last executing test programs:

19.733107522s ago: executing program 1 (id=48):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x405}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x92}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xe9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x82}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xc0}, 0x1, 0x0, 0x0, 0x8894}, 0x24000000)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="6808000885e8435a51adfce96fb70000557454679dc9502a9efc3f75830b61f7d8c3016453107076aba19fd05b3907d2730e7396b0e61f721fbf9e7758ad8e", @ANYRES16=r2, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x45}, 0x11)
sendmsg$nl_route(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)=ANY=[@ANYBLOB="38000000490011002cbd7000fbdbdf250a008000", @ANYRES32=0x0, @ANYBLOB="0100060014000100ff0220000000e1000000000000000001080002cd00020000"], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

17.712979505s ago: executing program 1 (id=50):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto(r0, &(0x7f0000000200)="5b5a5fee72619d648c85f9b0566c479d", 0x10, 0x4040080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x1, 0x8}, @window={0x3, 0x6, 0x7}, @sack_perm, @window={0x3, 0x0, 0x4}, @mss={0x2, 0x4}, @timestamp, @window={0x3, 0x1, 0x10}, @sack_perm], 0x20000000000002a1)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmsg$inet(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000880)="d11066e9f8ef6b1bf84afdfd7d0e1705d9ea6ed03f6c485dfe8c7de97fd902145eddb42f", 0x24}], 0x1}, 0x0)

15.397904842s ago: executing program 3 (id=55):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x1000000, 0x0)

15.307401203s ago: executing program 2 (id=56):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000600)="447df50ce4033a7b5ad00b83244c00b711803e7cca", 0x15}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d", 0x22}], 0x2}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33050910"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

14.157250296s ago: executing program 1 (id=58):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x405}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x92}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xe9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x82}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xc0}, 0x1, 0x0, 0x0, 0x8894}, 0x24000000)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="6808000885e8435a51adfce96fb70000557454679dc9502a9efc3f75830b61f7d8c3016453107076aba19fd05b3907d2730e7396b0e61f721fbf9e7758ad8e", @ANYRES16=r2, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x45}, 0x11)
sendmsg$nl_route(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)=ANY=[@ANYBLOB="38000000490011002cbd7000fbdbdf250a008000", @ANYRES32=0x0, @ANYBLOB="0100060014000100ff0220000000e1000000000000000001080002cd00020000"], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

11.791877394s ago: executing program 1 (id=60):
mkdir(0x0, 0x8)
r0 = getpgrp(0x0)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = dup(0xffffffffffffffff)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r4, 0x0, 0x8010)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x3, 0x2)
rseq(&(0x7f0000002d80), 0x20, 0x0, 0x0)
r5 = msgget$private(0x0, 0x1f3)
msgrcv(r5, 0x0, 0x0, 0x3, 0x2000)
msgsnd(r5, &(0x7f0000000040)={0x1}, 0x8, 0x0)

10.949493973s ago: executing program 2 (id=62):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$key(0xf, 0x3, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000001440)='./file0\x00', 0x80040, 0x54)
getxattr(&(0x7f0000002a80)='./file0\x00', 0x0, 0x0, 0x0)
syz_clone(0xb2b60000, 0x0, 0xfffffffffffffcd1, 0x0, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001cc0)=@acquire={0x128, 0x17, 0x1, 0xfffffffe, 0x0, {{@in6=@mcast1}, @in6=@remote, {@in=@remote, @in=@local, 0x4e21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56befe125658cb64}, {{@in6=@private2, @in6=@loopback, 0x0, 0x100, 0x0, 0x0, 0xa, 0x80, 0x20, 0x0, 0x0, 0xee00}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000}, {0x0, 0x4000000000}, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1}, 0xfffffff9}}, 0x128}}, 0x0)
close(0xffffffffffffffff)
execve(0x0, 0x0, 0x0)

10.752251985s ago: executing program 0 (id=63):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000440)={{0x0, 0x5, 0x0, 0x25}, 'syz0\x00', 0x53})
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x1)
ioctl$UI_DEV_CREATE(r2, 0x5501)
write$uinput_user_dev(r1, &(0x7f00000004c0)={'syz0\x00', {0x7, 0x3, 0x1, 0x9}, 0x7, [0x4, 0x6, 0x802, 0xe9a2, 0x1, 0x0, 0xa9ba, 0xc1f, 0x1, 0x7f5d, 0x3, 0x6, 0xffff, 0x10000, 0x2, 0x3, 0x0, 0x3, 0xe, 0x3, 0x0, 0x2, 0xd9, 0x2, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x8a0, 0x6, 0x8001, 0x33b5, 0x1, 0xfffffffc, 0x0, 0x0, 0xf, 0xcc, 0x5, 0x80, 0x401, 0x5, 0x5, 0xfffffffd, 0x8, 0xb, 0x3, 0xffff8001, 0x6, 0x4, 0x80000000, 0x1, 0x9, 0x7, 0x0, 0x5, 0xfff, 0x1, 0x7fe, 0x7fff, 0x2, 0x1000002, 0x8], [0x2, 0x1, 0x10000, 0x7, 0xb66, 0x2, 0x5, 0x80000001, 0x1, 0x7, 0x5, 0xdd5a, 0x6, 0x5, 0x7, 0x8, 0x5, 0xcc, 0xbc1, 0x80000, 0x0, 0x5e81339d, 0xffffc256, 0x5, 0x80000001, 0x0, 0x0, 0x4, 0x4, 0x7, 0x9, 0x4, 0x1, 0x5, 0x5, 0xfffffb66, 0x80, 0x2, 0x81, 0x7, 0x2, 0x8000, 0x7fff, 0x1, 0x9425, 0x8, 0x6f, 0x80b, 0x3, 0x6, 0x525ba681, 0x0, 0x4, 0x1, 0x1, 0x8, 0x100, 0x6, 0x10000, 0x1306, 0x100008b, 0x10000, 0xfe4, 0x3ff], [0x2, 0x7, 0x4, 0xfffffff9, 0x7aa, 0x10, 0x80, 0x8001, 0x5, 0x0, 0x9, 0x8, 0x7fffffff, 0x1, 0x1, 0x4, 0x8, 0xfffffffa, 0x7, 0x9, 0x6, 0x4, 0xfffffff7, 0xa3, 0x3, 0x0, 0x0, 0x3, 0x4c, 0x3, 0x5, 0x2, 0x0, 0x9, 0x13, 0x0, 0x2, 0xfff, 0x6, 0x100, 0x7c83, 0xd, 0x1, 0x4, 0xf, 0x7, 0x47, 0xfa1, 0x0, 0x11, 0x3, 0x1, 0x5, 0x7, 0x8000, 0x7ff, 0x10, 0x2, 0x10001, 0x1, 0x0, 0x6, 0x71c], [0x81, 0x3, 0x10, 0x4e26, 0x6, 0x40, 0xfffffff3, 0x497, 0x4, 0x1, 0x3, 0x5, 0x56, 0xc28, 0x9, 0x10001, 0x5, 0xa, 0x79a, 0x40, 0x9, 0x6, 0xc421, 0x80000001, 0x6, 0xffffffff, 0x0, 0x0, 0x6a, 0x9, 0x0, 0x0, 0x1000, 0x10, 0xd, 0x6, 0x8000, 0x4f, 0x78d, 0x4, 0x1, 0xffffb027, 0xfffffff8, 0x9, 0x7, 0x6, 0x101, 0x3ff, 0x7, 0x4, 0x0, 0xb, 0x400, 0x8, 0x0, 0x8, 0x7, 0x9a33247, 0x8, 0x0, 0x1, 0x8001, 0xfffffff7, 0x5]}, 0x45c)
read$hiddev(r2, 0x0, 0x0)

10.094764663s ago: executing program 0 (id=64):
mkdir(0x0, 0x109)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000000), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20048000)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40440a0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="80000000", @ANYRES16, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="0600cd00000000005a003300802009000802110000010802110000"], 0x80}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

9.937197345s ago: executing program 3 (id=65):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40040, 0x0)
sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4044080}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{0x0}, {0x0}, {&(0x7f0000000900)}], 0x3}}], 0x1, 0x20000044)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_sfeatures={0x17}})
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

9.736198097s ago: executing program 0 (id=66):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto(r0, &(0x7f0000000200)="5b5a5fee72619d648c85f9b0566c479d", 0x10, 0x4040080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x1, 0x8}, @window={0x3, 0x6, 0x7}, @sack_perm, @window={0x3, 0x0, 0x4}, @mss={0x2, 0x4}, @timestamp, @window={0x3, 0x1, 0x10}, @sack_perm], 0x20000000000002a1)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmsg$inet(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000880)="d11066e9f8ef6b1bf84afdfd7d0e1705d9ea6ed03f6c485dfe8c7de97fd902145eddb42f", 0x24}], 0x1}, 0x0)

9.43245299s ago: executing program 0 (id=67):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r4=>0x0})
r5 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r5, 0xc034564b, &(0x7f0000000100)={0x10000, 0x33524742, 0xf00, 0x870, 0x3, @stepwise={{0x80000001, 0x9}, {0x97c1, 0xffffffff}, {0xffffffff, 0x32}}})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000700)={{r5}, r4, 0x10, @unused=[0x0, 0x3, 0x6], @subvolid=0xa})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
kexec_load(0x0, 0x1, &(0x7f0000000b80)=[{&(0x7f00000004c0)=')', 0x1, 0x0, 0x1000}], 0x0)

7.686514471s ago: executing program 1 (id=68):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x405}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x17}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x92}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xe9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x82}, @NFTA_INNER_NUM={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xc0}, 0x1, 0x0, 0x0, 0x8894}, 0x24000000)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="6808000885e8435a51adfce96fb70000557454679dc9502a9efc3f75830b61f7d8c3016453107076aba19fd05b3907d2730e7396b0e61f721fbf9e7758ad8e", @ANYRES16=r2, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x45}, 0x11)
sendmsg$nl_route(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)=ANY=[@ANYBLOB="38000000490011002cbd7000fbdbdf250a008000", @ANYRES32=0x0, @ANYBLOB="0100060014000100ff0220000000e1000000000000000001080002cd00020000"], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)

7.442967143s ago: executing program 3 (id=69):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x20080, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "d1"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)

6.03507s ago: executing program 3 (id=70):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000600)="447df50ce4033a7b5ad00b83244c00b711803e7cca", 0x15}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d", 0x22}], 0x2}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33050910"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.020764714s ago: executing program 1 (id=71):
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89c, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.855526075s ago: executing program 2 (id=72):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000440)={{0x0, 0x5, 0x0, 0x25}, 'syz0\x00', 0x53})
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x1)
ioctl$UI_DEV_CREATE(r2, 0x5501)
write$uinput_user_dev(r1, &(0x7f00000004c0)={'syz0\x00', {0x7, 0x3, 0x1, 0x9}, 0x7, [0x4, 0x6, 0x802, 0xe9a2, 0x1, 0x0, 0xa9ba, 0xc1f, 0x1, 0x7f5d, 0x3, 0x6, 0xffff, 0x10000, 0x2, 0x3, 0x0, 0x3, 0xe, 0x3, 0x0, 0x2, 0xd9, 0x2, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x8a0, 0x6, 0x8001, 0x33b5, 0x1, 0xfffffffc, 0x0, 0x0, 0xf, 0xcc, 0x5, 0x80, 0x401, 0x5, 0x5, 0xfffffffd, 0x8, 0xb, 0x3, 0xffff8001, 0x6, 0x4, 0x80000000, 0x1, 0x9, 0x7, 0x0, 0x5, 0xfff, 0x1, 0x7fe, 0x7fff, 0x2, 0x1000002, 0x8], [0x2, 0x1, 0x10000, 0x7, 0xb66, 0x2, 0x5, 0x80000001, 0x1, 0x7, 0x5, 0xdd5a, 0x6, 0x5, 0x7, 0x8, 0x5, 0xcc, 0xbc1, 0x80000, 0x0, 0x5e81339d, 0xffffc256, 0x5, 0x80000001, 0x0, 0x0, 0x4, 0x4, 0x7, 0x9, 0x4, 0x1, 0x5, 0x5, 0xfffffb66, 0x80, 0x2, 0x81, 0x7, 0x2, 0x8000, 0x7fff, 0x1, 0x9425, 0x8, 0x6f, 0x80b, 0x3, 0x6, 0x525ba681, 0x0, 0x4, 0x1, 0x1, 0x8, 0x100, 0x6, 0x10000, 0x1306, 0x100008b, 0x10000, 0xfe4, 0x3ff], [0x2, 0x7, 0x4, 0xfffffff9, 0x7aa, 0x10, 0x80, 0x8001, 0x5, 0x0, 0x9, 0x8, 0x7fffffff, 0x1, 0x1, 0x4, 0x8, 0xfffffffa, 0x7, 0x9, 0x6, 0x4, 0xfffffff7, 0xa3, 0x3, 0x0, 0x0, 0x3, 0x4c, 0x3, 0x5, 0x2, 0x0, 0x9, 0x13, 0x0, 0x2, 0xfff, 0x6, 0x100, 0x7c83, 0xd, 0x1, 0x4, 0xf, 0x7, 0x47, 0xfa1, 0x0, 0x11, 0x3, 0x1, 0x5, 0x7, 0x8000, 0x7ff, 0x10, 0x2, 0x10001, 0x1, 0x0, 0x6, 0x71c], [0x81, 0x3, 0x10, 0x4e26, 0x6, 0x40, 0xfffffff3, 0x497, 0x4, 0x1, 0x3, 0x5, 0x56, 0xc28, 0x9, 0x10001, 0x5, 0xa, 0x79a, 0x40, 0x9, 0x6, 0xc421, 0x80000001, 0x6, 0xffffffff, 0x0, 0x0, 0x6a, 0x9, 0x0, 0x0, 0x1000, 0x10, 0xd, 0x6, 0x8000, 0x4f, 0x78d, 0x4, 0x1, 0xffffb027, 0xfffffff8, 0x9, 0x7, 0x6, 0x101, 0x3ff, 0x7, 0x4, 0x0, 0xb, 0x400, 0x8, 0x0, 0x8, 0x7, 0x9a33247, 0x8, 0x0, 0x1, 0x8001, 0xfffffff7, 0x5]}, 0x45c)
read$hiddev(r2, 0x0, 0x0)

3.714767067s ago: executing program 0 (id=73):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x10000005)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x72a, 0x1000000, 0x0)

3.550724079s ago: executing program 2 (id=74):
ioctl$EVIOCGABS20(0xffffffffffffffff, 0x40044591, 0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$dir(0xffffffffffffff9c, 0x0, 0x140, 0x82)
dup(r2)
socket$netlink(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat$cgroup_devices(r3, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000280)={'a', ' *:* ', 'rm\x00'}, 0x9)
r5 = fsmount(r0, 0x0, 0x82)
fchdir(r5)
r6 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents(r6, 0xfffffffffffffffd, 0x58)

2.078000186s ago: executing program 3 (id=75):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xcc}, 0x1, 0x0, 0x0, 0x24000090}, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbf8, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}, @TCA_FLOWER_KEY_VLAN_ETH_TYPE={0x6, 0x19, 0x8864}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000850}, 0x20084084)

1.899903198s ago: executing program 2 (id=76):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1d00d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, 0x0, 0x0)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)

140.353748ms ago: executing program 2 (id=77):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x17, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
writev(r1, &(0x7f0000000700)=[{&(0x7f0000000900)='-', 0x1}], 0x1)
r2 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, &(0x7f0000000080)={0x0, 0x0, 0x7, 0x1, 0x5, "1ae586d32101b5128ed271c679583d00", 0x3f, 0x2})
readv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/150, 0x96}], 0x1)

44.028889ms ago: executing program 0 (id=78):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000780)}], 0x1}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33050910"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 3 (id=79):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto(r0, &(0x7f0000000200)="5b5a5fee72619d648c85f9b0566c479d", 0x10, 0x4040080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x1, 0x8}, @window={0x3, 0x6, 0x7}, @sack_perm, @window={0x3, 0x0, 0x4}, @mss={0x2, 0x4}, @timestamp, @window={0x3, 0x1, 0x10}, @sack_perm], 0x20000000000002a1)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendmsg$inet(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000880)="d11066e9f8ef6b1bf84afdfd7d0e1705d9ea6ed03f6c485dfe8c7de97fd902145eddb42f", 0x24}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts.
[   76.740016][ T5758] cgroup: Unknown subsys name 'net'
[   76.873897][ T5758] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   78.414922][ T5758] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   79.928401][ T5771] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.937032][ T5771] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.954491][ T5771] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.962802][ T5771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.970755][ T5771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   79.978415][ T5771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.052138][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.060426][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.069541][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.095271][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.124306][ T5781] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.138269][ T5777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.146792][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.160190][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.160239][ T5780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.174786][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.183763][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.192023][ T5781] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   80.200256][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.215079][ T5781] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   80.222590][ T5781] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.234293][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.256699][ T5778] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   80.264806][ T5778] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.609856][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   80.706462][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   80.796269][ T5773] chnl_net:caif_netlink_parms(): no params data found
[   80.867710][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.877580][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.885237][ T5769] bridge_slave_0: entered allmulticast mode
[   80.892478][ T5769] bridge_slave_0: entered promiscuous mode
[   80.902433][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   80.925642][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.932811][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.940831][ T5769] bridge_slave_1: entered allmulticast mode
[   80.947958][ T5769] bridge_slave_1: entered promiscuous mode
[   81.020839][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.037255][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.044872][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.052110][ T5772] bridge_slave_0: entered allmulticast mode
[   81.059350][ T5772] bridge_slave_0: entered promiscuous mode
[   81.081907][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.100808][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.111155][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.118531][ T5772] bridge_slave_1: entered allmulticast mode
[   81.126057][ T5772] bridge_slave_1: entered promiscuous mode
[   81.188494][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.195971][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.203112][ T5773] bridge_slave_0: entered allmulticast mode
[   81.210775][ T5773] bridge_slave_0: entered promiscuous mode
[   81.248041][ T5769] team0: Port device team_slave_0 added
[   81.254561][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.261681][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.270266][ T5773] bridge_slave_1: entered allmulticast mode
[   81.277836][ T5773] bridge_slave_1: entered promiscuous mode
[   81.297550][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.310052][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.331739][ T5769] team0: Port device team_slave_1 added
[   81.357962][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.367947][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.375357][ T5774] bridge_slave_0: entered allmulticast mode
[   81.382315][ T5774] bridge_slave_0: entered promiscuous mode
[   81.391440][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.398666][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.406023][ T5774] bridge_slave_1: entered allmulticast mode
[   81.413036][ T5774] bridge_slave_1: entered promiscuous mode
[   81.431858][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.484801][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.509162][ T5772] team0: Port device team_slave_0 added
[   81.516246][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.523228][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.549507][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.565307][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.578149][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.601093][ T5773] team0: Port device team_slave_0 added
[   81.609418][ T5772] team0: Port device team_slave_1 added
[   81.627373][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.634801][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.661462][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.691837][ T5773] team0: Port device team_slave_1 added
[   81.740204][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.750385][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.777019][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.790351][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.797539][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.828108][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.842893][ T5774] team0: Port device team_slave_0 added
[   81.852919][ T5774] team0: Port device team_slave_1 added
[   81.898777][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.906263][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.932493][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.956900][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.963969][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.990638][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.019463][ T5769] hsr_slave_0: entered promiscuous mode
[   82.026415][ T5769] hsr_slave_1: entered promiscuous mode
[   82.034768][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.041757][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.068513][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.080063][ T5778] Bluetooth: hci0: command tx timeout
[   82.095885][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.102956][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.129599][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.206129][ T5772] hsr_slave_0: entered promiscuous mode
[   82.213360][ T5772] hsr_slave_1: entered promiscuous mode
[   82.219895][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.228319][ T5772] Cannot create hsr debugfs directory
[   82.287991][ T5774] hsr_slave_0: entered promiscuous mode
[   82.294385][ T5083] Bluetooth: hci2: command tx timeout
[   82.300451][ T5781] Bluetooth: hci3: command tx timeout
[   82.301294][ T5774] hsr_slave_1: entered promiscuous mode
[   82.307490][ T5778] Bluetooth: hci1: command tx timeout
[   82.320319][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.328443][ T5774] Cannot create hsr debugfs directory
[   82.344411][ T5773] hsr_slave_0: entered promiscuous mode
[   82.351358][ T5773] hsr_slave_1: entered promiscuous mode
[   82.357721][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.365342][ T5773] Cannot create hsr debugfs directory
[   82.788949][ T5769] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.801750][ T5769] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.816105][ T5769] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.826682][ T5769] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.906301][ T5772] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.917790][ T5772] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.928537][ T5772] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.939823][ T5772] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   83.047285][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.075551][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.086486][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.114599][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.209360][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   83.222132][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   83.237002][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.260209][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   83.279584][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   83.337065][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   83.354364][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.361744][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.378095][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.418047][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   83.431948][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.439204][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.492324][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.499602][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.523603][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.550000][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.557236][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.641676][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   83.685773][ T2953] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.693030][ T2953] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.736985][ T2953] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.744377][ T2953] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.762060][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.847970][ T5773] 8021q: adding VLAN 0 to HW filter on device team0
[   83.867912][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.875125][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.908447][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.915699][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.030429][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.073849][ T5773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.136260][ T5778] Bluetooth: hci0: command tx timeout
[   84.199061][ T5769] veth0_vlan: entered promiscuous mode
[   84.237779][ T5769] veth1_vlan: entered promiscuous mode
[   84.346482][ T5769] veth0_macvtap: entered promiscuous mode
[   84.367919][ T5769] veth1_macvtap: entered promiscuous mode
[   84.375032][ T5778] Bluetooth: hci1: command tx timeout
[   84.381328][ T5781] Bluetooth: hci3: command tx timeout
[   84.389162][ T5083] Bluetooth: hci2: command tx timeout
[   84.432152][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.463292][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.476113][ T5769] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.486605][ T5769] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.495539][ T5769] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.504891][ T5769] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.545688][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.636417][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.647290][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.753180][ T5772] veth0_vlan: entered promiscuous mode
[   84.791603][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.812664][ T5772] veth1_vlan: entered promiscuous mode
[   84.818780][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.863848][ T5774] veth0_vlan: entered promiscuous mode
[   84.899826][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.908597][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.940302][ T5774] veth1_vlan: entered promiscuous mode
[   84.952878][ T5773] veth0_vlan: entered promiscuous mode
[   85.011357][ T5773] veth1_vlan: entered promiscuous mode
[   85.041553][ T5772] veth0_macvtap: entered promiscuous mode
[   85.082193][ T5772] veth1_macvtap: entered promiscuous mode
[   85.111613][ T5774] veth0_macvtap: entered promiscuous mode
[   85.180170][ T5774] veth1_macvtap: entered promiscuous mode
[   85.220441][ T5773] veth0_macvtap: entered promiscuous mode
[   85.257840][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.274544][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.303441][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.321208][ T5773] veth1_macvtap: entered promiscuous mode
[   85.341908][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.359899][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.370294][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.387342][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.402767][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.441952][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.459513][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.473159][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.483880][ T5772] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.493445][ T5772] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.504384][ T5772] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.513624][ T5772] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.531408][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.546388][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.561479][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.573588][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.648472][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.961542][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.014065][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.033980][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.043172][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.101846][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.118287][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.130396][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.146958][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.158831][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.178539][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.193305][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.214973][ T5781] Bluetooth: hci0: command tx timeout
[   86.265640][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.328794][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.344343][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.354956][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.371230][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.381953][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.401110][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.413804][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.427737][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.441946][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.454951][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.455144][ T5781] Bluetooth: hci3: command tx timeout
[   86.469176][ T5083] Bluetooth: hci2: command tx timeout
[   86.475046][ T5778] Bluetooth: hci1: command tx timeout
[   86.693729][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.723719][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.130141][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.185462][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.242260][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.279733][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.296685][ T5781] Bluetooth: hci0: command tx timeout
[   88.325759][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.333725][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.452325][  T136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.485243][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.493140][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.496952][  T136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.566595][ T5781] Bluetooth: hci3: command tx timeout
[   88.572089][ T5781] Bluetooth: hci2: command tx timeout
[   88.576820][ T5083] Bluetooth: hci1: command tx timeout
[   88.650909][ T5847] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   90.114077][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   91.784447][ T5871] hub 8-0:1.0: USB hub found
[   91.789946][ T5871] hub 8-0:1.0: 1 port detected
[   92.265779][    T9] cfg80211: failed to load regulatory.db
[   93.076242][ T5842] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   93.306437][ T5842] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[   93.681705][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.995614][ T5842] usb 2-1: config 0 descriptor??
[   95.007963][ T5842] ath6kl: Failed to submit usb control message: -71
[   95.021514][ T5842] ath6kl: unable to send the bmi data to the device: -71
[   95.033027][ T5842] ath6kl: Unable to send get target info: -71
[   95.043751][ T5842] ath6kl: Failed to init ath6kl core: -71
[   95.083956][ T5842] ath6kl_usb: probe of 2-1:0.0 failed with error -71
[   95.128705][ T5842] usb 2-1: USB disconnect, device number 2
[   95.234234][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   96.504120][ T5904] input: syz0 as /devices/virtual/input/input6
[   97.384382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   99.944360][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  102.162825][ T5941] input: syz0 as /devices/virtual/input/input7
[  105.766241][ T5966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.38'.
[  105.811498][ T5966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.38'.
[  105.847833][ T5966] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.211201][ T5966] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.940324][ T5978] input: syz0 as /devices/virtual/input/input8
[  116.048280][ T6011] input: syz0 as /devices/virtual/input/input9
[  121.315510][ T6054] input: syz0 as /devices/virtual/input/input10
[  123.394079][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  128.095547][ T6091] input: syz0 as /devices/virtual/input/input11
[  128.313325][   T28] audit: type=1326 audit(1778515525.311:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz.2.74" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f656bb9cdd9 code=0x0
[  131.915970][   T33] ------------[ cut here ]------------
[  131.921807][   T33] WARNING: CPU: 1 PID: 33 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  131.932857][   T33] Modules linked in:
[  131.936918][   T33] CPU: 1 PID: 33 Comm: kworker/u4:2 Not tainted syzkaller #0
[  131.944399][   T33] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  131.954718][   T33] Workqueue: phy7 ieee80211_csa_finalize_work
[  131.960873][   T33] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  131.968313][   T33] Code: 48 89 df e8 2a 3e d6 f7 e9 dc fc ff ff e8 10 07 7e f7 eb 24 e8 09 07 7e f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 f8 06 7e f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ea 06 7e f7 48 8b 7c 24 08 4c 8b 7c
[  131.988124][   T33] RSP: 0018:ffffc90000a9f9c0 EFLAGS: 00010293
[  131.994315][   T33] RAX: ffffffff8a09170e RBX: 0000000000000001 RCX: ffff88801ce58000
[  132.003895][    C1] ------------[ cut here ]------------
[  132.004073][    C1] WARNING: CPU: 1 PID: 33 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1233/0x1600
[  132.004123][    C1] Modules linked in:
[  132.004141][    C1] CPU: 1 PID: 33 Comm: kworker/u4:2 Not tainted syzkaller #0
[  132.004165][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  132.004181][    C1] Workqueue: phy7 ieee80211_csa_finalize_work
[  132.004216][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  132.004249][    C1] Code: 24 4c 89 e7 e8 fe 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ed b2 82 f7 <0f> 0b e9 48 fb ff ff e8 e1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6
[  132.004270][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  132.004293][    C1] RAX: ffffffff8a046f13 RBX: ffffffff8a045d16 RCX: ffff88801ce58000
[  132.004313][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  132.004329][    C1] RBP: 0000000000000000 R08: ffff88801ce58000 R09: 0000000000000003
[  132.004345][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805dc363c0
[  132.004361][    C1] R13: dffffc0000000000 R14: ffff88805dc368b0 R15: ffff88805eb86824
[  132.004380][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  132.004401][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.004418][    C1] CR2: 00007fc2c6b456b8 CR3: 0000000062b35000 CR4: 00000000003506e0
[  132.004439][    C1] Call Trace:
[  132.004459][    C1]  <IRQ>
[  132.004472][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  132.004516][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  132.004560][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  132.004605][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  132.004643][    C1]  __iterate_interfaces+0x243/0x500
[  132.004678][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  132.004692][ T2953] ------------[ cut here ]------------
[  132.004708][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  132.004740][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  132.004755][ T2953] WARNING: CPU: 0 PID: 2953 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.004768][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  132.004803][ T2953] Modules linked in:
[  132.004811][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  132.004820][ T2953] CPU: 0 PID: 2953 Comm: kworker/u4:9 Not tainted syzkaller #0
[  132.004841][ T2953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  132.004841][    C1]  __hrtimer_run_queues+0x520/0xc40
[  132.004855][ T2953] Workqueue: phy9 ieee80211_csa_finalize_work
[  132.004868][    C1]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  132.004881][ T2953] 
[  132.004889][ T2953] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.004905][    C1]  ? hw_scan_work+0xf60/0xf60
[  132.004918][ T2953] Code: 48 89 df e8 2a 3e d6 f7 e9 dc fc ff ff e8 10 07 7e f7 eb 24 e8 09 07 7e f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 f8 06 7e f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ea 06 7e f7 48 8b 7c 24 08 4c 8b 7c
[  132.004937][ T2953] RSP: 0018:ffffc9000c0279c0 EFLAGS: 00010293
[  132.004939][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  132.004953][ T2953] 
[  132.004960][ T2953] RAX: ffffffff8a09170e RBX: 0000000000000001 RCX: ffff88802c049e00
[  132.004966][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  132.004977][ T2953] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  132.004991][ T2953] RBP: dffffc0000000000 R08: ffff88805ddc55af R09: 1ffff1100bbb8ab5
[  132.005008][ T2953] R10: dffffc0000000000 R11: ffffed100bbb8ab6 R12: 0000000000000001
[  132.005005][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  132.005023][ T2953] R13: ffff88805ddc65d9 R14: ffff88801ea92c70 R15: ffff88801ea92ce8
[  132.005037][    C1]  handle_softirqs+0x280/0x820
[  132.005040][ T2953] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  132.005059][ T2953] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.005067][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  132.005075][ T2953] CR2: 00007f46bb3baf50 CR3: 000000000cf32000 CR4: 00000000003506f0
[  132.005095][ T2953] Call Trace:
[  132.005096][    C1]  ? do_softirq+0x1a0/0x1a0
[  132.005104][ T2953]  <TASK>
[  132.005125][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  132.005130][ T2953]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  132.005159][    C1]  __irq_exit_rcu+0xd3/0x190
[  132.005167][ T2953]  ieee80211_csa_finalize+0x5a6/0xf20
[  132.005184][    C1]  ? irq_exit_rcu+0x20/0x20
[  132.005197][ T2953]  ? mutex_lock_nested+0x20/0x20
[  132.005217][    C1]  irq_exit_rcu+0x9/0x20
[  132.005224][ T2953]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  132.005239][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  132.005252][ T2953]  ? ieee80211_csa_finalize_work+0x140/0x140
[  132.005268][    C1]  </IRQ>
[  132.005277][    C1]  <TASK>
[  132.005284][ T2953]  ? read_lock_is_recursive+0x20/0x20
[  132.005288][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  132.005321][ T2953]  ieee80211_csa_finalize_work+0xf6/0x140
[  132.005319][    C1] RIP: 0010:console_flush_all+0x8b1/0xd20
[  132.005350][    C1] Code: ed 01 00 00 e8 90 86 1b 00 4d 85 ff 48 8b 5c 24 38 75 07 e8 81 86 1b 00 eb 06 e8 7a 86 1b 00 fb 49 bf 00 00 00 00 00 fc ff df <48> 8b 44 24 58 42 0f b6 04 38 84 c0 0f 85 2f 02 00 00 80 3b 01 0f
[  132.005353][ T2953]  ? process_scheduled_works+0x96f/0x15d0
[  132.005370][    C1] RSP: 0018:ffffc90000a9f340 EFLAGS: 00000293
[  132.005383][ T2953]  process_scheduled_works+0xa5d/0x15d0
[  132.005393][    C1] RAX: ffffffff816b9b86 RBX: ffffc90000a9f4df RCX: ffff88801ce58000
[  132.005412][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  132.005427][    C1] RBP: ffffc90000a9f4b0 R08: ffffffff911c6507 R09: 1ffffffff2238ca0
[  132.005444][    C1] R10: dffffc0000000000 R11: fffffbfff2238ca1 R12: ffffffff8d8b9500
[  132.005445][ T2953]  ? worker_attach_to_pool+0x380/0x380
[  132.005462][    C1] R13: 1ffffffff19f970c R14: ffffffff8d8b9558 R15: dffffc0000000000
[  132.005482][ T2953]  ? assign_work+0x3d2/0x5d0
[  132.005488][    C1]  ? console_flush_all+0x8a6/0xd20
[  132.005519][ T2953]  worker_thread+0xa55/0xfc0
[  132.005529][    C1]  ? console_flush_all+0x10a/0xd20
[  132.005580][ T2953]  kthread+0x2fa/0x390
[  132.005579][    C1]  ? is_console_locked+0x20/0x20
[  132.005602][ T2953]  ? pr_cont_work+0x560/0x560
[  132.005609][    C1]  ? lock_chain_count+0x20/0x20
[  132.005632][ T2953]  ? kthread_blkcg+0xd0/0xd0
[  132.005639][    C1]  ? __down_trylock_console_sem+0xf6/0x1f0
[  132.005656][ T2953]  ret_from_fork+0x48/0x80
[  132.005674][    C1]  console_unlock+0xad/0x350
[  132.005683][ T2953]  ? kthread_blkcg+0xd0/0xd0
[  132.005705][    C1]  ? other_cpu_in_panic+0xf0/0xf0
[  132.005707][ T2953]  ret_from_fork_asm+0x11/0x20
[  132.005735][    C1]  ? __irq_work_queue_local+0x13a/0x3b0
[  132.005756][ T2953]  </TASK>
[  132.005768][ T2953] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  132.005766][    C1]  ? irq_work_queue+0xbc/0x140
[  132.005791][ T2953] CPU: 0 PID: 2953 Comm: kworker/u4:9 Not tainted syzkaller #0
[  132.005793][    C1]  vprintk_emit+0x497/0x610
[  132.005810][ T2953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  132.005821][ T2953] Workqueue: phy9 ieee80211_csa_finalize_work
[  132.005822][    C1]  ? printk_sprint+0x460/0x460
[  132.005844][ T2953] 
[  132.005849][ T2953] Call Trace:
[  132.005856][ T2953]  <TASK>
[  132.005849][    C1]  ? _printk+0xde/0x130
[  132.005863][ T2953]  dump_stack_lvl+0x18c/0x250
[  132.005877][    C1]  ? copy_from_kernel_nofault+0x1d2/0x310
[  132.005901][ T2953]  ? show_regs_print_info+0x20/0x20
[  132.005919][    C1]  _printk+0xde/0x130
[  132.005934][ T2953]  ? load_image+0x420/0x420
[  132.005947][    C1]  ? ieee80211_vif_use_reserved_switch+0x10be/0x28f0
[  132.005973][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  132.005977][ T2953]  panic+0x2dc/0x730
[  132.006001][    C1]  ? load_image+0x420/0x420
[  132.006009][ T2953]  ? bpf_jit_dump+0xd0/0xd0
[  132.006042][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  132.006047][ T2953]  ? ret_from_fork_asm+0x11/0x20
[  132.006067][    C1]  __show_regs+0xf3/0x600
[  132.006082][ T2953]  __warn+0x2e0/0x470
[  132.006094][    C1]  ? dump_stack_print_info+0xf5/0x150
[  132.006105][ T2953]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006131][    C1]  show_regs+0x44/0x90
[  132.006133][ T2953]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006159][ T2953]  report_bug+0x2be/0x4f0
[  132.006158][    C1]  __warn+0x160/0x470
[  132.006179][ T2953]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006182][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006206][ T2953]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006211][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006232][ T2953]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  132.006237][    C1]  report_bug+0x2be/0x4f0
[  132.006258][ T2953]  handle_bug+0xcf/0x120
[  132.006257][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006279][ T2953]  exc_invalid_op+0x1a/0x50
[  132.006284][    C1]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006300][ T2953]  asm_exc_invalid_op+0x1a/0x20
[  132.006311][    C1]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[  132.006323][ T2953] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006337][    C1]  handle_bug+0xcf/0x120
[  132.006349][ T2953] Code: 48 89 df e8 2a 3e d6 f7 e9 dc fc ff ff e8 10 07 7e f7 eb 24 e8 09 07 7e f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 f8 06 7e f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ea 06 7e f7 48 8b 7c 24 08 4c 8b 7c
[  132.006358][    C1]  exc_invalid_op+0x1a/0x50
[  132.006365][ T2953] RSP: 0018:ffffc9000c0279c0 EFLAGS: 00010293
[  132.006382][ T2953] RAX: ffffffff8a09170e RBX: 0000000000000001 RCX: ffff88802c049e00
[  132.006379][    C1]  asm_exc_invalid_op+0x1a/0x20
[  132.006396][ T2953] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  132.006407][ T2953] RBP: dffffc0000000000 R08: ffff88805ddc55af R09: 1ffff1100bbb8ab5
[  132.006402][    C1] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[  132.006421][ T2953] R10: dffffc0000000000 R11: ffffed100bbb8ab6 R12: 0000000000000001
[  132.006430][    C1] Code: 48 89 df e8 2a 3e d6 f7 e9 dc fc ff ff e8 10 07 7e f7 eb 24 e8 09 07 7e f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 f8 06 7e f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ea 06 7e f7 48 8b 7c 24 08 4c 8b 7c
[  132.006434][ T2953] R13: ffff88805ddc65d9 R14: ffff88801ea92c70 R15: ffff88801ea92ce8
[  132.006447][    C1] RSP: 0018:ffffc90000a9f9c0 EFLAGS: 00010293
[  132.006457][ T2953]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  132.006464][    C1] RAX: ffffffff8a09170e RBX: 0000000000000001 RCX: ffff88801ce58000
[  132.006479][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  132.006491][    C1] RBP: dffffc0000000000 R08: ffff88805dc355af R09: 1ffff1100bb86ab5
[  132.006506][    C1] R10: dffffc0000000000 R11: ffffed100bb86ab6 R12: 0000000000000001
[  132.006506][ T2953]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  132.006520][    C1] R13: ffff88805dc365d9 R14: ffff88807e10ac70 R15: ffff88807e10ace8
[  132.006538][ T2953]  ieee80211_csa_finalize+0x5a6/0xf20
[  132.006565][ T2953]  ? mutex_lock_nested+0x20/0x20
[  132.006561][    C1]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[  132.006587][ T2953]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  132.006609][    C1]  ieee80211_link_use_reserved_context+0x383/0x5c0
[  132.006612][ T2953]  ? ieee80211_csa_finalize_work+0x140/0x140
[  132.006640][ T2953]  ? read_lock_is_recursive+0x20/0x20
[  132.006641][    C1]  ieee80211_csa_finalize+0x5a6/0xf20
[  132.006670][    C1]  ? mutex_lock_nested+0x20/0x20
[  132.006674][ T2953]  ieee80211_csa_finalize_work+0xf6/0x140
[  132.006692][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  132.006704][ T2953]  ? process_scheduled_works+0x96f/0x15d0
[  132.006717][    C1]  ? ieee80211_csa_finalize_work+0x140/0x140
[  132.006731][ T2953]  process_scheduled_works+0xa5d/0x15d0
[  132.006746][    C1]  ? read_lock_is_recursive+0x20/0x20
[  132.006780][    C1]  ieee80211_csa_finalize_work+0xf6/0x140
[  132.006797][ T2953]  ? worker_attach_to_pool+0x380/0x380
[  132.006809][    C1]  ? process_scheduled_works+0x96f/0x15d0
[  132.006832][ T2953]  ? assign_work+0x3d2/0x5d0
[  132.006836][    C1]  process_scheduled_works+0xa5d/0x15d0
[  132.006866][ T2953]  worker_thread+0xa55/0xfc0
[  132.006892][    C1]  ? worker_attach_to_pool+0x380/0x380
[  132.006923][ T2953]  kthread+0x2fa/0x390
[  132.006926][    C1]  ? assign_work+0x3d2/0x5d0
[  132.006942][ T2953]  ? pr_cont_work+0x560/0x560
[  132.006959][    C1]  worker_thread+0xa55/0xfc0
[  132.006969][ T2953]  ? kthread_blkcg+0xd0/0xd0
[  132.006990][ T2953]  ret_from_fork+0x48/0x80
[  132.007013][ T2953]  ? kthread_blkcg+0xd0/0xd0
[  132.007013][    C1]  kthread+0x2fa/0x390
[  132.007033][    C1]  ? pr_cont_work+0x560/0x560
[  132.007034][ T2953]  ret_from_fork_asm+0x11/0x20
[  132.007060][    C1]  ? kthread_blkcg+0xd0/0xd0
[  132.007079][ T2953]  </TASK>
[  132.007081][    C1]  ret_from_fork+0x48/0x80
[  132.007646][ T2953] Kernel Offset: disabled