last executing test programs:

32m1.691394639s ago: executing program 32 (id=138):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000b4f6acf8bcdabe290001040000000000000300000002000000040000000900000000000000000000002e00caf7ea573f02c41dd03b9eaed60cef4a4045090456418e93896933340bdc1672954db301b69f8a413c9c33c65f354e7c8483dc6a39d19179c1ca0e202e563e9fe873d1c3ab8e5d0fdfafa3b4bf4d87b74e8f52cdf4cb4c290200000000000000f38f69a930acd3f575f8ae4523987a2df495336e086d67c3e8088f75e3b1cc3201725b"], &(0x7f0000000280)=""/266, 0x46, 0x10a, 0x6}, 0x28)
openat$full(0xffffff9c, &(0x7f0000000240), 0x4000, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x80, 0x5, 0x7fff0003}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000100)) (async)
ptrace$ARCH_SHSTK_STATUS(0x1e, 0x0, &(0x7f0000000580), 0x5005) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x800, 0x0) (async)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f0000000800)={0x0, {0x1, 0x0, 0x0, 0x3, 0x3, 0x80000001}}) (async)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000180), 0x2) (async)
r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r6, 0xffff) (async)
fcntl$addseals(r6, 0x409, 0x7) (async)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000140)={r6, 0x0, 0x0, 0x4000})
lseek(r7, 0x0, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r3, &(0x7f0000000180)={&(0x7f00000005c0), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x4}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000804}, 0x90) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x6) (async)
fsopen(0x0, 0x1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

26m26.359258174s ago: executing program 33 (id=2168):
syz_open_dev$usbmon(&(0x7f0000000040), 0x3, 0x48940)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002)
r1 = dup(r0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000300)=@arm64={0xdd, 0x9, 0x5, '\x00', 0x81})
ioctl$KVM_IRQ_LINE(r3, 0x4008ae61, &(0x7f00000000c0)={0x8, 0x3})
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno', @ANYRESHEX=r5, @ANYBLOB='$\x00'])
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
r7 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r7, 0xc2c45512, &(0x7f0000000340)={{0x3, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x4, 0xffffffff, 0xffff, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x4000, 0x0, 0x0, 0xfffffffc, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1fb, 0x0, 0xffffffff, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffdffc7, 0x8, 0xffff, 0x3, 0x2, 0x3, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x80000001, 0x0, 0x0, 0x8, 0xf1e9, 0x0, 0x0, 0x2147, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1ff, 0xfffffffc, 0x0, 0x0, 0x7, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, 0x1, 0x0, 0x0, 0x0, 0x4000000]})
connect$can_bcm(r6, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x80)
sendmsg$can_bcm(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x40000)
sendmsg$can_bcm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r6], 0x48}}, 0x0)

21m37.517767609s ago: executing program 34 (id=3864):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@newtclass={0x3c, 0x28, 0x400, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0x2, 0x9}, {0x5, 0x10}, {0x9, 0x2}}, [@TCA_RATE={0x6, 0x5, {0xfd}}, @TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @TCA_RATE={0x6, 0x5, {0xf, 0x5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000004}, 0x8010) (async)
chdir(&(0x7f00000001c0)='./bus\x00') (async)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

13m56.295998169s ago: executing program 2 (id=6387):
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d6f64653d30303030303030427c72337f71303030303030303030303034303030302c7573", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xffffffff8602201a, 0x0, 0x7, 0x3}}, 0x50)
r2 = openat$comedi(0xffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x206153c843765bf, 0x0)
ioctl$COMEDI_CMD(r2, 0x80406409, &(0x7f0000000c00)={0xfffffffe, 0x1, 0x10, 0x1, 0x2, 0x201, 0x1, 0xd, 0x100, 0x9, 0x0, 0x5, &(0x7f0000000b40), 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0xfffffffffffffffe, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$binderfs(0xffffff9c, &(0x7f0000000080)='./binderfs2/binder0\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r3, 0x0, 0x0)
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x1e50)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f00000005c0)={0x40, 0x0, 0x3}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000600)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000040), 0x12)
bind$tipc(r4, 0x0, 0x0)
close(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0xbbca0000)
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0)

13m56.236456905s ago: executing program 2 (id=6388):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x22483, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$kcm(0x11, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3d1, 0x3, 0xffffffffffffffff, 0x6, 0x6}, 0x2d}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000600), 0x56)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r1, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x42, 0x11}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="27030200000314000e00003c002400000000ff8800000000000000000000000000000000000085dc9d9839dc1336", 0x2e}], 0x1}, 0x4005)

13m56.116807922s ago: executing program 2 (id=6389):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000500)={0x50, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_SIZE={0x8}]}]}, 0x50}}, 0x0)
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40d00, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0xb8, r1}, './file0\x00'})

13m56.030855485s ago: executing program 2 (id=6390):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x2, 0x2, 0x1)
bind$unix(r1, &(0x7f0000000240)=@abs, 0x47)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
read$FUSE(r2, &(0x7f0000000900)={0x2020}, 0x2020)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="030000001900010000000000000000000000f2ffffffffffffff00ffffe0010001000000004e220000020020005c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000010000000000000000000000ffffff7f000000000000000000000000020000000000000000000000000000000000000000000000feffffffffffffffffffffffffffffff00000000000000000000000000000000000000000900000001000003"], 0xb8}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000083df2157e7ff5a21d03f8d40000", @ANYRES16=r4, @ANYBLOB="11072abd7000fcdbdf250500000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x28008000}, 0x40000)
socket(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb1)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb1)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0xa}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ee70b"], 0x9)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, "1a88ef816c4b42ed", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "066580001e00"}, 0x38)

13m40.916880229s ago: executing program 35 (id=6390):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x2, 0x2, 0x1)
bind$unix(r1, &(0x7f0000000240)=@abs, 0x47)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
read$FUSE(r2, &(0x7f0000000900)={0x2020}, 0x2020)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="030000001900010000000000000000000000f2ffffffffffffff00ffffe0010001000000004e220000020020005c00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000010000000000000000000000ffffff7f000000000000000000000000020000000000000000000000000000000000000000000000feffffffffffffffffffffffffffffff00000000000000000000000000000000000000000900000001000003"], 0xb8}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_HARDIF(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000083df2157e7ff5a21d03f8d40000", @ANYRES16=r4, @ANYBLOB="11072abd7000fcdbdf250500000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x28008000}, 0x40000)
socket(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb1)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb1)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0xa}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ee70b"], 0x9)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, "1a88ef816c4b42ed", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "066580001e00"}, 0x38)

9m57.058735563s ago: executing program 36 (id=7895):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000440)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x37}, {[@ssrr={0x89, 0x7, 0xce, [@broadcast]}, @generic={0x83, 0x2}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x1}}}}}}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'erspan0\x00', &(0x7f00000004c0)={'gre0\x00', 0x0, 0x8000, 0x10, 0x9, 0x3, {{0x28, 0x4, 0x0, 0x1, 0xa0, 0x64, 0x0, 0x45, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, @dev={0xac, 0x14, 0x14, 0x39}, {[@generic={0x82, 0x2}, @timestamp_addr={0x44, 0x44, 0xe, 0x1, 0x6, [{@dev={0xac, 0x14, 0x14, 0xc}, 0x7}, {@empty, 0x9}, {@local, 0x2}, {@rand_addr=0x64010101}, {@loopback}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@remote, 0x2}, {@multicast2, 0x9}]}, @lsrr={0x83, 0x1b, 0x78, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast1, @multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @empty]}, @cipso={0x86, 0xb, 0x1, [{0x6, 0x5, "f98a15"}]}, @ssrr={0x89, 0x1b, 0x9c, [@local, @rand_addr=0x64010100, @private=0xa010101, @empty, @multicast1, @loopback]}, @ra={0x94, 0x4, 0x1}]}}}}})
mount(0x0, 0x0, 0x0, 0x44021, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r3 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
bind$netlink(r6, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r6, &(0x7f0000000600)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r7, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10, @ANYBLOB="3faf4dcad8e59ea7af47cdeefa4993fd7669022721986e292266fa51b6b7884d3b1cbcc20d657616f112d5b6a1afe068a180f248c284266d7d05d75203d620bd5e230fdf59c426bec941eb3979c3194c8db3b811f4ac12e03fca5344f4557dbd2c4309340dcc140f553b5913552ac88b4df06dbf894b4de6ada2505a4bc3a2d443ec4499df572696e327f1a4a50aabea049313844a3e9181eaf2bb1f7598a640f129da00de96923b61d1351776a956174d5aeb22b1f0074d71948798129beb0117fa953ffa9fc54c94"], 0x44}}, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00005f7000/0x1000)=nil, 0x1000, 0x0, 0x12, 0xffffffffffffffff, 0x0)

7m47.163626879s ago: executing program 37 (id=8507):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x20, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x7}}}}]}]}, 0x70}}, 0x20040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

3m47.236572192s ago: executing program 38 (id=9474):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB], 0x48)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000002080)=""/102400, 0x19000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r3=>0x0)
io_submit(r3, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f00000001c0)='m', 0xfffffdfc}])
ppoll(&(0x7f0000000680)=[{r1, 0x4a0}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x2004c015}, 0x40)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

3m26.788215098s ago: executing program 39 (id=9556):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000002080)=""/102400, 0x19000)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000600)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f00000001c0)='m', 0xfffffdfc}])
ppoll(&(0x7f0000000680)=[{r2, 0x4a0}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x2004c015}, 0x40)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r7, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2m2.615389121s ago: executing program 40 (id=9946):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b7500090583"], 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000019300)={0x0, @in6={{0xa, 0x4e21, 0x5, @mcast1, 0x10001}}}, 0x84)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, &(0x7f00000007c0)='{\xe0e%m\"\xbb{\xf4\x01Z\xb7\xf4\x92\xb5\xcb\'\xa3\x0e!\xf1\x88]C\x97\x86\xf9\xa8\xe7;\xdff3\x83\xb1a\xf2j\x90\x10@\x1chOK\x98\xae\xd6>\xbaN\x1d_N\xcbdIP2$\xbc\xc9\x89\xb5\n\x90-i%\xe2\x94\fH\xf1\xed\r\b\x02\x00\x00\x00\xc3Dhx\x04\xd8\x17\xbcP\x8bl\xb2\x03\x18!V\x1b\xcbk\xf8\xd6JE4,\xdf\x96\x80j#\xf9\xd8\x13,\x89\x10\x90:\xec/\xb9T\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000300)=""/102400, 0x19000)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='net/sockstat\x00')
read$FUSE(r4, &(0x7f0000002780)={0x2020}, 0x5ecfb203)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000020000000000000008000400", @ANYRES32=r5, @ANYBLOB="06001500070000000c001680080001"], 0x38}}, 0x10)

1m32.552004679s ago: executing program 5 (id=10165):
r0 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a80)=@newqdisc={0x44c, 0x14, 0xf0b, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, {0x5}, {0xb, 0x1}, {0xfff1, 0xa}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0x3}}}, @qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x7d9, 0x3, 0x400, 0x5, 0xffffffff, 0x5, 0x3, 0xd36, 0x0, 0xc, 0x4, 0x81, 0xfffffffd, 0x0, 0x4, 0x7, 0x1, 0x6, 0x6, 0xfffffff9, 0xfffffff4, 0x2, 0x2, 0xee, 0x80000000, 0x0, 0x401, 0x3, 0x5, 0x0, 0x101, 0x6, 0x6, 0x20, 0x3, 0xfffffffa, 0xfffffff8, 0x1ff, 0x0, 0x7, 0x80000001, 0xffffd396, 0x2, 0xf, 0x4, 0x0, 0x52, 0x100, 0x2, 0x2, 0x4, 0x0, 0x1, 0x40, 0x1, 0xf51a, 0x200, 0x8, 0x1, 0x8, 0x0, 0x2, 0x2, 0x8, 0xfffffff7, 0x6, 0x80000001, 0xe, 0xfffffff2, 0x800, 0x1ff, 0x3, 0x3, 0x8, 0x10000, 0xfffffffb, 0x0, 0x7, 0x3, 0x7, 0x7fff, 0x5, 0x5, 0x18b, 0x80000001, 0x401, 0xa93, 0x29, 0x1, 0x5248, 0x49ef, 0x855, 0x0, 0xc, 0x3, 0xb, 0x0, 0x5, 0xc, 0x7f, 0x1, 0x1, 0x2, 0x28, 0x600000, 0x7, 0x6, 0x3, 0x2fdb, 0x9, 0x3, 0x0, 0x5, 0x49, 0x5, 0x10000, 0x2d, 0x5, 0xffff3a17, 0x49, 0x9, 0xb, 0x200, 0xa, 0x1, 0x9, 0x2, 0x1, 0x7, 0x1, 0x30d, 0x200, 0xfffffff7, 0x1400, 0x400, 0x3, 0x4, 0x8, 0x4, 0x3, 0x1, 0x10, 0x2, 0xdf, 0x8, 0x4, 0x7, 0x6, 0x8000, 0x3, 0xfffffffb, 0xfffffffa, 0xf97, 0x0, 0x9, 0xab, 0x2, 0x7ff, 0x0, 0x4, 0x7, 0x3, 0xe4f, 0x800, 0xff, 0x47a, 0x9, 0x5, 0xb, 0x11f, 0x80000001, 0x80000001, 0x9, 0x1, 0x0, 0x7fff, 0x800, 0x7fffffff, 0x8, 0x8, 0x6, 0x0, 0x0, 0x9, 0x3, 0x8, 0xffff0000, 0x7, 0x2, 0x0, 0xbe04, 0x3, 0x7, 0x7fffffff, 0x1, 0xab, 0xb, 0x80, 0x6, 0xd79, 0x8, 0x8, 0xfffffffa, 0xfffffffa, 0x332, 0x401, 0x8, 0xd, 0x91, 0x70, 0x8001, 0xe0, 0x9, 0xffffff69, 0x751c0b81, 0x2, 0xfff, 0x3, 0x4, 0x7592, 0x6, 0x0, 0x707, 0x80000001, 0xa9c, 0x2, 0x7, 0x2, 0x3, 0x6, 0x7, 0x2, 0x80, 0x6, 0x3, 0x96, 0x200, 0xc00000, 0xe68, 0xfffffff9, 0x8, 0x1, 0x40, 0x9, 0xfffffffb, 0x1ff, 0x1, 0xc5, 0x6, 0x89f, 0xe, 0xe800, 0x5, 0x400, 0xc, 0x4]}]}}]}, 0x44c}, 0x1, 0x0, 0x0, 0x20004040}, 0x0)

1m32.551600966s ago: executing program 5 (id=10166):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40046607, &(0x7f0000000000)=0x7f)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newlink={0x58, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x8000, 0xc574450d1af3b5bc}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_ISOLATED={0x5}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

1m32.451921641s ago: executing program 5 (id=10167):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, 0x0, &(0x7f0000000180))
r1 = open(&(0x7f0000000040)='./file0\x00', 0x101242, 0x0)
r2 = fsopen(&(0x7f0000000000)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffa})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000005c0)={0x2, {0x2, 0x3, 0x8, 0x7ff, 0x401}})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f0000000080)="19", 0x1, 0x0, &(0x7f00000000c0)={0x11, 0xe, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$TIOCL_SELLOADLUT(r3, 0x541c, &(0x7f0000000200)={0x5, 0x800, 0x100, 0x2, 0x5})
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x12, 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20600, 0xe)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000240)=ANY=[], 0x0, 0x29}, 0x28)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xc000, 0x0, 0x0, 0x6)
setrlimit(0x0, &(0x7f0000000400)={0x2, 0x5})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x6, 0x2, &(0x7f0000000740)=@raw=[@cb_func={0x18, 0x0, 0x4, 0x0, 0x8}], &(0x7f0000000140)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r6, 0x9, &(0x7f0000000000)={0xfffffffe}, 0x8}, 0x54)
r7 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r7, &(0x7f0000000040)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote}, 0x80, 0x0}, 0x5b4}], 0x1, 0x48814)
setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000100)={{&(0x7f0000000280)=""/199, 0xc7}, &(0x7f0000000080), 0x13}, 0x20)

1m32.378036925s ago: executing program 5 (id=10168):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x4212, r0, &(0x7f0000000140)={0x0, 0x0, 0x4e}, &(0x7f0000000fc0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r4, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x7, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}}, 0x14}}, 0x4024054)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc2c45512, &(0x7f0000000340)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0xffffffff, 0xffbf, 0x8, 0xfffffffd, 0x80000001, 0x0, 0xfffffffe, 0xfffffffd, 0xfffffffc, 0x0, 0x400006, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffd, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x7fffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xffffffc7, 0x0, 0x4, 0x0, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x68, 0x0, 0x20000000, 0x3, 0x7fff, 0x0, 0x800, 0x402, 0x0, 0x8, 0x4, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x408, 0x0, 0x0, 0x9, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]})

1m30.907203638s ago: executing program 5 (id=10171):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1m30.837735458s ago: executing program 5 (id=10172):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x14, 0x30, 0x1, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x40844}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x278, &(0x7f0000000340)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x1b, 0x0, 0xffffffffffffffff, 0x0, 0x0})
syz_usbip_server_init(0x6)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000180)={0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x5, 0x7fff, 0x1000200004, 0x4, 0x2, 0x0, 0x1], 0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1m18.635093013s ago: executing program 41 (id=10153):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000003c0)=[@in6={0xa, 0x4e23, 0x3, @private0, 0x5}, @in={0x2, 0x4e22, @local}], 0x2c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x5}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}]}]}, 0xac}}, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f00000002c0)=""/149, 0x95)
sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=@ipv6_getrule={0x1c, 0x22, 0x310, 0x70bd27, 0x25dfdbfe, {0xa, 0x0, 0x20, 0xf, 0xa2, 0x0, 0x0, 0x0, 0x10000}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4010)

1m17.518229255s ago: executing program 42 (id=10162):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1a, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e76, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x5}, 0x8}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b00000000010000000100000900000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x8, r2}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r2}, 0x38)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, &(0x7f0000000100)="74c715", 0x0, 0x4}, 0x1c)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

1m15.553265213s ago: executing program 43 (id=10172):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x14, 0x30, 0x1, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x40844}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x278, &(0x7f0000000340)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x1b, 0x0, 0xffffffffffffffff, 0x0, 0x0})
syz_usbip_server_init(0x6)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000180)={0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x4498bda7e2139f51, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x5, 0x7fff, 0x1000200004, 0x4, 0x2, 0x0, 0x1], 0x8080000})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1m8.51867462s ago: executing program 1 (id=10201):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x34, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x200}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x44, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0xc0}, 0x1, 0x0, 0x0, 0x24040841}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010001fff000000008100000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000200012800b00010067656e657665000010000280060005004e24000004000e0008000a00", @ANYRES32=r3], 0x48}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x3f, 0x9, 0x0, 0x0, {0x4}, [@typed={0x4, 0x3ffd}, @typed={0x8, 0x8, 0x0, 0x0, @binary='a^&/'}]}, 0x20}}, 0x4004080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f00000001c0)={0x1, @sdr={0x30395056, 0x5}})
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x18, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x4, 0x1e}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

1m8.433604813s ago: executing program 2 (id=10183):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1m8.338929887s ago: executing program 2 (id=10202):
r0 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
r1 = socket(0x10, 0x2, 0x0) (rerun: 64)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010003904000000000000000080040000", @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100736974001400028006000e000600000008000100", @ANYRES64=r1], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x134, 0x18, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0xa, 0x0, 0x0, 0x62}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x134}, 0x1, 0x0, 0x0, 0x8801}, 0x0) (async)
sendto$packet(r0, &(0x7f0000000600)="05d936277c6f54220002097844ffcf8bd1846f7f83477ca1b278e3e4018a34844b9d62cbd7cd2a62646c95c716727eb53bcc1379f3d83cd0dfe20660", 0x3c, 0x8c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

1m7.96718249s ago: executing program 3 (id=10205):
r0 = semget$private(0x0, 0x2, 0xe6)
read$FUSE(0xffffffffffffffff, &(0x7f0000002740)={0x2020, 0x0, 0x0, <r1=>0x0}, 0x2020)
openat$kvm(0x0, &(0x7f0000000040), 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
socket$nl_rdma(0x10, 0x3, 0x14)
socket$packet(0x11, 0x3, 0x300)
socket$inet(0x2, 0x4000000000000001, 0x0)
pipe(&(0x7f0000000000))
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000000010104000000000000000002001000240002801400018008000100e000000108000200e00000010c00028005000100000000001c0010800800014000000000d97405010000000008000240000000000800", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000002400)={{0x3, r1, 0x0, 0x0, 0x0, 0x78, 0x3}, 0xea, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffff})
r3 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xc, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000002600)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0cba6800002103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34201113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed00083fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f61e00"})
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001000)=""/4093, 0xffd)

1m7.844277228s ago: executing program 3 (id=10206):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r0, &(0x7f0000000bc0)=[{&(0x7f0000000000)=""/183, 0xb7}], 0x1, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4e0b, &(0x7f0000000200)={0x0, 0xcfca, 0xd0c0, 0xfffffffd, 0x1000001, 0x0, r0}, &(0x7f0000000100), &(0x7f0000000000))
r2 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0xc0000002})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0xc, 0x0, 0x0)

1m7.700968684s ago: executing program 3 (id=10207):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x8, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000007}, [@call={0x85, 0x0, 0x0, 0x29}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002280)={r1, 0x0, 0xe, 0x0, &(0x7f00000008c0)="e02742e8680d85ff9782762f86dd", 0x0, 0x57af, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10) (async)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1) (async)
r3 = dup(r2)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x9}}, 0x34000) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000ffff28bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="391a0300299605002400128009000100626f6e640000000014000280050001000600000008000200", @ANYRES32=0x0, @ANYBLOB="a511fdc22de6df0c2516d2e7431f3a3ace8007cf411557740e6429b7727b3c722c535373a8ecc14649d7b84430ba6769"], 0x44}, 0x1, 0x0, 0x0, 0x48014}, 0x240400c0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000073000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket(0x10, 0x803, 0x0)
bind$netlink(r7, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
sendmsg$nl_route(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYRESOCT, @ANYRES32=0x0, @ANYBLOB="00000000e300023f4a000a0064ff68e898d90719008e289be36005ebd2036f008d3eeb091ffa41caab32285304dd7f0d5f83b7ef72fd470c2d78f14eafc9b09d3cbe32433fb2e02f83515906f5f0a8cb4f0b7df06f2be80771b1dbc2f6", @ANYRES8=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) (async)
r8 = fcntl$getown(r5, 0x9) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="85000000ad00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94) (rerun: 32)
setpriority(0x0, r8, 0xef7) (async)
r9 = openat$full(0xffffff9c, &(0x7f00000000c0), 0x50040, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x10000, 0x1})

1m7.571620584s ago: executing program 3 (id=10208):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x3)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000001f80)=ANY=[@ANYBLOB="7a0af8ff7525732cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000f700000000b2595285fa97ead0169191d54f8196217fc563e2fc91f6da4dad4fdc2eb1b5956fc4a33ca263e2b5d47b2b00000000b1a297cfddd73f30f2382f6c2d3ffdd45be583823c0f092248a57d48621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000010000800db583620ce7243d1aebdb638d91dbef6619358399aa9c2acd068c03efefd8bc77edf2d34b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f494eff289026d5045ef08000000000000007718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc70bb30d435aa8b5202db761014b1b999a12df6bee431a6681000000263b6233e1c0fe30e3841bef895c5a637b0bf2eac3cb07b74a72291a1a2b523dd81b6651b1ee29e999bb004823ebcd8c65743f31f84b263ab9b3426692d01ad194f302d7a658e90000000001000000b6b2f25ddb8c640ab321a402058c92cdfbea882b0b18914781ceb10814cf4ee23ddb79fff5eb156e0a000000000000f2bd164a178d86d6935eb8b75bc4eb680d10e8b6a54c6c8674caf63ff76622939a20d4aadf85db40179c2cf83ee07e30a279d8fdf3bc282deb43a03409f8e6972f3f720d045923702cede0f3e91411f3f1b16f065624f280a7dcce8db910f93c49b9e0aa390d0da6972ed719d7e0efb2bb713d1890e317c8de105c3933fd5d5bf38f6b9fc39fc829dcfe4af8ac5fbb7314a7a433e0182767d1376eda2b9c66200349e62d4d0ab1a1dc51907c980000cfb215af2c1a3c22243cce23b00000a857d61b0d66c3f6da8aed31027c33204ea0fa0620111920d3f24980e9995a510bd87b06440a0a26130098b901c53a02cfbfd8bcbdec9f34542c3c9652adefde555ecd28ebc88082bab431ee3e1adb5b0ad14c79dd4411ecc96c512f3b72a9b3a0c3e07ec6b427bdc0bf3963e9f802a5feab82a989db62d8d1339f842b3f593d6c24fe015ec63c658ba7c4fae17514f802709ab4fa5caa932d4b65a5ecfc422899513ddde6ec04974f9981a8c155c26e0da70e524832ab04dec9ce66a62ceffbb15b1857c93666fe043a266a451f9a1e1f054211b9ae566b58f4f356c7a4054ce13f6fcc58912a175bd9cc3c494894ad39b36e34e608f4ac00cf22c27bb8c12bcf4beeb579fc9fa1c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0xd}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x20000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x0, 0x4000000}, 0x28)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1)
pipe2(&(0x7f0000000080), 0x0)

1m7.551071316s ago: executing program 3 (id=10210):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1m7.464677372s ago: executing program 1 (id=10211):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x800})
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}], &(0x7f0000001540)=[0x2]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}], 0x0, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x27, 0xe, 0x0, &(0x7f0000000640)="f8ad31cc02cb29dcc8007f5b86dd", 0x0, 0x3ad9, 0xf2ffffff, 0x0, 0x900, 0x0, 0x0}, 0x50)
ioctl$KVM_GET_MSRS_sys(r0, 0xc008ae88, &(0x7f0000000080))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xd}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0))
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000001c0)={'wg2\x00', 0x1000})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
io_uring_setup(0x1612, &(0x7f0000000200)={0x0, 0x0, 0x800}) (async)
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}], &(0x7f0000001540)=[0x2]}, 0x20) (async)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}], 0x0, 0x1}, 0x20) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x27, 0xe, 0x0, &(0x7f0000000640)="f8ad31cc02cb29dcc8007f5b86dd", 0x0, 0x3ad9, 0xf2ffffff, 0x0, 0x900, 0x0, 0x0}, 0x50) (async)
ioctl$KVM_GET_MSRS_sys(r0, 0xc008ae88, &(0x7f0000000080)) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xd}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0)) (async)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) (async)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000001c0)={'wg2\x00', 0x1000}) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) (async)

1m7.449133113s ago: executing program 3 (id=10212):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x2, 0x3, 0xf8)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8000, 0x0, 0x2, 0x0, 0xfffffe0000000001, 0xfa11, 0xfffffffd}, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000240)={0x1b, "8a6035ceeae3ecc42317afad010000000000000400", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0x40103e05, &(0x7f0000000040)={"130f2672af9ee0452321864922cd3bebd7f9cec5064e58445f1268334b4900"})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[], 0xa8}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000042000000060000000800000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16=r0, @ANYRESOCT], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x1, 0x0, r4}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000010000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800000085000000a800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m7.283916746s ago: executing program 1 (id=10213):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffffffffffffad, &(0x7f00000000c0)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1d080006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a800080008000a4004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300fc0d15", 0xd8}], 0x1}, 0x4000000)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0000ff0100000084080800000000000000000000b24e74e60aac1ede7133ee6a51ca5bfaf52df5673987cc3745b63576d7ec9455d6ef82c9d8abeecd3516961d5639468cb63400b97dbe41e24f31135af7bd692c8117c3c39c34cd322c326c6bd4c5221767bfa1139da1c7ac0c5a7e46075447954e39286684e34f06c04d6632855d94eea252c2176eabdbeb7c545a0c3a28ac9eb8b0debd64e4ce749b53423045960550f54fd61f011bc8ae559677caed1bea43e5e8df6a7d", @ANYRES32, @ANYBLOB='\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/unix\x00')
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r5, 0x84, 0x12, &(0x7f0000000040)=0x3, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000003440)={0x0, 0x0, &(0x7f0000003400)={&(0x7f0000000340)=ANY=[@ANYBLOB="14002cbd7000fddb601f6da9"], 0x14}}, 0x40054)
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_OVERLAY(r6, 0x4004560e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000001a000000bca30000000000002403000020feffff720af0fff8ffffff71a4f2ff000000001f03000000000000e5000200000000002604fdffff0200007b010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
ioctl$BINDER_THREAD_EXIT(r4, 0x40046208, 0x0)

1m6.452228337s ago: executing program 1 (id=10216):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x14, 0x0, 0x7, 0x401, 0x0, 0x0, {0x1, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40041}, 0x4000004)
syz_open_dev$sndmidi(&(0x7f00000000c0), 0x7, 0x80005)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x17d, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x0, "69366ccee4ba568e1e3eb45b00"})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e24, 0xb, @mcast2, 0x9}, 0x1c)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00')
pread64(r4, &(0x7f0000000380)=""/221, 0xdd, 0x8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NL80211_CMD_DEL_INTERFACE(r6, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r7, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x240008d0)
socket(0x10, 0x3, 0x0)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
socket$kcm(0x2, 0xa, 0x2)
ioctl$FE_DISEQC_SEND_BURST(r5, 0x6f41, &(0x7f0000000300)=0x1)
fcntl$dupfd(r8, 0x406, r8)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES16], 0x54}}, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="3000000040000701feffffff00000000017c0000040042800c00018006000600800a00000c0002800400148004002980aa1b6071119e86f065dded18d97da5ec010a9271436acaf88455581ccedb518bcf139ad13a0d7c921a31df18e396ef2a7568840407cda9f713fa7a5e808c6ce77be38987a0a31d47dc80d1523449"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

1m5.50467452s ago: executing program 1 (id=10220):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1m5.453385116s ago: executing program 1 (id=10222):
syz_emit_ethernet(0x82, &(0x7f0000000200)={@local, @empty, @val, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5f1060", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8160}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x86ddffff, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}}, 0x0)

55.743365581s ago: executing program 6 (id=10236):
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
lsetxattr$security_evm(&(0x7f0000000380)='./file0/file1\x00', &(0x7f00000003c0), &(0x7f0000000480)=@v2={0x5, 0x2, 0x3, 0x7ff}, 0x9, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
pipe(&(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PTP_PIN_SETFUNC2(r2, 0x40603d10, &(0x7f0000000080)={'\x00', 0x2, 0x3, 0x4})
sendfile64(r3, r1, 0x0, 0x1)
fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000000)=0x4)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETHDRSZ(r4, 0x400454d8, &(0x7f0000000140)=0x90)
write$tun(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="e7ca543bcf4c64bd5de303d6b41b1ed9dc145900000000214abb"], 0xfdef)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r5, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84)

55.583396467s ago: executing program 6 (id=10237):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x26, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000002c0)={'caif0\x00', 0x4000})
r2 = socket$kcm(0x2, 0x7, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000380)={'syzkaller1\x00'})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2, {0x8}}, './file0\x00'})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=<r6=>r5, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYRESDEC=r5, @ANYRES32=r5, @ANYBLOB="08000200ac143d14aa", @ANYRES64=r6], 0x20}}, 0x0)
r7 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r8 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r9, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
getsockname$packet(r8, &(0x7f0000000480)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0xffffffffffffff2b)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x13, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}}}, 0x24}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000500), 0xffffffffffffffff)
syz_io_uring_setup(0x1d1f, &(0x7f0000000200)={0x0, 0xcd1d, 0x10100, 0x0, 0xaa}, 0x0, 0x0)
syz_io_uring_setup(0x487, &(0x7f0000000240)={0x0, 0x59c4, 0x800, 0x1ffe, 0xa}, &(0x7f0000000300)=<r11=>0x0, &(0x7f0000000080)=<r12=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r11, r12, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1})

55.319102726s ago: executing program 6 (id=10238):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x8, 0x0, 0x0}}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000000080), 0x72a, 0x1000000, 0x0)
sendto(r1, 0x0, 0x0, 0x8040, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
openat$cgroup_pressure(r3, &(0x7f0000000140)='io.pressure\x00', 0x2, 0x0)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f0000000000)=0x2, 0x4)
openat$cgroup_pressure(r3, &(0x7f0000000100)='memory.pressure\x00', 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@bridge_getlink={0x3c, 0x12, 0x10, 0x70bd26, 0x25dfdbfb, {0x7, 0x0, 0x0, 0x0, 0x80, 0x18400}, [@IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe9f3}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x7fffffff}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400d0}, 0x800)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x3, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000300000000000000000000050000000000000000"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

55.256525133s ago: executing program 6 (id=10239):
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x92, 0x2005, 0x6, 0x4}, 0x3a, [0x8000, 0x2c95a, 0xf, 0x8, 0x80, 0x0, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x8, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x5, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0x800, 0x4, 0x4, 0x7, 0x3, 0x9, 0x4c75, 0x80000000, 0x2, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x40017, 0x0, 0x7, 0x5, 0x3e, 0x3, 0x6, 0xffff, 0x0, 0x6, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x9, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0x40c8, 0xf9, 0xe, 0x82c0, 0x6c7, 0x8, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x5, 0xea4, 0x0, 0xb94, 0x7, 0x7fff, 0x1c000, 0x3fe, 0x403, 0x200006, 0x1, 0x9, 0x5, 0x1000005, 0x5f31, 0x2d, 0x4e4, 0x5, 0x4, 0xb, 0x2000004, 0x9, 0x80000001, 0x9, 0x6, 0x47, 0x8204, 0x1, 0xfe000000, 0x8, 0xffffffff, 0x4, 0x4, 0x3, 0x50, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0xbcdb], [0x7, 0x407, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0xa2, 0x8000, 0x0, 0x5, 0xb, 0x5, 0x5, 0x5, 0x4000000, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0xfffffffe, 0x3, 0x20000008, 0x8000004, 0x6d01, 0x2, 0x38, 0x800083, 0x200, 0x80, 0x3, 0x8000004, 0x2970bfaf, 0x1000, 0xa2, 0x7, 0xad, 0x4005, 0x6, 0x6, 0xca, 0x1ff, 0x3, 0x7ff, 0xbe, 0x4, 0x7, 0xe, 0x0, 0x5, 0x1c, 0x8, 0x4, 0x8, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x6, 0xb, 0x5, 0x2, 0x5, 0x3, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x9, 0x1, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0xfffffffe, 0x6, 0x2, 0x149, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x7, 0xfffff000, 0x10010000, 0x0, 0x7e, 0x9, 0x9602, 0x40007, 0xaf, 0x5, 0x6, 0x227, 0x2, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf3c, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x1, 0xb1e, 0x2000d7, 0x201, 0xffff3441, 0x4]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486315, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

55.151611721s ago: executing program 6 (id=10240):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

55.122318841s ago: executing program 6 (id=10241):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
dup(r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYRES32], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0x71096000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r7, 0x11, 0x1, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum64={0x6, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x6f, 0x2e, 0x2e, 0x2e, 0x5f]}}, 0x0, 0x2b, 0x0, 0x1, 0x8000}, 0x28)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10c}}, 0x28040800)
ioctl$VIDIOC_DQEVENT(0xffffffffffffffff, 0x80785659, &(0x7f0000000440)={0x0, @frame_sync})
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r9, &(0x7f0000000900)={0x667, 0x7d, 0x0, {{0x500, 0x2b5, 0x0, 0x0, {0x4}, 0x0, 0x0, 0xffffffff, 0x0, 0x2e, '\x04nodZ=\xbfd\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x9beq,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1', 0x9a, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f\x9e\xde\x05J\x00\x00\x00\x00\x18{\x82\xd9\xb5i(\xfb\xbf\v\x00\x00+Y_\xcb\x14\xa8\xf3\x0e&\xe5&\xab\xc1\x80jB\xdez\xdc\x81\x06\xb4\x94\xe1\x8d\xb5\x7f\xc1\xac\x8d\x06\x85\x95\xf0\x1c\x1c\xbe\x05\xc2v\x16/\x81\xb4\a\xe5\r\xb6\x939g!\xf3\xed\x9c\xe2\x01\x9e\xe6\xa9F\xe3\xa5Z\x1b@\xee\xb9:\xc2\x9f7[Z\xfd\xf1\xdf\x11,\x9a\xaf\xd3i\x94\xe1e\xb3:\xf7\x86\xc54\x05\x87]7\xa0E\"\x17\x8b7P\x9es\xc7\x02_\xc4\x13\xc7\xd1*\x80\x86?p#hf\x8d', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\"(9\xe4F\x1a\xb6*\xeb\x84\x1f \x83~\x01\b\xe2\xe7HP\x1cQH', 0x185, '\xf8\xf6i\xfbqm\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00\x87\x0fFB\xe4\xc5\xde\x87\x14\xa2\xb0\x84L#E\xd8\xdfI\xd7\x00\xef\xc4R\xaf\xb5F\x9e\xaa\xd2\xc8\x85z5$F\xae+N\xa7\b\xfa\"\xc6\xdeH\x82\xe3FAQ\xdfC\xbeZ\'\x9a\x95\xf2\xa9\x00\x17D\xa9tSXF\xe1>-\f\xb4\x9eJ\x0f\xa1u3C\xb8\xa3\xc0\xaf\xca\xe6,\xc4)\xc0\xec}dT\x00\x00B\x8dX\x9du\x9fa~\xa1\x95\"\xc6/\x19$\x80\x11\x9b(\x01\xc9\xc1\x04\x14\x05`\xf2\r8Y\n\x81\x98*\x94\x90\xb3\x95\xe9\x00t\v\xdc\x1a\xb08w&A\x9b\xff\xd5\xc7s}L*\x17\xb9/\x18\xed\xc9\x9c\x10\x99\xe4\x0f\x13\xd8(\x04\x9f<[:\x7f\xe00\xd9\xc7\x8a\xea\x99\x03\xaf\x14#U\xf5I\xab\xb3\xf7\xb4\v\xb0\x10\"+O\xed\xec\xd3\x0e\xa3\x9e\xc49fG\"a\xb0\xd5\xabe\x14Cj\xc3\xb9pn\x01\xeb\xfe^\v\xb34w\xd1\xcfx\xe0l\\\xd5\x83\xa4\x9b3jV\xba\xb25\x90\xba\x87\x0f\xc2Et\xbf\xf1\x8c\xb5\x81\x92\xdet%>\xde\xab\xcc\n\x02\xcd\xc7\xd4>\xc4\x84\x88\x0e\xa7\xfb\xc4\x80e\"\xc7\x8e\x1f\xa7\x06\xda\x87\b\xeaQ~\\\x8b_*\x10w\xf6\xf6\xf3\xdd`\xfd\xf9B\"\xe9\xa2g/\x80:'}, 0x39d, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12.a\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x9d\x8d\xd5\xc0p\x99\xeb\x1b\x11\x03\x06U\xf5biOat=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11\xe5\x9d\xfb\xd8\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xed\x8e<\xea\v^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5(\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\xc5\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xae-[\\\x99\xf7\x17\xf0\xa0wI#\x9b]\b\xf8\xc5\xc0\xadyQ\xe0\xa7\xc7\xf3\xdb\x8d\xfd?\x86W%\x8al\x04\xf3-W\xad(s\xdeE\xfa\x98\xb0\xf8&y\x17\xff\x9b\xbe\x9c\rt\xa5\xac\xa2\x06\xfe)\xe0\xc1\x03\x9f\"U<\'GB]\x83\x100x.\xe7\x8f\x8b\xa3]\xe3\x18\xc5?\tO\x92\\\xc9x.\x94\xb6\xc8p\xa4\x87g\x8b\xfa\xe7E\xdf\xf2h\xbd\xa7\xfd\xec\x87<\xe4\xfbK\x8d\xcb\xa0A\x9b0D\x9a\xdf\xefrAb\xbf\xb1\n\xaf\xcf\xeaH\xa6\x7f\xaew3\xcc:\x7f\x1e\xef\x91\xbeR\x85!^\xabA\xf6', 0xffffffffffffffff}}, 0x667)
socket$inet6(0xa, 0x5, 0x0)

53.091132169s ago: executing program 44 (id=10202):
r0 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
r1 = socket(0x10, 0x2, 0x0) (rerun: 64)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010003904000000000000000080040000", @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100736974001400028006000e000600000008000100", @ANYRES64=r1], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x134, 0x18, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0xa, 0x0, 0x0, 0x62}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x134}, 0x1, 0x0, 0x0, 0x8801}, 0x0) (async)
sendto$packet(r0, &(0x7f0000000600)="05d936277c6f54220002097844ffcf8bd1846f7f83477ca1b278e3e4018a34844b9d62cbd7cd2a62646c95c716727eb53bcc1379f3d83cd0dfe20660", 0x3c, 0x8c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

52.037808471s ago: executing program 45 (id=10212):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x2, 0x3, 0xf8)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8000, 0x0, 0x2, 0x0, 0xfffffe0000000001, 0xfa11, 0xfffffffd}, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000240)={0x1b, "8a6035ceeae3ecc42317afad010000000000000400", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0x40103e05, &(0x7f0000000040)={"130f2672af9ee0452321864922cd3bebd7f9cec5064e58445f1268334b4900"})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[], 0xa8}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000042000000060000000800000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES16=r0, @ANYRESOCT], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x1, 0x0, r4}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000010000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800000085000000a800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

49.991608048s ago: executing program 46 (id=10222):
syz_emit_ethernet(0x82, &(0x7f0000000200)={@local, @empty, @val, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5f1060", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8160}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x86ddffff, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}}, 0x0)

38.906246246s ago: executing program 47 (id=10241):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
dup(r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYRES32], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0x71096000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_udp_int(r7, 0x11, 0x1, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@enum64={0x6, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x6f, 0x2e, 0x2e, 0x2e, 0x5f]}}, 0x0, 0x2b, 0x0, 0x1, 0x8000}, 0x28)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10c}}, 0x28040800)
ioctl$VIDIOC_DQEVENT(0xffffffffffffffff, 0x80785659, &(0x7f0000000440)={0x0, @frame_sync})
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r9, &(0x7f0000000900)={0x667, 0x7d, 0x0, {{0x500, 0x2b5, 0x0, 0x0, {0x4}, 0x0, 0x0, 0xffffffff, 0x0, 0x2e, '\x04nodZ=\xbfd\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x9beq,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1', 0x9a, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f\x9e\xde\x05J\x00\x00\x00\x00\x18{\x82\xd9\xb5i(\xfb\xbf\v\x00\x00+Y_\xcb\x14\xa8\xf3\x0e&\xe5&\xab\xc1\x80jB\xdez\xdc\x81\x06\xb4\x94\xe1\x8d\xb5\x7f\xc1\xac\x8d\x06\x85\x95\xf0\x1c\x1c\xbe\x05\xc2v\x16/\x81\xb4\a\xe5\r\xb6\x939g!\xf3\xed\x9c\xe2\x01\x9e\xe6\xa9F\xe3\xa5Z\x1b@\xee\xb9:\xc2\x9f7[Z\xfd\xf1\xdf\x11,\x9a\xaf\xd3i\x94\xe1e\xb3:\xf7\x86\xc54\x05\x87]7\xa0E\"\x17\x8b7P\x9es\xc7\x02_\xc4\x13\xc7\xd1*\x80\x86?p#hf\x8d', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\"(9\xe4F\x1a\xb6*\xeb\x84\x1f \x83~\x01\b\xe2\xe7HP\x1cQH', 0x185, '\xf8\xf6i\xfbqm\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00\x87\x0fFB\xe4\xc5\xde\x87\x14\xa2\xb0\x84L#E\xd8\xdfI\xd7\x00\xef\xc4R\xaf\xb5F\x9e\xaa\xd2\xc8\x85z5$F\xae+N\xa7\b\xfa\"\xc6\xdeH\x82\xe3FAQ\xdfC\xbeZ\'\x9a\x95\xf2\xa9\x00\x17D\xa9tSXF\xe1>-\f\xb4\x9eJ\x0f\xa1u3C\xb8\xa3\xc0\xaf\xca\xe6,\xc4)\xc0\xec}dT\x00\x00B\x8dX\x9du\x9fa~\xa1\x95\"\xc6/\x19$\x80\x11\x9b(\x01\xc9\xc1\x04\x14\x05`\xf2\r8Y\n\x81\x98*\x94\x90\xb3\x95\xe9\x00t\v\xdc\x1a\xb08w&A\x9b\xff\xd5\xc7s}L*\x17\xb9/\x18\xed\xc9\x9c\x10\x99\xe4\x0f\x13\xd8(\x04\x9f<[:\x7f\xe00\xd9\xc7\x8a\xea\x99\x03\xaf\x14#U\xf5I\xab\xb3\xf7\xb4\v\xb0\x10\"+O\xed\xec\xd3\x0e\xa3\x9e\xc49fG\"a\xb0\xd5\xabe\x14Cj\xc3\xb9pn\x01\xeb\xfe^\v\xb34w\xd1\xcfx\xe0l\\\xd5\x83\xa4\x9b3jV\xba\xb25\x90\xba\x87\x0f\xc2Et\xbf\xf1\x8c\xb5\x81\x92\xdet%>\xde\xab\xcc\n\x02\xcd\xc7\xd4>\xc4\x84\x88\x0e\xa7\xfb\xc4\x80e\"\xc7\x8e\x1f\xa7\x06\xda\x87\b\xeaQ~\\\x8b_*\x10w\xf6\xf6\xf3\xdd`\xfd\xf9B\"\xe9\xa2g/\x80:'}, 0x39d, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12.a\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x9d\x8d\xd5\xc0p\x99\xeb\x1b\x11\x03\x06U\xf5biOat=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11\xe5\x9d\xfb\xd8\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xed\x8e<\xea\v^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5(\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\xc5\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xae-[\\\x99\xf7\x17\xf0\xa0wI#\x9b]\b\xf8\xc5\xc0\xadyQ\xe0\xa7\xc7\xf3\xdb\x8d\xfd?\x86W%\x8al\x04\xf3-W\xad(s\xdeE\xfa\x98\xb0\xf8&y\x17\xff\x9b\xbe\x9c\rt\xa5\xac\xa2\x06\xfe)\xe0\xc1\x03\x9f\"U<\'GB]\x83\x100x.\xe7\x8f\x8b\xa3]\xe3\x18\xc5?\tO\x92\\\xc9x.\x94\xb6\xc8p\xa4\x87g\x8b\xfa\xe7E\xdf\xf2h\xbd\xa7\xfd\xec\x87<\xe4\xfbK\x8d\xcb\xa0A\x9b0D\x9a\xdf\xefrAb\xbf\xb1\n\xaf\xcf\xeaH\xa6\x7f\xaew3\xcc:\x7f\x1e\xef\x91\xbeR\x85!^\xabA\xf6', 0xffffffffffffffff}}, 0x667)
socket$inet6(0xa, 0x5, 0x0)

38.098270287s ago: executing program 7 (id=10272):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x6)
close_range(r0, 0xffffffffffffffff, 0x0)

38.031486066s ago: executing program 7 (id=10273):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xb, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xffffff69, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
fsopen(&(0x7f00000000c0)='virtiofs\x00', 0x0)

37.971214446s ago: executing program 7 (id=10275):
membarrier(0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r1 = syz_open_dev$hidraw(&(0x7f0000000280), 0x1, 0x803)
ioctl$HIDIOCGFEATURE(r1, 0xc0404807, &(0x7f0000000500)={0x4, "328c59d81b2daf54bfa1ec894fac5cf43da29f6590f83db6fe329a15538fbd107ccbf16888a951d2a37e2a3a5764b748110437f8ecf3d644ec044de8c10473b0"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000a00)=[{{&(0x7f0000000580)=@isdn, 0x80, &(0x7f0000000780)=[{&(0x7f0000000340)=""/22, 0x16}, {&(0x7f0000000600)=""/95, 0x5f}, {&(0x7f0000000680)=""/208, 0xd0}, {&(0x7f0000000900)=""/215, 0xd7}], 0x4, &(0x7f00000007c0)=""/26, 0x1a}, 0x2f98cd3a}], 0x1, 0x123, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
r6 = getpid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r8, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r6}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f00000003c0)={{0xa, 0x6, 0x6, 0x0, 'syz1\x00', 0x401}, 0x3, 0x20000000, 0x4, r6, 0x9, 0x3, 'syz0\x00', &(0x7f0000000300)=['\x00', '-\x14[&$\x00', '\x00', '%@\x00', '{-[+-\x00', '\x00', '*\x00', '/dev/vim2m\x00', '/dev/comedi0\x00'], 0x2c})
sendmsg$inet(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$inet6(r9, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0xdfb, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd\xb4\xd9\x1b\xb1&\t^\xb6\xb7\xc2\xc1\xf7\x83\xad\xab?\xc2\r\f@&\xf1\xcci[5{\xc5\x17t\xd2w\x00\xac\x12\x0f\x8bM\x8eJ\x1fk\xd8\xe8\xa3\x0e\xda9\x82!Y\xd4\xbeP\xcaB\x8d\xd5/6\x81\xad\xfb+&\x87\x1b\x9f\x8bcsj@\xfc&0{L\x1f\xc8iszj\x84\xac\xc2VI\x16\xb5\xd6\x13\xae\xff\xad\xa5u\xd3Dy\xa1\x00\xa0\xd7\xfd\x8d\xd0\x85k\x19u&l5\xd2*ss\x1b\x12\x8cc|\xc6\xb52e\\\xeaB#w\x9b=\xfdF\xcb\xdbr\xfe\xfa\xb3\xad\x94J\"&\x17P\xf7=\x88Lf\xe5\\\x9agq\x9e\x17\x15L\xc7\xdco\xf4\xa4K\xb5\x06w\xa5\xe6\x9e%\xe5\xdc\xc8\xc9\xb8\xa9#\xe6\xcc\x9e\xb4\xc1\x9b\xeb\xf3\x1e\xa6?\x9f\xb5U\xae\xb3\x84\xf7\x05!z\x88\xc54-A\x10A\x8af\xc8\x82\xc9:0V\x89\xcb\xfag\xbe\xcaO[\xa9\xeb`\x026}\xff;\xe4:\'\xc1\x18\xbf\x03B\xc4N\xa0\xfd\xdbk\xa9p\xb9\x04\xfa\xa0\x13\xe5+\x95\xf5\xb1\xdc\x8b\xd2\xcbf\x84\xc6\xde!\x974\xe3\xc6\xa3Sa\x1eP\xf4\x9dd\x18gH\xf5E\xfb_\xdc0\x1d{iT\xf0o\x94')
membarrier(0x20, 0x0)

36.771292282s ago: executing program 7 (id=10282):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000012000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=r0], 0x28}, 0x1, 0x0, 0x0, 0xc1}, 0x806)
r1 = openat$cdrom(0xffffff9c, &(0x7f00000021c0), 0x0, 0x0)
ioctl$CDROMSUBCHNL(r1, 0x530b, 0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
syz_usb_connect$lan78xx(0x5, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r3, &(0x7f00000012c0)="a52876830a602214f6", 0x9)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000080)=0x80000003)
r4 = dup2(r2, r2)
read$FUSE(r4, &(0x7f00000063c0)={0x2020}, 0x2020)

34.927928131s ago: executing program 7 (id=10293):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100)
fcntl$notify(r0, 0x402, 0x8000000b)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
socket(0x10, 0x80002, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
userfaultfd(0x80801)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$XFS_IOC_FSGEOMETRY_V4(r1, 0x8070587c, &(0x7f0000000100))
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

34.755901353s ago: executing program 7 (id=10294):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000002f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{}, {0x0, <r2=>0x80000000}, {0x0, 0x80000000, 0x0, {<r3=>0x0}}, {0x0, <r4=>0x80000000, 0x0, {<r5=>0x0}}], 0x0, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f00000003c0)={{r2, r3, 0x3, [0xff7fffff, 0x9]}, {r4, r5, 0x2, [0x8, 0xe7]}, 0x2, [0x93e, 0x7fffffff]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
unshare(0x6a040000)
r9 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x1f, 0x7ffdd000, 0x8000}], 0x320000)
kexec_load(0x2, 0x1, &(0x7f0000000140)=[{&(0x7f0000000080)="4c2a9e5fdbbd6e10d17cae3b91d35d734a99bc6074fb67a79fbdcb93ec0c7a03c7d6f538e40ee641013705c91365cb8a8e2da00766d6417883cab2493185e9a69c488747e20a6c377387c3223f906091c88dca43d7a411499dd0a227a1cd89882e9ac2206832b884c8684edc1d19693da78b49aa82d1749b89889d8bbc950d8ba4ef9d694141a5f2aa8a8c3ebe9f0d434ee5ec3354d99ff87422614e48c8d1b9f78f63e6203ad18ea2bb0721b3084e3dcd6ce355313c00", 0xb7, 0x6, 0x2}], 0x80000)
writev(r9, &(0x7f0000000540)=[{&(0x7f0000001680)='0', 0x1}, {&(0x7f00000007c0)="89", 0x1}], 0x2)

19.737920913s ago: executing program 48 (id=10294):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
fsopen(0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0xc0487c04, &(0x7f0000002f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)=[{}, {0x0, <r2=>0x80000000}, {0x0, 0x80000000, 0x0, {<r3=>0x0}}, {0x0, <r4=>0x80000000, 0x0, {<r5=>0x0}}], 0x0, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f00000003c0)={{r2, r3, 0x3, [0xff7fffff, 0x9]}, {r4, r5, 0x2, [0x8, 0xe7]}, 0x2, [0x93e, 0x7fffffff]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
unshare(0x6a040000)
r9 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x1f, 0x7ffdd000, 0x8000}], 0x320000)
kexec_load(0x2, 0x1, &(0x7f0000000140)=[{&(0x7f0000000080)="4c2a9e5fdbbd6e10d17cae3b91d35d734a99bc6074fb67a79fbdcb93ec0c7a03c7d6f538e40ee641013705c91365cb8a8e2da00766d6417883cab2493185e9a69c488747e20a6c377387c3223f906091c88dca43d7a411499dd0a227a1cd89882e9ac2206832b884c8684edc1d19693da78b49aa82d1749b89889d8bbc950d8ba4ef9d694141a5f2aa8a8c3ebe9f0d434ee5ec3354d99ff87422614e48c8d1b9f78f63e6203ad18ea2bb0721b3084e3dcd6ce355313c00", 0xb7, 0x6, 0x2}], 0x80000)
writev(r9, &(0x7f0000000540)=[{&(0x7f0000001680)='0', 0x1}, {&(0x7f00000007c0)="89", 0x1}], 0x2)

5.916265065s ago: executing program 4 (id=10499):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000810}, 0x20004090)
mmap$IORING_OFF_CQ_RING(&(0x7f0000fec000/0x12000)=nil, 0x12000, 0x2, 0x10, 0xffffffffffffffff, 0x8000000)
r1 = syz_io_uring_setup(0x135a, &(0x7f00000001c0)={0x0, 0x7134, 0x40, 0x3, 0x218}, &(0x7f00000000c0), &(0x7f0000000140)=<r2=>0x0)
r3 = openat$pfkey(0xffffff9c, &(0x7f0000000240), 0x80040, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1002, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r4 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0}, 0x94)
io_uring_register$IORING_REGISTER_FILES(r4, 0x1e, &(0x7f0000000000)=[r4], 0x1)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000004, 0x8010, r3, 0x8000000)
syz_io_uring_submit(r6, r2, &(0x7f0000000280)=@IORING_OP_SHUTDOWN={0x22, 0x6b, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r5}})
writev(r1, &(0x7f0000000500)=[{&(0x7f00000002c0)="dd964a9cc5c6ae694671275ac4520bf5386104f30ce6e93e716a57516e4659ca84583bdf437611410e689b9304a47917e8fdfcfaf542f71295ca253200f45bbedd91911e4183d5131156c2fe26", 0x4d}, {&(0x7f0000000340)="f1d5beb4fdd68c37b2ce5554dbf4385e604619e0838211dfa169eeefffc7f9c26a6f342e91425b0b1793e76f88bfa0720be4683e363357c1079d5881a75149384005870d1612e21d424f5296dbc179a6957e13cd12975ba71764e2805ec1dc34a4e522ebd734aa49c740745e859ce51a8b61b77f589a0a08da065eb311f2eac652243afd435d7a0c8f885e4727b5e798dcd8fa70f5d8b1072c6b86ee5e30e9efac", 0xa1}, {&(0x7f0000000400)="7244e687646c514fd3348128866dc1f0fe85b7e8fc423a3b1ca8bb58bf2190465fc272d2d09d2c9c3d6066cdc9c8a3ed2c1a2e8466edabf98643bb52060e2353a7320944853d2eb27827b2e680fd3e176bcd628e233407fb2515cd6d1b956480e02ae3024e1b70ed51cacc045e21e16f6fb8d70d5459892b02c0b60a9e363c863d68d9559aa8ac5030347fa62f3c143f0d10159d67986f0e36c1c9262563a22ef7f5cbeddf4c179435389c9e6e8e3c51acc0bf5339094291886d6b6d8c713dbd3c31a4115d604a29e3090fc48377cc75f8a1129e0741a3d4cdbc0db76909ef616c4aa97ee0cca836e9fc910ca0e1dd1a9b4b44d2717842fc48", 0xf9}], 0x3)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), r7)
sendmsg$GTP_CMD_NEWPDP(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x24, r8, 0x400, 0x0, 0x0, {0x3}, [@GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040017}, 0x0)
getsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, &(0x7f0000000040), &(0x7f0000000080)=0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e079c0814"], 0xa)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'geneve0\x00', <r11=>0x0})
sendmsg$kcm(r10, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r11, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96d", 0xe}], 0x1}, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000840)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000800)={&(0x7f0000000580)=@newqdisc={0x268, 0x24, 0x4, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0x8, 0x8}, {0x3, 0x3}, {0x9, 0x4}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x220, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "6634e1a359b7d2127deddb230925cb39138608e59d24c6bc3e68ec7e27d9d468505adc543727e4c0ad17aef2e210add0f437caf633c311fd30d6c783cd740a8156348033560f2169dbda18e66ed92d54221277670dcaa8786099680313cbd92b79d2e1befc4bae666fe0a2ab52b30625b45bf59da0c3ebf32152e77330bd733c34153d3b31b5d36ea8abcb4dc7ff2a3c7f319c04465796514ff4d66570055a1deca76af58282b668947af0eb79c72e3726bf6101906cb46809ab212b03b12f3950b051a4c0cbf29401b527f3448a9580c0a9b79ace32e47fdb513ac12d4ac836a7c2c273c15eaba56faa10260a06cfc1fcbfe05f7f63ab086c2176b61a049454"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0xb8, 0x5d35, 0x101, 0x6, 0x12, 0x4, 0x7}}, @TCA_CHOKE_STAB={0x104, 0x2, "330873aca89469d74bcd5d46aa63b3653c2ba8adf5648f15928e3bc15a0d0ae1b97d39bc26b3d6525bed649c2e068c4592e80c8ab3258f947fe3ee29f28848eedc7f2cd366da8c66505932da86e54640c91ee5ad82a3eee642c2e2c4594230e0a7c7508c800c74286ce248a8100fa325c5fdacd627e8fa98ebcc7a040da98c2b00d90a9e9f742632da9c08ae654a71a38e5cddf095d1b53536eb7d2573ddd3b3e660be65f5a91d40c54d61c283c28f2de77c524347aab1c8c9c9b0e1c56ab4b3e20dfb2a375dd879c669cda0720ef59b2f5a69efb81d8e4e24729439d3f7ac2e60c9983c4e067248b847beafd0552e388b76abe7cd49aa70334658d3d63401a1"}]}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xff}, @TCA_RATE={0x6, 0x5, {0x80, 0x1}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x5}]}, 0x268}, 0x1, 0x0, 0x0, 0x4}, 0x2800)

5.809548505s ago: executing program 4 (id=10501):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) (async)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17) (async)
r0 = userfaultfd(0x801) (async)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) (async)
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) (async, rerun: 32)
syz_clone3(&(0x7f0000000180)={0x2d008600, 0x0, 0x0, 0x0, {}, 0x0, 0x10, 0x0, 0x0}, 0x58) (rerun: 32)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280))
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f00000010c0)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"}) (async, rerun: 32)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (rerun: 32)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0xfffff000, 0x1000, &(0x7f0000001000/0x1000)=nil}) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async, rerun: 32)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (rerun: 32)
r5 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000000)=0x2, 0x0, 0x4)

3.790664788s ago: executing program 4 (id=10512):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x8, 0xb}, 0x50)
syz_open_dev$video(&(0x7f0000000000), 0x4, 0x402440)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.705997251s ago: executing program 4 (id=10514):
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x9cf, 0x0, 0x2}, {0x63b, 0x0, 0x1}]})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x4000000)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r5, 0x4068aea3, &(0x7f0000000300)={0x9f})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/if_inet6\x00')
preadv2(r7, &(0x7f0000002780)=[{&(0x7f00000005c0)=""/4096, 0x1000}], 0x1, 0x2, 0x7, 0x1)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x401c0}, [@IFLA_PORT_SELF={0x34, 0x19, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x80}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "f897efcc7df290992814b962b038a4f9"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "889e833f60eac4cc9ccbb79234ba2051"}]}, @IFLA_MASTER={0x8, 0x3, r6}]}, 0x5c}}, 0x24000840)
fsopen(&(0x7f0000000100)='adfs\x00', 0x0)

3.321532066s ago: executing program 4 (id=10518):
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @local, 0x100003}, @ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0xa}, @sco, 0x100, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x3})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r3, r4, 0x0, 0x201f00)
socket$nl_generic(0x10, 0x3, 0x10)
close(r0)

2.153369846s ago: executing program 8 (id=10525):
r0 = socket$netlink(0x10, 0x3, 0x14)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, r1, 0x1, 0x70bd2a, 0x25dfdc01, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}]}, 0x58}, 0x1, 0x0, 0x0, 0x8041}, 0x8054)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x4, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}}, 0x14}}, 0x4)

2.041334536s ago: executing program 8 (id=10527):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$kcm(0x29, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x10, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40046f41, &(0x7f0000000440)=0x1f)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x48000}], 0x320000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_VALIDATE={0x8, 0x9, 0x2}, @IFLA_BOND_MIIMON={0x8, 0x3, 0x5}]}}}]}, 0x44}}, 0x0)
syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0)

1.123340481s ago: executing program 8 (id=10539):
memfd_create(&(0x7f0000000040)='\x02A\xbb\xcc\x96\x0e\x00\x00\x00\x00\x00\x00', 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x58, 0x10, 0x401, 0x1000000, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}, @IFLA_XFRM_LINK={0x8, 0x1, 0x2}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, &(0x7f0000000100), 0x10)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001000010700000000000000000af300000c0002006e6c383032313100aeda41ed11110f2c"], 0x20}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r6, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$F2FS_IOC_SET_PIN_FILE(r7, 0x4004f50d, &(0x7f0000000240))
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYRES32=r7, @ANYBLOB='.'], 0x20)
recvmmsg(r4, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r8 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r8, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x1, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r8, r8, &(0x7f0000000080), 0x7f03)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000001500010300000000000000000c00000008000400"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4000000)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)

1.119526375s ago: executing program 0 (id=10540):
msgsnd(0x0, 0x0, 0x8, 0x0)
msgrcv(0x0, 0x0, 0x0, 0xced6b2bc496a26e6, 0x1800)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="e700"})

948.640771ms ago: executing program 4 (id=10541):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MAC_ACL(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYRES64=r2, @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf255d00000008000300", @ANYRES32=r1, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000044}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x2000018d, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYRES32=r2], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xfffffffc, 0x0, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
mount$9p_virtio(&(0x7f0000000400), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99bfa00", 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000005000)=ANY=[], 0x1198}, 0x1, 0x0, 0x0, 0x14000080}, 0x8890)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x80, 0x3, 0x288}, &(0x7f0000000440)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)

946.736268ms ago: executing program 0 (id=10542):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/comedi4\x00', 0x80600, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000540))
r3 = dup(r2)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x0, r3})
mount$bind(0x0, 0x0, 0x0, 0x2263804, 0xf6)
r4 = dup(r0)
ioctl$KVM_CREATE_VCPU(r4, 0x640f, 0xfffffffffffffffc)

851.129203ms ago: executing program 0 (id=10543):
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0xe500, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x84, 0x20, 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROMREADCOOKED(r0, 0x5315, &(0x7f0000000200))
ioctl$CDROMEJECT_SW(r2, 0x530f, 0x4)

700.527494ms ago: executing program 0 (id=10544):
pipe(&(0x7f0000000180)) (async)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x7400}, 0x2040) (async)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000000c0601020000000000000000010000070900020073797a32000000000900020073797a30000000000900020073c9ee797a020073797a310000000005000100070000000500010007000000"], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
socket(0x10, 0x803, 0x0) (async)
syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async, rerun: 32)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa, 0x4e20, 0x80000, @loopback, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x18}, 0xc044) (rerun: 32)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

694.430691ms ago: executing program 0 (id=10545):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1060, 0x80, 0x4, 0x222}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_SENDMSG={0x9, 0x10, 0x0, r0, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x0, 0x1000})
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000001240)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000030000009200000008000300", @ANYRES32=r6], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_OCB(r3, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x20, r4, 0x10, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xff, 0x8}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4040000)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

410.631614ms ago: executing program 0 (id=10547):
socket$nl_generic(0x11, 0x3, 0x10)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x0, 0x400007, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', <r9=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xd1, 0x0, 0x0, @loopback, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000240)={'tunl0\x00', r9, 0x700, 0x7800, 0xffff, 0x8001, {{0x5, 0x4, 0x0, 0x28, 0x14, 0x68, 0x0, 0x10, 0x4, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
socket$inet_mptcp(0x2, 0x1, 0x106)
bind$can_raw(r7, &(0x7f0000000000), 0x10)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x23457, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x200000, 0x0, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x800)
syz_emit_ethernet(0xe0, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000400000088089cbaceb8507693e378e56e66c4727d1270cb6102314ba9e285a3834f3572f9a3cfa3c85ca94d5f57320d858e67dff72f8132cd048312371f7ed13753f49861d7344eb9978aabb85142c9bdaa0b727965188c360d0378487fce095cb62a12ec17e82fc1b4c544e62236871234657dcd43a2e845c3f27bd095022ac28186b4f8fd649f974219507d31e0631751a119be94573fbef7283309394a9f0adad6f6abbbf2323afd132b86652c74f7a0be49b5690a08576ecf9f1c8249e69dc66a18e5"], 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
recvmsg(r10, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x0)
sendmsg$tipc(r11, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0)

356.541562ms ago: executing program 9 (id=10548):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x159}, {&(0x7f00000007c0)=""/154, 0x4a}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xffc99a3b}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

221.009786ms ago: executing program 9 (id=10549):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'caif0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000021c0)=@newtfilter={0x30, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20041090}, 0x4040800) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000021c0)=@newtfilter={0x30, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20041090}, 0x4040800)
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000200012800b00010067656e657665000010000280040010"], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

220.672241ms ago: executing program 9 (id=10550):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x26)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="2503000000000000040008"], 0x14}}, 0x0)

173.763399ms ago: executing program 8 (id=10551):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="0209000a0200"], 0x10}}, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000500)=0x625, 0x4)

110.956539ms ago: executing program 9 (id=10552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0xa5) (async)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async, rerun: 64)
r1 = open(&(0x7f0000001240)='./file0\x00', 0x800, 0xa9) (rerun: 64)
mknodat$loop(r1, &(0x7f0000000300)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00') (async)
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x1400) (async)
rename(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@gettfilter={0x2c, 0x2e, 0x500, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff2}, {0x6, 0xf}, {0xb, 0x1}}, [{0x8, 0xb, 0xdffffffc}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4c858}, 0x4048084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x8b}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 64)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 64)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x0, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) (async, rerun: 64)
r5 = socket$inet6(0xa, 0x1, 0x0) (rerun: 64)
dup2(r5, r5)

110.453898ms ago: executing program 8 (id=10553):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@ipv6_newnexthop={0x1c, 0x68, 0x1, 0x40000, 0xfffffffd, {0x2, 0x0, 0x0, 0x0, 0x4}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x20000014)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x2}, @NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14}}, @NHA_OIF={0x8, 0x5, r5}]}, 0x40}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390016001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

97.726981ms ago: executing program 8 (id=10554):
socket(0x10, 0x803, 0x800000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000340)={{0x9, 0x2, 0x0, 0x92, 'syz1\x00', 0x72}, 0x1, 0x20000002, 0x2, r3, 0x7, 0x5, 'syz0\x00', &(0x7f0000000480)=[':%#,{B\x00', '&\x00', '\x00', ')$^+\x00', '\x00h\x82\x82\\\xe9\x14\x96\xd0\x05\xa7\xcf\xea\b\xb0\x0e\x04\x8a\x05\x1f\xe7\xdcV\xf0\xb3I\x8b%y\x88\xb6\xe6\x98U\xbd\xdaJ\xadE\xdd@\xd5\xd8\xb1L\x80\xd7C\xa4\x11\xe6:e\xa6?\x9f\x96#\xb5\x86\xa5v\x8a\xa7\x84\xe2\xc3\x00\xab\xcc!\b\x05\t(\xf1\xc8\x9e\x84\xb9\xaf\x00C\xba\xd5D\xac\xdb\xd8,\xb2\xd3\x1c\x1aAm\x81U(y\xae&\xdcv\x9c#Uc\xf8Jj\xa9Z_\xe7\xcc-_a\xd0\xff\f\x18\xdc\xb2c])8T\xceD\xd5\xf5\x02\b\xa4\xaa\x01l$\xe2F\x94\xf0\x17;\xa6]\xe2\x05\x0e\xe0$\xf7]Hr\xfb\xbc\\|]\xda\x94\xbdk\xc9\t\xb2\xba\xe9h\x10i\xff#o\xd9\x88\xf4uO\xff\xfbh\xd4\xe6B\x1b\x1fHTK\xa9\x80]\xd1\x10\x0e\xf9R\x19\xa3\x8a\xcc\x82s\x91\xf8g\xee{\r|%LE\xcd\xd9-\x8f\t\xb1\xf1E\x1d\xb1S\x91\xcfpW\xb8s\x974\x85&\xd9G7', '#\x00', '[-*$$\xcd\x00'], 0x10a})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r3}, &(0x7f0000000080))
read$FUSE(r2, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
connect$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x40, 0x200000, 0x0, 0xb49, 0x6, 0xc, 0x0, 0x1}, 0x0)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f00000000c0)={0xe}, 0x4)
read$dsp(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
lseek(r5, 0x1000000, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
clock_settime(0xfffffffb, &(0x7f0000000140))
bind$alg(0xffffffffffffffff, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040), 0x0)
socket(0x10, 0x803, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, 0x0)

77.416467ms ago: executing program 9 (id=10555):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000c1001000000000001c000000850000000e00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'authenc(michael_mic-generic,pcbc(fcrypt-generic))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480), 0xb7)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000c1001000000000001c000000850000000e00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (async)
socket$alg(0x26, 0x5, 0x0) (async)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'authenc(michael_mic-generic,pcbc(fcrypt-generic))\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480), 0xb7) (async)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x800452d2, 0x0) (async)

0s ago: executing program 9 (id=10556):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00')
pread64(r4, &(0x7f0000000380)=""/221, 0xdd, 0x101)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
writev(r5, &(0x7f0000000640)=[{&(0x7f0000000500)="e4", 0x1}], 0x1)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1703}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x1200}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x20, &(0x7f0000000440)={&(0x7f0000000400)=""/24, 0x18, <r8=>0x0, &(0x7f0000001300)=""/4096, 0x1000}}, 0x10)
r9 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@o_path={&(0x7f00000004c0)='./file0\x00', 0x0, 0x10, r0}, 0x14)
r10 = openat$ipvs(0xffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1a, 0x17, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x80000000}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_fd={0x18, 0xb, 0x1, 0x0, r5}, @call={0x85, 0x0, 0x0, 0x73}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x4}, @alu={0x7, 0x0, 0x1, 0x1, 0x8, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x4, '\x00', r7, @fallback=0x30, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0xd, 0xf313, 0xdfe}, 0x10, r8, 0xffffffffffffffff, 0x7, &(0x7f0000000580)=[r9, 0x1, r10], &(0x7f00000005c0)=[{0x1, 0x1, 0x10, 0x5}, {0x3, 0x5, 0x4, 0x1}, {0x5, 0x5, 0x8, 0xc}, {0x5, 0x2, 0x4, 0x5}, {0x5, 0x5, 0x1, 0x2}, {0x4, 0x4, 0xa, 0x9}, {0x1, 0x2, 0x10, 0x6}]}, 0x94)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r14, {0x4, 0xf}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x8, 0x2, [@TCA_CGROUP_EMATCHES={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
getsockopt$rose(r2, 0x104, 0x4, &(0x7f0000000000), &(0x7f00000001c0)=0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x714, 0x0, 0xfffffffffffffd25)

kernel console output (not intermixed with test programs):

tached
[ 1895.061250][ T2179] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1895.201241][ T2179] usb 6-1: device descriptor read/64, error -71
[ 1895.252071][ T6376] usb 46-1: SetAddress Request (27) to port 0
[ 1895.254629][ T6376] usb 46-1: new SuperSpeed USB device number 27 using vhci_hcd
[ 1895.441504][ T2179] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1895.571186][ T2179] usb 6-1: device descriptor read/64, error -71
[ 1895.591714][T11331] vhci_hcd: connection reset by peer
[ 1895.594006][ T1140] vhci_hcd vhci_hcd.4: stop threads
[ 1895.596393][ T1140] vhci_hcd vhci_hcd.4: release socket
[ 1895.598234][ T1140] vhci_hcd vhci_hcd.4: disconnect device
[ 1895.681571][ T2179] usb usb6-port1: attempt power cycle
[ 1896.021964][ T2179] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1896.051593][T14020] usb 48-1: device descriptor read/8, error -110
[ 1896.056271][T11357] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[ 1896.057793][ T2179] usb 6-1: device descriptor read/8, error -71
[ 1896.058678][T11357] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1896.058806][T11357] vhci_hcd vhci_hcd.0: Device attached
[ 1896.132422][T11360] random: crng reseeded on system resumption
[ 1896.250296][   T40] kauditd_printk_skb: 94 callbacks suppressed
[ 1896.250313][   T40] audit: type=1326 audit(1771549208.664:17479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.263230][   T40] audit: type=1326 audit(1771549208.684:17480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.273809][   T40] audit: type=1326 audit(1771549208.694:17481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.285039][   T40] audit: type=1326 audit(1771549208.694:17482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.292455][T14020] usb 48-1: SetAddress Request (27) to port 0
[ 1896.294271][   T40] audit: type=1326 audit(1771549208.694:17483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.295326][T14020] usb 48-1: new SuperSpeed USB device number 27 using vhci_hcd
[ 1896.302769][   T40] audit: type=1326 audit(1771549208.694:17484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.311242][ T2179] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1896.313294][   T40] audit: type=1326 audit(1771549208.694:17485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.324574][   T40] audit: type=1326 audit(1771549208.694:17486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.331963][   T40] audit: type=1326 audit(1771549208.704:17487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf71c5b6b code=0x7ffc0000
[ 1896.339354][   T40] audit: type=1326 audit(1771549208.704:17488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.8.10059" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fc7f6c code=0x7ffc0000
[ 1896.341795][ T2179] usb 6-1: device descriptor read/8, error -71
[ 1896.471770][ T2179] usb usb6-port1: unable to enumerate USB device
[ 1896.519291][T11367] vhci_hcd vhci_hcd.0: port 0 already used
[ 1896.632037][T11358] vhci_hcd: connection reset by peer
[ 1896.633999][T11346] vhci_hcd vhci_hcd.5: stop threads
[ 1896.636300][T11346] vhci_hcd vhci_hcd.5: release socket
[ 1896.638833][T11346] vhci_hcd vhci_hcd.5: disconnect device
[ 1896.651854][T11376] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1897.353812][T11386] netlink: 92 bytes leftover after parsing attributes in process `syz.8.10066'.
[ 1897.360009][T11386] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10066'.
[ 1897.558340][T11392] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[ 1897.560417][T11392] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1897.564477][T11392] vhci_hcd vhci_hcd.0: Device attached
[ 1897.683089][T11399] random: crng reseeded on system resumption
[ 1898.021508][T11397] vhci_hcd vhci_hcd.0: port 0 already used
[ 1898.308097][T11393] vhci_hcd: connection closed
[ 1898.311536][T11348] vhci_hcd vhci_hcd.5: stop threads
[ 1898.315750][T11348] vhci_hcd vhci_hcd.5: release socket
[ 1898.318145][T11348] vhci_hcd vhci_hcd.5: disconnect device
[ 1898.702194][T11437] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1898.704287][T11437] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1898.706957][T11437] vhci_hcd vhci_hcd.0: Device attached
[ 1898.843152][T11439] random: crng reseeded on system resumption
[ 1898.859257][T11443] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1898.861333][T11443] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1898.863953][T11443] vhci_hcd vhci_hcd.0: Device attached
[ 1898.876567][T11440] vhci_hcd: connection closed
[ 1898.877332][T23036] vhci_hcd vhci_hcd.4: stop threads
[ 1898.881845][T23036] vhci_hcd vhci_hcd.4: release socket
[ 1898.884219][T23036] vhci_hcd vhci_hcd.4: disconnect device
[ 1898.920701][T11445] random: crng reseeded on system resumption
[ 1898.940485][T11446] vhci_hcd: connection closed
[ 1898.940808][T23036] vhci_hcd vhci_hcd.1: stop threads
[ 1898.951238][T23036] vhci_hcd vhci_hcd.1: release socket
[ 1898.953576][T23036] vhci_hcd vhci_hcd.1: disconnect device
[ 1899.511803][T11471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10081'.
[ 1899.515679][T11471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10081'.
[ 1899.615106][T11476] netlink: 64 bytes leftover after parsing attributes in process `syz.4.10084'.
[ 1899.618128][T11476] netlink: 64 bytes leftover after parsing attributes in process `syz.4.10084'.
[ 1899.651162][T11475] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[ 1899.813542][T11478] vhci_hcd vhci_hcd.0: port 0 already used
[ 1900.248369][T11503] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1900.250486][T11503] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1900.253119][T11503] vhci_hcd vhci_hcd.0: Device attached
[ 1900.278410][T11496] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1900.280500][T11496] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1900.283263][T11496] vhci_hcd vhci_hcd.0: Device attached
[ 1900.301726][ T9134] usb 10-1: new low-speed USB device number 52 using dummy_hcd
[ 1900.317324][T11505] random: crng reseeded on system resumption
[ 1900.359504][T11506] vhci_hcd: connection reset by peer
[ 1900.359864][T11500] random: crng reseeded on system resumption
[ 1900.366938][T11352] vhci_hcd vhci_hcd.4: stop threads
[ 1900.368651][T11352] vhci_hcd vhci_hcd.4: release socket
[ 1900.370492][ T6376] usb 46-1: device descriptor read/8, error -110
[ 1900.375611][T11352] vhci_hcd vhci_hcd.4: disconnect device
[ 1900.411359][T11509] vhci_hcd: connection closed
[ 1900.412064][T11352] vhci_hcd vhci_hcd.1: stop threads
[ 1900.416652][T11352] vhci_hcd vhci_hcd.1: release socket
[ 1900.418957][T11352] vhci_hcd vhci_hcd.1: disconnect device
[ 1900.441670][ T9134] usb 10-1: device descriptor read/64, error -71
[ 1900.681299][ T9134] usb 10-1: new low-speed USB device number 53 using dummy_hcd
[ 1900.771261][T23780] Bluetooth: hci1: command 0x0406 tx timeout
[ 1900.771684][ T6376] usb usb46-port1: attempt power cycle
[ 1900.811408][ T9134] usb 10-1: device descriptor read/64, error -71
[ 1900.931646][ T9134] usb usb10-port1: attempt power cycle
[ 1901.124012][T31285] Bluetooth: hci4: hcon ffff888063600000 sent 1 < count 4096
[ 1901.131044][T23780] Bluetooth: hci2: hcon ffff88806eb9c000 sent 4 < count 4096
[ 1901.134856][T11520] FAULT_INJECTION: forcing a failure.
[ 1901.134856][T11520] name failslab, interval 1, probability 0, space 0, times 0
[ 1901.140112][T11520] CPU: 0 UID: 0 PID: 11520 Comm: syz.1.10098 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1901.140141][T11520] Tainted: [L]=SOFTLOCKUP
[ 1901.140148][T11520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1901.140159][T11520] Call Trace:
[ 1901.140166][T11520]  <TASK>
[ 1901.140174][T11520]  dump_stack_lvl+0x100/0x190
[ 1901.140205][T11520]  should_fail_ex.cold+0x5/0xa
[ 1901.140227][T11520]  should_failslab+0xc2/0x120
[ 1901.140259][T11520]  __kvmalloc_node_noprof+0xfa/0xa00
[ 1901.140283][T11520]  ? seq_read_iter+0x819/0x1270
[ 1901.140307][T11520]  ? find_held_lock+0x2b/0x80
[ 1901.140334][T11520]  ? aa_file_perm+0x268/0x1530
[ 1901.140356][T11520]  seq_read_iter+0x819/0x1270
[ 1901.140392][T11520]  seq_read+0x33b/0x4c0
[ 1901.140416][T11520]  ? __pfx_seq_read+0x10/0x10
[ 1901.140457][T11520]  ? __pfx_seq_read+0x10/0x10
[ 1901.140481][T11520]  proc_reg_read+0x240/0x330
[ 1901.140505][T11520]  ? __pfx_proc_reg_read+0x10/0x10
[ 1901.140530][T11520]  vfs_read+0x1e4/0xb30
[ 1901.140559][T11520]  ? __pfx_vfs_read+0x10/0x10
[ 1901.140583][T11520]  ? __fget_files+0x215/0x3d0
[ 1901.140614][T11520]  ? __fget_files+0x21f/0x3d0
[ 1901.140646][T11520]  ksys_read+0x12a/0x250
[ 1901.140671][T11520]  ? __pfx_ksys_read+0x10/0x10
[ 1901.140695][T11520]  ? __pfx_ksys_write+0x10/0x10
[ 1901.140726][T11520]  __do_fast_syscall_32+0xe3/0x8c0
[ 1901.140752][T11520]  do_fast_syscall_32+0x32/0x70
[ 1901.140774][T11520]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1901.140797][T11520] RIP: 0023:0xf7fc3f6c
[ 1901.140812][T11520] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1901.140829][T11520] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[ 1901.140847][T11520] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1901.140859][T11520] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[ 1901.140870][T11520] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1901.140880][T11520] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1901.140891][T11520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1901.140915][T11520]  </TASK>
[ 1901.270558][T11528] wg1 speed is unknown, defaulting to 1000
[ 1901.277180][T11528] lo speed is unknown, defaulting to 1000
[ 1901.291302][ T9134] usb 10-1: new low-speed USB device number 54 using dummy_hcd
[ 1901.311873][ T9134] usb 10-1: device descriptor read/8, error -71
[ 1901.344303][ T6376] usb usb46-port1: unable to enumerate USB device
[ 1901.350393][T11534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10102'.
[ 1901.411392][T14020] usb 48-1: device descriptor read/8, error -110
[ 1901.433612][T23780] Bluetooth: hci2: hcon ffff88806eb9c000 sent 4 < count 4096
[ 1901.464182][T11532] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1901.467012][T11532] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1901.470471][T11532] vhci_hcd vhci_hcd.0: Device attached
[ 1901.542222][T14020] usb usb48-port1: attempt power cycle
[ 1901.554700][T11537] random: crng reseeded on system resumption
[ 1901.575960][T11538] vhci_hcd: connection closed
[ 1901.576320][   T74] vhci_hcd vhci_hcd.1: stop threads
[ 1901.580647][   T74] vhci_hcd vhci_hcd.1: release socket
[ 1901.583687][   T74] vhci_hcd vhci_hcd.1: disconnect device
[ 1901.591296][ T9134] usb 10-1: new low-speed USB device number 55 using dummy_hcd
[ 1901.617587][ T9134] usb 10-1: device descriptor read/8, error -71
[ 1901.738438][ T9134] usb usb10-port1: unable to enumerate USB device
[ 1901.889160][T11544] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1901.891831][T11544] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1901.895303][T11544] vhci_hcd vhci_hcd.0: Device attached
[ 1901.957039][T11546] random: crng reseeded on system resumption
[ 1901.989525][T11547] vhci_hcd: connection closed
[ 1901.989690][T23036] vhci_hcd vhci_hcd.4: stop threads
[ 1901.993083][T23036] vhci_hcd vhci_hcd.4: release socket
[ 1901.994963][T23036] vhci_hcd vhci_hcd.4: disconnect device
[ 1902.107254][T11550] vhci_hcd vhci_hcd.0: port 0 already used
[ 1902.111751][T14020] usb usb48-port1: unable to enumerate USB device
[ 1902.722983][T11566] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1902.904672][T11571] input: syz0 as /devices/virtual/input/input76
[ 1903.490307][T11586] fuse: Unknown parameter 'm¾Ì(ð2§Es�ª£B"”/ïÀQ¥þV\êÄ)Ú|Â\þ ´
[ 1903.490307][T11586] QG#â9*j624>ÛyýƒÍ
[ 1903.490307][T11586] 5H75Býa³kTÅfnI2Pã!G8ãÊÌ$¥]ýÕ'
[ 1903.772114][T11589] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1903.774247][T11589] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1903.776844][T11589] vhci_hcd vhci_hcd.0: Device attached
[ 1903.846463][T11589] random: crng reseeded on system resumption
[ 1903.978996][T11592] vhci_hcd: connection closed
[ 1903.981451][   T13] vhci_hcd vhci_hcd.1: stop threads
[ 1903.985477][   T13] vhci_hcd vhci_hcd.1: release socket
[ 1903.987742][   T13] vhci_hcd vhci_hcd.1: disconnect device
[ 1904.106152][T11600] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[ 1904.108260][T11600] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1904.110880][T11600] vhci_hcd vhci_hcd.0: Device attached
[ 1904.169151][T11602] random: crng reseeded on system resumption
[ 1904.195688][T11603] vhci_hcd: connection closed
[ 1904.195876][   T13] vhci_hcd vhci_hcd.5: stop threads
[ 1904.199158][   T13] vhci_hcd vhci_hcd.5: release socket
[ 1904.200863][   T13] vhci_hcd vhci_hcd.5: disconnect device
[ 1904.940000][T11621] x_tables: duplicate underflow at hook 1
[ 1904.945004][T11621] hub 8-0:1.0: USB hub found
[ 1904.947405][T11621] hub 8-0:1.0: 1 port detected
[ 1904.967016][   T40] kauditd_printk_skb: 41 callbacks suppressed
[ 1904.967029][   T40] audit: type=1326 audit(1771549217.384:17530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1904.988026][T11621] 9p: Invalid uid '0x00000000ffffffff'
[ 1904.991742][   T40] audit: type=1326 audit(1771549217.384:17531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.011306][   T40] audit: type=1326 audit(1771549217.394:17532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.018007][   T40] audit: type=1326 audit(1771549217.394:17533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.037421][   T40] audit: type=1326 audit(1771549217.394:17534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.051553][   T40] audit: type=1326 audit(1771549217.394:17535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.059211][   T40] audit: type=1326 audit(1771549217.394:17536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.076173][   T40] audit: type=1326 audit(1771549217.404:17537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.192283][T11623] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10123'.
[ 1905.199144][T11623] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10123'.
[ 1905.229285][   T40] audit: type=1326 audit(1771549217.634:17538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1905.271501][   T40] audit: type=1326 audit(1771549217.664:17539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11618 comm="syz.5.10123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1906.066872][T11636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10127'.
[ 1906.132509][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10125'.
[ 1906.378706][T11638] vhci_hcd vhci_hcd.0: port 0 already used
[ 1906.402133][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10131'.
[ 1906.407727][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10131'.
[ 1906.412756][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10131'.
[ 1906.417821][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10131'.
[ 1906.422247][T11652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10131'.
[ 1906.458151][T11638] random: crng reseeded on system resumption
[ 1906.934310][T11659] x_tables: duplicate underflow at hook 1
[ 1906.945724][T11659] hub 8-0:1.0: USB hub found
[ 1906.952426][T11659] hub 8-0:1.0: 1 port detected
[ 1907.001205][T11659] 9p: Invalid uid '0x00000000ffffffff'
[ 1907.215728][T11674] binder: 11671:11674 unknown command 0
[ 1907.218122][T11674] binder: 11671:11674 ioctl c0306201 80000080 returned -22
[ 1907.464184][T11678] vhci_hcd vhci_hcd.0: port 0 already used
[ 1907.525437][T11681] random: crng reseeded on system resumption
[ 1908.059406][T11689] orangefs_devreq_write_iter: failed to copy head.
[ 1908.421828][T11696] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10152'.
[ 1909.159970][T11705] vhci_hcd vhci_hcd.0: port 0 already used
[ 1909.243522][T11710] random: crng reseeded on system resumption
[ 1910.094842][T11729] vhci_hcd vhci_hcd.0: port 0 already used
[ 1910.153554][T11722] cgroup: fork rejected by pids controller in /syz8
[ 1910.157076][T11735] netlink: 'syz.1.10149': attribute type 10 has an invalid length.
[ 1910.163537][T11721] netlink: 'syz.1.10149': attribute type 10 has an invalid length.
[ 1910.174940][T11735] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1910.183873][T11735] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1910.194352][T11721] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1910.197461][T11721] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1910.201564][T11721] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1910.204309][T11721] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1910.209638][T11721] bond0: (slave batadv0): Releasing backup interface
[ 1910.387341][T11839] FAULT_INJECTION: forcing a failure.
[ 1910.387341][T11839] name failslab, interval 1, probability 0, space 0, times 0
[ 1910.393010][T11839] CPU: 3 UID: 0 PID: 11839 Comm: syz.8.10159 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1910.393037][T11839] Tainted: [L]=SOFTLOCKUP
[ 1910.393043][T11839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1910.393052][T11839] Call Trace:
[ 1910.393058][T11839]  <TASK>
[ 1910.393065][T11839]  dump_stack_lvl+0x100/0x190
[ 1910.393092][T11839]  should_fail_ex.cold+0x5/0xa
[ 1910.393110][T11839]  ? tomoyo_encode2+0xfb/0x3c0
[ 1910.393125][T11839]  should_failslab+0xc2/0x120
[ 1910.393150][T11839]  __kmalloc_noprof+0xe0/0x850
[ 1910.393170][T11839]  ? d_absolute_path+0x136/0x1b0
[ 1910.393193][T11839]  tomoyo_encode2+0xfb/0x3c0
[ 1910.393212][T11839]  tomoyo_encode+0x29/0x50
[ 1910.393227][T11839]  tomoyo_realpath_from_path+0x18c/0x690
[ 1910.393248][T11839]  tomoyo_path_number_perm+0x23c/0x580
[ 1910.393270][T11839]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1910.393293][T11839]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1910.393343][T11839]  ? find_held_lock+0x2b/0x80
[ 1910.393365][T11839]  ? hook_file_ioctl_common+0x146/0x410
[ 1910.393387][T11839]  ? __fget_files+0x215/0x3d0
[ 1910.393414][T11839]  ? __fget_files+0x21f/0x3d0
[ 1910.393439][T11839]  security_file_ioctl_compat+0xd3/0x230
[ 1910.393464][T11839]  __ia32_compat_sys_ioctl+0xc2/0x360
[ 1910.393489][T11839]  __do_fast_syscall_32+0xe3/0x8c0
[ 1910.393512][T11839]  do_fast_syscall_32+0x32/0x70
[ 1910.393530][T11839]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1910.393550][T11839] RIP: 0023:0xf7fc7f6c
[ 1910.393564][T11839] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1910.393578][T11839] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[ 1910.393595][T11839] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c038563c
[ 1910.393605][T11839] RDX: 0000000080000340 RSI: 0000000000000000 RDI: 0000000000000000
[ 1910.393615][T11839] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1910.393624][T11839] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1910.393633][T11839] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1910.393654][T11839]  </TASK>
[ 1910.393667][T11839] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1910.917871][T11861] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1910.920480][T11861] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1910.930550][T11861] vhci_hcd vhci_hcd.0: Device attached
[ 1911.014391][T11861] random: crng reseeded on system resumption
[ 1911.271365][T32054] usb 40-1: SetAddress Request (28) to port 0
[ 1911.273661][T11874] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[ 1911.276106][T11874] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1911.279770][T32054] usb 40-1: new SuperSpeed USB device number 28 using vhci_hcd
[ 1911.282585][T11874] vhci_hcd vhci_hcd.0: Device attached
[ 1911.483173][T11866] vhci_hcd: connection reset by peer
[ 1911.485152][T23036] vhci_hcd vhci_hcd.1: stop threads
[ 1911.486864][T23036] vhci_hcd vhci_hcd.1: release socket
[ 1911.491855][T23036] vhci_hcd vhci_hcd.1: disconnect device
[ 1911.571430][ T4096] usb 48-1: SetAddress Request (30) to port 0
[ 1911.574146][ T4096] usb 48-1: new SuperSpeed USB device number 30 using vhci_hcd
[ 1911.836234][T11875] vhci_hcd: connection reset by peer
[ 1911.838739][   T12] vhci_hcd vhci_hcd.5: stop threads
[ 1911.840698][   T12] vhci_hcd vhci_hcd.5: release socket
[ 1911.843324][   T12] vhci_hcd vhci_hcd.5: disconnect device
[ 1912.117690][T11879] __nla_validate_parse: 3 callbacks suppressed
[ 1912.117707][T11879] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10169'.
[ 1912.124240][T11879] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10169'.
[ 1912.222431][T11882] netlink: 'syz.1.10170': attribute type 2 has an invalid length.
[ 1912.228983][T11882] hmaÓË224)
: entered promiscuous mode
[ 1914.844860][T11905] overlayfs: missing 'lowerdir'
[ 1914.865656][T11905] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1914.867929][T11905] overlayfs: failed to set xattr on upper
[ 1914.869756][T11905] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1914.872140][T11905] overlayfs: ...falling back to index=off.
[ 1914.874023][T11905] overlayfs: ...falling back to uuid=null.
[ 1914.896802][T11905] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 1914.898913][T11905] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1914.911539][T11905] vhci_hcd vhci_hcd.0: Device attached
[ 1914.928594][   T40] kauditd_printk_skb: 162 callbacks suppressed
[ 1914.928652][   T40] audit: type=1326 audit(1771549227.344:17702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.1.10177" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3f6c code=0x0
[ 1915.621507][T11906] vhci_hcd: connection closed
[ 1915.621990][   T13] vhci_hcd vhci_hcd.1: stop threads
[ 1915.626137][   T13] vhci_hcd vhci_hcd.1: release socket
[ 1915.628552][   T13] vhci_hcd vhci_hcd.1: disconnect device
[ 1916.408643][T32054] usb 40-1: device descriptor read/8, error -110
[ 1916.522044][T11911] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1916.524189][T11911] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1916.532275][T11911] vhci_hcd vhci_hcd.0: Device attached
[ 1916.612134][T11914] random: crng reseeded on system resumption
[ 1916.612342][ T4096] usb 48-1: device descriptor read/8, error -110
[ 1916.671236][T32054] usb 40-1: SetAddress Request (29) to port 0
[ 1916.673898][T32054] usb 40-1: new SuperSpeed USB device number 29 using vhci_hcd
[ 1917.001732][ T4096] usb usb48-port1: attempt power cycle
[ 1917.088601][T11912] vhci_hcd: connection reset by peer
[ 1917.090519][   T13] vhci_hcd vhci_hcd.1: stop threads
[ 1917.092288][   T13] vhci_hcd vhci_hcd.1: release socket
[ 1917.094239][   T13] vhci_hcd vhci_hcd.1: disconnect device
[ 1917.561748][ T4096] usb usb48-port1: unable to enumerate USB device
[ 1918.242746][T11924] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1918.245285][T11924] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1918.248043][T11924] vhci_hcd vhci_hcd.0: Device attached
[ 1918.332927][T11927] random: crng reseeded on system resumption
[ 1918.881201][T11925] vhci_hcd: connection closed
[ 1918.881420][T23036] vhci_hcd vhci_hcd.1: stop threads
[ 1918.887950][T23036] vhci_hcd vhci_hcd.1: release socket
[ 1918.889684][T23036] vhci_hcd vhci_hcd.1: disconnect device
[ 1919.970708][T11931] syz.1.10181 (11931): drop_caches: 2
[ 1921.731466][T32054] usb 40-1: device descriptor read/8, error -110
[ 1921.892654][T32054] usb usb40-port1: attempt power cycle
[ 1922.483774][T32054] usb usb40-port1: unable to enumerate USB device
[ 1925.018348][T31285] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1925.033929][T31285] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1925.037904][T31285] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1925.041720][T31285] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1925.053940][T31285] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1925.094966][T11943] syzkaller0: entered promiscuous mode
[ 1925.097318][T11943] syzkaller0: entered allmulticast mode
[ 1925.127541][T11940] wg1 speed is unknown, defaulting to 1000
[ 1925.143224][T11940] lo speed is unknown, defaulting to 1000
[ 1925.510766][T11940] chnl_net:caif_netlink_parms(): no params data found
[ 1925.605024][T11940] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1925.607384][T11940] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1925.609663][T11940] bridge_slave_0: entered allmulticast mode
[ 1925.613207][T11940] bridge_slave_0: entered promiscuous mode
[ 1925.616297][T11940] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1925.618551][T11940] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1925.620808][T11940] bridge_slave_1: entered allmulticast mode
[ 1925.623533][T11940] bridge_slave_1: entered promiscuous mode
[ 1925.638557][T11940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1925.645450][T11940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1925.666657][T11940] team0: Port device team_slave_0 added
[ 1925.669814][T11940] team0: Port device team_slave_1 added
[ 1925.750498][T11346] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1925.834428][T11940] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1925.839173][T11940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1925.934067][T11940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1925.964170][T11940] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1925.966722][T11940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1925.980420][T11940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1926.070274][T11940] hsr_slave_0: entered promiscuous mode
[ 1926.094323][T11940] hsr_slave_1: entered promiscuous mode
[ 1926.096797][T11940] debugfs: 'hsr0' already exists in 'hsr'
[ 1926.098694][T11940] Cannot create hsr debugfs directory
[ 1926.188179][T31285] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1926.188475][T11346] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1926.196775][T31285] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1926.215193][T31285] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1926.224717][T31285] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1926.228642][T31285] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1926.404109][T11346] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1926.441292][T11959] wg1 speed is unknown, defaulting to 1000
[ 1926.444345][T11959] lo speed is unknown, defaulting to 1000
[ 1926.544104][T11346] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1926.840508][T11959] chnl_net:caif_netlink_parms(): no params data found
[ 1927.002491][T11959] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1927.005563][T11959] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1927.009172][T11959] bridge_slave_0: entered allmulticast mode
[ 1927.014534][T11959] bridge_slave_0: entered promiscuous mode
[ 1927.018609][T11979] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1927.018918][T11959] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1927.020674][T11979] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1927.025119][T11979] vhci_hcd vhci_hcd.0: Device attached
[ 1927.027085][T11959] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1927.031863][T11959] bridge_slave_1: entered allmulticast mode
[ 1927.035876][T11959] bridge_slave_1: entered promiscuous mode
[ 1927.058323][T11959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1927.087295][T11959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1927.091277][T23780] Bluetooth: hci0: command tx timeout
[ 1927.108891][T11959] team0: Port device team_slave_0 added
[ 1927.125902][T11959] team0: Port device team_slave_1 added
[ 1927.132898][T11988] random: crng reseeded on system resumption
[ 1927.170785][T11959] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1927.173882][T11959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1927.192139][T11959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1927.196654][T11959] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1927.198972][T11959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1927.207198][T11959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1927.236515][T11959] hsr_slave_0: entered promiscuous mode
[ 1927.239805][T11959] hsr_slave_1: entered promiscuous mode
[ 1927.243240][T11959] debugfs: 'hsr0' already exists in 'hsr'
[ 1927.245688][T11959] Cannot create hsr debugfs directory
[ 1927.291206][T29925] usb 40-1: SetAddress Request (32) to port 0
[ 1927.293466][T29925] usb 40-1: new SuperSpeed USB device number 32 using vhci_hcd
[ 1927.634070][T11984] vhci_hcd: connection reset by peer
[ 1927.636912][T23036] vhci_hcd vhci_hcd.1: stop threads
[ 1927.639127][T23036] vhci_hcd vhci_hcd.1: release socket
[ 1927.641693][T23036] vhci_hcd vhci_hcd.1: disconnect device
[ 1928.112179][T31285] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1928.118906][T31285] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1928.123769][T31285] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1928.127766][T31285] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1928.133298][T31285] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1928.171355][T12016] wg1 speed is unknown, defaulting to 1000
[ 1928.178406][T12016] lo speed is unknown, defaulting to 1000
[ 1928.294443][T31285] Bluetooth: hci2: command tx timeout
[ 1928.453373][T12016] chnl_net:caif_netlink_parms(): no params data found
[ 1928.496404][T12016] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1928.499710][T12016] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1928.502372][T12016] bridge_slave_0: entered allmulticast mode
[ 1928.505327][T12016] bridge_slave_0: entered promiscuous mode
[ 1928.508560][T12016] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1928.511530][T12016] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1928.513867][T12016] bridge_slave_1: entered allmulticast mode
[ 1928.516528][T12016] bridge_slave_1: entered promiscuous mode
[ 1928.534448][T12016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1928.539185][T12016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1928.555221][T12016] team0: Port device team_slave_0 added
[ 1928.558372][T12016] team0: Port device team_slave_1 added
[ 1928.559162][T12037] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1928.563015][T12037] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1928.581371][T12037] vhci_hcd vhci_hcd.0: Device attached
[ 1928.658722][T12016] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1928.661932][T12016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1928.674814][T12040] random: crng reseeded on system resumption
[ 1928.682899][T12016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1928.696537][T12016] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1928.699465][T12016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1928.711670][T12016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1928.763109][T12016] hsr_slave_0: entered promiscuous mode
[ 1928.765393][T12016] hsr_slave_1: entered promiscuous mode
[ 1928.767504][T12016] debugfs: 'hsr0' already exists in 'hsr'
[ 1928.769311][T12016] Cannot create hsr debugfs directory
[ 1928.881627][T11346] bridge_slave_1: left allmulticast mode
[ 1928.883481][T11346] bridge_slave_1: left promiscuous mode
[ 1928.885591][T11346] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1928.889976][T11346] bridge_slave_0: left allmulticast mode
[ 1928.892220][T11346] bridge_slave_0: left promiscuous mode
[ 1928.894109][T11346] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1929.138481][T11346] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1929.144766][T11346] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1929.149926][T11346] bond0 (unregistering): Released all slaves
[ 1929.166449][T12038] vhci_hcd: connection closed
[ 1929.166730][   T13] vhci_hcd vhci_hcd.1: stop threads
[ 1929.167756][T11346] bond1 (unregistering): Released all slaves
[ 1929.169692][   T13] vhci_hcd vhci_hcd.1: release socket
[ 1929.176176][T31285] Bluetooth: hci0: command tx timeout
[ 1929.182864][   T13] vhci_hcd vhci_hcd.1: disconnect device
[ 1929.627473][T11346] hsr_slave_0: left promiscuous mode
[ 1929.630455][T11346] hsr_slave_1: left promiscuous mode
[ 1929.633889][T11346] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1929.637509][T11346] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1929.640636][T11346] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1929.644177][T11346] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1929.650935][T11346] veth1_macvtap: left promiscuous mode
[ 1929.654361][T11346] veth0_macvtap: left promiscuous mode
[ 1929.656527][T11346] veth1_vlan: left promiscuous mode
[ 1929.658399][T11346] veth0_vlan: left promiscuous mode
[ 1929.847916][   T40] audit: type=1326 audit(1771549242.264:17703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12054 comm="syz.1.10191" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc3f6c code=0x0
[ 1929.906778][T11346] team0 (unregistering): Port device team_slave_1 removed
[ 1929.915673][T11346] team0 (unregistering): Port device team_slave_0 removed
[ 1930.218471][T31285] Bluetooth: hci3: command tx timeout
[ 1930.371541][T31285] Bluetooth: hci2: command tx timeout
[ 1930.501967][T11346] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.626273][T11346] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.783942][T11346] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1930.803574][T12084] netlink: 'syz.1.10192': attribute type 4 has an invalid length.
[ 1930.880413][T11346] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1931.117602][T11346] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[ 1931.174496][T11346] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1931.178790][T11346] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1931.182761][T11346] bond0 (unregistering): Released all slaves
[ 1931.188236][T11346] bond1 (unregistering): Released all slaves
[ 1931.251314][T31285] Bluetooth: hci0: command tx timeout
[ 1931.291341][T11346] tipc: Disabling bearer <udp:syz2>
[ 1931.293873][T11346] tipc: Left network mode
[ 1931.735559][T11346] hsr_slave_0: left promiscuous mode
[ 1931.738037][T11346] hsr_slave_1: left promiscuous mode
[ 1931.740742][T11346] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1931.743391][T11346] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1931.753068][T11346] veth1_macvtap: left promiscuous mode
[ 1931.754850][T11346] veth0_macvtap: left promiscuous mode
[ 1931.756649][T11346] veth1_vlan: left promiscuous mode
[ 1931.758704][T11346] veth0_vlan: left promiscuous mode
[ 1931.909408][T11346] team0 (unregistering): Port device team_slave_1 removed
[ 1931.921301][T11346] team0 (unregistering): Port device team_slave_0 removed
[ 1932.009192][T12114] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10195'.
[ 1932.061706][T12114] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[ 1932.063993][T12114] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1932.067468][T12114] vhci_hcd vhci_hcd.0: Device attached
[ 1932.077189][T12115] vhci_hcd: connection closed
[ 1932.077377][T11348] vhci_hcd vhci_hcd.1: stop threads
[ 1932.080666][T11348] vhci_hcd vhci_hcd.1: release socket
[ 1932.083257][T11348] vhci_hcd vhci_hcd.1: disconnect device
[ 1932.295577][T31285] Bluetooth: hci3: command tx timeout
[ 1932.375854][T29925] usb 40-1: device descriptor read/8, error -110
[ 1932.451715][T31285] Bluetooth: hci2: command tx timeout
[ 1932.768034][T29925] usb usb40-port1: attempt power cycle
[ 1932.798874][T29924] hid_parser_main: 12 callbacks suppressed
[ 1932.798895][T29924] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[ 1932.810973][T29924] hid-generic 0000:0000:0000.0016: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1933.331805][T29925] usb usb40-port1: unable to enumerate USB device
[ 1933.341833][T31285] Bluetooth: hci0: command tx timeout
[ 1933.377247][T11959] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1933.391079][T11959] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1933.398454][T11959] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1933.467936][T11959] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1933.579366][T11959] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1933.588115][T11959] 8021q: adding VLAN 0 to HW filter on device team0
[ 1933.601825][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1933.604164][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1933.607798][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1933.610116][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1933.809064][T11959] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1933.856977][T11959] veth0_vlan: entered promiscuous mode
[ 1933.862448][T11959] veth1_vlan: entered promiscuous mode
[ 1933.879219][T11959] veth0_macvtap: entered promiscuous mode
[ 1933.883823][T11959] veth1_macvtap: entered promiscuous mode
[ 1933.895221][T11959] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1933.903416][T11959] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1933.910645][T11346] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.914286][T11346] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.916980][T11346] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1933.919705][T11346] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1934.037620][T11352] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1934.040516][T11352] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1934.079275][T11346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1934.080522][T12016] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1934.082249][T11346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1934.090471][T12016] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1934.114153][T12016] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1934.123765][T12016] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1934.156303][T11940] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1934.160955][T11940] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1934.168451][T11940] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1934.174086][T11940] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1934.236525][T11940] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1934.240614][T12016] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1934.262920][T11940] 8021q: adding VLAN 0 to HW filter on device team0
[ 1934.273189][T12016] 8021q: adding VLAN 0 to HW filter on device team0
[ 1934.277721][T11347] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1934.280097][T11347] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1934.287167][T11347] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1934.289403][T11347] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1934.298105][T11352] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1934.300391][T11352] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1934.305585][T11352] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1934.308023][T11352] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1934.371277][T31285] Bluetooth: hci3: command tx timeout
[ 1934.371897][T12016] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1934.527592][T12016] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1934.531727][T31285] Bluetooth: hci2: command tx timeout
[ 1934.546575][T11940] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1934.588944][T11940] veth0_vlan: entered promiscuous mode
[ 1934.609368][T11940] veth1_vlan: entered promiscuous mode
[ 1934.639092][T11940] veth0_macvtap: entered promiscuous mode
[ 1934.646604][T11940] veth1_macvtap: entered promiscuous mode
[ 1934.663338][T11940] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1934.673491][T11940] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1934.689585][T11352] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1934.693060][T11352] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1934.697604][T11352] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1934.702655][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1934.822334][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1934.825349][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1934.853221][T12016] veth0_vlan: entered promiscuous mode
[ 1934.860836][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1934.864618][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1934.867257][T12016] veth1_vlan: entered promiscuous mode
[ 1934.903980][T12263] netlink: 'syz.1.10201': attribute type 1 has an invalid length.
[ 1934.913728][T12016] veth0_macvtap: entered promiscuous mode
[ 1934.957861][T12263] bond1: (slave geneve2): making interface the new active one
[ 1934.976825][T12263] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1934.999622][T12016] veth1_macvtap: entered promiscuous mode
[ 1935.012666][   T12] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[ 1935.016226][   T12] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[ 1935.023326][   T12] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[ 1935.027816][   T12] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[ 1935.054810][T12271] FAULT_INJECTION: forcing a failure.
[ 1935.054810][T12271] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1935.058913][T12271] CPU: 2 UID: 0 PID: 12271 Comm: syz.3.10203 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1935.058932][T12271] Tainted: [L]=SOFTLOCKUP
[ 1935.058936][T12271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1935.058943][T12271] Call Trace:
[ 1935.058948][T12271]  <TASK>
[ 1935.058954][T12271]  dump_stack_lvl+0x100/0x190
[ 1935.058974][T12271]  should_fail_ex.cold+0x5/0xa
[ 1935.058987][T12271]  _copy_to_user+0x32/0xd0
[ 1935.059006][T12271]  simple_read_from_buffer+0xcb/0x170
[ 1935.059024][T12271]  proc_fail_nth_read+0x1af/0x230
[ 1935.059037][T12271]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1935.059051][T12271]  ? rw_verify_area+0xce/0x6d0
[ 1935.059065][T12271]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1935.059077][T12271]  vfs_read+0x1e4/0xb30
[ 1935.059095][T12271]  ? __pfx_vfs_read+0x10/0x10
[ 1935.059110][T12271]  ? find_held_lock+0x2b/0x80
[ 1935.059129][T12271]  ? __fget_files+0x215/0x3d0
[ 1935.059148][T12271]  ? __fget_files+0x21f/0x3d0
[ 1935.059168][T12271]  ksys_read+0x12a/0x250
[ 1935.059185][T12271]  ? __pfx_ksys_read+0x10/0x10
[ 1935.059205][T12271]  do_int80_emulation+0x141/0x6b0
[ 1935.059222][T12271]  asm_int80_emulation+0x1a/0x20
[ 1935.059234][T12271] RIP: 0023:0xf7185b6b
[ 1935.059244][T12271] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 1935.059254][T12271] RSP: 002b:00000000f54464bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 1935.059266][T12271] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54465d0
[ 1935.059273][T12271] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 1935.059279][T12271] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1935.059285][T12271] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1935.059292][T12271] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1935.059306][T12271]  </TASK>
[ 1935.072360][T12016] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1935.133491][T12275] loop8: detected capacity change from 0 to 8
[ 1935.167117][T12016] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1935.185346][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1935.192718][T12275] loop8: detected capacity change from 8 to 7
[ 1935.196496][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1935.261252][T11348] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1935.272764][T11348] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1935.339285][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1935.342060][T12275] Dev loop8: unable to read RDB block 7
[ 1935.342102][T12275]  loop8: unable to read partition table
[ 1935.342274][T12275] loop8: partition table beyond EOD, truncated
[ 1935.342304][T12275] loop_reread_partitions: partition scan of loop8 (”Q˜y,øÿÿÿüFê¦)) failed (rc=-5)
[ 1935.342367][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1935.409228][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1935.412286][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1935.505369][ T5340] Dev loop8: unable to read RDB block 7
[ 1935.507153][ T5340]  loop8: unable to read partition table
[ 1935.509285][ T5340] loop8: partition table beyond EOD, truncated
[ 1936.193642][T12333] netlink: 'syz.1.10213': attribute type 21 has an invalid length.
[ 1936.452878][T31285] Bluetooth: hci3: command tx timeout
[ 1936.959093][T12371] FAULT_INJECTION: forcing a failure.
[ 1936.959093][T12371] name failslab, interval 1, probability 0, space 0, times 0
[ 1936.966679][T12371] CPU: 0 UID: 0 PID: 12371 Comm: syz.6.10217 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1936.966710][T12371] Tainted: [L]=SOFTLOCKUP
[ 1936.966714][T12371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1936.966721][T12371] Call Trace:
[ 1936.966726][T12371]  <TASK>
[ 1936.966731][T12371]  dump_stack_lvl+0x100/0x190
[ 1936.966751][T12371]  should_fail_ex.cold+0x5/0xa
[ 1936.966764][T12371]  should_failslab+0xc2/0x120
[ 1936.966783][T12371]  __kmalloc_node_noprof+0xe6/0x850
[ 1936.966798][T12371]  ? load_msg+0x43/0x4a0
[ 1936.966818][T12371]  load_msg+0x43/0x4a0
[ 1936.966831][T12371]  do_msgsnd+0x1ad/0x1790
[ 1936.966844][T12371]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1936.966859][T12371]  ? __fget_files+0x215/0x3d0
[ 1936.966878][T12371]  ? __pfx_do_msgsnd+0x10/0x10
[ 1936.966892][T12371]  ? find_held_lock+0x2b/0x80
[ 1936.966909][T12371]  ? __might_fault+0xc5/0x140
[ 1936.966923][T12371]  ? __might_fault+0xc5/0x140
[ 1936.966940][T12371]  ? __ia32_compat_sys_msgsnd+0xe6/0x130
[ 1936.966958][T12371]  __ia32_compat_sys_msgsnd+0xe6/0x130
[ 1936.966981][T12371]  __do_fast_syscall_32+0xe3/0x8c0
[ 1936.967005][T12371]  do_fast_syscall_32+0x32/0x70
[ 1936.967027][T12371]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1936.967050][T12371] RIP: 0023:0xf701ef6c
[ 1936.967064][T12371] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1936.967077][T12371] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000190
[ 1936.967089][T12371] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000300
[ 1936.967096][T12371] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[ 1936.967102][T12371] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1936.967108][T12371] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1936.967114][T12371] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1936.967128][T12371]  </TASK>
[ 1936.967422][T12369] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1937.053168][T12375] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1938.158083][T12388] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[ 1938.160380][T12388] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1938.171418][T12388] vhci_hcd vhci_hcd.0: Device attached
[ 1938.441322][ T8169] usb 50-1: SetAddress Request (52) to port 0
[ 1938.445005][ T8169] usb 50-1: new SuperSpeed USB device number 52 using vhci_hcd
[ 1938.735952][T12389] vhci_hcd: connection reset by peer
[ 1938.737899][T23036] vhci_hcd vhci_hcd.6: stop threads
[ 1938.739618][T23036] vhci_hcd vhci_hcd.6: release socket
[ 1938.743261][T23036] vhci_hcd vhci_hcd.6: disconnect device
[ 1941.593020][T12416] netlink: 'syz.6.10229': attribute type 2 has an invalid length.
[ 1942.673492][T11413] usb 11-1: new high-speed USB device number 31 using dummy_hcd
[ 1942.822484][T11413] usb 11-1: device descriptor read/64, error -71
[ 1943.062412][T11413] usb 11-1: new high-speed USB device number 32 using dummy_hcd
[ 1943.191728][T11413] usb 11-1: device descriptor read/64, error -71
[ 1943.311207][T11413] usb usb11-port1: attempt power cycle
[ 1943.491691][ T8169] usb 50-1: device descriptor read/8, error -110
[ 1943.661272][T11413] usb 11-1: new high-speed USB device number 33 using dummy_hcd
[ 1943.701996][T11413] usb 11-1: device descriptor read/8, error -71
[ 1943.884569][ T8169] usb usb50-port1: attempt power cycle
[ 1943.951184][T11413] usb 11-1: new high-speed USB device number 34 using dummy_hcd
[ 1943.982696][T11413] usb 11-1: device descriptor read/8, error -71
[ 1944.091397][T11413] usb usb11-port1: unable to enumerate USB device
[ 1944.441843][ T8169] usb usb50-port1: unable to enumerate USB device
[ 1947.579373][T12492] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1947.878062][T12496] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10237'.
[ 1948.126922][T12503] binder: 12502:12503 unknown command 1078485781
[ 1948.129713][T12503] binder: 12502:12503 ioctl c0306201 800001c0 returned -22
[ 1950.412106][T23780] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1950.420690][T23780] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1950.425240][T23780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1950.429076][T23780] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1950.437837][T23780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1950.560702][T12508] wg1 speed is unknown, defaulting to 1000
[ 1950.583632][T12508] lo speed is unknown, defaulting to 1000
[ 1950.739325][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1950.777838][T12508] chnl_net:caif_netlink_parms(): no params data found
[ 1950.852478][T12508] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1950.855566][T12508] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1950.858646][T12508] bridge_slave_0: entered allmulticast mode
[ 1950.862717][T12508] bridge_slave_0: entered promiscuous mode
[ 1950.897837][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1950.915406][T12508] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1950.917725][T12508] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1950.920030][T12508] bridge_slave_1: entered allmulticast mode
[ 1950.933363][T12508] bridge_slave_1: entered promiscuous mode
[ 1950.958681][T12508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1950.963399][T12508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1950.978912][T12508] team0: Port device team_slave_0 added
[ 1950.982396][T12508] team0: Port device team_slave_1 added
[ 1950.995969][T12508] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1950.998208][T12508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1951.006722][T12508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1951.012694][T12508] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1951.015686][T12508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1951.027089][T12508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1951.047297][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1951.090438][T12508] hsr_slave_0: entered promiscuous mode
[ 1951.094150][T12508] hsr_slave_1: entered promiscuous mode
[ 1951.097228][T12508] debugfs: 'hsr0' already exists in 'hsr'
[ 1951.099745][T12508] Cannot create hsr debugfs directory
[ 1951.212891][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1951.464227][T31285] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1951.468729][T31285] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1951.473217][T31285] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1951.481515][T31285] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1951.485219][T31285] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1951.691485][   T12] bridge_slave_1: left allmulticast mode
[ 1951.693921][   T12] bridge_slave_1: left promiscuous mode
[ 1951.696470][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1951.707759][   T12] bridge_slave_0: left allmulticast mode
[ 1951.710271][   T12] bridge_slave_0: left promiscuous mode
[ 1951.722042][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1952.008982][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1952.015967][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1952.021069][   T12] bond0 (unregistering): Released all slaves
[ 1952.030289][T12522] wg1 speed is unknown, defaulting to 1000
[ 1952.037383][T12522] lo speed is unknown, defaulting to 1000
[ 1952.180843][T12522] chnl_net:caif_netlink_parms(): no params data found
[ 1952.390645][T12522] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1952.398229][T12522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1952.401109][T12522] bridge_slave_0: entered allmulticast mode
[ 1952.405267][T12522] bridge_slave_0: entered promiscuous mode
[ 1952.437918][T12522] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1952.440798][T12522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1952.446456][T12522] bridge_slave_1: entered allmulticast mode
[ 1952.450079][T12522] bridge_slave_1: entered promiscuous mode
[ 1952.459166][T31285] Bluetooth: hci1: command tx timeout
[ 1952.487828][T12522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1952.494196][T12522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1952.544360][T12522] team0: Port device team_slave_0 added
[ 1952.551873][T12522] team0: Port device team_slave_1 added
[ 1952.569233][   T12] hsr_slave_0: left promiscuous mode
[ 1952.572809][   T12] hsr_slave_1: left promiscuous mode
[ 1952.576536][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1952.579023][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1952.582580][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1952.585423][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1952.592659][   T12] veth1_macvtap: left promiscuous mode
[ 1952.594579][   T12] veth0_macvtap: left promiscuous mode
[ 1952.596795][   T12] veth1_vlan: left promiscuous mode
[ 1952.598564][   T12] veth0_vlan: left promiscuous mode
[ 1952.786392][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1952.797624][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1952.885880][T12522] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1952.888196][T12522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1952.896917][T12522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1952.905512][T12522] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1952.907978][T12522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1952.924008][T12522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1952.953816][T12522] hsr_slave_0: entered promiscuous mode
[ 1952.956198][T12522] hsr_slave_1: entered promiscuous mode
[ 1952.958428][T12522] debugfs: 'hsr0' already exists in 'hsr'
[ 1952.960345][T12522] Cannot create hsr debugfs directory
[ 1953.492356][T31285] Bluetooth: hci0: command tx timeout
[ 1953.598984][T23780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1953.605040][T23780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1953.608247][T23780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1953.617463][T23780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1953.620729][T23780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1953.823133][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1953.955533][T12576] wg1 speed is unknown, defaulting to 1000
[ 1953.958204][T12576] lo speed is unknown, defaulting to 1000
[ 1954.002672][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1954.144539][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1954.238030][T12508] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1954.247548][T12508] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1954.274054][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1954.282547][T12508] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1954.348846][T12508] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1954.517841][T12576] chnl_net:caif_netlink_parms(): no params data found
[ 1954.543118][T31285] Bluetooth: hci1: command tx timeout
[ 1954.650750][T12576] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1954.653642][T12576] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1954.655970][T12576] bridge_slave_0: entered allmulticast mode
[ 1954.658734][T12576] bridge_slave_0: entered promiscuous mode
[ 1954.662729][   T12] bridge_slave_1: left allmulticast mode
[ 1954.665159][   T12] bridge_slave_1: left promiscuous mode
[ 1954.667782][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1954.676391][   T12] bridge_slave_0: left allmulticast mode
[ 1954.678855][   T12] bridge_slave_0: left promiscuous mode
[ 1954.682294][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1954.967409][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1954.973359][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1954.978221][   T12] bond0 (unregistering): Released all slaves
[ 1954.987266][T12576] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1954.989900][T12576] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1954.992351][T12576] bridge_slave_1: entered allmulticast mode
[ 1954.996306][T12576] bridge_slave_1: entered promiscuous mode
[ 1955.020181][T12576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1955.026074][T12576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1955.048216][T12576] team0: Port device team_slave_0 added
[ 1955.053551][T12576] team0: Port device team_slave_1 added
[ 1955.083106][T12576] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1955.086071][T12576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1955.095375][T12576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1955.111323][T12576] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1955.114428][T12576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1955.126026][T12576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1955.204528][T12508] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1955.212749][T12576] hsr_slave_0: entered promiscuous mode
[ 1955.215546][T12576] hsr_slave_1: entered promiscuous mode
[ 1955.218216][T12576] debugfs: 'hsr0' already exists in 'hsr'
[ 1955.220514][T12576] Cannot create hsr debugfs directory
[ 1955.256365][T12508] 8021q: adding VLAN 0 to HW filter on device team0
[ 1955.275988][T11346] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1955.279012][T11346] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1955.297245][T11346] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1955.299763][T11346] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1955.476914][   T12] hsr_slave_0: left promiscuous mode
[ 1955.479519][   T12] hsr_slave_1: left promiscuous mode
[ 1955.482515][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1955.485432][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1955.488215][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1955.490566][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1955.500229][   T12] veth1_macvtap: left promiscuous mode
[ 1955.502964][   T12] veth0_macvtap: left promiscuous mode
[ 1955.505315][   T12] veth1_vlan: left promiscuous mode
[ 1955.507616][   T12] veth0_vlan: left promiscuous mode
[ 1955.574100][T31285] Bluetooth: hci0: command tx timeout
[ 1955.661497][T31285] Bluetooth: hci2: command tx timeout
[ 1955.700535][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1955.709039][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1955.788858][T12508] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1955.900132][T12508] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1956.066035][T12508] veth0_vlan: entered promiscuous mode
[ 1956.086427][T12508] veth1_vlan: entered promiscuous mode
[ 1956.104088][T12508] veth0_macvtap: entered promiscuous mode
[ 1956.109277][T12508] veth1_macvtap: entered promiscuous mode
[ 1956.118962][T12508] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1956.125944][T12508] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1956.132291][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.136229][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.139032][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.153885][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.198773][T23036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1956.202353][T23036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1956.218864][T23036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1956.224846][T23036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1956.385743][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1956.390882][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1956.415020][T12651] netlink: 'syz.7.10245': attribute type 2 has an invalid length.
[ 1956.418280][T12651] netlink: 'syz.7.10245': attribute type 1 has an invalid length.
[ 1956.502336][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1956.512497][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1956.611272][T31285] Bluetooth: hci1: command tx timeout
[ 1956.620422][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1956.624164][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1956.833934][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1956.837752][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[ 1956.961246][T12680] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[ 1956.964054][T12680] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1956.971606][T12680] vhci_hcd vhci_hcd.0: Device attached
[ 1957.107122][T12686] random: crng reseeded on system resumption
[ 1957.231346][T29503] usb 52-1: SetAddress Request (84) to port 0
[ 1957.233926][T29503] usb 52-1: new SuperSpeed USB device number 84 using vhci_hcd
[ 1957.260654][   T12] bridge_slave_1: left allmulticast mode
[ 1957.262640][   T12] bridge_slave_1: left promiscuous mode
[ 1957.264486][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1957.269689][   T12] bridge_slave_0: left allmulticast mode
[ 1957.290538][   T12] bridge_slave_0: left promiscuous mode
[ 1957.293105][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1957.461395][   T12] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1957.584321][T12681] vhci_hcd: connection reset by peer
[ 1957.586335][T11346] vhci_hcd vhci_hcd.7: stop threads
[ 1957.588508][T11346] vhci_hcd vhci_hcd.7: release socket
[ 1957.590414][T11346] vhci_hcd vhci_hcd.7: disconnect device
[ 1957.618174][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1957.625694][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1957.630657][   T12] bond0 (unregistering): Released all slaves
[ 1957.637440][   T12] bond1 (unregistering): Released all slaves
[ 1957.651292][T31285] Bluetooth: hci0: command tx timeout
[ 1957.731265][T31285] Bluetooth: hci2: command tx timeout
[ 1957.752789][   T12] hmaÓË224)
: left promiscuous mode
[ 1958.204523][T12711] FAULT_INJECTION: forcing a failure.
[ 1958.204523][T12711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1958.210506][T12711] CPU: 0 UID: 0 PID: 12711 Comm: syz.7.10250 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1958.210536][T12711] Tainted: [L]=SOFTLOCKUP
[ 1958.210543][T12711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1958.210553][T12711] Call Trace:
[ 1958.210558][T12711]  <TASK>
[ 1958.210565][T12711]  dump_stack_lvl+0x100/0x190
[ 1958.210590][T12711]  should_fail_ex.cold+0x5/0xa
[ 1958.210602][T12711]  ? page_copy_sane+0x17c/0x2d0
[ 1958.210620][T12711]  copy_folio_from_iter_atomic+0x427/0x1e70
[ 1958.210643][T12711]  ? inode_set_ctime_to_ts+0x131/0x410
[ 1958.210657][T12711]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[ 1958.210676][T12711]  ? shmem_write_begin+0x1ba/0x420
[ 1958.210694][T12711]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1958.210712][T12711]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[ 1958.210735][T12711]  generic_perform_write+0x4cb/0xa40
[ 1958.210756][T12711]  ? __pfx_generic_perform_write+0x10/0x10
[ 1958.210770][T12711]  ? __mark_inode_dirty+0x55c/0x1790
[ 1958.210787][T12711]  ? mnt_put_write_access_file+0x4e/0x100
[ 1958.210805][T12711]  ? file_update_time_flags+0x373/0x500
[ 1958.210827][T12711]  shmem_file_write_iter+0x10e/0x140
[ 1958.210840][T12711]  vfs_write+0x6ac/0x1070
[ 1958.210858][T12711]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1958.210871][T12711]  ? __pfx_vfs_write+0x10/0x10
[ 1958.210898][T12711]  ksys_write+0x12a/0x250
[ 1958.210915][T12711]  ? __pfx_ksys_write+0x10/0x10
[ 1958.210932][T12711]  ? __pfx_ksys_write+0x10/0x10
[ 1958.210953][T12711]  __do_fast_syscall_32+0xe3/0x8c0
[ 1958.210971][T12711]  do_fast_syscall_32+0x32/0x70
[ 1958.210985][T12711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1958.211001][T12711] RIP: 0023:0xf6fdef6c
[ 1958.211011][T12711] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1958.211022][T12711] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[ 1958.211034][T12711] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1958.211041][T12711] RDX: 000000000000ff2e RSI: 0000000000000000 RDI: 0000000000000000
[ 1958.211048][T12711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1958.211055][T12711] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1958.211061][T12711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1958.211076][T12711]  </TASK>
[ 1958.354883][   T12] hsr_slave_0: left promiscuous mode
[ 1958.359842][   T12] hsr_slave_1: left promiscuous mode
[ 1958.370145][   T12] veth1_macvtap: left promiscuous mode
[ 1958.373327][   T12] veth0_macvtap: left promiscuous mode
[ 1958.375864][   T12] veth1_vlan: left promiscuous mode
[ 1958.378198][   T12] veth0_vlan: left promiscuous mode
[ 1958.641719][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1958.661924][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1958.691281][T31285] Bluetooth: hci1: command tx timeout
[ 1958.775715][T12720] netlink: 12 bytes leftover after parsing attributes in process `syz.7.10252'.
[ 1958.838987][T12725] xfrm0: entered promiscuous mode
[ 1958.844104][T12725] xfrm0: entered allmulticast mode
[ 1959.154777][T12734] Bluetooth: MGMT ver 1.23
[ 1959.710237][T12522] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1959.717733][T12522] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1959.724092][T12522] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1959.741852][T31285] Bluetooth: hci0: command tx timeout
[ 1959.770985][T12522] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1959.808809][T12759] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[ 1959.810930][T12759] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1959.811325][T31285] Bluetooth: hci2: command tx timeout
[ 1959.819199][T12759] vhci_hcd vhci_hcd.0: Device attached
[ 1959.897524][T12576] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1959.909075][T12576] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1959.924253][T12771] random: crng reseeded on system resumption
[ 1959.926410][T12576] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1959.932795][T12576] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1960.127774][T12522] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1960.175243][T12522] 8021q: adding VLAN 0 to HW filter on device team0
[ 1960.187285][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1960.190359][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1960.201769][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1960.204869][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1960.214982][T12576] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1960.260872][T12576] 8021q: adding VLAN 0 to HW filter on device team0
[ 1960.271650][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1960.273794][T12762] vhci_hcd: connection closed
[ 1960.273939][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1960.274066][T11347] vhci_hcd vhci_hcd.7: stop threads
[ 1960.279756][T11347] vhci_hcd vhci_hcd.7: release socket
[ 1960.282023][T11347] vhci_hcd vhci_hcd.7: disconnect device
[ 1960.294624][T11347] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1960.297701][T11347] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1960.440493][T12522] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1960.477077][T12576] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1960.497256][T12522] veth0_vlan: entered promiscuous mode
[ 1960.503522][T12522] veth1_vlan: entered promiscuous mode
[ 1960.529400][T12522] veth0_macvtap: entered promiscuous mode
[ 1960.540521][T12522] veth1_macvtap: entered promiscuous mode
[ 1960.553039][T12522] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1960.567184][T12522] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1960.578138][T23036] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.583758][T23036] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.587532][T23036] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.612279][T23036] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.668824][T11347] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1960.672091][T11347] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1960.692005][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1960.694506][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1960.721749][T12576] veth0_vlan: entered promiscuous mode
[ 1960.728355][T12576] veth1_vlan: entered promiscuous mode
[ 1960.752961][T12576] veth0_macvtap: entered promiscuous mode
[ 1960.757408][T12576] veth1_macvtap: entered promiscuous mode
[ 1960.883987][T12576] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1960.896407][T12576] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1960.954089][   T13] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.958906][   T13] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.962730][   T13] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1960.970086][   T13] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1961.372059][T11352] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1961.374727][T11352] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1961.402138][T11347] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1961.404832][T11347] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1961.891462][T31285] Bluetooth: hci2: command tx timeout
[ 1962.058484][T12841] netlink: 24 bytes leftover after parsing attributes in process `syz.9.10244'.
[ 1962.160521][T12853] netlink: 304 bytes leftover after parsing attributes in process `syz.7.10261'.
[ 1962.291854][T29503] usb 52-1: device descriptor read/8, error -110
[ 1962.613189][T12864] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1962.692665][T29503] usb usb52-port1: attempt power cycle
[ 1963.252240][T29503] usb usb52-port1: unable to enumerate USB device
[ 1963.607328][T12864] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10264'.
[ 1964.786367][T23780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1964.790656][T23780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1964.799596][T23780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1964.834599][T23780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1964.840306][T23780] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1964.911008][T12936] wg1 speed is unknown, defaulting to 1000
[ 1964.933358][T12936] lo speed is unknown, defaulting to 1000
[ 1964.979052][T12942] netlink: 'syz.7.10269': attribute type 1 has an invalid length.
[ 1965.150782][T12950] FAULT_INJECTION: forcing a failure.
[ 1965.150782][T12950] name failslab, interval 1, probability 0, space 0, times 0
[ 1965.155657][T12950] CPU: 1 UID: 0 PID: 12950 Comm: syz.7.10270 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1965.155688][T12950] Tainted: [L]=SOFTLOCKUP
[ 1965.155694][T12950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1965.155704][T12950] Call Trace:
[ 1965.155711][T12950]  <TASK>
[ 1965.155718][T12950]  dump_stack_lvl+0x100/0x190
[ 1965.155750][T12950]  should_fail_ex.cold+0x5/0xa
[ 1965.155768][T12950]  should_failslab+0xc2/0x120
[ 1965.155797][T12950]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1965.155819][T12950]  ? virtio_fs_init_fs_context+0x96/0x150
[ 1965.155851][T12950]  virtio_fs_init_fs_context+0x96/0x150
[ 1965.155877][T12950]  alloc_fs_context+0x60c/0xf40
[ 1965.155900][T12950]  __ia32_sys_fsopen+0xef/0x230
[ 1965.155922][T12950]  __do_fast_syscall_32+0xe3/0x8c0
[ 1965.155948][T12950]  do_fast_syscall_32+0x32/0x70
[ 1965.155969][T12950]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1965.155991][T12950] RIP: 0023:0xf6fdef6c
[ 1965.156005][T12950] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1965.156022][T12950] RSP: 002b:00000000f53cd50c EFLAGS: 00000292 ORIG_RAX: 00000000000001ae
[ 1965.156039][T12950] RAX: ffffffffffffffda RBX: 00000000800000c0 RCX: 0000000000000000
[ 1965.156051][T12950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1965.156061][T12950] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1965.156071][T12950] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1965.156081][T12950] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1965.156103][T12950]  </TASK>
[ 1965.309134][T11352] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.373181][T12960] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10274'.
[ 1965.492029][T12936] chnl_net:caif_netlink_parms(): no params data found
[ 1965.603010][T12971] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.633810][T12981] ptrace attach of "/syz-executor exec"[12576] was attempted by "/syz-executor exec"[12981]
[ 1965.652525][T12936] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1965.654984][T12936] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1965.657547][T12936] bridge_slave_0: entered allmulticast mode
[ 1965.667390][T12936] bridge_slave_0: entered promiscuous mode
[ 1965.679096][T12936] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1965.687980][T12936] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1965.698589][T12936] bridge_slave_1: entered allmulticast mode
[ 1965.708248][T12936] bridge_slave_1: entered promiscuous mode
[ 1965.764261][T11352] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.840607][T12971] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.869687][T12936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1965.915541][T11352] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.930999][T12936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1965.990191][T12971] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1965.997303][T12936] team0: Port device team_slave_0 added
[ 1966.009232][T12936] team0: Port device team_slave_1 added
[ 1966.045421][T11352] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1966.065246][T12936] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1966.067666][T12936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1966.076042][T12936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1966.083244][T12936] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1966.085994][T12936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1966.095187][T12936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1966.128522][T12971] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1966.165053][T12936] hsr_slave_0: entered promiscuous mode
[ 1966.171078][T12936] hsr_slave_1: entered promiscuous mode
[ 1966.176744][T12936] debugfs: 'hsr0' already exists in 'hsr'
[ 1966.180826][T12936] Cannot create hsr debugfs directory
[ 1966.180875][T12999] fuse: Unknown parameter 'nd'
[ 1966.283219][T11347] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1966.299098][T11346] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1966.367306][T11346] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1966.401610][T11346] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1966.503466][T11352] bridge_slave_1: left allmulticast mode
[ 1966.506540][T11352] bridge_slave_1: left promiscuous mode
[ 1966.508526][T11352] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1966.514121][T11352] bridge_slave_0: left allmulticast mode
[ 1966.516673][T11352] bridge_slave_0: left promiscuous mode
[ 1966.519268][T11352] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1966.931531][T23780] Bluetooth: hci3: command tx timeout
[ 1966.939540][T11352] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1966.947041][T11352] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1966.952688][T11352] bond0 (unregistering): Released all slaves
[ 1967.005648][T12999] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1967.013487][T12999] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1967.026130][T12999] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1967.028755][T12999] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1967.072975][T12999] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1967.075534][T12999] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1967.114235][T12999] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1967.119170][T12999] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1967.411332][T11352] hsr_slave_0: left promiscuous mode
[ 1967.431773][T11352] hsr_slave_1: left promiscuous mode
[ 1967.437822][T11352] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1967.440867][T11352] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1967.454336][T11352] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1967.461924][T11352] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1967.467321][T11352] veth1_macvtap: left promiscuous mode
[ 1967.469105][T11352] veth0_macvtap: left promiscuous mode
[ 1967.470947][T11352] veth1_vlan: left promiscuous mode
[ 1967.477443][T11352] veth0_vlan: left promiscuous mode
[ 1967.627718][T11352] team0 (unregistering): Port device team_slave_1 removed
[ 1967.634969][T11352] team0 (unregistering): Port device team_slave_0 removed
[ 1967.926763][T13044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1968.147059][T13063] netlink: 'syz.9.10287': attribute type 1 has an invalid length.
[ 1968.153405][T13063] netlink: 224 bytes leftover after parsing attributes in process `syz.9.10287'.
[ 1968.575758][T13063] wg1 speed is unknown, defaulting to 1000
[ 1968.579015][T13063] lo speed is unknown, defaulting to 1000
[ 1968.826602][T12936] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1968.834570][T12936] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1968.840659][T12936] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1968.845035][T12936] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1968.897108][T12936] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1968.909208][T12936] 8021q: adding VLAN 0 to HW filter on device team0
[ 1968.916808][T11348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1968.919178][T11348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1968.932315][T11348] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1968.934600][T11348] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1969.098139][T13097] team0: entered allmulticast mode
[ 1969.099790][T13097] team_slave_0: entered allmulticast mode
[ 1969.101920][T13097] team_slave_1: entered allmulticast mode
[ 1969.124904][T12936] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1969.285477][T12936] veth0_vlan: entered promiscuous mode
[ 1969.290901][T12936] veth1_vlan: entered promiscuous mode
[ 1969.309572][T12936] veth0_macvtap: entered promiscuous mode
[ 1969.314263][T12936] veth1_macvtap: entered promiscuous mode
[ 1969.325413][T12936] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1969.336066][T12936] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1969.347916][T23036] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1969.350984][T23036] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1969.355806][T23036] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1969.358638][T23036] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1969.466677][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1969.470065][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1969.494421][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1969.496904][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1969.821287][ T6084] usb 9-1: new full-speed USB device number 21 using dummy_hcd
[ 1969.840707][T13151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10301'.
[ 1969.845978][T13151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10301'.
[ 1969.986255][ T6084] usb 9-1: config 0 has an invalid interface number: 251 but max is 0
[ 1969.992317][ T6084] usb 9-1: config 0 has no interface number 0
[ 1970.002593][ T6084] usb 9-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1970.005490][ T6084] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1970.008000][ T6084] usb 9-1: Product: syz
[ 1970.009367][ T6084] usb 9-1: Manufacturer: syz
[ 1970.010867][ T6084] usb 9-1: SerialNumber: syz
[ 1970.023117][ T6084] usb 9-1: config 0 descriptor??
[ 1970.038494][T13159] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10302'.
[ 1970.203013][T13169] netlink: 'syz.9.10303': attribute type 1 has an invalid length.
[ 1970.206338][T13169] netlink: 224 bytes leftover after parsing attributes in process `syz.9.10303'.
[ 1970.651299][T13182] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(5)
[ 1970.654531][T13182] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1970.662923][T13182] vhci_hcd vhci_hcd.0: Device attached
[ 1970.673207][ T6084] asix 9-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1970.676735][ T6084] asix 9-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[ 1970.680357][ T6084] asix 9-1:0.251: probe with driver asix failed with error -5
[ 1970.701047][ T6084] usb 9-1: USB disconnect, device number 21
[ 1970.818293][T13190] random: crng reseeded on system resumption
[ 1970.951403][ T9157] usb 56-1: SetAddress Request (79) to port 0
[ 1970.953529][ T9157] usb 56-1: new SuperSpeed USB device number 79 using vhci_hcd
[ 1971.050556][T13203] geneve2: entered allmulticast mode
[ 1971.114384][T13183] vhci_hcd: connection reset by peer
[ 1971.116320][T11352] vhci_hcd vhci_hcd.9: stop threads
[ 1971.118018][T11352] vhci_hcd vhci_hcd.9: release socket
[ 1971.121275][T11352] vhci_hcd vhci_hcd.9: disconnect device
[ 1971.191401][T13212] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1971.191548][T13211] IPVS: stopping master sync thread 13212 ...
[ 1972.743011][T13245] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10313'.
[ 1972.765556][T13245] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1972.787632][T13245] macvlan2: entered allmulticast mode
[ 1972.792721][T13245] veth0_to_bond: entered promiscuous mode
[ 1972.794716][T13245] veth0_to_bond: entered allmulticast mode
[ 1972.802532][T13245] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[ 1973.658649][T13268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10320'.
[ 1973.721861][T13272] overlayfs: failed to resolve './file1': -2
[ 1973.725482][ T8169] IPVS: starting estimator thread 0...
[ 1973.811420][T13275] IPVS: using max 40 ests per chain, 96000 per kthread
[ 1974.055679][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(6)
[ 1974.057993][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.060457][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.068813][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(1) sockfd(8)
[ 1974.071636][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.074996][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.080094][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(2) sockfd(10)
[ 1974.082553][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.086506][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.101366][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(3) sockfd(12)
[ 1974.104195][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.107466][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.112208][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(4) sockfd(19)
[ 1974.114614][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.131240][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.141907][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(5) sockfd(22)
[ 1974.144989][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.148537][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.163127][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(6) sockfd(85)
[ 1974.166005][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.192997][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.196404][T13299] vhci_hcd vhci_hcd.0: pdev(9) rhport(7) sockfd(87)
[ 1974.199216][T13299] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1974.206557][T13299] vhci_hcd vhci_hcd.0: Device attached
[ 1974.210687][T13299] vhci_hcd vhci_hcd.0: port 0 already used
[ 1974.227958][T13308] vhci_hcd: connection closed
[ 1974.228087][T13301] vhci_hcd: connection closed
[ 1974.228207][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.231171][T13303] vhci_hcd: connection closed
[ 1974.233877][T13311] vhci_hcd: connection closed
[ 1974.236041][T13305] vhci_hcd: connection closed
[ 1974.241277][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.244513][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.246563][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.248391][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.250416][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.253544][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.255472][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.257867][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.259795][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.262337][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.265249][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.283735][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.287925][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.292401][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.621447][T13325] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1974.623501][T13325] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1974.631641][T13325] vhci_hcd vhci_hcd.0: Device attached
[ 1974.708409][T13329] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10332'.
[ 1974.790549][T13330] random: crng reseeded on system resumption
[ 1974.893238][T13313] vhci_hcd: connection closed
[ 1974.893469][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.896311][T13315] vhci_hcd: connection closed
[ 1974.896660][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.901972][T13317] vhci_hcd: connection closed
[ 1974.911219][T31360] usb 46-1: SetAddress Request (31) to port 0
[ 1974.914680][T31360] usb 46-1: new SuperSpeed USB device number 31 using vhci_hcd
[ 1974.922307][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.924619][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.926469][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.931469][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1974.941661][T11347] vhci_hcd vhci_hcd.9: stop threads
[ 1974.953358][T11347] vhci_hcd vhci_hcd.9: release socket
[ 1974.961632][T11347] vhci_hcd vhci_hcd.9: disconnect device
[ 1975.190448][T13347] fuse: Bad value for 'fd'
[ 1975.205984][T13326] vhci_hcd: connection reset by peer
[ 1975.211507][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1975.214093][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1975.218925][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1975.546424][T13370] nvme_fabrics: unknown parameter or missing value 'full 00000000000000000009 00000000000000000008' in ctrl creation request
[ 1976.051646][ T9157] usb 56-1: device descriptor read/8, error -110
[ 1976.344441][T13406] overlayfs: conflicting lowerdir path
[ 1976.451778][ T9157] usb usb56-port1: attempt power cycle
[ 1976.521435][T32054] vhci_hcd vhci_hcd.9: vhci_device speed not set
[ 1976.953366][T13442] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10353'.
[ 1977.627391][T13462] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1977.833090][ T9157] usb usb56-port1: unable to enumerate USB device
[ 1977.874446][T13473] fuse: Bad value for 'fd'
[ 1978.076088][T13487] kvm: emulating exchange as write
[ 1978.500650][T13493] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1978.503039][T13493] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1978.505867][T13493] vhci_hcd vhci_hcd.0: Device attached
[ 1978.545124][T13501] vhci_hcd: connection closed
[ 1978.545440][T23036] vhci_hcd vhci_hcd.4: stop threads
[ 1978.552079][T23036] vhci_hcd vhci_hcd.4: release socket
[ 1978.559833][T23036] vhci_hcd vhci_hcd.4: disconnect device
[ 1978.606059][T13506] input: syz1 as /devices/virtual/input/input77
[ 1979.076583][   T40] audit: type=1326 audit(1771549291.488:17704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13516 comm="syz.0.10369" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703ef6c code=0x0
[ 1979.170879][T13522] wg1 speed is unknown, defaulting to 1000
[ 1979.180318][T13522] lo speed is unknown, defaulting to 1000
[ 1979.589190][T13543] Cannot find add_set index 2 as target
[ 1980.011254][T31360] usb 46-1: device descriptor read/8, error -110
[ 1980.388467][T13572] fuse: Bad value for 'fd'
[ 1980.399701][T13572] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10384'.
[ 1980.421738][T31360] usb usb46-port1: attempt power cycle
[ 1980.573534][T13580] fuse: Unknown parameter '}0x0000000000000009'
[ 1980.806678][   T40] audit: type=1326 audit(1771549293.218:17705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13581 comm="syz.0.10386" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703ef6c code=0x0
[ 1980.981744][T31360] usb usb46-port1: unable to enumerate USB device
[ 1982.515140][   T40] audit: type=1326 audit(1771549294.928:17706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.524693][   T40] audit: type=1326 audit(1771549294.938:17707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.547597][   T40] audit: type=1326 audit(1771549294.938:17708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.557074][   T40] audit: type=1326 audit(1771549294.938:17709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.565567][   T40] audit: type=1326 audit(1771549294.938:17710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.574974][   T40] audit: type=1326 audit(1771549294.938:17711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.585196][   T40] audit: type=1326 audit(1771549294.938:17712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.593939][   T40] audit: type=1326 audit(1771549294.938:17713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13605 comm="syz.0.10393" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1982.914026][T13616] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1982.916142][T13616] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1982.920185][T13616] vhci_hcd vhci_hcd.0: Device attached
[ 1983.030107][T13619] random: crng reseeded on system resumption
[ 1983.183741][ T9135] usb 46-1: SetAddress Request (35) to port 0
[ 1983.186190][ T9135] usb 46-1: new SuperSpeed USB device number 35 using vhci_hcd
[ 1983.510386][T13638] bond1: entered promiscuous mode
[ 1983.515796][T13617] vhci_hcd: connection reset by peer
[ 1983.518290][   T12] vhci_hcd vhci_hcd.4: stop threads
[ 1983.520503][   T12] vhci_hcd vhci_hcd.4: release socket
[ 1983.523156][   T12] vhci_hcd vhci_hcd.4: disconnect device
[ 1983.762041][T31285] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1983.768513][T31285] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1983.773895][T31285] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1983.780949][T31285] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1983.786197][T31285] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1983.839510][T13655] wg1 speed is unknown, defaulting to 1000
[ 1983.864277][T13655] lo speed is unknown, defaulting to 1000
[ 1983.999858][T13655] chnl_net:caif_netlink_parms(): no params data found
[ 1984.134393][T13655] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1984.141531][T13655] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1984.144751][T13655] bridge_slave_0: entered allmulticast mode
[ 1984.148180][T13655] bridge_slave_0: entered promiscuous mode
[ 1984.153386][T13655] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1984.156661][T13655] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1984.160266][T13655] bridge_slave_1: entered allmulticast mode
[ 1984.164940][T13655] bridge_slave_1: entered promiscuous mode
[ 1984.190976][T13655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1984.197947][T13655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1984.258339][T13655] team0: Port device team_slave_0 added
[ 1984.277208][T13655] team0: Port device team_slave_1 added
[ 1984.350106][   T13] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.372617][T13655] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1984.374877][T13655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1984.386249][T13655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1984.412374][T13655] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1984.414813][T13655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1984.431373][T13655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1984.446905][   T13] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.486034][T13655] hsr_slave_0: entered promiscuous mode
[ 1984.488523][T13655] hsr_slave_1: entered promiscuous mode
[ 1984.490900][T13655] debugfs: 'hsr0' already exists in 'hsr'
[ 1984.493241][T13655] Cannot create hsr debugfs directory
[ 1984.521337][   T13] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.578681][   T13] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.588509][T13707] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(9)
[ 1984.590686][T13707] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1984.593573][T13707] vhci_hcd vhci_hcd.0: Device attached
[ 1984.599832][T13707] random: crng reseeded on system resumption
[ 1984.652877][T13655] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.744540][T13655] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.838221][T13655] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1984.853241][   T13] bridge_slave_1: left allmulticast mode
[ 1984.855036][   T13] bridge_slave_1: left promiscuous mode
[ 1984.856943][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1984.862808][ T4096] usb 56-1: SetAddress Request (83) to port 0
[ 1984.865563][   T13] bridge_slave_0: left allmulticast mode
[ 1984.867560][   T13] bridge_slave_0: left promiscuous mode
[ 1984.867854][ T4096] usb 56-1: new SuperSpeed USB device number 83 using vhci_hcd
[ 1984.869563][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1985.006247][T13708] vhci_hcd: connection reset by peer
[ 1985.008518][T11348] vhci_hcd vhci_hcd.9: stop threads
[ 1985.010623][T11348] vhci_hcd vhci_hcd.9: release socket
[ 1985.012928][T11348] vhci_hcd vhci_hcd.9: disconnect device
[ 1985.017447][T13718] netlink: 'syz.0.10419': attribute type 5 has an invalid length.
[ 1985.053287][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1985.062848][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1985.073543][   T13] bond0 (unregistering): Released all slaves
[ 1985.110126][T13655] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1985.126705][T13718] ip6erspan0: entered promiscuous mode
[ 1985.192399][T13726] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10420'.
[ 1985.298592][T13655] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1985.305157][T13655] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1985.309279][T13655] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1985.314657][T13655] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1985.423785][T13655] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1985.432194][T13742] fuse: Bad value for 'user_id'
[ 1985.433831][T13742] fuse: Bad value for 'user_id'
[ 1985.436356][T13655] 8021q: adding VLAN 0 to HW filter on device team0
[ 1985.447488][T11348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1985.450627][T11348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1985.473653][T11347] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1985.476705][T11347] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1985.568871][   T13] hsr_slave_0: left promiscuous mode
[ 1985.571782][   T13] hsr_slave_1: left promiscuous mode
[ 1985.573881][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1985.576709][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1985.582607][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1985.584940][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1985.593675][   T13] veth1_macvtap: left promiscuous mode
[ 1985.596040][   T13] veth0_macvtap: left promiscuous mode
[ 1985.598380][   T13] veth1_vlan: left promiscuous mode
[ 1985.600586][   T13] veth0_vlan: left promiscuous mode
[ 1985.756201][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1985.780646][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1985.815051][T31285] Bluetooth: hci4: command tx timeout
[ 1986.070356][T13655] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1986.279360][T13744] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1986.281500][T13744] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1986.284136][T13744] vhci_hcd vhci_hcd.0: Device attached
[ 1986.363416][T13757] random: crng reseeded on system resumption
[ 1986.423972][T13655] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1986.431504][T13763] nfs: Unknown parameter '/dev/kvm'
[ 1986.464972][T13763] netlink: 25 bytes leftover after parsing attributes in process `syz.9.10423'.
[ 1986.497446][T13752] vhci_hcd: connection closed
[ 1986.497645][T11352] vhci_hcd vhci_hcd.4: stop threads
[ 1986.503023][T11352] vhci_hcd vhci_hcd.4: release socket
[ 1986.505015][T11352] vhci_hcd vhci_hcd.4: disconnect device
[ 1986.768824][T13655] veth0_vlan: entered promiscuous mode
[ 1986.793952][T13655] veth1_vlan: entered promiscuous mode
[ 1986.831506][T13655] veth0_macvtap: entered promiscuous mode
[ 1986.836584][T13655] veth1_macvtap: entered promiscuous mode
[ 1986.850802][T13655] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1986.859298][T13655] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1986.868336][T23036] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1986.880724][T23036] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1986.907601][T23036] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1986.914334][T23036] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1986.995424][T23036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1986.999419][T23036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1987.047871][T23036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1987.050363][T23036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1987.419712][T13794] netlink: 'syz.8.10404': attribute type 4 has an invalid length.
[ 1987.429091][T13794] netlink: 'syz.8.10404': attribute type 4 has an invalid length.
[ 1987.901334][T31285] Bluetooth: hci4: command tx timeout
[ 1987.963859][T13820] No control pipe specified
[ 1988.211306][ T9135] usb 46-1: device descriptor read/8, error -110
[ 1988.241954][T13828] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10438'.
[ 1988.247337][T13828] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10438'.
[ 1988.323180][T13833] netlink: 'syz.8.10440': attribute type 1 has an invalid length.
[ 1988.488455][T13836] syzkaller0: entered promiscuous mode
[ 1988.490899][T13836] syzkaller0: entered allmulticast mode
[ 1988.520405][T13836] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10441'.
[ 1988.601804][ T9135] usb usb46-port1: attempt power cycle
[ 1989.192113][ T9135] usb usb46-port1: unable to enumerate USB device
[ 1989.971344][T31285] Bluetooth: hci4: command tx timeout
[ 1989.973565][ T4096] usb 56-1: device descriptor read/8, error -110
[ 1990.146583][T13864] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10448'.
[ 1990.162334][T13867] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10449'.
[ 1990.165493][T13867] FAULT_INJECTION: forcing a failure.
[ 1990.165493][T13867] name failslab, interval 1, probability 0, space 0, times 0
[ 1990.171513][T13867] CPU: 1 UID: 0 PID: 13867 Comm: syz.4.10449 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1990.171532][T13867] Tainted: [L]=SOFTLOCKUP
[ 1990.171537][T13867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1990.171544][T13867] Call Trace:
[ 1990.171548][T13867]  <TASK>
[ 1990.171553][T13867]  dump_stack_lvl+0x100/0x190
[ 1990.171574][T13867]  should_fail_ex.cold+0x5/0xa
[ 1990.171588][T13867]  should_failslab+0xc2/0x120
[ 1990.171606][T13867]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1990.171622][T13867]  ? security_inode_alloc+0x3b/0x2c0
[ 1990.171638][T13867]  ? lockdep_init_map_type+0x5c/0x250
[ 1990.171655][T13867]  security_inode_alloc+0x3b/0x2c0
[ 1990.171672][T13867]  inode_init_always_gfp+0xced/0x1040
[ 1990.171692][T13867]  alloc_inode+0x8e/0x250
[ 1990.171705][T13867]  new_inode+0x22/0x1c0
[ 1990.171720][T13867]  __debugfs_create_file+0x105/0x4f0
[ 1990.171739][T13867]  debugfs_create_file_full+0x41/0x60
[ 1990.171757][T13867]  ref_tracker_dir_debugfs+0x19e/0x2e0
[ 1990.171768][T13867]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[ 1990.171790][T13867]  ? __kvmalloc_node_noprof+0x37b/0xa00
[ 1990.171806][T13867]  ? alloc_netdev_mqs+0xd7/0x14f0
[ 1990.171819][T13867]  ? lockdep_init_map_type+0x5c/0x250
[ 1990.171835][T13867]  ? __pfx_team_setup+0x10/0x10
[ 1990.171849][T13867]  alloc_netdev_mqs+0x314/0x14f0
[ 1990.171864][T13867]  rtnl_create_link+0xc13/0xf80
[ 1990.171879][T13867]  rtnl_newlink+0x13b8/0x2380
[ 1990.171897][T13867]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1990.171909][T13867]  ? rcu_is_watching+0x12/0xc0
[ 1990.171925][T13867]  ? kasan_quarantine_put+0x104/0x240
[ 1990.171943][T13867]  ? kfree_skbmem+0x19a/0x210
[ 1990.171958][T13867]  ? kmem_cache_free+0x124/0x6a0
[ 1990.171977][T13867]  ? find_held_lock+0x2b/0x80
[ 1990.171999][T13867]  ? find_held_lock+0x2b/0x80
[ 1990.172016][T13867]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1990.172028][T13867]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1990.172041][T13867]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1990.172054][T13867]  rtnetlink_rcv_msg+0x95e/0xe90
[ 1990.172067][T13867]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1990.172084][T13867]  ? ref_tracker_free+0x37e/0x6c0
[ 1990.172096][T13867]  netlink_rcv_skb+0x159/0x420
[ 1990.172110][T13867]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1990.172123][T13867]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1990.172142][T13867]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1990.172157][T13867]  netlink_unicast+0x5aa/0x870
[ 1990.172173][T13867]  ? __pfx_netlink_unicast+0x10/0x10
[ 1990.172191][T13867]  netlink_sendmsg+0x8b0/0xda0
[ 1990.172207][T13867]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1990.172228][T13867]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1990.172244][T13867]  ____sys_sendmsg+0xa54/0xc30
[ 1990.172261][T13867]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1990.172283][T13867]  ___sys_sendmsg+0x190/0x1e0
[ 1990.172300][T13867]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1990.172332][T13867]  __sys_sendmsg+0x170/0x220
[ 1990.172345][T13867]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1990.172362][T13867]  ? __pfx_ksys_write+0x10/0x10
[ 1990.172382][T13867]  __do_fast_syscall_32+0xe3/0x8c0
[ 1990.172398][T13867]  do_fast_syscall_32+0x32/0x70
[ 1990.172412][T13867]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1990.172427][T13867] RIP: 0023:0xf709ef6c
[ 1990.172437][T13867] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1990.172449][T13867] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1990.172460][T13867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1990.172468][T13867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1990.172476][T13867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1990.172482][T13867] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1990.172489][T13867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1990.172503][T13867]  </TASK>
[ 1990.172519][T13867] debugfs: out of free dentries, can not create file 'netdev@ffff888062ea8620'
[ 1990.382849][ T4096] usb usb56-port1: attempt power cycle
[ 1990.647058][T13893] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.10457'.
[ 1990.662285][T13894] fuse: Bad value for 'group_id'
[ 1990.664460][T13894] fuse: Bad value for 'group_id'
[ 1990.721562][T13882] netlink: 'syz.9.10454': attribute type 10 has an invalid length.
[ 1990.726521][T13882] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1990.730969][T13882] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1990.803905][T13899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10458'.
[ 1990.806871][T13899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10458'.
[ 1990.929232][T13907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10460'.
[ 1990.933457][T13907] netlink: 'syz.4.10460': attribute type 12 has an invalid length.
[ 1990.951897][ T4096] usb usb56-port1: unable to enumerate USB device
[ 1991.081041][T13909] bond1 (unregistering): Released all slaves
[ 1992.051448][T31285] Bluetooth: hci4: command tx timeout
[ 1992.716866][T13933] futex_wake_op: syz.0.10468 tries to shift op by 32; fix this program
[ 1994.330494][T13963] wg1 speed is unknown, defaulting to 1000
[ 1994.359383][T13963] lo speed is unknown, defaulting to 1000
[ 1994.804443][T13966] bond1 (unregistering): Released all slaves
[ 1994.856468][T13970] netlink: 'syz.8.10477': attribute type 12 has an invalid length.
[ 1994.863661][T13970] netlink: 'syz.8.10477': attribute type 29 has an invalid length.
[ 1994.871847][T13970] __nla_validate_parse: 3 callbacks suppressed
[ 1994.871865][T13970] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10477'.
[ 1994.881347][T13970] netlink: 'syz.8.10477': attribute type 2 has an invalid length.
[ 1994.891655][T13970] netlink: 23 bytes leftover after parsing attributes in process `syz.8.10477'.
[ 1995.067950][T13986] FAULT_INJECTION: forcing a failure.
[ 1995.067950][T13986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1995.074507][T13986] CPU: 2 UID: 0 PID: 13986 Comm: syz.4.10483 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1995.074527][T13986] Tainted: [L]=SOFTLOCKUP
[ 1995.074532][T13986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1995.074539][T13986] Call Trace:
[ 1995.074543][T13986]  <TASK>
[ 1995.074548][T13986]  dump_stack_lvl+0x100/0x190
[ 1995.074568][T13986]  should_fail_ex.cold+0x5/0xa
[ 1995.074582][T13986]  _copy_from_user+0x2e/0xd0
[ 1995.074600][T13986]  input_event_from_user+0x137/0x290
[ 1995.074616][T13986]  ? __pfx_input_event_from_user+0x10/0x10
[ 1995.074634][T13986]  evdev_write+0x27a/0x430
[ 1995.074650][T13986]  ? __pfx_evdev_write+0x10/0x10
[ 1995.074664][T13986]  ? bpf_lsm_file_permission+0x9/0x10
[ 1995.074681][T13986]  ? security_file_permission+0x76/0x210
[ 1995.074700][T13986]  ? rw_verify_area+0xce/0x6d0
[ 1995.074717][T13986]  vfs_write+0x2aa/0x1070
[ 1995.074734][T13986]  ? __pfx_evdev_write+0x10/0x10
[ 1995.074749][T13986]  ? __pfx_vfs_write+0x10/0x10
[ 1995.074764][T13986]  ? find_held_lock+0x2b/0x80
[ 1995.074782][T13986]  ? __fget_files+0x215/0x3d0
[ 1995.074798][T13986]  ? __fget_files+0x215/0x3d0
[ 1995.074817][T13986]  ? __fget_files+0x21f/0x3d0
[ 1995.074837][T13986]  ksys_write+0x1f8/0x250
[ 1995.074853][T13986]  ? __pfx_ksys_write+0x10/0x10
[ 1995.074870][T13986]  ? __pfx_ksys_write+0x10/0x10
[ 1995.074889][T13986]  __do_fast_syscall_32+0xe3/0x8c0
[ 1995.074905][T13986]  do_fast_syscall_32+0x32/0x70
[ 1995.074919][T13986]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1995.074934][T13986] RIP: 0023:0xf709ef6c
[ 1995.074943][T13986] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[ 1995.074954][T13986] RSP: 002b:00000000f548d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[ 1995.074965][T13986] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[ 1995.074972][T13986] RDX: 0000000000000037 RSI: 0000000000000000 RDI: 0000000000000000
[ 1995.074978][T13986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1995.074984][T13986] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1995.074991][T13986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1995.075004][T13986]  </TASK>
[ 1995.300987][T13991] netlink: 220 bytes leftover after parsing attributes in process `syz.8.10479'.
[ 1995.310562][T13991] netlink: 220 bytes leftover after parsing attributes in process `syz.8.10479'.
[ 1995.314876][T13991] netlink: 32 bytes leftover after parsing attributes in process `syz.8.10479'.
[ 1995.498468][T13998] syz.4.10486 (13998): drop_caches: 2
[ 1996.444199][T14021] Cannot find set identified by id 0 to match
[ 1996.594179][T14017] 9p: Invalid gid '0x00000000ffffffff'
[ 1998.161467][ T9135] usb 13-1: new full-speed USB device number 21 using dummy_hcd
[ 1998.312635][ T9135] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1998.315995][ T9135] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1998.320129][ T9135] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1998.323196][ T9135] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1998.840728][T14055] mac80211_hwsim hwsim96 wlan1: entered allmulticast mode
[ 1999.354783][   T40] kauditd_printk_skb: 33 callbacks suppressed
[ 1999.354799][   T40] audit: type=1326 audit(1771549311.768:17747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.369901][   T40] audit: type=1326 audit(1771549311.778:17748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.432974][ T9135] usb 13-1: GET_CAPABILITIES returned 9
[ 1999.434850][ T9135] usbtmc 13-1:16.0: can't read capabilities
[ 1999.439391][ T9135] usb 13-1: USB disconnect, device number 21
[ 1999.471643][T14104] pim6reg: entered allmulticast mode
[ 1999.486478][T14104] pim6reg: left allmulticast mode
[ 1999.493678][   T40] audit: type=1326 audit(1771549311.798:17749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.507332][   T40] audit: type=1326 audit(1771549311.908:17750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.531976][   T40] audit: type=1326 audit(1771549311.918:17751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.539252][   T40] audit: type=1326 audit(1771549311.948:17752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.546827][   T40] audit: type=1326 audit(1771549311.958:17753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 1999.573405][   T40] audit: type=1326 audit(1771549311.978:17754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14100 comm="syz.0.10510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703ef6c code=0x7ffc0000
[ 2000.100871][T14128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10520'.
[ 2000.111250][T14128] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10520'.
[ 2000.301325][ T9135] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 2000.464974][ T9135] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2000.469601][ T9135] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 2000.473919][ T9135] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2000.476792][ T9135] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2000.483569][T14126] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2000.489394][ T9135] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 2000.906416][T14137] netlink: 'syz.9.10521': attribute type 1 has an invalid length.
[ 2001.003821][T14137] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2001.196647][T14145] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10525'.
[ 2001.782340][T14164] bond1 (unregistering): Released all slaves
[ 2001.799518][ T9135] usb 9-1: USB disconnect, device number 22
[ 2002.170164][T14179] bond3 (unregistering): Released all slaves
[ 2003.089551][T14217] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10549'.
[ 2003.092919][T14217] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10549'.
[ 2003.226685][T14226] overlayfs: failed to resolve './file1': -2
[ 2003.234762][T14226] overlayfs: failed to clone upperpath
[ 2003.327464][T14241] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10556'.
[ 2003.334526][T14241] batadv_slave_1: entered promiscuous mode
[ 2003.336572][T14241] macsec1: entered promiscuous mode
[ 2003.339481][T14241] macsec1: entered allmulticast mode
[ 2003.345300][T14241] batadv_slave_1: entered allmulticast mode
[ 2003.352624][T14241] batadv_slave_1: left allmulticast mode
[ 2003.357860][T14241] batadv_slave_1: left promiscuous mode
[ 2003.361384][  T196] BUG: unable to handle page fault for address: ffffed1012e2a200
[ 2003.363811][  T196] #PF: supervisor read access in kernel mode
[ 2003.366366][  T196] #PF: error_code(0x0000) - not-present page
[ 2003.369985][  T196] PGD 7ffd5067 P4D 7ffd5067 PUD 3fffa067 PMD 0 
[ 2003.372996][  T196] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[ 2003.374755][  T196] CPU: 0 UID: 0 PID: 196 Comm: kworker/u32:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2003.378147][  T196] Tainted: [L]=SOFTLOCKUP
[ 2003.379519][  T196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 2003.382880][  T196] Workqueue: krds_cp_wq#3/0 rds_connect_worker
[ 2003.384863][  T196] RIP: 0010:ip_route_output_key_hash_rcu+0x6c0/0x2870
[ 2003.387016][  T196] Code: 24 30 48 85 ed 0f 84 91 14 00 00 e8 9a 58 1d f8 48 83 c5 30 e8 91 58 1d f8 48 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 06 1e 00 00 48 8b 6d 00 e8 dd 1c a2 01 31 ff 41
[ 2003.393072][  T196] RSP: 0018:ffffc90002d2f5a8 EFLAGS: 00010a06
[ 2003.395026][  T196] RAX: dffffc0000000000 RBX: ffff888013960608 RCX: ffffffff89eab732
[ 2003.397477][  T196] RDX: 1ffff11012e2a200 RSI: ffffffff89eaa26f RDI: ffff8880513e2158
[ 2003.399960][  T196] RBP: ffff888097151000 R08: 0000000000000001 R09: 0000000000000000
[ 2003.402512][  T196] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880513e2120
[ 2003.405003][  T196] R13: ffff888024a45000 R14: ffffc90002d2f658 R15: ffff888062138000
[ 2003.407484][  T196] FS:  0000000000000000(0000) GS:ffff888097151000(0000) knlGS:0000000000000000
[ 2003.410218][  T196] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2003.412304][  T196] CR2: ffffed1012e2a200 CR3: 00000000601f6000 CR4: 0000000000352ef0
[ 2003.414797][  T196] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000080083
[ 2003.417238][  T196] DR3: ffffffffefffff16 DR6: 00000000fffe0ff0 DR7: 0000000000000400
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2003.419713][  T196] Call Trace:
[ 2003.420906][  T196]  <TASK>
[ 2003.421870][  T196]  ip_route_output_key_hash+0x118/0x2b0
[ 2003.423621][  T196]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 2003.425600][  T196]  ? __lock_acquire+0x4a5/0x2630
[ 2003.427182][  T196]  ip_route_output_flow+0x27/0x150
[ 2003.428812][  T196]  tcp_v4_connect+0x8e8/0x1bf0
[ 2003.430351][  T196]  ? __pfx_tcp_v4_connect+0x10/0x10
[ 2003.432030][  T196]  ? __lock_acquire+0x4a5/0x2630
[ 2003.433609][  T196]  ? __lock_acquire+0x4a5/0x2630
[ 2003.435188][  T196]  __inet_stream_connect+0x208/0xfa0
[ 2003.436863][  T196]  ? __pfx___inet_stream_connect+0x10/0x10
[ 2003.438890][  T196]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2003.440607][  T196]  ? __local_bh_enable_ip+0x9e/0x120
[ 2003.442293][  T196]  inet_stream_connect+0x57/0xa0
[ 2003.443865][  T196]  kernel_connect+0x107/0x160
[ 2003.445383][  T196]  ? __pfx_kernel_connect+0x10/0x10
[ 2003.447122][  T196]  ? __local_bh_enable_ip+0x9e/0x120
[ 2003.448815][  T196]  rds_tcp_conn_path_connect+0x72b/0xaa0
[ 2003.450623][  T196]  ? __pfx_rds_tcp_conn_path_connect+0x10/0x10
[ 2003.452577][  T196]  ? debug_object_deactivate+0x2e4/0x3b0
[ 2003.454374][  T196]  rds_connect_worker+0x1b4/0x2d0
[ 2003.455965][  T196]  process_one_work+0x9d7/0x1920
[ 2003.457550][  T196]  ? __pfx_process_one_work+0x10/0x10
[ 2003.459248][  T196]  ? __pfx_rds_connect_worker+0x10/0x10
[ 2003.461031][  T196]  worker_thread+0x5da/0xe40
[ 2003.462517][  T196]  ? __pfx_worker_thread+0x10/0x10
[ 2003.464103][  T196]  ? kthread+0x13a/0x450
[ 2003.465488][  T196]  ? __pfx_worker_thread+0x10/0x10
[ 2003.467120][  T196]  kthread+0x370/0x450
[ 2003.468431][  T196]  ? __pfx_kthread+0x10/0x10
[ 2003.469915][  T196]  ret_from_fork+0x754/0xd80
[ 2003.471422][  T196]  ? __pfx_ret_from_fork+0x10/0x10
[ 2003.473038][  T196]  ? __switch_to+0x7b4/0x1120
[ 2003.474539][  T196]  ? __pfx_kthread+0x10/0x10
[ 2003.476007][  T196]  ret_from_fork_asm+0x1a/0x30
[ 2003.477567][  T196]  </TASK>
[ 2003.478552][  T196] Modules linked in:
[ 2003.479832][  T196] CR2: ffffed1012e2a200
[ 2003.481175][  T196] ---[ end trace 0000000000000000 ]---
[ 2003.482891][  T196] RIP: 0010:ip_route_output_key_hash_rcu+0x6c0/0x2870
[ 2003.485019][  T196] Code: 24 30 48 85 ed 0f 84 91 14 00 00 e8 9a 58 1d f8 48 83 c5 30 e8 91 58 1d f8 48 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 06 1e 00 00 48 8b 6d 00 e8 dd 1c a2 01 31 ff 41
[ 2003.491031][  T196] RSP: 0018:ffffc90002d2f5a8 EFLAGS: 00010a06
[ 2003.493017][  T196] RAX: dffffc0000000000 RBX: ffff888013960608 RCX: ffffffff89eab732
[ 2003.495537][  T196] RDX: 1ffff11012e2a200 RSI: ffffffff89eaa26f RDI: ffff8880513e2158
[ 2003.498013][  T196] RBP: ffff888097151000 R08: 0000000000000001 R09: 0000000000000000
[ 2003.500484][  T196] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880513e2120
[ 2003.502970][  T196] R13: ffff888024a45000 R14: ffffc90002d2f658 R15: ffff888062138000
[ 2003.505457][  T196] FS:  0000000000000000(0000) GS:ffff888097151000(0000) knlGS:0000000000000000
[ 2003.508217][  T196] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2003.510291][  T196] CR2: ffffed1012e2a200 CR3: 00000000601f6000 CR4: 0000000000352ef0
[ 2003.512808][  T196] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000080083
[ 2003.515276][  T196] DR3: ffffffffefffff16 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2003.517746][  T196] Kernel panic - not syncing: Fatal exception
[ 2003.520369][  T196] Kernel Offset: disabled
[ 2003.521777][  T196] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:45:17  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff85768600 RDI=ffffffff9b486f80 RBP=ffffffff9b486f40 RSP=ffffc90002d2ee00
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=727265203a465023
R12=0000000000000000 R13=ffffffff9b487200 R14=ffffffff9b486f90 R15=0000000000000000
RIP=ffffffff85768627 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097151000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=ffffed1012e2a200 CR3=00000000601f6000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000080083 DR3=ffffffffefffff16 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000437e4c4 RBX=ffff88801bf2a480 RCX=ffffffff8b8ccc75 RDX=0000000000000001
RSI=ffffffff8c1aeaa0 RDI=ffffffff81dde1cb RBP=0000000000000001 RSP=ffffc9000046fdf0
R8 =0000000000000000 R9 =ffffed1005666795 R10=ffff88802b333cab R11=0000000000000001
R12=ffffed10037e5490 R13=0000000000000001 R14=ffffffff90d98710 R15=0000000000000000
RIP=ffffffff8b8cb5df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097251000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000034eeaff8 CR3=00000000601f6000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000080083 DR3=ffffffffefffff16 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080000000 RBX=0000000000000000 RCX=ffffffff8b8b2d2d RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000005 RBP=ffff8880263c6250 RSP=ffffc90003fff548
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000012
R12=1ffff920007ffeab R13=ffffea0001dbd588 R14=0000000000000001 R15=ffff8880263c6250
RIP=ffffffff8207f400 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f74f956c300 ffffffff 00c00000
GS =0000 ffff888097351000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557346a2a000 CR3=000000002165a000 CR4=00352ef0
DR0=0000000000000003 DR1=00000000000001f8 DR2=000000000000008e DR3=000000000000057a 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feeff800 Opmask01=000000000000ffff Opmask02=00000000ff7fefbf Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000002944 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000a014eb82008 0006080020080006 0173823c000007cb 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 808208000ca00310 10000c9003000800 0c88037008000c80 030fffffffff0204
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800000800020800 7c08000a014eb800 08000008005ec080 0201000002080608
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 015ad80008000fff ffffff0201000000 0806060104b20802 8802050802800005
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0280020008000408 00020800080173dc 0fffffffff020408 000008000208007c
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98 27bb2c9827bb2c98
ZMM26=a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef a1def4efa1def4ef
ZMM27=e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51 e49ddd51e49ddd51
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4310000043100000 4310000043100000 4310000043100000 4310000043100000 4310000043100000 4310000043100000 4310000043100000 4310000043100000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff888029953780 RCX=ffffffff820ff6df RDX=0000000000000000
RSI=ffffffff8c1aeaa0 RDI=0000000000000001 RBP=ffffed100f33aa4a RSP=ffffc9000365fb70
R8 =0000000000000000 R9 =fffffbfff21b30e2 R10=0000000000000000 R11=0000000000000000
R12=0000000000000001 R13=0000000000000011 R14=ffff888029953780 R15=0000000000000011
RIP=ffffffff8b8fa119 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097451000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000d000 CR3=0000000074897000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000080083 DR3=ffffffffefffff16 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9c6decde8edcba3b 8973a896cce398d4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 77a9c37e6d6d1068 6b7ebb778eece672
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3824652a1ec994c3 ac8edd7ecb336474
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 356e175bf7d74cf5 db9ec5450d1245a7
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003300
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 04bdfad204bdfaf7 0100000004bdfb15
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b060080aaf40080 2aa0008004bdfb25
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 010000009fe20080 04bdfae001000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 94b4008001000000 0100000042960000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 39ceba37aac293a9 9f30917f726ef77c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 54ef41501e98596f 1131b3150c85c2b9
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000