  ? __fget_files+0x2a/0x420
[  106.734798][ T6516]  ksys_mmap_pgoff+0x51f/0x760
[  106.734816][ T6516]  do_syscall_64+0xfa/0xfa0
[  106.734829][ T6516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.734843][ T6516]  ? asm_sysvec_call_function_single+0x1a/0x20
[  106.734859][ T6516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.734873][ T6516] RIP: 0033:0x7f95e098eba9
[  106.734898][ T6516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.734911][ T6516] RSP: 002b:00007f95e17af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  106.734928][ T6516] RAX: ffffffffffffffda RBX: 00007f95e0bd6180 RCX: 00007f95e098eba9
[  106.734939][ T6516] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[  106.734956][ T6516] RBP: 00007f95e0a11e19 R08: 0000000000000005 R09: 0000000100000000
[  106.734965][ T6516] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  106.734975][ T6516] R13: 00007f95e0bd6218 R14: 00007f95e0bd6180 R15: 00007ffd7c45bb38
[  106.734992][ T6516]  </TASK>
[  106.734997][ T6516] 
[  106.869706][ T6516] Allocated by task 6516:
[  106.871226][ T6516]  kasan_save_track+0x3e/0x80
[  106.873197][ T6516]  __kasan_kmalloc+0x93/0xb0
[  106.875099][ T6516]  __kvmalloc_node_noprof+0x5cd/0x910
[  106.877410][ T6516]  drm_gem_get_pages+0x166/0xa20
[  106.879536][ T6516]  drm_gem_shmem_get_pages_locked+0x201/0x440
[  106.882173][ T6516]  drm_gem_shmem_mmap+0x193/0x460
[  106.884327][ T6516]  drm_gem_mmap_obj+0x18a/0x4e0
[  106.886394][ T6516]  drm_gem_mmap+0x384/0x640
[  106.888001][ T6516]  mmap_region+0x18a8/0x2100
[  106.889655][ T6516]  do_mmap+0xc45/0x10d0
[  106.891912][ T6516]  vm_mmap_pgoff+0x2a6/0x4d0
[  106.893952][ T6516]  ksys_mmap_pgoff+0x51f/0x760
[  106.896098][ T6516]  do_syscall_64+0xfa/0xfa0
[  106.898144][ T6516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.900867][ T6516] 
[  106.902209][ T6516] The buggy address belongs to the object at ffff88811f83fc00
[  106.902209][ T6516]  which belongs to the cache kmalloc-512 of size 512
[  106.907703][ T6516] The buggy address is located 0 bytes to the right of
[  106.907703][ T6516]  allocated 288-byte region [ffff88811f83fc00, ffff88811f83fd20)
[  106.912705][ T6516] 
[  106.913626][ T6516] The buggy address belongs to the physical page:
[  106.916190][ T6516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11f83c
[  106.919732][ T6516] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  106.922739][ T6516] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  106.926070][ T6516] page_type: f5(slab)
[  106.927760][ T6516] raw: 057ff00000000040 ffff88801a841c80 dead000000000100 dead000000000122
[  106.931487][ T6516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  106.935095][ T6516] head: 057ff00000000040 ffff88801a841c80 dead000000000100 dead000000000122
[  106.938471][ T6516] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  106.942039][ T6516] head: 057ff00000000002 ffffea00047e0f01 00000000ffffffff 00000000ffffffff
[  106.945488][ T6516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  106.948894][ T6516] page dumped because: kasan: bad access detected
[  106.951627][ T6516] page_owner tracks the page as allocated
[  106.954134][ T6516] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5946, tgid 5946 (syz-executor), ts 83106173376, free_ts 76451380192
[  106.962650][ T6516]  post_alloc_hook+0x240/0x2a0
[  106.964665][ T6516]  get_page_from_freelist+0x21e4/0x22c0
[  106.966947][ T6516]  __alloc_frozen_pages_noprof+0x181/0x370
[  106.969435][ T6516]  alloc_pages_mpol+0x232/0x4a0
[  106.971690][ T6516]  allocate_slab+0x8a/0x330
[  106.973651][ T6516]  ___slab_alloc+0xbd1/0x13f0
[  106.975673][ T6516]  __slab_alloc+0x55/0xa0
[  106.977486][ T6516]  __kmalloc_noprof+0x471/0x7f0
[  106.979495][ T6516]  fib6_info_alloc+0x30/0xf0
[  106.981427][ T6516]  ip6_route_info_create+0x142/0x860
[  106.983748][ T6516]  ip6_route_add+0x49/0x1b0
[  106.985578][ T6516]  add_v4_addrs+0x8b3/0xbd0
[  106.987042][ T6516]  addrconf_init_auto_addrs+0x6da/0xa30
[  106.988850][ T6516]  addrconf_notify+0xacc/0x1010
[  106.990430][ T6516]  notifier_call_chain+0x1b6/0x3e0
[  106.992019][ T6516]  __dev_notify_flags+0x18d/0x2e0
[  106.993797][ T6516] page last free pid 5295 tgid 5295 stack trace:
[  106.996363][ T6516]  __free_frozen_pages+0xbc4/0xd30
[  106.998582][ T6516]  __slab_free+0x2e7/0x390
[  107.000533][ T6516]  qlist_free_all+0x97/0x140
[  107.002592][ T6516]  kasan_quarantine_reduce+0x148/0x160
[  107.004873][ T6516]  __kasan_slab_alloc+0x22/0x80
[  107.006904][ T6516]  __kmalloc_noprof+0x3c3/0x7f0
[  107.008919][ T6516]  kernfs_fop_write_iter+0x158/0x540
[  107.011125][ T6516]  vfs_write+0x5c9/0xb30
[  107.012883][ T6516]  ksys_write+0x145/0x250
[  107.014671][ T6516]  do_syscall_64+0xfa/0xfa0
[  107.016525][ T6516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.018977][ T6516] 
[  107.019984][ T6516] Memory state around the buggy address:
[  107.022345][ T6516]  ffff88811f83fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  107.025702][ T6516]  ffff88811f83fc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  107.028932][ T6516] >ffff88811f83fd00: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
[  107.032483][ T6516]                                ^
[  107.034650][ T6516]  ffff88811f83fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.037803][ T6516]  ffff88811f83fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  107.041192][ T6516] ==================================================================
[  107.046540][ T6516] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  107.049623][ T6516] CPU: 0 UID: 0 PID: 6516 Comm: syz.2.276 Not tainted syzkaller #0 PREEMPT(full) 
[  107.053426][ T6516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  107.057833][ T6516] Call Trace:
[  107.059358][ T6516]  <TASK>
[  107.060668][ T6516]  dump_stack_lvl+0x99/0x250
[  107.062770][ T6516]  ? __asan_memcpy+0x40/0x70
[  107.065179][ T6516]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.067542][ T6516]  ? __pfx__printk+0x10/0x10
[  107.069933][ T6516]  vpanic+0x237/0x6d0
[  107.071846][ T6516]  ? __pfx_vpanic+0x10/0x10
[  107.074033][ T6516]  ? preempt_schedule+0xae/0xc0
[  107.076331][ T6516]  ? __pfx_preempt_schedule+0x10/0x10
[  107.078881][ T6516]  panic+0xb9/0xc0
[  107.080638][ T6516]  ? __pfx_panic+0x10/0x10
[  107.082836][ T6516]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  107.085403][ T6516]  ? change_page_attr_set_clr+0x625/0xfc0
[  107.087882][ T6516]  check_panic_on_warn+0x89/0xb0
[  107.090017][ T6516]  ? change_page_attr_set_clr+0x625/0xfc0
[  107.092361][ T6516]  end_report+0x78/0x160
[  107.094231][ T6516]  kasan_report+0x129/0x150
[  107.096073][ T6516]  ? change_page_attr_set_clr+0x625/0xfc0
[  107.098306][ T6516]  change_page_attr_set_clr+0x625/0xfc0
[  107.100492][ T6516]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[  107.102898][ T6516]  ? __pfx_pagerange_is_ram_callback+0x10/0x10
[  107.105227][ T6516]  ? memtype_reserve+0x874/0xb30
[  107.107199][ T6516]  ? __pfx___ww_mutex_lock+0x10/0x10
[  107.109300][ T6516]  _set_pages_array+0x145/0x270
[  107.111220][ T6516]  drm_gem_shmem_get_pages_locked+0x2d0/0x440
[  107.113262][ T6516]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[  107.115458][ T6516]  ? ww_mutex_lock+0x3f/0x1c0
[  107.117131][ T6516]  drm_gem_shmem_mmap+0x193/0x460
[  107.118594][ T6516]  drm_gem_mmap_obj+0x18a/0x4e0
[  107.119969][ T6516]  drm_gem_mmap+0x384/0x640
[  107.121649][ T6516]  ? __pfx_drm_gem_mmap+0x10/0x10
[  107.123089][ T6516]  ? __pfx_drm_gem_mmap+0x10/0x10
[  107.124534][ T6516]  mmap_region+0x18a8/0x2100
[  107.126010][ T6516]  ? __pfx_mmap_region+0x10/0x10
[  107.127531][ T6516]  ? finish_task_switch+0x18b/0x950
[  107.129292][ T6516]  ? finish_task_switch+0x266/0x950
[  107.131297][ T6516]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.133382][ T6516]  ? __pfx___schedule+0x10/0x10
[  107.135423][ T6516]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  107.138138][ T6516]  ? bpf_lsm_mmap_addr+0x9/0x20
[  107.140147][ T6516]  ? security_mmap_addr+0x71/0x270
[  107.142354][ T6516]  ? shmem_mapping+0xd/0x50
[  107.144417][ T6516]  ? memfd_check_seals_mmap+0xc5/0x200
[  107.146784][ T6516]  do_mmap+0xc45/0x10d0
[  107.148586][ T6516]  ? __pfx_do_mmap+0x10/0x10
[  107.150541][ T6516]  ? down_write_killable+0x178/0x230
[  107.152761][ T6516]  ? __pfx_down_write_killable+0x10/0x10
[  107.155185][ T6516]  ? __sanitizer_cov_trace_pc+0x11/0x70
[  107.157470][ T6516]  vm_mmap_pgoff+0x2a6/0x4d0
[  107.159450][ T6516]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  107.161653][ T6516]  ? __fget_files+0x2a/0x420
[  107.163497][ T6516]  ? __fget_files+0x2a/0x420
[  107.165318][ T6516]  ? __fget_files+0x2a/0x420
[  107.167168][ T6516]  ksys_mmap_pgoff+0x51f/0x760
[  107.168993][ T6516]  do_syscall_64+0xfa/0xfa0
[  107.170867][ T6516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.173357][ T6516]  ? asm_sysvec_call_function_single+0x1a/0x20
[  107.175908][ T6516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.178311][ T6516] RIP: 0033:0x7f95e098eba9
[  107.180228][ T6516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.188206][ T6516] RSP: 002b:00007f95e17af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  107.191609][ T6516] RAX: ffffffffffffffda RBX: 00007f95e0bd6180 RCX: 00007f95e098eba9
[  107.194858][ T6516] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[  107.198537][ T6516] RBP: 00007f95e0a11e19 R08: 0000000000000005 R09: 0000000100000000
[  107.201902][ T6516] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  107.205263][ T6516] R13: 00007f95e0bd6218 R14: 00007f95e0bd6180 R15: 00007ffd7c45bb38
[  107.208453][ T6516]  </TASK>
[  107.210417][ T6516] Kernel Offset: disabled
[  107.212202][ T6516] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:30:28  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc9000675f810 RCX=1ffff11003e9d121 RDX=0000000000000000
RSI=ffffffff8c035de0 RDI=00000000ffffffff RBP=ffffc9000675f870 RSP=ffffc9000675f6e0
R8 =ffffffff8fc3c837 R9 =1ffffffff1f87906 R10=dffffc0000000000 R11=fffffbfff1f87907
R12=ffff88801f4e8880 R13=ffffc9000675f800 R14=ffff88801f4e8968 R15=ffffc9000675f7c0
RIP=ffffffff8a2e3689 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00100
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00100
FS =0000 00007f95e17d06c0 ffffffff 00c00100
GS =0000 ffff8880b83f1000 ffffffff 00c00100
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f95e17cffc8 CR3=0000000028834000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f95e0ba7498 00007f95e0ba7470 XMM03=00007f95e0ba74a8 00007f95e0ba74a0
XMM04=00007f95e170d100 00007f95e0ba7460 XMM05=00007f95e0ba7478 00007f95e0ba74c0
XMM06=00007f95e0ba74b8 00007f95e0ba74b0 XMM07=00007f95e0ba74a8 00007f95e0ba74a0
XMM08=0000000000000000 00007f95e0a12ee7 XMM09=0000000000000000 00007f95e0a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000005d RBX=000000000000005d RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000003a6d9 RDI=000000000003a6da RBP=00000000000003f8 RSP=ffffc90006566c50
R8 =ffff88801f918237 R9 =1ffff11003f23046 R10=dffffc0000000000 R11=ffffffff8552a850
R12=dffffc0000000000 R13=ffffffff99d248ee R14=ffffffff9a037060 R15=0000000000000000
RIP=ffffffff8552a8cc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f95e17af6c0 ffffffff 00c00000
GS =0000 ffff8881a39f1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000002340 CR3=0000000028834000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 00000030646e6f62
XMM02=00007f95e0ba7498 00007f95e0ba7470 XMM03=00007f95e0ba74a8 00007f95e0ba74a0
XMM04=00007f95e170d100 00007f95e0ba7460 XMM05=00007f95e0ba7478 00007f95e0ba74c0
XMM06=00007f95e0ba74b8 00007f95e0ba74b0 XMM07=00007f95e0ba74a8 00007f95e0ba74a0
XMM08=0000000000000000 00007f95e0a12ee7 XMM09=0000000000000000 00007f95e0a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
