last executing test programs:

5m8.286175818s ago: executing program 2 (id=921):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_usb_connect(0x6, 0x2d, &(0x7f0000001600)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b75"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r3, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000800)=ANY=[@ANYBLOB="06000000", @ANYRES16=r2, @ANYRESHEX=r0, @ANYRES32=<r5=>r4, @ANYBLOB="0a00060008021100000100000500080002000000"], 0x30}, 0x1, 0x0, 0x0, 0x818}, 0x20004014)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x9)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r7, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044094)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x6250, 0x10}, 0x0, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r9, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
syz_clone(0x4000, 0x0, 0xfffffffffffffe00, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000100)=""/128)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES32=r5, @ANYBLOB="01002cbd7000ff5e512504000000"], 0x14}, 0x1, 0x0, 0x0, 0x2000c810}, 0x2)

5m5.129570989s ago: executing program 2 (id=939):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x10, 0xffffffffffffffff, 0x1000)
userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
syz_open_dev$sndmidi(0x0, 0xd8, 0x1)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r3}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

5m3.874444785s ago: executing program 2 (id=945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r0}, 0x38)

5m3.796488032s ago: executing program 2 (id=946):
r0 = openat$zero(0xffffff9c, &(0x7f0000000040), 0x101800, 0x0)
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x80)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = gettid()
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r1, r2, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)
ioprio_get$pid(0x2, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x4000)
write$vhost_msg_v2(r3, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
mount$fuse(0x0, 0x0, 0x0, 0x3008000, &(0x7f00000013c0)=ANY=[])

5m3.677438561s ago: executing program 2 (id=947):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0xf400}}], 0x400000000000172, 0x4000000)

5m3.482314593s ago: executing program 2 (id=950):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)

5m3.384230894s ago: executing program 32 (id=950):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)

2m26.141158028s ago: executing program 0 (id=1923):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
openat$mice(0xffffff9c, &(0x7f0000000440), 0x0)
close(0x3)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000009c0)=ANY=[@ANYBLOB="1c00000004060101000000000000000000000000050001000700"], 0x1c}}, 0x0)

2m25.97599683s ago: executing program 0 (id=1924):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$CDROMVOLCTRL(0xffffffffffffffff, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r4}, 0x38)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r5, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x3, 0x12)

2m25.045660197s ago: executing program 0 (id=1929):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0, 0x0, 0xb9b}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r1, 0x58, &(0x7f00000003c0)}, 0x10)
r2 = dup(0xffffffffffffffff)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000001e000000950000000000000029da8e9b4a652b58dab85b7a3648b3d789aea2d6811d472a21dbc12d7ef040ce255bbbe8add35dfd92a6a6"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x2b9, &(0x7f0000000740)={0x0, 0xb1e9, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000080)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r8, 0x40045612, &(0x7f0000000240)=0x1)
ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000000)={0x7, 0x1, 0x0, "4a37f6c000190000000000000020000000000000000000000100", 0x31435641})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r9 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
bind$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0xfef7, 0x7, 0x7, 0x7, 0xa, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}}, 0x10)
ioctl$SG_SET_FORCE_PACK_ID(r9, 0x227b, &(0x7f00000000c0)=0x1)
readv(r9, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x57}], 0x1)

2m24.146000914s ago: executing program 0 (id=1933):
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="160000000000000004"], 0x48)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = openat$hpet(0xffffff9c, &(0x7f00000001c0), 0x101100, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1d, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0xc, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x81, 0x12, 0x5, '\x00', 0x6}) (async)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000015000072000040"])
socket$inet_tcp(0x2, 0x1, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = gettid()
tkill(r3, 0xb) (async)
prlimit64(r3, 0xa, &(0x7f0000000280)={0x8000c, 0x1000087}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async, rerun: 64)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) (async)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (async, rerun: 64)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (rerun: 64)
sendto$inet6(r5, 0x0, 0x0, 0x8004004, &(0x7f00000000c0)={0xa, 0x4e21, 0x6, @empty}, 0x1c) (async, rerun: 64)
r6 = socket(0x10, 0x3, 0x0) (rerun: 64)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000000)={0x8}, 0x9)
write(r6, &(0x7f0000000100)="240000001e005f0214f6fffffffffff8070000000000000000008a1c1483d65aeb3500002600b3fe73e7c55cf83faeff4744116944219afd2e027e1f846120340a60e4f893d8f0aa037a1b10a2df57ead091eeb3246efcacb6e11ad4b4d05aba398b", 0x62) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r6}, 0x8) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb3f7ffe08010018000000000000000c0000000c00000006000000030000000000008c00000000000000e42e00"], 0x0, 0x2a, 0x0, 0x4, 0x7, 0x0, @void, @value}, 0x28)

2m24.055077161s ago: executing program 0 (id=1934):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x2000004, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
ioctl$TUNGETVNETLE(r1, 0x800454dd, &(0x7f0000000140))
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x68, 0x2c, 0xd27, 0x30bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x1, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x38, 0x2, [@TCA_FLOW_EMATCHES={0x34, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_LIST={0x28, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x24, 0x1, 0x0, 0x0, {{0x2008, 0x9, 0x40}, [@TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_HOOK={0x8}]}}]}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)
r5 = dup(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000480)='./file0\x00')
rmdir(&(0x7f0000000200)='./bus\x00')
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r5)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r7, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x800}]}, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x4004e085)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$pokeuser(0x6, r8, 0x118, 0x4)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000380)={<r9=>0x0, 0xfffc, 0x0, 0x0, 0x40}, &(0x7f00000003c0)=0x18)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000400)={0x2, 0x2, 0x101, 0x8, r9}, &(0x7f0000000440)=0x10)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000000d06010300000000000000040300000605000100070000000500050000000000120003006269746d61703a69702c6d6163000000"], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
mmap(&(0x7f0000380000/0x3000)=nil, 0x3000, 0x2, 0x8011, 0xffffffffffffffff, 0x4000)
r10 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r10, 0x114, 0x1, &(0x7f00000001c0)={0x2, 0x4e21, @multicast2}, 0x10)

2m24.054124016s ago: executing program 0 (id=1936):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x3, 0x12)

2m9.024704307s ago: executing program 33 (id=1936):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x3, 0x12)

11.095790899s ago: executing program 4 (id=2704):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000030000009500037b00000000", @ANYRESDEC=0x0], &(0x7f0000000300)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
cachestat(r1, &(0x7f0000000140)={0x5, 0xa527}, &(0x7f0000000080), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x3}, 0x18)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
r4 = fanotify_init(0x10, 0x80000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d85000000070000008500000023"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r5}, 0x10)
getpid()
faccessat2(0xffffffffffffff9c, 0x0, 0xa5, 0x300)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r7, 0x400454cb, 0x0)
r8 = socket$inet6(0xa, 0x3, 0x8000000003c)
write$binfmt_script(r8, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000000), 0x2000000, &(0x7f0000001500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7766646e6d3da1bc766f01469abe50866241553b0ad586fc09b0bd5fbbafc0", @ANYRESHEX=r4, @ANYBLOB=',\x00'])
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x61, &(0x7f0000001480)={'filter\x00', 0x4}, 0x64)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x20, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x20}}, 0xc800)
r10 = socket$rds(0x15, 0x5, 0x0)
r11 = dup(r3)
r12 = socket$alg(0x26, 0x5, 0x0)
clock_gettime(0x0, &(0x7f00000015c0)={<r13=>0x0, <r14=>0x0})
ppoll(&(0x7f0000001580)=[{r6, 0xc001}, {r11, 0x83}, {r5, 0x82}, {0xffffffffffffffff, 0x8}, {r12, 0x2081}], 0x5, &(0x7f0000001600)={r13, r14+10000000}, &(0x7f0000001640)={[0x101, 0x7f]}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, r10, {0xe}}, './file0\x00'})
syz_open_dev$tty1(0xc, 0x4, 0x2)

10.911371188s ago: executing program 4 (id=2706):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000002a80)="01"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x0, 0x1000000, 0x0, 0x4, 0x0, &(0x7f0000000140)="d2ffb49e"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})

10.724739727s ago: executing program 4 (id=2707):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{0x0, 0x1}, {0x10}, {}, {}, {0x2}]}})
socket(0x2c, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x104, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0xf0, 0x1, [@m_ct={0x98, 0xb, 0x0, 0x0, {{0x7}, {0x28, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x4a, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x804}, 0x4)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0xd, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x7, &(0x7f0000000080)=0xc4)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000080)={0xf0f071, 0x19})
pipe2(0x0, 0x0)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x41, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r5, 0x80083314, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_DEL(r6, 0x0, 0x483, &(0x7f0000000200)={0x73, @dev={0xac, 0x14, 0x14, 0xb}, 0x0, 0x1, 'dh\x00', 0x13}, 0x2c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

9.513905196s ago: executing program 4 (id=2715):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r2 = socket$l2tp(0x2, 0x2, 0x73)
syz_io_uring_setup(0x3c72, &(0x7f0000000140)={0x0, 0x801d, 0x0, 0x0, 0x369}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000200))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000340)=@IORING_OP_SEND={0x1a, 0x50, 0x0, r2, 0x0, &(0x7f0000000280)="96b5156f2c464c712d7dd66bf3705cf1bdd3cc8423297246af637380cd486a9882d94376d15d760b7096b7e4de0bfca78913280748aa01f7ddbbf696cbb30b27b2954f2767a519db66a1359410ed53ea53524ff5d9966ec9dd2be22ba996b96ab799d08846aae1b30edeb08d456f3b1e8773d8c43ab57311cf6f97f48e8a98ff6c59eb359a49e03538bb5ae722941ebe3e5eb461f3cfd21ae98e3c3b5b24447e528da515c0ad92f2c494a679706f7e9e0d927c5c624fdc", 0xb7, 0x800, 0x0, {0x0, r4}})

9.437732763s ago: executing program 4 (id=2716):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x20000840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000400)}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fstatat64(0xffffff9c, 0x0, 0x0, 0x1000)
ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
write$uinput_user_dev(r4, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x110}}, 0x5)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$IPT_SO_GET_REVISION_MATCH(r5, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000180)=0x1e)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)

8.99589854s ago: executing program 4 (id=2719):
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x2})
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000140)={0x2, 0x1, 0x10, 0x0, 0x230d}, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x134, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x32}, @in6=@mcast2, {}, {}, {}, 0x0, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(serpent)\x00'}}}]}, 0x134}}, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f0000000640)=0x13)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x44, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x18, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x6c, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x40, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}, {0x14, 0x1, 'veth1_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10}]}]}], {0x14, 0x10}}, 0xf8}}, 0x0)

7.224427415s ago: executing program 5 (id=2726):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000000)=""/108, &(0x7f0000000080)=0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r2=>0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000008c0)={0x1, 0x0, [{0x10, 0x0, 0xf23}]})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x0)
r6 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
readv(r6, &(0x7f00000002c0)=[{&(0x7f0000000000)=""/81, 0x2b}], 0x1)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r8, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4001}, 0x4000)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r8, 0xc2c45512, &(0x7f0000000440)={{0xa, 0x0, 0x6, 0x4b84, 'syz0\x00', 0x5}, 0x1, [0x7ff, 0x3, 0x2, 0x5, 0xfffffffd, 0x1ff, 0x8, 0x80e0, 0x7, 0x3, 0x0, 0x1, 0x4ab116af, 0x6, 0xa, 0x1, 0x1, 0x0, 0x1, 0x0, 0xb1, 0x7ff, 0x0, 0x0, 0xd5, 0x2, 0x15, 0x80000001, 0x2, 0x1c0, 0x9, 0x8001, 0xeae, 0xfffffffa, 0x4, 0x7, 0x9, 0x8001, 0x0, 0xffff, 0x1, 0x9, 0x1, 0x1, 0x1, 0xe66b, 0x1ff, 0xffffffff, 0xd, 0x3, 0x8, 0xc, 0x5, 0x80000000, 0xd, 0x0, 0x5, 0x89, 0x7, 0x0, 0xd18, 0x6, 0x2, 0x9, 0x109a, 0x101, 0x6, 0x4, 0x4, 0x7, 0x6, 0x96, 0x4, 0x8, 0xd60c, 0x0, 0x7, 0xbaa, 0x7, 0x4, 0x7b, 0x4, 0x4, 0x7ff, 0x1, 0xffff, 0x8, 0x2, 0x1, 0x2, 0x5, 0x1ff, 0x7, 0x7, 0xf, 0xcc, 0xfffffffb, 0x4, 0x1, 0x9, 0x1e000, 0xf20, 0xc, 0x4, 0x3, 0x0, 0x6, 0xb9, 0x2, 0x10, 0x4, 0x6f96, 0x3, 0x9, 0x2, 0x8, 0xa, 0x2, 0x10001, 0x6, 0x1, 0xd7, 0x4, 0x8, 0x5, 0x1, 0x4, 0xfffffff6]})
r9 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/cpu_byteorder', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x3874)
futex(&(0x7f00000040c0), 0x6, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f00006db000/0x2000)=nil, 0x2000, 0x4)
futex(0x0, 0x7, 0x0, 0x0, 0x0, 0x0)
getsockopt$WPAN_WANTACK(r10, 0x0, 0x0, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x145002)

5.144410004s ago: executing program 5 (id=2729):
sched_setscheduler(0x0, 0x1, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004a00003c0000000000069078ac141400ac1e0001070f08e0000002ac1414bbe0000002440400000000000000", @ANYRES32=0x41424344, @ANYRES32=<r0=>0x41424344, @ANYBLOB="500000009077fff7"], 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(0x0, r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00', @ANYRES16=r4, @ANYRESDEC=r0, @ANYRES32=r5, @ANYBLOB="0880050003000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x2000811)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$drirender128(0xffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$DRM_IOCTL_VERSION(r8, 0xc0246400, &(0x7f00000002c0)={0x5, 0x6, 0x10, 0xfffffffffffffd32, 0x0, 0xfffffffffffffffd, 0x0, 0xdd, &(0x7f00000005c0)=""/185})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r9=>0x0})
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r10, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r10, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1}}], 0x1, 0x2400c042)
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
r11 = openat$ptp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f00000001c0)={0x7, "3bc52b01e0980e77751957828706df7650ad84befd5dc3bed20e0fb8aed385c6"})
socket$xdp(0x2c, 0x3, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r11, 0x40043d0d, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x54, 0x10, 0x401, 0xfeff, 0x1000000, {0x0, 0x0, 0x0, 0x0, 0xf0ff}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x54}}, 0x0)

4.604567912s ago: executing program 5 (id=2732):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
write$P9_RVERSION(r1, &(0x7f00000005c0)=ANY=[], 0xfffffffffffffff7)
chmod(&(0x7f0000000140)='./file0\x00', 0x1f1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
syz_clone(0x20c600, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000001040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, 0x0, 0x0)
r8 = creat(0x0, 0x94)
write$tun(r8, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x36)

4.195447762s ago: executing program 1 (id=2733):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
fsopen(&(0x7f0000001680)='nilfs2\x00', 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000180))
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x145002)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @loopback}})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xd4bb, 0x0, 0xfffffffd}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x80800})
listen(r1, 0x5)
io_uring_enter(r4, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

3.739730244s ago: executing program 3 (id=2734):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x622c03, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, r4)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='attr/current\x00')
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
chdir(0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r6, 0x112, 0xa, &(0x7f0000000180)=0x9, &(0x7f0000000100)=0x4)
ioprio_set$uid(0x3, 0x0, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

3.60834182s ago: executing program 5 (id=2735):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x100})
lseek(r0, 0x0, 0x3)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x19ff, 0x0, &(0x7f0000000240), &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMVOLCTRL(r1, 0x31f, &(0x7f0000000040)={0xa1, 0x3, 0xfe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000a00)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000010000003f0000004000000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000007f721185d1bd3a0ddc9b4f4fb93aedd0a03ab11a8cb57ca3b63a1566d7b8c329386274571eb19ffef06b6d1fff919327"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFNETMASK(r6, 0x891c, &(0x7f000000c940)={'ip6tnl0\x00', {0x2, 0x4e22, @empty}})
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000bf00"/21, @ANYRES32=0x0, @ANYRES32=r7, @ANYBLOB="02000010011000"/28], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0xa7, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x3c, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000040)=0x3, 0x12)

3.507298585s ago: executing program 1 (id=2736):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendfile64(r0, r0, 0x0, 0x80000000)
mkdir(&(0x7f0000000400)='./file0\x00', 0x99)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)

3.431613812s ago: executing program 1 (id=2737):
r0 = socket(0x2b, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x109842, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
syz_open_dev$video4linux(0x0, 0xffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
setresuid(0x0, 0xee00, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

2.110440017s ago: executing program 3 (id=2738):
stat(0x0, 0x0)
futimesat(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="0c000001"], 0x0, 0x1200)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4020)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f0000000040))
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x4, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x0, 0x19ef, 0x3, 0x6, 0x2800, 0x2800, 0x2, 0xbb6, 0xa, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

2.01455862s ago: executing program 3 (id=2739):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000003880)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x6, 0x7fc00100}]})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0x40082104, &(0x7f0000000680))

1.965708962s ago: executing program 1 (id=2740):
mkdir(&(0x7f0000000280)='./file0\x00', 0x54)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
r3 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r3)
ptrace(0x8, r3)
ptrace(0x4207, r3)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x4047b013}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0xffffffffffffffda, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x10)
mknodat$loop(r4, &(0x7f00000000c0)='./file0\x00', 0x10, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="2ef9b75c2a05a354b15c6865cbfaf704d9fe81e8bf9d8a4855a6c79bc372310e9770e9641fc4cddae9c3346b408119c30a786fd1df316127d4d83984615876472e3483e6d8ee9ca1d6fe0d78b34883e1063914def0609fedd9953c671c034d60385dd6825fbb4dc228b432971e1f85af5f8b095010a6d800d24d92e81a9864cfc76c331869fc93f474c46403d6a428b8a671e5dea85b7573076ecf100a3417a89f00e0be5f2a7a289fb9b5056b8eb1acd214140f1096de23c01620c3822295d9b064842a6eb0cf766da877692919a8567a4077645ae08eb35ef4be7984967d6943b729a20877be3f2c8e82425801f97b54bf797e02536eb2d3500f54e9bcd1e4983880a4157028cbd3c40e51c9206ba74be1c3e06ff7b9013c58fab9291d33641e5314b4a09dfc55138ebdddb7a8fb699877f6c42516580714b6b1fd597dfe22f9680fe33ed376c61638f06e7fea60fb54f3ea8d091b94ed72ccb5014c407930f786bfcae66e8485297d3cd3581acfb08282e78bb02465611c63071ef529fcb88df36fe6a8a44a48134d764e83799d589732f2c4b64f555e502f602814af9895b85dedeaf847fd45271b0ddafef013b70fb3f67a26a667519f783ec0b1936d9a394f9781829efa67f80f3608ea0c79761331f24d84c05fc11be3528955b1a227db1a648af2840ea7cb304a5533c4f0159413227f4ffd599481e025536663bf0fe5ffa17b2d41b9ae2d91865074abe8035fea4ff4603955fbf0b362d37eba312461402f61fcd9f4a60e362bfbb745639e4b2dbf7224d9f31f1ef3d8355306add312be6a709ed12295e00b41c8ecc4dc9b35bc1b5fb957f4f40aa457b67025dc8ef50c4f1592ac704649db3181fb4444522e786f7e6771b7d92bf018ff468a2866216be7074f7dfe4e2550cf48a00fec0730fdc54f1709cb1e214dd2d8a7fac1cc8c1a18cbb252f12c5c5da8137097909fcfcc3cdd4a9834d6db63822ade4c504b14e536553573699005d20f5ddf3742cc26439fa8275a9eccb58bf750a04fdc41e246495b4917b5d38680e6292e7d694898c0f80ce567f816159b41558a4a6d901675d182aac925f84d37e591e1170f9123f90eb1110c657ac44e55097309849968e315bea530b0c2a4671c8bed2711ab64d9a489418b8d529accb0b09235aea65675cfc7eae21920ada03630364d8102928b3c6cc40d83f6e5ef5f2b85bea875d3b66031cfe122c8b819f621d7dccc286fb8ecbf0c4baead9e44955b9e2fa963a6422d0f1c64c7cb67e9ced0a841f4c1dd17300d1da7851305d64e28c59f32e66f40e103228dd0e15611bc51c207f515bf77a722e7463f64f8125ef453e9c787258f96224ccf1e5e531737db44adfcd3cdfc70e67a9bd586f30df10586dcefd0bf9529474c71a3b2192bd97bc93ea77373d50b00ab9f760502e6a8fad8c71322a685aaf153e3ad1f3123753f459d027c430ceff829111ac5718cf797244eb249e1bb7b90500c745d89fb563f16ec7f98ca5a309a7f04f2cba5f7f1713d8f4eecc6c963970e50325883e522e474834b43ba78f41ec543779b00d3f49c94f55d6701340769ae7dbbb0876c40d4d66ec1075f23abc16a24dd127c1bec75dc08012d689f1ae99800f2bce4ca3f4ca002cdf49165b551e91083e5be401e21d65614067f4887cede403d651e479f3aeca23a67a28a9f9b5a1782db86aec72d769f96eb210e8c3acf578c893f29935a38983cf6ff950efe9303a84a4f6c177d666d131d3eb503c06379e9fad6c255911472e320ce85e440511890c400ec0381758a0a338e8ca0bd529dcbd262aafa18916966e3eee263f58a88ba8883b44d548b96e817617962256b93a2209881e9d7ce661bd98c8063a2ebeed829e9814bf78ff22e62df14b67ab234d7784c8c201fefa6d7e7acbfd549fe066648f3c43bac2fe11362b88cfb9ee8eb3bc4d2e564d6b4a38781610fe6197613f77ffedd75b3dd5b0729ea75e150f11be7817a98a7da9cedb466060c295b7526538d89947ad2824fa92469602d9f3403303186f471556f5858a792bbb44bdb623623547e7325f994170e1e03bc6f7d7cdf3bf47cd09e0943c706a40ecd99867d052bcdd5853289e1fce2392ca42b635ace10331d3cbfbe5a2ef1346ec22167e88cefd124eb1b3047595260b08807ce22f9e7d6bc3dc5896ba0caab36ae87049202c3e5c19f4e0259f08c728405afc4a8e60ea0ba9092018869b513d260dcc04119952d898670b3be37db6eb5c8af148ea1f254c2fc15363665a238ea146219283ada5ef487f9e602c87e6d57b0282dac26986c69048149315e566ea88424b002b1ad50ca7c882567ec683cdca03625ea71817b551d8ba05df3d1841b0f6054e3e78d786b0ae469ebd97a2f6aa438aca77fd672ac78ef55cd92649d5d7ff2e2ab9e30057a91054bccbf5adb992563c99712be8f94524a93bb9c7731c9c427945a8f5c56e1f1aca70a712fa5bef8669a783ae9f60d21263457d68d48ee7e8d3be7408c51523f1315d361ae39bc3da061a54dab36705fd7be6aaefbdd004be31e50fd7f959deab4641f56c1d837707ddf911b42ed781cd8e73e4ff021818398b36df2357ab838f6ff15a6a86b1792c355aa3bef58831a9be396de066053f61ac7a453a2de574472a0416af32ed8a766ffe4fb9d85580d19624de5b760d04d3bb0e735aa4cbabe8f173248bfd0d1cdf0b85223492e3aa14bef404079e99f7e8b24fe145a02c64dac7dcebfd3e53b95c1952c5b3319988af98b41d3863904b4a33e12f0729aae59a7d1682f4af098fc67dd1e707016695045a8d34e216ac1b29b76c017119b054830a59be586ec1219b5427cdb09f5febb8e9a5b71783ccf1a6d8ced05c37d71dfa475de7c3fee758db2916b19c681c2a8ae6b6e7af36aee07190298c8a22aaa96586cd678cdfe9970c860fe8bf1fb663cf3f72c26fbcfa6d1f6fbe4bce91773aba5b9e321881cc6ace6f3817e2653b778f7512d07db172d38faace29a0c13439f4be23ce83fb6e95ac43cc18b295f1c1dcddd400b1529dd60acf901a8e05e24a7107253d9583c658012e497f5d665dd4cbf1881e75b9231ae8e31d1e850d2b5ab5509261baf2eb14f931ac6f0681dffdc83e2e371f8bdf99daee9cf06ba28a19271fc54bf40deea2ce14f65ab5ddc9f2fa2d92fbf9ef275bdac6a8ecbc13a92f175ad953b8afd0af7d886e8429267b891e88d996c6aa1fb736e9929095375ffe2257974d6a0e2e007c6140bc37770f56034720842199d6d68705e2f9c1e4012c8f47b2bc9568d8f51d1b1155658377cf42914084eaa96c3c00422ef5ae2d2ed13e4fe685bccb9c70d6b6e35cdb3f63899e0fd907069779b54e7cd340ecf7992cb8ecab2db409755ce9aa0fa8ed07d731b5db69138c64001cc7915394121c649d082ed3401e44d9a5b403d144396597afc8e4fc243fbd9bffe3480d7cd708e9dd34bd5be2a537325f404396dc041d4ed508eebe82c7c0325cb17376d68cfc062717cc44cd79fd065609c93e46c8b1336baf5bee20b20112c26ddc9840ff7179a2e47d421ef8f70c06675ff8dd8fafbdcdee0b6ed0e242a7c961cd69a434459b4640fb74d6d52a537bc089af55c23ec00f96d674cfb0fa4978346d9057e5e25c99d329ca25333b299d5458ecea0b287915871c7c94c3317402bc891c827f15e7fad9ac5f98f3abcb0790281fdf94fe18e7bad3f6fe0989bd334995873f94b24d5dd0fbe79cf5edf044ee553e6fa9092214036fc45a6462e9f6fd132699cb87a13cb88332f5e375fb0c92c77a12b3d87033dc8ae132fd18b1e905625fafe5a090420b671704b60c186a6f2b6fefd202806942479dc994280ac20a1e6d379d485733933cbd428e2655eea08d8c396c7ebde304fbdd062017d3111599d3cc4cbb0ba462c48983b4886923e0a75be5a75d5635a47c9bc7d81c01e4f9846e8ddabafa731e707d29c3dd6790fb0e3c6036143353847f228452a4c42e5a6d7a1af85c47e71f6c2268dd9fad178d3ab84625bfe556c76615b4046a96f463fd45a8fda457907050603534a3e0f18b1b0d35a8eaaef683a3431633136301e122b8a516e4fc3b3f5211510c378a39a49a51ceb6941850a4f1701926dcc4774ac14ef053ba25b15bb62c59b33d5807020e688c2d4356f3ddf9082d9f4fa20b5ec1bd184fe2a9be73b300ae0e9989889ff8cf3adf493a3e41e46e2dac2fb156d7426c4ce77b2f3945fd7551d31984e46c09b75a4f747a0d0efc4039b68e431d7ff4119e45d10bc611d84beb4af9bd8724e6ee1d21e46ac4895ef8c93150784c6bee1432fe912a8ae3005f30ff0a6b52288050729b29900361dd0344e9f62a290471d4b96c3c3b4b2fc93cac8168facde798a442cc2bb7e7430d8cd479f0520ae4157bb7c79f52d9c419850ebb0060fe545ccad558bb7235abdf315277ec6d42cee4cf418b3420efe1f88a1840868f338b90788ae3d6e48311a421c25b45afce9734f247b1133deb7a7f16b344506a18d037bb4a18cccfbccdd85aff9b374014802e90d7a2053e20902d920bc95a5732336e91420658ca64827ab11a27bbdcd32e273853ed2ca70b2a3971641b9c749fbc05b21556198f32a91a47d9b4cd0071f7829382e1f0b1329041e223afa18ad5d4ea16d576c614d840f31b4903fce2c2e97486c3bdb226663ba063aec559bae777cbcdf6357efa7cd270c9f36909cc657095c7fdcae25d23301f2f817b3fd4daa690ab41282a2f3046fcdf6cb4548a0067cb54f0fdd7d02abbdc91315cd31442a2400b23051dd507465fe15d1acce56a82c2eaa580432e80b618f8f53fef7d5850fb54f555be97a56f148cdcbd04a4e99105ab70d73bce03ef341cff61f85d2cf95f8b17f79669f55180231b1deb44de0615e0a8fe706d301d3e0d9f937c28cb3f9d6449b250fbc1d3d343c51f3c6c3864fc13b836f28409b693cbbd41b1f5717d8fe5eef7f58d5bfcaa42a830d003cf610b0605cf8bcaeaf8c563fb170cc41280601eb0c638f48f3ba87f717351bcd99791f256b81074889b51a119d29d7572bba8bf661cf7e0785aa9ce0fde86b08229d418b56164a8306a57c2ad0cedfe387f37e0176244ff6c1f7058d60fbe5d54dec83ef11233e0311882e81a5661dbaef755d876d558ac5989a495d281d52f8020c672f9b43fa8c807a590e067862f1dfad34575cf1046806db95dd2fb6a0881da25a4c1319109c77e9bb11e45a7d29c72355877ac9f2301117c1896ffb3f34142751742b75a603e0ed69eee2b8ed9a93ac0fb395460a6091f4e80857bf0bee7bffedeef7de340edca5deb845bae6fe7c8dd76f78f1b85a5bdd8662702f1708cb66fc7970225e107cb135d96f8aaf8d4071c452ed29f3888b343c4ff22572154311147c0b6046984bccda438dbca83e03838e408bf828506f35c7bc8d5af60a399e40c9c92c3f31aa1cc0dd9ac43266c97ebf97ecee097415ab221777a1d5fe5bb02bac21813778fbe01a408879a84323ee59da5b7271c313423cbec173924c5238e1996390bced7f9ed535b2c4ccc975bfebcb868aebc8b48d198f9ea33fbafa3c2c100682c4386af8d4ac912d034af127566dceb50c150b44df87562cfb83a57d736464f7cb9eedda2bd656a1406a5914d982c509c51a68de033a9bb10e95c6c15667b7c82f15c220833b064f9590fe304f434ae1598a002473aa888f087f0fd745e5e334d2f74d9cac7c81f602e79ec3187bf3d6c2b4297fe3e6b724d78fef9e7c5439f3fcf45b6b0d3586b5b1250e1a55afa11b1d63d680092c3753802e8dc4be11afb438c3baacf19bd7acb20de238fd2f492101fffb4e4744eb9a01287679de1b8fa89db9016bead48843e2fe055d9c3810b0ca2a3282d73175a34742bc4214c45c63bbfa792d54d9e799cbbe07dd2f4368e19741971c7fd21d1eccee67b74a41e2d00ef26d31b7ea5d7d86c6ad793da3345578852f6f8535a877025037751768910db81e9d3ac685ed74e7ebf80305e0baeebd6338363754f4a9994276c04475c6bf954595c1ec09b3fda2ed43fa18b359bc3135f157feb3f1a7d7b333597c625c5b7dd073bc35580505b9d0a3645ebfafd565e30e0e251c78c12a160eef3744f19adaa2a2926dc59fa5be6a3cfe51119b43538ee8447364f592a42c24fb094d8ed52af909b5384ee61d52fdbc65343703680e93a0400e61cbefb57d73deb26d52a8317eb03127b6ce9a28419a3bcbcc44823028ed3dbbddf9fa59260f19d9a899564816f70dc665ee1ee24bc64a839fbd84b32b2f40eae234dea3055c47a7f870a813425e58fa19975085956c264e3730ec44239d90492e8b337ce277d9255e246cce746649af0eae50ba253e904f73da02d1cc61daf987f980c03a23da9d687076dc3c020e6cea18c0720f02618ccaffb18849d2ae508badf2b79d29700a1e351df49b2ec50490e0f4f2c9da8ac64b176970891553438c8501895f4d16c9c3b67a7352be39e57cbdb82c842be871fd4db6b44281a5cd0977ad3a852b936609daca5915ae6c7f7ab38b23a25d743f542fe75f2b1d7d5fc1deee9d62d4024a186bd65f5c304dbd9057cdd653408b5aa544145c5afd9318dfdba52a17df169004bf41778c94fa724292ab1f674165c97ac4b6ba1f960039fdb96f4d6f10855c3354f5476dd720dcc18fe6eb853d5a77f01972a70e90a59ce5b49878fc0f4b42dddfcda5458f8864d1726e31813f1311360fef9701f63e7b24b2f59376685355acd696fd4af9b5b4e120c43ec717531e064a08b8735981e08a08e4afdac64ca36e9b0ea3f57a8a98ad0833b9651667133f74aea3240bb4fbad07e345293ef1f25858d0870ec4dbd930006cec826352f784b173deac89f68dda2556fba2446f5d37bde3fc49046daf80061a9b7e7f4446bfc60b004b6dad1f71218b3e56fbdad69bafadb8d3e753d564c797bf41c733c1faedd0b96d6b5669355282e3e54378d04b3f1eb7feec6b59b7849a10661630282b4813cf60d0085f68d537d844634ab3574feeafc4d4ce4e201b0b6c09d444bd5f9b6289e8aee682a7b144635f63efc7c9984bf05840b85c6b80dcd91337da17866010f692834b665dcccc95419a18bcab8d58058e0ebca36a4294415ac1ecf212318ac12c8ae398e8bfc3c99b0fbe4b8eae5d4a16cc539b78da8e7a1c011484d45be0324185c3b924e08516303e3cc638ac4322096ebac2a9fec10983b98e65cd5a299ce9e8bd62d2b1c1a6105c00bb68fb8db0e1baf6e0a59b9866fd04d13a5de9452dcff854f85c73beb7c5ee8a637cddbba72e11723d0066135419e1c225ee051f36cd272adf5a6650f70c5890f67875612378a751d326ee7e060fcdb5761d02f46038a4b974d065bf1f3bfa7c3a02f6a2297ecc508212f3f8d935b8a29ee23faf1acd4133902d0fb86d400b1f5d2835fabeb9356b77d9748798a4ebbe940bdef5a5eeeb58983710aaf3b829c7dfd7c8d79c8b8df58ef908ec33d6a66393806147779b8f48ba5cd98f0451e01d1f460879f8994d66a527cfab4807f586af6500566cdbbc69394f10538a8a6743f263a20026c2cae9952c92120656444f72d52743441847eadf749f913872d60f3b3b635773969e9d9f8397f088be637a070670b3010a629b80e98a4a732c4aa840d56c8d3aa859910201902d23ce2d01cad72a80dfb3e20c1f44e3ab3c930bd31a7ebf8d2dfba9005be0c652d25a5f4f14a8eb530ead6e342bf97dea214b7e2aed3300fe3e65a6533a7bea013d9e80413c000ef6ed972becc1a39d314ed5108f3e4e8ff8820121169857c4cefa3574cd194bf9ef682a109ea1c95b576ddc1dbb09d42996f4925a440f1cd121110ae952f327ea97376d93ec5d6330e13196215abbe36f110b4b6add68d5684599d8969d7dbaa99161a67fcf0e566c330bacf6bd5047b0f1aeac9418d4b92be966c2647fca52749892a90e304762f82753a16f00fbff2d2cd253d5ea542209e0ecf95ec9216cc62484fe7a37865f46618b977cae08b564bbcace5dfd135b7705677541ce7c9bb69ecfc06c13b5e386a65e610af33a761b4c894e6ea5b61d05ed2ff62270a175a75c7616b90bd30da16d622f5b1bb70f359c34c9a34edac692e3e7251cb988d6782dcd37b99fafae3aa2c62c29e3bd19bcb625ff0a68ed28b6f24a2f98357d446dc6c5a92c0070fea7bbda52c56a458eac1d670f7be3c5904761673a9193d90cc98ace984ccf1575dbf05c0c862455e9ca141504bd15fe515b0a16ea39c03cfb9289df4c7ffa0a778ed686a5f8f3c6b3b4684b9612f7a982de05d7f76a8bc82f3d56df9a052c50e5641fa2908a4456932a11231f9e9c2a504e2cfefa0502805d47a5c8619b90472eb20d32cd177d1029e5bebed2651f5e550b8f68811e2b14090cd1978637974d24af028fcfb934321e9bdc6199aa014048f58dfca2b17dc961ba5f65d1384d1955af3e5f06055dab05cd1bf215b3588f6bfd2a2bc6a9622128c337a6976524386411051031ce5c8ff463b3d627c8bca040db5e71f42ef3bbe89a9b6a070b2aacd0d4f3865503b2b33dd19bc16eaa88e037517a163aa1da1331e2bbcad643a6dc427a68ace6657ec6da0a07ef74eb874b0076198fdd4dc32564dfb8ab40f17fb89c82aadf2679780eccf3148a00621852cf45880bfb72123ec0a31c925b35b3c004da4ce1f5b2745ff2c531e839df1548210676298ce27d6b412a627eb70bfc005a317fc31f54c1e5ef6e53f0333f0365af744ce6c86a9537b9ba46643da27376cb88163c5e3e6e73c4fabb7d2b9e0b50780e15c4f44e8487a6b72e856fcaf1633870492e6ba3ac7df78e8cb23bbc8d7023369c38bdd026ca712a521a6c4c39b7d6cc88c2a875b21886e48d0504957980b06a787b52004af845933373423b7e9f27e739c07be86869d63424e9d8acc148b2be03e9a8c5a5285b9948b17b7a7e9581a4b4a9715559ea48cd17856e241d6d6e26618ec99fee543f08d83ea9139b3585a33d45b8c00bdde11a05b7b6a9dea76f8fcdda775cf7bc7c93b9beb701d317f98b20dad165b8a1ebdd0b2b0d3efa440866418772888c80297d93ca3509f48a24126382b0b03767365540673bcc0a4d5c654869fcdf91bc77794e9f702d4a7af386faf1debc3049ec2205dd76354bf655d0600da6ea069db11ada558358eef0b597b0a64e38a517b1b7db4e240cf441b2656e43346e240ac49c56ed4dcb03bb233069694f3be050af30e8247f8cab8ec2653509e0d489bc24577b133c9be29d2fb2f947348632699421f4cc1e437bc695b4e3dc72f9b1c923369af52226c617f7f11d0aee0671aaf5768b5d65d309e992abd07a53d37682ad8074afea935d827f7436935d262ee2b8f3deff0766b4dc10e4143173ac7bf3787c840cc2e056af7b621523de2a10348d175527693fe10a6874a15a7cac79e984a7a8e16fb41a3dbe711327ecf04f668b306d08b6bc54f5013da140cf73d69b46ee018158ba85a7d006456fe375ee5eaf8c034f0289801ac07c91f564f1faf1ec09b461122af550d1a1b255c01b4af963e203143598a010f62bc13d88cca4e6421436925a200c4f7331288d98f5531479188c892d5131b32f6f1631d3e5729a0bf69426c6f3037617d9a194484f474eb6e0d5a7b247ec5bab4477ee96b80dd921c2a764970fa7b436dee34f7f1f77a857b0e9d5b2af96ea4e9429dbda14d0e3d54790f8a99e8bdfb51a6e78f005ecfc673b85794463130decf8ef8893a81e7475eb67203a8506dbc34aa49019db1552289c665db98428096d7f4bbde884536bcdd5c9d0a2e7d463af1d1d13afd596c1b79b2c17068d2189632000dcc7db458f6e636f171c52f1d9983e835a00da51b7b64ba5b72a3662f4369de1bccbda316af1684bbb50d6a079a5e056635b1c92e6cff735c29f0c6ffeb7122825de4c9b7377f6ac381d2922c52259ad71eec033da3c827b715f646e69b4bb9b256d29b1cb8dc7b7fdb777cc24392a61f5ee042f5fbc10d30b5b12e9594778e7487e4fedf868903558ffa138a1f35ceac6263bd0bf90fd10cb718b515919a52217bda4293b44ae9e37a1b56ab91ab7fd7916bb657f13bd6c1085552d4e45eb244e4c7ac11154e24fc215270042c0e63f240fc611b2966ab88564b64c9b90a7261789cba43988c2928883809c20fa8a8939c35a2e49e259332ea4acd0660f809871e7265844422c4b17aa6310a1fd9ab45d03f6bdfe834c63777dd12e02beac70f6067ccdc9333b58689781e5dd564bc0c0e7db0fbf814790b4fa31e009ee473bd20fd405178d78d9a576ba492e6fca3a15152eb327a4e4ff63f4711f2302c4997ce5c45b7ac83e04d32ce40c3e6ff92a7e9a5b8761589116ba8637918ca0cb20c5e7e8f61b697171e5365163bafbfacea864c84850db6ba56af0a0b12eccb4997392ca2212d3c7906aec7ddac48b4132ba0d11b8a253d138cb88d269992931e9d15e89557076a8e3330389cc4527e77f6d9d94c878f1298a020a0182ac8737d4d6dc1d9f33753ece4f950b6a837a73f6a6360074fcea71984437196aeab42365634e943e04917352ddcc2f8c86817df88877d323bf7fc7a58f7abe71fc99ed224705226a33e9ea6c9efd83acf14c623c8ad21ccef6659a9812edc08a525ca209a9443b46dc944b18339cce9590260c5aeba7a596bcb3ba8fdf329843ad4e6fa701f05bbe218a14fb1cb5e54bb762851e9a56367b12c66ef62f098ed842dc51b6f659cbc579c9a34c669027b1376df72e7ce279cfc5139e3311f2a64f1acd241facf5003bc04788a3c2941265d48879268833c5a45f954f39efcf5be68f802766a0e3bedd456a0bcff04354f6a3c48a27d7d68de8128149b43f45ede214bd0f30fdbc8a8d3009268189a342a2750872fdfa12acdc2f30850a40dbe66583289c8bb44a5f3cb8ab88a839faa2d385a2b19d7c1eb31352c1fd83d732fa7dd271a6cc450238e477a1cf89bab77b0032e3d911320d17d4019da270d054491f3d98727ac655775657b8f8231b9289e085dde5dccd0473842936c879bce06d35a510bf7d4112ffead8e8fed13a424239414702ccaaf8ae59416ded8b78ede3e80964d27c25172400af4d1fd68eb0ee6c2f8e9d119ed1688a47c15a5846987130a07fa9c93d51e7915c3dec43aacb3cd4bee5083a35dba827dfa446eb9833b436689922f60b4c8f406d9e992265d3db9a5688aaa600fb6b2035d780c65528d4e1976ee44f0ec0cca95184f32feb90a8a8de0e8bb794c505da699cae91712a55716f2aa2e690c534bfb0f7c0f0f6beb6abf1c55b5698c60202908ae353310b633cfcb78b83fc0574248afaa5308761fe3fa5baf01369dacab1d5a02cd193bb3928886ab8afed4fac4a4a3f6cf205dcbecd99b18f19b0c7c97340c9513c5b35fd7494a942492b614277159c88a546eb6cf3b6230947f41536bf69a08e8d4cf8b43fd32e6a4ad2cc63e1432bd98b88fc9ad5346ca05d4e41e61a664ae631c34e3b41c9d1984656d918451f92d98df5152e0257acda9471e3e7a44416cdcb76420fe9222e8d09", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x78, 0x0, 0x35a74, {0x0, 0x2, 0x0, {0x0, 0x68, 0xfffffffffffffff7, 0x5, 0x8, 0x0, 0x200, 0xe821, 0xfffffff9, 0xa000, 0xd, r2, 0x0, 0x6, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(r5, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000d009500000000000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r6}, 0x10)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x8001, 0x1)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000001c0)=0x1b, 0x4)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000000)={0x25a, 0x0, 0x0, r9, 0x5})
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

1.04476302s ago: executing program 3 (id=2741):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
unshare(0x22020600)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x198b, 0x10100, 0x0, 0x3aa, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000300), 0x8)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = msgget$private(0x0, 0x100)
socket$vsock_stream(0x28, 0x1, 0x0)
msgsnd(r7, &(0x7f00000007c0)=ANY=[@ANYBLOB="030000002c5b92fe53d0a8d45c8df77b3a5b24f5b5f47fb21e984f7cd98be58672f21c05d89a28dd30d16695fd88872467e730c5c5b07c0baad7f374dbe55481983863b91989f7f9e702207af9ed03c1ce4f6eb9b24a840cf9e71f78cba191462144280a2866a9e564cdf705a0dcf7833ebd4d2f23d396cbe8ffa41ecb67a470e3bb3037a146b21a2af740178582259f87014c3647901b3c888b71cb87bcb145a83f4429394c059164566ac0c8821c5827f7c81d9a289c18b0808e9046145a3890f5273bab59211376b73224dc2cfc9a99c36c8266430e1877aa8fb26ccbdee4c77a0de31deb8729c07d000f3714455c7db1999b623eee354be50ae48db0bc57b0d663aeabe13198305efa3c242b6b1745acf3aaf07f57727548163f83393600bc81201c2792b82cc5cdaa5ba4ae7ecdb2db7defa75da39bfbcdc1c139ac6f945758e6f536796ee758ebc486b289244942a2db4721deede70ef5b975e2ef6f72e7530e2a48d4cbb74ce7a376939ddd77cdc6aab076c17bba11ad81fb16f55aec0a603d71da0c53bb4b10c369308e8d397bd797b54a9fbb2f8b96b982a5775124bd1a73d659d8ec88148e5c9ee4f6156071adb66ee79e19cc753724cc31b5883b7a8c0d2921aff7103de65c90b97e4acd5e18bb3f373b9cd32f6a03476d6324645fcc44adad16f2bf3935232b2d33e68f16882e264d01064d9d74bdd36d1a43a6157875309e"], 0x2000, 0x0)

1.011834951s ago: executing program 1 (id=2742):
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00'})
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, &(0x7f0000000180), 0x4)
r1 = syz_clone(0xa0000280, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r2, &(0x7f0000000340)={0xa, 0x4e20, 0x10000003, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}, 0x1c)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, &(0x7f0000000000), &(0x7f0000000100)=0x30)
sched_setaffinity(0x0, 0x0, 0x0)
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0)
r4 = getpid()
syz_pidfd_open(r4, 0x0)
socket$inet6(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340), &(0x7f0000000280))

546.800494ms ago: executing program 5 (id=2743):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x40282, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5839, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x700})

479.788935ms ago: executing program 5 (id=2744):
ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f00000001c0)={0x4, 0x4b5a019c9865f650, 0x4, 0x0, 0x1})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000080)={0x10004, 0x0, &(0x7f0000001000/0x4000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x8000000000000000, 0x100000000, 0x0, 0x20, 0x0, 0x0, 0x2004c9, 0x7000, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x4000000000000004, 0x2], 0xffff1000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0xfffffcc5, 0x6, 0x4c, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffd}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r7 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1, 0x4e20, 0x0, 0x4e22, 0x0, 0xa}, {0x9, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x24}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@empty, 0x800, 0x33}, 0xa, @in=@private=0xa010102, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8)
sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

164.403279ms ago: executing program 3 (id=2745):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendfile64(r0, r0, &(0x7f0000000000)=0xfffffffffffff000, 0x80000000)
mkdir(0x0, 0x99)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x8001)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)

163.427214ms ago: executing program 3 (id=2746):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$evdev(&(0x7f0000000180), 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0300000004000000040000000200020000000000", @ANYRES32, @ANYBLOB="0000006b660a001200"/23, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x50)
mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0)
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[@ANYRES32], 0xb5)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@delchain={0x934, 0x65, 0x100, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff0, 0xfff3}, {0x1, 0xffff}, {0xb, 0x3}}, [@filter_kind_options=@f_route={{0xa}, {0x8fc, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x4d4, 0x6, [@m_nat={0x140, 0x20, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x2, 0x7, 0x10, 0xa9}, @local, @multicast1, 0xffffff00, 0x1}}]}, {0xf0, 0x6, "5e8b3dbeb39621633ae6252a92dca352e5d64f48044edb3ebfaf07850444d02c482dc8bb8e0fbd5928abc8908c1a78402be0d4834ecedc7da7a1152df4177768b880ee63802dfc040c1d6da3a3cf77b84bf14a4db3271be89e35e008d39783345a63131dffe3e50595b79d02125297f8537e1d167c8445d3476f029dd8a8d1331765bc392289c05e485d3e461b1db353909c10c74598dfe74be194364dd4dd75af857538854809268de7a3ef621a357cb0c893c242a4f06a239764b33710e0956573ba92002778dfe78d69dee91fb280585c525774ba1733c4791fd688e4365328bbd365cf47114ffbaefcb6"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_xt={0x2b0, 0x20, 0x0, 0x0, {{0x7}, {0x1a4, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_TARG={0x32, 0x6, {0x1, 'nat\x00', 0xf9, 0x81, "3fbb439520f8e3a0"}}, @TCA_IPT_TARG={0xe3, 0x6, {0x8713, 'nat\x00', 0x4, 0x8000, "e74023dc6759f80008f4c2f650ca548b6a52a7ac12f64f4456e423999c3de9248348aa0fed62ddc1d8a7bf595a1f3a73a1354a6b565855cebea81818435ec6682fe44f8c917613ad89c2f40a9600661f11ca74a1a666ab2be854526f7fd05f1fb9975e7855aa6d0f9873c32ff6f7958621f354293dfa115785edfb679cb082f05c1601fec28502dfb7eb5a9c6e71ed15de8da2be8a8f551e0b5a33ecade31e00305b5c8f12c4d231aaadac55bf173a87c0d6833d71294f40a3"}}, @TCA_IPT_TARG={0x3d, 0x6, {0x8, 'raw\x00', 0xb, 0x0, "e80586a37e8c8b8f7c497a8b01c4021eae3bdb"}}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}]}, {0xe8, 0x6, "6ad5cb79fcb8feeff9cf5826ff06b69012212cca2e2da46ad374779b11b34ca109304471b7a618a8088df906c67d12825425e1b7696b1ffb0ce6703e11dd68c9f8069778eb6a0a7fd7069bd6d1c2d8ba6205b578675b64733b624ce790fbaab8b37c9776a77914488d91958c8ecb5bca322ec95787acfc63c9eb66a4067724dd3dcf14e2bd29f1dd11364b6b012a0ffb435b15dee99b436f95cc08191bf0411e00235c9adeaad1e474ee392e79e420728b1613eac8b01c3cc2fabc4e212994e693f39e00807de76a955ee5bc36557cad4153d7aab65110ddaa814b4bfc3021839aad145d"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_simple={0xe0, 0x1c, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x11, 0x3, '/dev/net/tun\x00'}, @TCA_DEF_DATA={0x11, 0x3, '/dev/net/tun\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0xfffffffc, 0x0, 0x3, 0x1, 0x6}}]}, {0x71, 0x6, "051214534997fdea1c24661a1d230d8d268f5b8bd8845eda3eb52fd5973a3396137fe3eb08af58fad0ad4d5cb591f9d658ffcfa07a1d3d4f87e656e257c61ddadbdc4ed6f05248ec8503e2f09ba726e7de01459bebca84d090a58a3b9db1308ec76c363f690217ade54b77e158"}, {0xc}, {0xc, 0x8, {0x2, 0xcb37921e838ab7fc}}}}]}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x7, 0x2}}, @TCA_ROUTE4_POLICE={0x414, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x65}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x401, 0x1000, 0x2, 0x6, 0x2, 0x0, 0x178, 0x5, 0xa, 0xffffff00, 0x7be, 0x7fff, 0x7, 0x81, 0x400, 0xc0000000, 0x4, 0x5, 0x5, 0x9, 0x3, 0x0, 0x8, 0x4018, 0x8b, 0x2, 0xfc7, 0x2, 0x9, 0x5, 0x5337, 0x5, 0x401, 0x42a, 0x80, 0x4, 0xd, 0x8, 0x695, 0x4, 0x2, 0x5, 0x7, 0x4, 0xff, 0x8000, 0x7, 0x6, 0xfffffff0, 0x8, 0x78, 0x9, 0x4, 0x8, 0x0, 0x8, 0x2, 0x3, 0xf1, 0x8, 0x2, 0xfff, 0x910, 0x44, 0x44c, 0xfffffff8, 0x1ff, 0x8, 0x1, 0x66, 0x7fff, 0x86, 0x40, 0x3, 0x7f, 0xc3, 0x7, 0x4c, 0x9, 0x2, 0x9, 0xffffcd15, 0x40000, 0x8, 0x6, 0x5, 0x4f27, 0x4, 0x7, 0x3, 0x4, 0x5, 0xa, 0x10000, 0x1, 0xfffffffc, 0x7f, 0x0, 0x29e3, 0x8, 0x7, 0x8, 0x0, 0x493, 0x5, 0x1, 0x6, 0x6, 0x4, 0xff, 0x6, 0x400, 0x8, 0x2, 0x4, 0x1, 0x4, 0x3b, 0xa0000, 0xc4, 0x775, 0x6, 0x7, 0x53bd, 0x8000, 0x8, 0x7, 0x5, 0x6, 0x0, 0xd75, 0x0, 0x48, 0x8000, 0xfffffffe, 0x2, 0x1, 0x1, 0x6, 0x1, 0x6, 0x1, 0xffff, 0xe52, 0x3bf, 0xffff, 0x3, 0x3, 0x80000001, 0x6, 0x1, 0x4, 0x8, 0x2, 0x3, 0x5, 0xd, 0x2, 0xb1a3, 0x8, 0x7, 0xfffffff7, 0x5, 0x200, 0x10000, 0x6, 0x1000, 0x2, 0x10000, 0x26ce, 0x7, 0x7ff, 0x8, 0x7, 0x5, 0x2, 0x6, 0x8, 0x42e7cdf0, 0x101, 0xfb4, 0x5, 0x4, 0x1, 0x2400000, 0x3, 0x10000, 0x8cb, 0x1600000, 0xe, 0x2, 0xfea, 0x2, 0x4, 0xfffffffe, 0x5, 0x80000000, 0x9, 0x9, 0xe6, 0x4, 0x0, 0x0, 0x142, 0x3, 0x1, 0x8, 0x3, 0x4, 0x7f, 0xa, 0x1, 0x1, 0x15d29e54, 0x9, 0x7, 0x1, 0x1600, 0x5, 0xe, 0x1, 0x0, 0x80000000, 0x6, 0x1, 0x946a, 0x5000, 0x5, 0x100, 0x4, 0x2, 0x4, 0x3, 0x100, 0xfffffffd, 0x800, 0x5e, 0xfffff1e9, 0x7ff, 0x8000, 0x3, 0xfffffff7, 0x8, 0x0, 0xe, 0x0, 0xeb, 0x1, 0x8, 0x1000, 0xba0b, 0xd3, 0x55d, 0x10, 0x7, 0x2]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0xfffff6a5}]}, 0x934}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000240)='system.posix_acl_default\x00', 0x0, 0x2c, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000140)={'rose0\x00', 0x46b})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r6, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000f0ff00000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc0f8565c, &(0x7f0000000440)={0x8000, 0x0, 0x3, {0x0, @sdr={0x20493859, 0xcf}}, 0xe})
syz_open_dev$video4linux(0x0, 0x2ea, 0x2382)

0s ago: executing program 1 (id=2747):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bind$rose(r3, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0)
socket(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r5)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r5, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x2, 0x34005}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r6}, 0x18)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)

kernel console output (not intermixed with test programs):

 syz_tun: left allmulticast mode
[  363.551339][T13341] netlink: 'syz.1.1972': attribute type 10 has an invalid length.
[  363.554387][T13341] hsr0: left allmulticast mode
[  363.556083][T13341] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  364.014212][    C3] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  364.094364][ T5952] Bluetooth: hci1: command tx timeout
[  365.054222][    C3] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  365.734800][   T10] usb 6-1: USB disconnect, device number 23
[  366.094406][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  366.174313][ T5952] Bluetooth: hci1: command tx timeout
[  367.134223][    C3] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  367.163021][T13408] fuse: Unknown parameter '00000000000000000000'
[  367.441933][T13418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1993'.
[  368.174229][    C3] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  368.576748][T13270] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  368.581749][T13270] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  368.586547][T13270] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  368.590250][T13270] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  368.595136][T13270] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  368.640359][T13451] xt_CT: You must specify a L4 protocol and not use inversions on it
[  368.655493][T13452] lo speed is unknown, defaulting to 1000
[  368.657981][T13452] lo speed is unknown, defaulting to 1000
[  368.857227][ T7296] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.943306][    C2] hpet: Lost 1 RTC interrupts
[  368.946997][ T7296] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.972512][T13452] chnl_net:caif_netlink_parms(): no params data found
[  369.036341][ T7296] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.120429][ T7296] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.128772][T13452] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.131604][T13452] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.134035][T13452] bridge_slave_0: entered allmulticast mode
[  369.137058][T13452] bridge_slave_0: entered promiscuous mode
[  369.141808][T13452] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.144375][T13452] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.147755][T13452] bridge_slave_1: entered allmulticast mode
[  369.150717][T13452] bridge_slave_1: entered promiscuous mode
[  369.196466][T13452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.206751][T13452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.258114][T13452] team0: Port device team_slave_0 added
[  369.273677][T13452] team0: Port device team_slave_1 added
[  369.377112][T13452] batman_adv: batadv0: Adding interface: batadv_slave_0
[  369.380056][T13452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  369.392223][T13452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  369.412241][T13452] batman_adv: batadv0: Adding interface: batadv_slave_1
[  369.416249][T13452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  369.424425][T13452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.473032][ T7296] batman_adv: batadv0: Interface deactivated: ip6gretap2
[  369.535748][ T7296] batman_adv: batadv0: Removing interface: ip6gretap2
[  369.752497][ T7296] team0: Port device gtp0 removed
[  369.804642][T13484] Cannot find del_set index 3 as target
[  369.979836][ T7296]  (unregistering): Released all slaves
[  369.990244][T13452] hsr_slave_0: entered promiscuous mode
[  369.992851][T13452] hsr_slave_1: entered promiscuous mode
[  369.994272][  T837] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  369.995350][T13452] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  369.999596][T13452] Cannot create hsr debugfs directory
[  370.055554][ T7296] tipc: Disabling bearer <udp:syz2>
[  370.057487][ T7296] tipc: Disabling bearer <udp:s>
[  370.059471][ T7296] tipc: Left network mode
[  370.145604][  T837] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  370.149168][  T837] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  370.152285][  T837] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 72
[  370.175305][  T837] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  370.181313][  T837] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.184418][  T837] usb 9-1: Product: syz
[  370.186252][  T837] usb 9-1: Manufacturer: syz
[  370.187835][  T837] usb 9-1: SerialNumber: syz
[  370.195055][T13483] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  370.217311][T13452] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  370.223657][T13452] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  370.232225][T13452] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  370.236177][T13452] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  370.406448][  T837] usblp 9-1:1.0: usblp1: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  370.655520][T13270] Bluetooth: hci4: command tx timeout
[  371.128041][ T7060] usb 9-1: USB disconnect, device number 6
[  371.133611][ T7060] usblp1: removed
[  371.799694][T13452] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.814695][T13452] 8021q: adding VLAN 0 to HW filter on device team0
[  371.820064][ T7298] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.822357][ T7298] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.831846][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.834617][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  372.030535][T13452] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.122943][ T7296] IPVS: stop unused estimator thread 0...
[  372.289827][T13452] veth0_vlan: entered promiscuous mode
[  372.316389][T13452] veth1_vlan: entered promiscuous mode
[  372.347610][T13452] veth0_macvtap: entered promiscuous mode
[  372.357285][T13452] veth1_macvtap: entered promiscuous mode
[  372.368795][T13452] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.374488][T13452] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.380486][T13452] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.383248][T13452] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.386213][T13452] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.389463][T13452] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.435766][ T7295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.438230][ T7295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.454324][ T7290] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.456854][ T7290] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.735080][T13270] Bluetooth: hci4: command tx timeout
[  373.094537][T13588] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  373.098677][T13588] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  373.912561][T13628] FAULT_INJECTION: forcing a failure.
[  373.912561][T13628] name failslab, interval 1, probability 0, space 0, times 0
[  373.917462][T13628] CPU: 0 UID: 0 PID: 13628 Comm: syz.4.2026 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  373.917477][T13628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  373.917484][T13628] Call Trace:
[  373.917488][T13628]  <TASK>
[  373.917492][T13628]  dump_stack_lvl+0x16c/0x1f0
[  373.917512][T13628]  should_fail_ex+0x512/0x640
[  373.917531][T13628]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  373.917549][T13628]  should_failslab+0xc2/0x120
[  373.917560][T13628]  __kmalloc_cache_noprof+0x6a/0x3e0
[  373.917574][T13628]  ? ww_mutex_lock_interruptible+0x37/0x160
[  373.917591][T13628]  ? drm_gem_duplicate_shadow_plane_state+0x7a/0x110
[  373.917611][T13628]  ? modeset_lock+0x114/0x6e0
[  373.917629][T13628]  drm_gem_duplicate_shadow_plane_state+0x7a/0x110
[  373.917648][T13628]  drm_atomic_get_plane_state+0x20b/0x590
[  373.917663][T13628]  drm_atomic_set_property+0xa29/0x34e0
[  373.917679][T13628]  ? __pfx_drm_atomic_set_property+0x10/0x10
[  373.917693][T13628]  ? __might_fault+0xe3/0x190
[  373.917709][T13628]  ? __might_fault+0xe3/0x190
[  373.917723][T13628]  ? __might_fault+0x13b/0x190
[  373.917745][T13628]  drm_mode_atomic_ioctl+0x66f/0x25f0
[  373.917768][T13628]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  373.917782][T13628]  ? __lock_acquire+0xb8a/0x1c90
[  373.917806][T13628]  ? drm_is_current_master+0x2c/0x40
[  373.917826][T13628]  ? do_raw_spin_unlock+0x172/0x230
[  373.917852][T13628]  drm_ioctl_kernel+0x1f4/0x3e0
[  373.917867][T13628]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  373.917890][T13628]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  373.917916][T13628]  drm_ioctl+0x5c9/0xc30
[  373.917937][T13628]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  373.917955][T13628]  ? __pfx_drm_ioctl+0x10/0x10
[  373.917976][T13628]  drm_compat_ioctl+0x327/0x460
[  373.917990][T13628]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  373.918004][T13628]  __ia32_compat_sys_ioctl+0x242/0x370
[  373.918020][T13628]  __do_fast_syscall_32+0x7c/0x3a0
[  373.918038][T13628]  do_fast_syscall_32+0x32/0x80
[  373.918053][T13628]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  373.918067][T13628] RIP: 0023:0xf7fd1579
[  373.918076][T13628] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  373.918086][T13628] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  373.918097][T13628] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 00000000c03864bc
[  373.918103][T13628] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  373.918109][T13628] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  373.918115][T13628] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  373.918121][T13628] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  373.918134][T13628]  </TASK>
[  374.814646][ T5952] Bluetooth: hci4: command tx timeout
[  374.992603][   T34] kernel read not supported for file /dsp (pid: 34 comm: kworker/3:0)
[  375.056206][T13653] syz.1.2032: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  375.062001][T13653] CPU: 2 UID: 0 PID: 13653 Comm: syz.1.2032 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  375.062018][T13653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  375.062025][T13653] Call Trace:
[  375.062030][T13653]  <TASK>
[  375.062036][T13653]  dump_stack_lvl+0x16c/0x1f0
[  375.062056][T13653]  warn_alloc+0x248/0x3a0
[  375.062076][T13653]  ? __pfx_warn_alloc+0x10/0x10
[  375.062093][T13653]  ? __pfx_stack_trace_save+0x10/0x10
[  375.062106][T13653]  ? stack_depot_save_flags+0x28/0xa40
[  375.062128][T13653]  ? kasan_save_stack+0x42/0x60
[  375.062144][T13653]  ? kasan_save_stack+0x33/0x60
[  375.062160][T13653]  ? kasan_save_track+0x14/0x30
[  375.062175][T13653]  ? xskq_create+0x52/0x1d0
[  375.062188][T13653]  ? xsk_setsockopt+0x640/0x840
[  375.062199][T13653]  ? do_sock_setsockopt+0x221/0x470
[  375.062210][T13653]  ? xskq_create+0xfb/0x1d0
[  375.062224][T13653]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  375.062245][T13653]  ? xskq_create+0xfb/0x1d0
[  375.062262][T13653]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  375.062282][T13653]  ? xskq_create+0xfb/0x1d0
[  375.062294][T13653]  vmalloc_user_noprof+0x9e/0xe0
[  375.062309][T13653]  ? xskq_create+0xfb/0x1d0
[  375.062322][T13653]  xskq_create+0xfb/0x1d0
[  375.062336][T13653]  xsk_setsockopt+0x640/0x840
[  375.062349][T13653]  ? __pfx_xsk_setsockopt+0x10/0x10
[  375.062361][T13653]  ? __pfx_aa_sk_perm+0x10/0x10
[  375.062376][T13653]  ? errseq_sample+0x53/0x70
[  375.062389][T13653]  ? __pfx_xsk_setsockopt+0x10/0x10
[  375.062401][T13653]  do_sock_setsockopt+0x221/0x470
[  375.062412][T13653]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  375.062431][T13653]  __sys_setsockopt+0x120/0x1a0
[  375.062448][T13653]  __ia32_sys_setsockopt+0xbc/0x160
[  375.062463][T13653]  ? lockdep_hardirqs_on+0x7c/0x110
[  375.062478][T13653]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  375.062501][T13653]  __do_fast_syscall_32+0x7c/0x3a0
[  375.062520][T13653]  do_fast_syscall_32+0x32/0x80
[  375.062537][T13653]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  375.062552][T13653] RIP: 0023:0xf706e579
[  375.062562][T13653] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  375.062573][T13653] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  375.062583][T13653] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[  375.062590][T13653] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  375.062596][T13653] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  375.062602][T13653] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  375.062608][T13653] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.062622][T13653]  </TASK>
[  375.062625][T13653] Mem-Info:
[  375.163635][T13653] active_anon:16720 inactive_anon:92 isolated_anon:0
[  375.163635][T13653]  active_file:16545 inactive_file:16968 isolated_file:0
[  375.163635][T13653]  unevictable:1768 dirty:206 writeback:0
[  375.163635][T13653]  slab_reclaimable:6802 slab_unreclaimable:62750
[  375.163635][T13653]  mapped:28626 shmem:12554 pagetables:1703
[  375.163635][T13653]  sec_pagetables:319 bounce:0
[  375.163635][T13653]  kernel_misc_reclaimable:0
[  375.163635][T13653]  free:41600 free_pcp:11535 free_cma:0
[  375.181779][T13653] Node 0 active_anon:4900kB inactive_anon:104kB active_file:0kB inactive_file:64kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:4kB writeback:0kB shmem:8356kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8080kB pagetables:1960kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  375.195496][T13653] Node 1 active_anon:62180kB inactive_anon:264kB active_file:66180kB inactive_file:67808kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:114488kB dirty:920kB writeback:0kB shmem:41860kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6320kB pagetables:4852kB sec_pagetables:124kB all_unreclaimable? no Balloon:0kB
[  375.206973][T13653] Node 0 DMA free:2096kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:564kB local_pcp:32kB free_cma:0kB
[  375.216509][T13653] lowmem_reserve[]: 0 289 289 289 289
[  375.218253][T13653] Node 0 DMA32 free:17444kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB free_highatomic:1028KB active_anon:4900kB inactive_anon:104kB active_file:0kB inactive_file:64kB unevictable:3536kB writepending:4kB present:1032196kB managed:296728kB mlocked:0kB bounce:0kB free_pcp:14124kB local_pcp:2984kB free_cma:0kB
[  375.228997][T13653] lowmem_reserve[]: 0 0 0 0 0
[  375.230778][T13653] Node 1 DMA32 free:146828kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:232KB active_anon:62044kB inactive_anon:264kB active_file:66180kB inactive_file:67808kB unevictable:3536kB writepending:924kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:31140kB local_pcp:6336kB free_cma:0kB
[  375.241676][T13653] lowmem_reserve[]: 0 0 0 0 0
[  375.243276][T13653] Node 0 DMA: 18*4kB (UM) 31*8kB (UM) 11*16kB (UM) 8*32kB (UM) 3*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2096kB
[  375.248970][T13653] Node 0 DMA32: 283*4kB (UMH) 109*8kB (UMEH) 95*16kB (UMEH) 57*32kB (UMEH) 13*64kB (UMH) 18*128kB (UMEH) 3*256kB (ME) 6*512kB (UM) 1*1024kB (M) 2*2048kB (UM) 0*4096kB = 17444kB
[  375.254606][T13653] Node 1 DMA32: 354*4kB (UME) 306*8kB (UMEH) 472*16kB (UMEH) 204*32kB (UMEH) 49*64kB (UMEH) 42*128kB (UME) 70*256kB (UME) 40*512kB (UME) 24*1024kB (UM) 14*2048kB (UM) 7*4096kB (UM) = 146776kB
[  375.261317][T13653] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  375.264686][T13653] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  375.267651][T13653] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  375.270588][T13653] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  375.273901][T13653] 44842 total pagecache pages
[  375.276141][T13653] 278 pages in swap cache
[  375.277556][T13653] Free swap  = 120516kB
[  375.278863][T13653] Total swap = 124996kB
[  375.280177][T13653] 524155 pages RAM
[  375.281352][T13653] 0 pages HighMem/MovableOnly
[  375.282883][T13653] 209066 pages reserved
[  375.284271][T13653] 0 pages cma reserved
[  376.904406][ T5952] Bluetooth: hci4: command tx timeout
[  377.393769][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2044'.
[  378.016441][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  378.080817][T13714] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2047'.
[  378.841186][T13725] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  378.845047][T13725] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  380.380229][T13755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2055'.
[  380.839600][T13765] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  380.843158][T13765] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  383.962289][T13810] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2067'.
[  383.966054][T13810] bridge_slave_1: left allmulticast mode
[  383.968620][T13810] bridge_slave_1: left promiscuous mode
[  383.973521][T13810] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.988310][T13810] bridge_slave_0: left allmulticast mode
[  383.990229][T13810] bridge_slave_0: left promiscuous mode
[  383.992304][T13810] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.997112][T13814] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2068'.
[  385.172813][T13833] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  385.177696][T13833] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  390.905067][ T7060] libceph: connect (1)[c::]:6789 error -101
[  390.907046][ T7060] libceph: mon0 (1)[c::]:6789 connect error
[  391.164664][ T7060] libceph: connect (1)[c::]:6789 error -101
[  391.167530][ T7060] libceph: mon0 (1)[c::]:6789 connect error
[  391.187474][T13983] ceph: No mds server is up or the cluster is laggy
[  391.768463][   T40] audit: type=1326 audit(1749147434.175:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.782734][   T40] audit: type=1326 audit(1749147434.175:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.792057][   T40] audit: type=1326 audit(1749147434.185:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.801210][   T40] audit: type=1326 audit(1749147434.185:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.809192][   T40] audit: type=1326 audit(1749147434.185:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.816140][   T40] audit: type=1326 audit(1749147434.185:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.828214][   T40] audit: type=1326 audit(1749147434.185:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.837202][   T40] audit: type=1326 audit(1749147434.185:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.844347][   T40] audit: type=1326 audit(1749147434.185:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707e579 code=0x7ffc0000
[  391.853190][   T40] audit: type=1326 audit(1749147434.185:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13995 comm="syz.3.2096" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[  392.395801][T14015] overlayfs: failed to clone upperpath
[  392.501627][T14022] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2105'.
[  394.313789][T14059] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2115'.
[  395.774515][T14077] pim6reg: entered allmulticast mode
[  395.780211][T14077] pim6reg: left allmulticast mode
[  396.753026][T14095] fuse: Bad value for 'fd'
[  397.152673][ T3232] IPVS: starting estimator thread 0...
[  397.159665][T14106] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  397.254237][T14113] IPVS: using max 44 ests per chain, 105600 per kthread
[  397.874991][T14126] IPv6: addrconf: prefix option has invalid lifetime
[  397.939182][T14130] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2135'.
[  398.108952][T14142] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2138'.
[  398.113267][T14142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2138'.
[  398.282621][T14142] team0 (unregistering): Port device team_slave_1 removed
[  398.588703][T14161] pim6reg: entered allmulticast mode
[  398.592895][T14161] pim6reg: left allmulticast mode
[  399.940413][T14203] x_tables: duplicate underflow at hook 2
[  399.967920][   T24] libceph: connect (1)[c::]:6789 error -101
[  399.970321][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  400.225255][   T24] libceph: connect (1)[c::]:6789 error -101
[  400.228969][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  400.239495][T14214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2156'.
[  400.719954][T14202] ceph: No mds server is up or the cluster is laggy
[  400.735251][   T24] libceph: connect (1)[c::]:6789 error -101
[  400.737268][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  401.687756][T14238] SET target dimension over the limit!
[  401.906193][T13270] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  401.912162][T13270] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  401.916286][T13270] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  401.921294][T13270] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  401.925572][T13270] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  401.958048][T14244] lo speed is unknown, defaulting to 1000
[  402.054725][T14244] chnl_net:caif_netlink_parms(): no params data found
[  402.245828][T14244] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.248365][T14244] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.250829][T14244] bridge_slave_0: entered allmulticast mode
[  402.253723][T14244] bridge_slave_0: entered promiscuous mode
[  402.261951][T14244] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.264477][T14244] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.266738][T14244] bridge_slave_1: entered allmulticast mode
[  402.269951][T14244] bridge_slave_1: entered promiscuous mode
[  402.388215][T14244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  402.395005][T14244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  402.595981][T14244] team0: Port device team_slave_0 added
[  402.601743][T14244] team0: Port device team_slave_1 added
[  402.668069][T14244] batman_adv: batadv0: Adding interface: batadv_slave_0
[  402.670319][T14244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  402.679330][T14244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  402.696405][T14244] batman_adv: batadv0: Adding interface: batadv_slave_1
[  402.698621][T14244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  402.709842][T14244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  402.981146][T14244] hsr_slave_0: entered promiscuous mode
[  402.983896][T14244] hsr_slave_1: entered promiscuous mode
[  402.991681][T14244] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  402.994301][T14244] Cannot create hsr debugfs directory
[  403.001613][ T5952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  403.006008][ T5952] CPU: 3 UID: 0 PID: 5952 Comm: kworker/u33:2 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  403.006025][ T5952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.006033][ T5952] Workqueue: hci4 hci_rx_work
[  403.006061][ T5952] Call Trace:
[  403.006066][ T5952]  <TASK>
[  403.006071][ T5952]  dump_stack_lvl+0x16c/0x1f0
[  403.006090][ T5952]  sysfs_warn_dup+0x7f/0xa0
[  403.006107][ T5952]  sysfs_create_dir_ns+0x24b/0x2b0
[  403.006123][ T5952]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  403.006138][ T5952]  ? find_held_lock+0x2b/0x80
[  403.006152][ T5952]  ? do_raw_spin_unlock+0x172/0x230
[  403.006170][ T5952]  kobject_add_internal+0x2c4/0x9b0
[  403.006190][ T5952]  kobject_add+0x16e/0x240
[  403.006208][ T5952]  ? __pfx_kobject_add+0x10/0x10
[  403.006226][ T5952]  ? do_raw_spin_unlock+0x172/0x230
[  403.006243][ T5952]  ? kobject_put+0xab/0x5a0
[  403.006263][ T5952]  device_add+0x288/0x1a70
[  403.006276][ T5952]  ? __pfx_dev_set_name+0x10/0x10
[  403.006290][ T5952]  ? __pfx_device_add+0x10/0x10
[  403.006303][ T5952]  ? mgmt_send_event_skb+0x2fb/0x460
[  403.006323][ T5952]  hci_conn_add_sysfs+0x17e/0x230
[  403.006341][ T5952]  le_conn_complete_evt+0x1075/0x1d70
[  403.006360][ T5952]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  403.006375][ T5952]  ? hci_event_packet+0x459/0x11c0
[  403.006395][ T5952]  hci_le_conn_complete_evt+0x23c/0x370
[  403.006413][ T5952]  hci_le_meta_evt+0x357/0x5e0
[  403.006430][ T5952]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  403.006447][ T5952]  hci_event_packet+0x682/0x11c0
[  403.006462][ T5952]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  403.006480][ T5952]  ? __pfx_hci_event_packet+0x10/0x10
[  403.006496][ T5952]  ? kcov_remote_start+0x3c9/0x6d0
[  403.006512][ T5952]  ? lockdep_hardirqs_on+0x7c/0x110
[  403.006530][ T5952]  hci_rx_work+0x2c5/0x16b0
[  403.006547][ T5952]  ? rcu_is_watching+0x12/0xc0
[  403.006561][ T5952]  process_one_work+0x9cf/0x1b70
[  403.006584][ T5952]  ? __pfx_process_one_work+0x10/0x10
[  403.006605][ T5952]  ? assign_work+0x1a0/0x250
[  403.006621][ T5952]  worker_thread+0x6c8/0xf10
[  403.006644][ T5952]  ? __pfx_worker_thread+0x10/0x10
[  403.006661][ T5952]  kthread+0x3c2/0x780
[  403.006676][ T5952]  ? __pfx_kthread+0x10/0x10
[  403.006693][ T5952]  ? rcu_is_watching+0x12/0xc0
[  403.006703][ T5952]  ? __pfx_kthread+0x10/0x10
[  403.006719][ T5952]  ret_from_fork+0x5d7/0x6f0
[  403.006733][ T5952]  ? __pfx_kthread+0x10/0x10
[  403.006776][ T5952]  ret_from_fork_asm+0x1a/0x30
[  403.006829][ T5952]  </TASK>
[  403.010647][ T5952] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  403.093458][ T5952] Bluetooth: hci4: failed to register connection device
[  403.349336][T14244] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.449581][T14244] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.544671][T14244] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.620490][T14244] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.753293][T14244] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  403.762233][T14244] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  403.776679][  T837] usb 8-1: USB disconnect, device number 12
[  403.781339][T14244] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  403.788792][T14244] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  403.809464][T14285] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  403.813019][T14285] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  403.848147][T14244] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.861640][T14244] 8021q: adding VLAN 0 to HW filter on device team0
[  403.868253][ T7295] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.870509][ T7295] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.878111][ T7296] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.880712][ T7296] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.934469][T13270] Bluetooth: hci0: command tx timeout
[  403.995294][T14244] 8021q: adding VLAN 0 to HW filter on device batadv0
[  404.017623][T14244] veth0_vlan: entered promiscuous mode
[  404.024116][T14244] veth1_vlan: entered promiscuous mode
[  404.041388][T14244] veth0_macvtap: entered promiscuous mode
[  404.045377][T14244] veth1_macvtap: entered promiscuous mode
[  404.055725][T14244] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.062233][T14244] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.067161][T14244] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.069943][T14244] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.072760][T14244] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.075584][T14244] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.113467][ T7291] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.117524][ T7291] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.132593][ T7296] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  404.135722][ T7296] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  404.669530][T14300] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  404.672950][T14300] CIFS mount error: No usable UNC path provided in device string!
[  404.672950][T14300] 
[  404.676401][T14300] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  404.680103][T14297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'.
[  404.682893][T14297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2173'.
[  404.789907][T14308] siw: device registration error -23
[  405.813117][T14322] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  406.014295][T13270] Bluetooth: hci0: command tx timeout
[  406.018096][T14328] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  406.022104][T14328] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  407.098535][T14342] fuseblk: Bad value for 'fd'
[  408.208523][T14369] syz.4.2190: attempt to access beyond end of device
[  408.208523][T14369] sr0: rw=0, sector=64, nr_sectors = 4 limit=0
[  408.226600][T13270] Bluetooth: hci0: command tx timeout
[  408.378337][T14369] syz.4.2190: attempt to access beyond end of device
[  408.378337][T14369] sr0: rw=0, sector=1024, nr_sectors = 4 limit=0
[  408.382777][T14369] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  408.386270][T14369] syz.4.2190: attempt to access beyond end of device
[  408.386270][T14369] sr0: rw=0, sector=2048, nr_sectors = 4 limit=0
[  408.390381][T14369] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  408.393359][T14369] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  408.396012][T14369] UDF-fs: Scanning with blocksize 2048 failed
[  408.402016][T14369] syz.4.2190: attempt to access beyond end of device
[  408.402016][T14369] sr0: rw=0, sector=64, nr_sectors = 8 limit=0
[  408.432373][T14371] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  408.475451][T14369] syz.4.2190: attempt to access beyond end of device
[  408.475451][T14369] sr0: rw=0, sector=2048, nr_sectors = 8 limit=0
[  408.479748][T14369] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  408.483533][T14369] syz.4.2190: attempt to access beyond end of device
[  408.483533][T14369] sr0: rw=0, sector=4096, nr_sectors = 8 limit=0
[  408.488670][T14369] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  408.492398][T14369] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  408.495938][T14369] UDF-fs: Scanning with blocksize 4096 failed
[  408.498331][T14369] UDF-fs: warning (device sr0): udf_fill_super: No partition found (1)
[  408.820805][T14379] xt_hashlimit: size too large, truncated to 1048576
[  408.851176][T14379] x_tables: ip_tables: icmp match: only valid for protocol 1
[  408.908440][T14380] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2195'.
[  410.254365][T13270] Bluetooth: hci0: command tx timeout
[  411.360129][T14440] FAULT_INJECTION: forcing a failure.
[  411.360129][T14440] name failslab, interval 1, probability 0, space 0, times 0
[  411.365317][T14440] CPU: 3 UID: 0 PID: 14440 Comm: syz.3.2212 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  411.365339][T14440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  411.365351][T14440] Call Trace:
[  411.365358][T14440]  <TASK>
[  411.365365][T14440]  dump_stack_lvl+0x16c/0x1f0
[  411.365394][T14440]  should_fail_ex+0x512/0x640
[  411.365419][T14440]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  411.365449][T14440]  should_failslab+0xc2/0x120
[  411.365467][T14440]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  411.365493][T14440]  ? __alloc_skb+0x2b2/0x380
[  411.365521][T14440]  __alloc_skb+0x2b2/0x380
[  411.365543][T14440]  ? __pfx___alloc_skb+0x10/0x10
[  411.365568][T14440]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  411.365601][T14440]  netlink_alloc_large_skb+0x69/0x130
[  411.365620][T14440]  netlink_sendmsg+0x6a1/0xdd0
[  411.365641][T14440]  ? __pfx_netlink_sendmsg+0x10/0x10
[  411.365659][T14440]  ? __import_iovec+0x1dd/0x650
[  411.365683][T14440]  ____sys_sendmsg+0xa95/0xc70
[  411.365704][T14440]  ? __pfx_____sys_sendmsg+0x10/0x10
[  411.365719][T14440]  ? get_compat_msghdr+0x11a/0x170
[  411.365754][T14440]  ___sys_sendmsg+0x134/0x1d0
[  411.365779][T14440]  ? __pfx____sys_sendmsg+0x10/0x10
[  411.365813][T14440]  ? find_held_lock+0x2b/0x80
[  411.365846][T14440]  __sys_sendmsg+0x16d/0x220
[  411.365871][T14440]  ? __pfx___sys_sendmsg+0x10/0x10
[  411.365905][T14440]  ? rcu_is_watching+0x12/0xc0
[  411.365926][T14440]  __do_fast_syscall_32+0x7c/0x3a0
[  411.365954][T14440]  do_fast_syscall_32+0x32/0x80
[  411.365978][T14440]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  411.365999][T14440] RIP: 0023:0xf7fb3579
[  411.366019][T14440] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  411.366035][T14440] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  411.366051][T14440] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  411.366062][T14440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  411.366072][T14440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  411.366082][T14440] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  411.366092][T14440] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  411.366114][T14440]  </TASK>
[  411.589163][T14455] input: syz0 as /devices/virtual/input/input15
[  412.312578][T14468] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2220'.
[  412.317646][T14468] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2220'.
[  412.321002][T14468] netlink: 'syz.1.2220': attribute type 5 has an invalid length.
[  412.323446][T14468] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2220'.
[  412.369056][T13270] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  413.078190][T14487] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2225'.
[  414.903781][ T5952] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  415.471738][T14546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2240'.
[  415.845950][T14554] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2242'.
[  415.977118][T14556] siw: device registration error -23
[  416.946540][ T5952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  416.951065][ T5952] CPU: 0 UID: 0 PID: 5952 Comm: kworker/u33:2 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  416.951091][ T5952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.951105][ T5952] Workqueue: hci1 hci_rx_work
[  416.951166][ T5952] Call Trace:
[  416.951174][ T5952]  <TASK>
[  416.951181][ T5952]  dump_stack_lvl+0x16c/0x1f0
[  416.951211][ T5952]  sysfs_warn_dup+0x7f/0xa0
[  416.951238][ T5952]  sysfs_create_dir_ns+0x24b/0x2b0
[  416.951263][ T5952]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  416.951287][ T5952]  ? find_held_lock+0x2b/0x80
[  416.951311][ T5952]  ? do_raw_spin_unlock+0x172/0x230
[  416.951340][ T5952]  kobject_add_internal+0x2c4/0x9b0
[  416.951373][ T5952]  kobject_add+0x16e/0x240
[  416.951400][ T5952]  ? __pfx_kobject_add+0x10/0x10
[  416.951428][ T5952]  ? do_raw_spin_unlock+0x172/0x230
[  416.951454][ T5952]  ? kobject_put+0xab/0x5a0
[  416.951489][ T5952]  device_add+0x288/0x1a70
[  416.951519][ T5952]  ? __pfx_dev_set_name+0x10/0x10
[  416.951542][ T5952]  ? __pfx_device_add+0x10/0x10
[  416.951562][ T5952]  ? mgmt_send_event_skb+0x2fb/0x460
[  416.951594][ T5952]  hci_conn_add_sysfs+0x17e/0x230
[  416.951622][ T5952]  le_conn_complete_evt+0x1075/0x1d70
[  416.951655][ T5952]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  416.951679][ T5952]  ? hci_event_packet+0x459/0x11c0
[  416.951712][ T5952]  hci_le_conn_complete_evt+0x23c/0x370
[  416.951757][ T5952]  hci_le_meta_evt+0x357/0x5e0
[  416.951785][ T5952]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  416.951813][ T5952]  hci_event_packet+0x682/0x11c0
[  416.951838][ T5952]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  416.951865][ T5952]  ? __pfx_hci_event_packet+0x10/0x10
[  416.951892][ T5952]  ? kcov_remote_start+0x3c9/0x6d0
[  416.951918][ T5952]  ? lockdep_hardirqs_on+0x7c/0x110
[  416.951950][ T5952]  hci_rx_work+0x2c5/0x16b0
[  416.951978][ T5952]  ? rcu_is_watching+0x12/0xc0
[  416.952000][ T5952]  process_one_work+0x9cf/0x1b70
[  416.952040][ T5952]  ? __pfx_process_one_work+0x10/0x10
[  416.952076][ T5952]  ? assign_work+0x1a0/0x250
[  416.952104][ T5952]  worker_thread+0x6c8/0xf10
[  416.952143][ T5952]  ? __pfx_worker_thread+0x10/0x10
[  416.952176][ T5952]  kthread+0x3c2/0x780
[  416.952203][ T5952]  ? __pfx_kthread+0x10/0x10
[  416.952228][ T5952]  ? rcu_is_watching+0x12/0xc0
[  416.952264][ T5952]  ? __pfx_kthread+0x10/0x10
[  416.952294][ T5952]  ret_from_fork+0x5d7/0x6f0
[  416.952320][ T5952]  ? __pfx_kthread+0x10/0x10
[  416.952346][ T5952]  ret_from_fork_asm+0x1a/0x30
[  416.952378][ T5952]  </TASK>
[  416.953812][ T5952] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  417.060325][ T5952] Bluetooth: hci1: failed to register connection device
[  417.076480][T14587] tmpfs: Unknown parameter 'tqê:sJ 0pl•Së¦LÓn–·O>£Ç§'
[  418.303516][T14613] netlink: 'syz.4.2257': attribute type 2 has an invalid length.
[  418.307280][T14613] netlink: 'syz.4.2257': attribute type 11 has an invalid length.
[  418.310440][T14613] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2257'.
[  418.763817][   T40] kauditd_printk_skb: 40 callbacks suppressed
[  418.763828][   T40] audit: type=1804 audit(1749147461.345:1374): pid=14637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2261" name="/newroot/533/cgroup.controllers" dev="tmpfs" ino=2865 res=1 errno=0
[  418.783632][   T40] audit: type=1800 audit(1749147461.345:1375): pid=14637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2261" name="cgroup.controllers" dev="tmpfs" ino=2865 res=0 errno=0
[  419.315825][T14652] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  419.472768][T14653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2266'.
[  419.513073][T14653] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.515662][T14653] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.604896][T14653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  419.612864][T14653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  419.807598][T14653] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  419.810914][T14653] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  419.815028][T14653] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  419.819468][T14653] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  419.906739][T14664] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2268'.
[  420.719483][T14689] loop2: detected capacity change from 0 to 7
[  420.722440][T14689] Dev loop2: unable to read RDB block 7
[  420.726553][T14689]  loop2: unable to read partition table
[  420.728458][T14689] loop2: partition table beyond EOD, truncated
[  420.738536][T14689] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  422.155595][T14724] loop2: detected capacity change from 0 to 7
[  422.164772][T13347] Dev loop2: unable to read RDB block 7
[  422.166562][T13347]  loop2: unable to read partition table
[  422.168610][T13347] loop2: partition table beyond EOD, truncated
[  422.172382][T14724] Dev loop2: unable to read RDB block 7
[  422.174260][T14724]  loop2: unable to read partition table
[  422.176934][T14724] loop2: partition table beyond EOD, truncated
[  422.178963][T14724] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  425.656823][T14784] netlink: 'syz.4.2302': attribute type 21 has an invalid length.
[  425.660165][T14784] netlink: 'syz.4.2302': attribute type 1 has an invalid length.
[  425.670409][T14784] usb 2-1: USB disconnect, device number 2
[  425.826143][T14786] binder: 14783:14786 ioctl c0306201 80000640 returned -22
[  425.852862][T14789] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2299'.
[  425.855956][T14789] netlink: 'syz.5.2299': attribute type 5 has an invalid length.
[  425.858624][T14789] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2299'.
[  425.867639][T14789] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 256 - 0
[  425.871174][T14789] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 256 - 0
[  425.875376][T14789] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 256 - 0
[  425.878970][T14789] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 256 - 0
[  425.882762][T14789] geneve2: entered promiscuous mode
[  425.884971][T14789] geneve2: entered allmulticast mode
[  425.898710][T14793] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  425.902958][T14793] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  426.025978][T14800] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2306'.
[  426.029869][T14800] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2306'.
[  426.087478][T14803] binder: 14802:14803 ioctl c0306201 80000540 returned -14
[  426.244803][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2310'.
[  427.000713][T13270] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  427.772131][T14846] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2319'.
[  427.870861][T14847] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  427.875895][T14847] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  428.375055][ T5952] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  430.680344][T13270] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  430.685008][T13270] CPU: 2 UID: 0 PID: 13270 Comm: kworker/u33:0 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  430.685036][T13270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.685050][T13270] Workqueue: hci0 hci_rx_work
[  430.685082][T13270] Call Trace:
[  430.685090][T13270]  <TASK>
[  430.685097][T13270]  dump_stack_lvl+0x16c/0x1f0
[  430.685125][T13270]  sysfs_warn_dup+0x7f/0xa0
[  430.685153][T13270]  sysfs_create_dir_ns+0x24b/0x2b0
[  430.685178][T13270]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.685202][T13270]  ? find_held_lock+0x2b/0x80
[  430.685228][T13270]  ? do_raw_spin_unlock+0x172/0x230
[  430.685258][T13270]  kobject_add_internal+0x2c4/0x9b0
[  430.685292][T13270]  kobject_add+0x16e/0x240
[  430.685320][T13270]  ? __pfx_kobject_add+0x10/0x10
[  430.685351][T13270]  ? do_raw_spin_unlock+0x172/0x230
[  430.685379][T13270]  ? kobject_put+0xab/0x5a0
[  430.685415][T13270]  device_add+0x288/0x1a70
[  430.685437][T13270]  ? __pfx_dev_set_name+0x10/0x10
[  430.685461][T13270]  ? __pfx_device_add+0x10/0x10
[  430.685482][T13270]  ? mgmt_send_event_skb+0x2fb/0x460
[  430.685517][T13270]  hci_conn_add_sysfs+0x17e/0x230
[  430.685547][T13270]  le_conn_complete_evt+0x1075/0x1d70
[  430.685580][T13270]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.685604][T13270]  ? hci_event_packet+0x459/0x11c0
[  430.685661][T13270]  hci_le_conn_complete_evt+0x23c/0x370
[  430.685695][T13270]  hci_le_meta_evt+0x357/0x5e0
[  430.685724][T13270]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  430.685752][T13270]  hci_event_packet+0x682/0x11c0
[  430.685779][T13270]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.685807][T13270]  ? __pfx_hci_event_packet+0x10/0x10
[  430.685836][T13270]  ? kcov_remote_start+0x3c9/0x6d0
[  430.685863][T13270]  ? lockdep_hardirqs_on+0x7c/0x110
[  430.685894][T13270]  hci_rx_work+0x2c5/0x16b0
[  430.685922][T13270]  ? rcu_is_watching+0x12/0xc0
[  430.685945][T13270]  process_one_work+0x9cf/0x1b70
[  430.685991][T13270]  ? __pfx_process_one_work+0x10/0x10
[  430.686029][T13270]  ? assign_work+0x1a0/0x250
[  430.686058][T13270]  worker_thread+0x6c8/0xf10
[  430.686096][T13270]  ? __kthread_parkme+0x19e/0x250
[  430.686119][T13270]  ? __pfx_worker_thread+0x10/0x10
[  430.686148][T13270]  kthread+0x3c2/0x780
[  430.686174][T13270]  ? __pfx_kthread+0x10/0x10
[  430.686202][T13270]  ? rcu_is_watching+0x12/0xc0
[  430.686221][T13270]  ? __pfx_kthread+0x10/0x10
[  430.686248][T13270]  ret_from_fork+0x5d7/0x6f0
[  430.686272][T13270]  ? __pfx_kthread+0x10/0x10
[  430.686298][T13270]  ret_from_fork_asm+0x1a/0x30
[  430.686334][T13270]  </TASK>
[  430.686377][T13270] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.809398][T14891] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  430.809464][T14891] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  430.820014][T13270] Bluetooth: hci0: failed to register connection device
[  430.830370][T13270] Bluetooth: Frame is too long (len 70, expected len 6)
[  431.171169][T14906] binder: 14897:14906 ioctl c0046209 0 returned -22
[  432.574379][T14917] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2339'.
[  432.581037][T14917] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  432.584425][T14917] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  432.587115][T14917] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  432.589791][T14917] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  432.610206][T14917] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  432.612974][T14917] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  432.615780][T14917] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  432.618531][T14917] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  432.797873][ T5952] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  432.826384][T14927] fuse: Bad value for 'fd'
[  433.709285][T14944] Bluetooth: MGMT ver 1.23
[  434.652238][ T5955] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  434.690055][T14965] fuse: Bad value for 'fd'
[  434.744652][T14966] Bluetooth: hci0: command 0x0405 tx timeout
[  436.832321][T15033] bridge0: port 2(bridge_slave_1) entered learning state
[  436.837217][T15033] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2364'.
[  437.475091][T15050] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  437.877868][T15053] FAULT_INJECTION: forcing a failure.
[  437.877868][T15053] name failslab, interval 1, probability 0, space 0, times 0
[  437.882778][T15053] CPU: 2 UID: 0 PID: 15053 Comm: syz.5.2370 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  437.882793][T15053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.882800][T15053] Call Trace:
[  437.882804][T15053]  <TASK>
[  437.882810][T15053]  dump_stack_lvl+0x16c/0x1f0
[  437.882830][T15053]  should_fail_ex+0x512/0x640
[  437.882847][T15053]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  437.882866][T15053]  should_failslab+0xc2/0x120
[  437.882877][T15053]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  437.882894][T15053]  ? __alloc_skb+0x2b2/0x380
[  437.882912][T15053]  __alloc_skb+0x2b2/0x380
[  437.882930][T15053]  ? __pfx___alloc_skb+0x10/0x10
[  437.882943][T15053]  ? __pfx___mutex_trylock_common+0x10/0x10
[  437.882961][T15053]  ? rcu_is_watching+0x12/0xc0
[  437.882975][T15053]  netlink_dump+0x678/0xce0
[  437.882993][T15053]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  437.883011][T15053]  ? __netlink_dump_start+0x150/0x990
[  437.883028][T15053]  ? __pfx_netlink_dump+0x10/0x10
[  437.883044][T15053]  ? __pfx___mutex_lock+0x10/0x10
[  437.883070][T15053]  __netlink_dump_start+0x6d6/0x990
[  437.883089][T15053]  packet_diag_handler_dump+0x1f0/0x290
[  437.883105][T15053]  ? __pfx_packet_diag_handler_dump+0x10/0x10
[  437.883120][T15053]  ? __pfx_packet_diag_dump+0x10/0x10
[  437.883135][T15053]  ? sock_diag_lock_handler+0x10f/0x2e0
[  437.883153][T15053]  sock_diag_rcv_msg+0x435/0x790
[  437.883168][T15053]  netlink_rcv_skb+0x155/0x420
[  437.883179][T15053]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  437.883193][T15053]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  437.883209][T15053]  ? netlink_deliver_tap+0x1ae/0xd30
[  437.883225][T15053]  ? is_vmalloc_addr+0x86/0xa0
[  437.883244][T15053]  netlink_unicast+0x53a/0x7f0
[  437.883256][T15053]  ? __pfx_netlink_unicast+0x10/0x10
[  437.883271][T15053]  netlink_sendmsg+0x8d1/0xdd0
[  437.883283][T15053]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.883299][T15053]  sock_write_iter+0x4ff/0x5b0
[  437.883311][T15053]  ? __pfx_sock_write_iter+0x10/0x10
[  437.883327][T15053]  ? bpf_lsm_file_permission+0x9/0x10
[  437.883339][T15053]  ? security_file_permission+0x71/0x210
[  437.883355][T15053]  ? rw_verify_area+0xcf/0x680
[  437.883371][T15053]  vfs_write+0x6c4/0x1150
[  437.883387][T15053]  ? __pfx_sock_write_iter+0x10/0x10
[  437.883399][T15053]  ? __pfx_vfs_write+0x10/0x10
[  437.883414][T15053]  ? find_held_lock+0x2b/0x80
[  437.883433][T15053]  ksys_write+0x1f8/0x250
[  437.883449][T15053]  ? __pfx_ksys_write+0x10/0x10
[  437.883466][T15053]  ? rcu_is_watching+0x12/0xc0
[  437.883478][T15053]  __do_fast_syscall_32+0x7c/0x3a0
[  437.883495][T15053]  do_fast_syscall_32+0x32/0x80
[  437.883511][T15053]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.883525][T15053] RIP: 0023:0xf7f74579
[  437.883534][T15053] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  437.883545][T15053] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  437.883555][T15053] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080005c00
[  437.883562][T15053] RDX: 0000000000000027 RSI: 0000000000000000 RDI: 0000000000000000
[  437.883568][T15053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.883574][T15053] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  437.883580][T15053] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.883593][T15053]  </TASK>
[  437.989795][    C2] hpet: Lost 6 RTC interrupts
[  438.226273][T15059] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2372'.
[  438.516653][T15073] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2376'.
[  439.371441][T15083] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2379'.
[  439.469706][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  440.389891][T13270] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  441.351796][T15119] netdevsim netdevsim5: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  441.355922][T15119] netdevsim netdevsim5: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  441.778608][T15125] lo speed is unknown, defaulting to 1000
[  441.781111][T15125] lo speed is unknown, defaulting to 1000
[  441.784869][T15125] lo speed is unknown, defaulting to 1000
[  441.794454][T15125] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  441.805199][T15125] lo speed is unknown, defaulting to 1000
[  441.808661][T15125] lo speed is unknown, defaulting to 1000
[  441.811720][T15125] lo speed is unknown, defaulting to 1000
[  441.817104][T15125] lo speed is unknown, defaulting to 1000
[  441.819602][T15125] lo speed is unknown, defaulting to 1000
[  441.822217][T15125] lo speed is unknown, defaulting to 1000
[  441.871466][T15127] syz.3.2391: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  441.876572][T15127] CPU: 0 UID: 0 PID: 15127 Comm: syz.3.2391 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  441.876590][T15127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.876598][T15127] Call Trace:
[  441.876603][T15127]  <TASK>
[  441.876607][T15127]  dump_stack_lvl+0x16c/0x1f0
[  441.876629][T15127]  warn_alloc+0x248/0x3a0
[  441.876650][T15127]  ? __pfx_warn_alloc+0x10/0x10
[  441.876667][T15127]  ? __pfx_stack_trace_save+0x10/0x10
[  441.876681][T15127]  ? stack_depot_save_flags+0x28/0xa40
[  441.876704][T15127]  ? kasan_save_stack+0x42/0x60
[  441.876722][T15127]  ? kasan_save_stack+0x33/0x60
[  441.876738][T15127]  ? kasan_save_track+0x14/0x30
[  441.876755][T15127]  ? xskq_create+0x52/0x1d0
[  441.876768][T15127]  ? xsk_setsockopt+0x640/0x840
[  441.876780][T15127]  ? do_sock_setsockopt+0x221/0x470
[  441.876792][T15127]  ? xskq_create+0xfb/0x1d0
[  441.876807][T15127]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  441.876827][T15127]  ? xskq_create+0xfb/0x1d0
[  441.876845][T15127]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  441.876867][T15127]  ? xskq_create+0xfb/0x1d0
[  441.876882][T15127]  vmalloc_user_noprof+0x9e/0xe0
[  441.876899][T15127]  ? xskq_create+0xfb/0x1d0
[  441.876914][T15127]  xskq_create+0xfb/0x1d0
[  441.876930][T15127]  xsk_setsockopt+0x640/0x840
[  441.876944][T15127]  ? __pfx_xsk_setsockopt+0x10/0x10
[  441.876964][T15127]  ? __pfx_aa_sk_perm+0x10/0x10
[  441.876983][T15127]  ? errseq_sample+0x53/0x70
[  441.877000][T15127]  ? __pfx_xsk_setsockopt+0x10/0x10
[  441.877014][T15127]  do_sock_setsockopt+0x221/0x470
[  441.877028][T15127]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  441.877048][T15127]  __sys_setsockopt+0x120/0x1a0
[  441.877067][T15127]  __ia32_sys_setsockopt+0xbc/0x160
[  441.877083][T15127]  ? lockdep_hardirqs_on+0x7c/0x110
[  441.877098][T15127]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  441.877116][T15127]  __do_fast_syscall_32+0x7c/0x3a0
[  441.877135][T15127]  do_fast_syscall_32+0x32/0x80
[  441.877152][T15127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  441.877167][T15127] RIP: 0023:0xf7fb3579
[  441.877176][T15127] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  441.877188][T15127] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  441.877199][T15127] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[  441.877207][T15127] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  441.877214][T15127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  441.877221][T15127] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  441.877227][T15127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  441.877241][T15127]  </TASK>
[  441.877246][T15127] Mem-Info:
[  441.966707][T15127] active_anon:7898 inactive_anon:196 isolated_anon:0
[  441.966707][T15127]  active_file:16259 inactive_file:14230 isolated_file:0
[  441.966707][T15127]  unevictable:1768 dirty:377 writeback:0
[  441.966707][T15127]  slab_reclaimable:6978 slab_unreclaimable:65489
[  441.966707][T15127]  mapped:24955 shmem:2759 pagetables:1610
[  441.966707][T15127]  sec_pagetables:320 bounce:0
[  441.966707][T15127]  kernel_misc_reclaimable:0
[  441.966707][T15127]  free:46906 free_pcp:15359 free_cma:0
[  441.980923][T15127] Node 0 active_anon:2364kB inactive_anon:104kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:4kB writeback:0kB shmem:5572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7948kB pagetables:2120kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  441.991017][T15127] Node 1 active_anon:29152kB inactive_anon:680kB active_file:65036kB inactive_file:56844kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99068kB dirty:1504kB writeback:0kB shmem:5464kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:5324kB pagetables:4320kB sec_pagetables:128kB all_unreclaimable? no Balloon:0kB
[  442.001354][T15127] Node 0 DMA free:2096kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:576kB local_pcp:160kB free_cma:0kB
[  442.010338][T15127] lowmem_reserve[]: 0 289 289 289 289
[  442.012063][T15127] Node 0 DMA32 free:18648kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB free_highatomic:1100KB active_anon:2744kB inactive_anon:104kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:4kB present:1032196kB managed:296728kB mlocked:0kB bounce:0kB free_pcp:10200kB local_pcp:2760kB free_cma:0kB
[  442.021981][T15127] lowmem_reserve[]: 0 0 0 0 0
[  442.023528][T15127] Node 1 DMA32 free:193084kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:432KB active_anon:29152kB inactive_anon:680kB active_file:65036kB inactive_file:56844kB unevictable:3536kB writepending:1504kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:24336kB local_pcp:8316kB free_cma:0kB
[  442.033783][T15127] lowmem_reserve[]: 0 0 0 0 0
[  442.035506][T15127] Node 0 DMA: 18*4kB (UM) 31*8kB (UM) 11*16kB (UM) 8*32kB (UM) 3*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2096kB
[  442.040031][T15127] Node 0 DMA32: 402*4kB (UEH) 53*8kB (UEH) 13*16kB (UEH) 63*32kB (UMEH) 20*64kB (UMEH) 14*128kB (UMH) 7*256kB (UM) 7*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 16800kB
[  442.114331][T15127] Node 1 DMA32: 773*4kB (UE) 476*8kB (UMEH) 233*16kB (UMEH) 455*32kB (UMEH) 192*64kB (UMEH) 142*128kB (UME) 111*256kB (UME) 60*512kB (UME) 29*1024kB (UM) 6*2048kB (M) 5*4096kB (UM) = 177252kB
[  442.121284][T15127] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  442.124344][T15127] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  442.127211][T15127] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  442.130192][T15127] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  442.133073][T15127] 36511 total pagecache pages
[  442.134670][T15127] 275 pages in swap cache
[  442.136022][T15127] Free swap  = 120824kB
[  442.137323][T15127] Total swap = 124996kB
[  442.138645][T15127] 524155 pages RAM
[  442.139882][T15127] 0 pages HighMem/MovableOnly
[  442.141386][T15127] 209066 pages reserved
[  442.143040][T15127] 0 pages cma reserved
[  442.406785][T14661] IPVS: starting estimator thread 0...
[  442.504416][T15150] IPVS: using max 23 ests per chain, 55200 per kthread
[  442.631726][ T7068] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  442.932280][ T7068] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  442.935763][ T7068] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  442.940054][ T7068] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  442.943938][ T7068] usb 10-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  442.959184][ T7068] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  442.974904][ T7068] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  442.977947][ T7068] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  442.980613][ T7068] usb 10-1: Product: syz
[  442.981948][ T7068] usb 10-1: Manufacturer: syz
[  442.990297][ T7068] cdc_wdm 10-1:1.0: skipping garbage
[  442.992062][ T7068] cdc_wdm 10-1:1.0: skipping garbage
[  442.993740][ T7068] cdc_wdm 10-1:1.0: probe with driver cdc_wdm failed with error -22
[  442.995102][T15158] sch_fq: defrate 0 ignored.
[  443.983460][T15145] mkiss: ax0: crc mode is auto.
[  444.251369][T15178] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  444.255709][T15178] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  444.329032][T15179] batadv_slave_0: entered promiscuous mode
[  444.331687][T15179] batadv_slave_0: left allmulticast mode
[  444.365529][T15179] lo speed is unknown, defaulting to 1000
[  444.387696][T15179] lo speed is unknown, defaulting to 1000
[  444.750161][T14291] usb 10-1: USB disconnect, device number 2
[  444.768577][T15187] random: crng reseeded on system resumption
[  445.444807][T15208] binder: 15207:15208 ioctl c0306201 80000080 returned -14
[  445.465155][T15211] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  445.574641][T15220] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  445.578792][T15220] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  446.473404][T15242] fuse: Bad value for 'fd'
[  447.547957][   T40] audit: type=1326 audit(1749147490.135:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.569879][   T40] audit: type=1326 audit(1749147490.145:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=323 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.577357][   T40] audit: type=1326 audit(1749147490.145:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.584696][   T40] audit: type=1326 audit(1749147490.145:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.591617][   T40] audit: type=1326 audit(1749147490.145:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.600013][   T40] audit: type=1326 audit(1749147490.145:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.607279][   T40] audit: type=1326 audit(1749147490.145:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.608914][T15268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2432'.
[  447.613970][   T40] audit: type=1326 audit(1749147490.145:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.624298][   T40] audit: type=1326 audit(1749147490.155:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.627599][T15264] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2431'.
[  447.631356][   T40] audit: type=1326 audit(1749147490.155:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.5.2431" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  447.662863][T15268] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2432'.
[  447.760491][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  447.762991][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.424618][ T6195] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  448.440684][T15310] fuse: Bad value for 'user_id'
[  448.442840][T15310] fuse: Bad value for 'user_id'
[  448.575277][ T6195] usb 9-1: Using ep0 maxpacket: 32
[  448.594814][T15304] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  448.597616][T15304] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  448.601693][ T6195] usb 9-1: unable to get BOS descriptor or descriptor too short
[  448.606508][ T6195] usb 9-1: too many configurations: 105, using maximum allowed: 8
[  448.610654][ T6195] usb 9-1: unable to read config index 0 descriptor/start: -71
[  448.613555][ T6195] usb 9-1: can't read configurations, error -71
[  449.749129][T15340] ieee802154 phy1 wpan1: encryption failed: -22
[  449.948882][T15340] netlink: 'syz.4.2444': attribute type 23 has an invalid length.
[  450.586446][T15358] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2451'.
[  450.609230][T15358] 8021q: adding VLAN 0 to HW filter on device bond1
[  450.627468][T15358] 8021q: adding VLAN 0 to HW filter on device bond1
[  450.630574][T15358] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  450.636465][T15358] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  450.652618][T15360] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  450.656514][T15360] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  450.759560][T14291] IPVS: starting estimator thread 0...
[  450.772546][T15367] tipc: Started in network mode
[  450.774831][T15367] tipc: Node identity ac1414aa, cluster identity 4711
[  450.785926][T15367] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  450.788291][T15367] tipc: Enabled bearer <udp:s>, priority 10
[  450.924371][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  450.945152][T15368] IPVS: using max 44 ests per chain, 105600 per kthread
[  451.064293][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  451.204941][T15385] ieee802154 phy1 wpan1: encryption failed: -22
[  451.214279][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  451.328285][T15385] netlink: 'syz.1.2459': attribute type 23 has an invalid length.
[  451.364274][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  451.515418][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  451.604267][T14966] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  451.643564][T15391] fuse: Bad value for 'fd'
[  451.654257][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  451.794243][T14291] tipc: Node number set to 2886997162
[  451.851286][T15395] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  451.944304][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  452.214311][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  452.744258][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  452.857097][T13270] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  452.896865][T15423] fuse: Bad value for 'fd'
[  453.041560][T15437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2475'.
[  453.903073][T15452] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  453.907385][T15452] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  454.720162][T15472] loop6: detected capacity change from 0 to 524287999
[  454.804245][  T867] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  454.857371][T15479] fuse: Bad value for 'fd'
[  454.895380][T15481] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  454.899595][T15481] FAULT_INJECTION: forcing a failure.
[  454.899595][T15481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.903653][T15481] CPU: 2 UID: 0 PID: 15481 Comm: syz.1.2482 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  454.903667][T15481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  454.903675][T15481] Call Trace:
[  454.903679][T15481]  <TASK>
[  454.903683][T15481]  dump_stack_lvl+0x16c/0x1f0
[  454.903702][T15481]  should_fail_ex+0x512/0x640
[  454.903722][T15481]  _copy_from_user+0x2e/0xd0
[  454.903733][T15481]  snd_ctl_elem_add_compat+0xa2/0x3f0
[  454.903757][T15481]  snd_ctl_ioctl_compat+0x6ca/0xc50
[  454.903774][T15481]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[  454.903790][T15481]  ? find_held_lock+0x2b/0x80
[  454.903801][T15481]  ? hook_file_ioctl_common+0x145/0x410
[  454.903817][T15481]  ? __fget_files+0x20e/0x3c0
[  454.903832][T15481]  ? __fput_deferred+0x470/0x480
[  454.903845][T15481]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[  454.903862][T15481]  __ia32_compat_sys_ioctl+0x242/0x370
[  454.903878][T15481]  __do_fast_syscall_32+0x7c/0x3a0
[  454.903895][T15481]  do_fast_syscall_32+0x32/0x80
[  454.903912][T15481]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  454.903925][T15481] RIP: 0023:0xf706e579
[  454.903934][T15481] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  454.903945][T15481] RSP: 002b:00000000f505e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  454.903955][T15481] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c1105518
[  454.903961][T15481] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  454.903968][T15481] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  454.903973][T15481] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  454.903979][T15481] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  454.903992][T15481]  </TASK>
[  454.961903][    C2] hpet_rtc_timer_reinit: 8 callbacks suppressed
[  454.961913][    C2] hpet: Lost 3 RTC interrupts
[  454.993689][  T867] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  454.994129][T15483] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  454.996614][  T867] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  455.002345][  T867] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  455.005539][  T867] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  455.009218][  T867] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  455.016834][  T867] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  455.019662][  T867] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  455.022236][  T867] usb 9-1: Product: syz
[  455.023630][  T867] usb 9-1: Manufacturer: syz
[  455.027978][  T867] cdc_wdm 9-1:1.0: skipping garbage
[  455.029655][  T867] cdc_wdm 9-1:1.0: skipping garbage
[  455.031344][  T867] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22
[  455.122820][T15488] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2487'.
[  455.191733][T15489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2487'.
[  455.195163][T15489] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2487'.
[  455.329908][T15492] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2489'.
[  455.474552][T15460] mkiss: ax0: crc mode is auto.
[  455.717600][  T867] usb 9-1: USB disconnect, device number 9
[  455.854294][    C0] net_ratelimit: 2 callbacks suppressed
[  455.854328][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  456.114519][T15501] netlink: 'syz.1.2492': attribute type 10 has an invalid length.
[  456.118429][T15501] syz_tun: entered promiscuous mode
[  456.126704][T15501] : (slave syz_tun): Enslaving as an active interface with an up link
[  456.210100][T15499] ieee802154 phy1 wpan1: encryption failed: -22
[  456.904430][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  457.944268][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  458.118565][T15540] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2503'.
[  458.203014][T15547] syz.4.2506: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  458.213617][T15547] CPU: 3 UID: 0 PID: 15547 Comm: syz.4.2506 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  458.213647][T15547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  458.213661][T15547] Call Trace:
[  458.213668][T15547]  <TASK>
[  458.213675][T15547]  dump_stack_lvl+0x16c/0x1f0
[  458.213707][T15547]  warn_alloc+0x248/0x3a0
[  458.213735][T15547]  ? __pfx_warn_alloc+0x10/0x10
[  458.213761][T15547]  ? __pfx_stack_trace_save+0x10/0x10
[  458.213782][T15547]  ? stack_depot_save_flags+0x28/0xa40
[  458.213827][T15547]  ? kasan_save_stack+0x42/0x60
[  458.213854][T15547]  ? kasan_save_stack+0x33/0x60
[  458.213878][T15547]  ? kasan_save_track+0x14/0x30
[  458.213905][T15547]  ? xskq_create+0x52/0x1d0
[  458.213924][T15547]  ? xsk_setsockopt+0x640/0x840
[  458.213942][T15547]  ? do_sock_setsockopt+0x221/0x470
[  458.213962][T15547]  ? xskq_create+0xfb/0x1d0
[  458.213982][T15547]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  458.214015][T15547]  ? xskq_create+0xfb/0x1d0
[  458.214042][T15547]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  458.214074][T15547]  ? xskq_create+0xfb/0x1d0
[  458.214096][T15547]  vmalloc_user_noprof+0x9e/0xe0
[  458.214118][T15547]  ? xskq_create+0xfb/0x1d0
[  458.214162][T15547]  xskq_create+0xfb/0x1d0
[  458.214188][T15547]  xsk_setsockopt+0x640/0x840
[  458.214211][T15547]  ? __pfx_xsk_setsockopt+0x10/0x10
[  458.214232][T15547]  ? __pfx_aa_sk_perm+0x10/0x10
[  458.214257][T15547]  ? errseq_sample+0x53/0x70
[  458.214278][T15547]  ? __pfx_xsk_setsockopt+0x10/0x10
[  458.214324][T15547]  do_sock_setsockopt+0x221/0x470
[  458.214343][T15547]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  458.214378][T15547]  __sys_setsockopt+0x120/0x1a0
[  458.214408][T15547]  __ia32_sys_setsockopt+0xbc/0x160
[  458.214430][T15547]  ? lockdep_hardirqs_on+0x7c/0x110
[  458.214456][T15547]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  458.214483][T15547]  __do_fast_syscall_32+0x7c/0x3a0
[  458.214512][T15547]  do_fast_syscall_32+0x32/0x80
[  458.214537][T15547]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  458.214559][T15547] RIP: 0023:0xf7fd1579
[  458.214574][T15547] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  458.214592][T15547] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  458.214623][T15547] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[  458.214636][T15547] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  458.214646][T15547] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  458.214656][T15547] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  458.214666][T15547] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  458.214693][T15547]  </TASK>
[  458.338377][T15547] Mem-Info:
[  458.339812][T15547] active_anon:8241 inactive_anon:196 isolated_anon:0
[  458.339812][T15547]  active_file:16259 inactive_file:14111 isolated_file:0
[  458.339812][T15547]  unevictable:7684 dirty:665 writeback:0
[  458.339812][T15547]  slab_reclaimable:6924 slab_unreclaimable:67012
[  458.339812][T15547]  mapped:24985 shmem:2972 pagetables:1674
[  458.339812][T15547]  sec_pagetables:320 bounce:0
[  458.339812][T15547]  kernel_misc_reclaimable:0
[  458.339812][T15547]  free:41544 free_pcp:12620 free_cma:0
[  458.362930][T15547] Node 0 active_anon:2572kB inactive_anon:104kB active_file:0kB inactive_file:76kB unevictable:6520kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:5536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7980kB pagetables:2344kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  458.376467][T15547] Node 1 active_anon:33292kB inactive_anon:680kB active_file:65036kB inactive_file:56368kB unevictable:28316kB isolated(anon):0kB isolated(file):0kB mapped:102924kB dirty:2660kB writeback:0kB shmem:9352kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:5464kB pagetables:4352kB sec_pagetables:128kB all_unreclaimable? no Balloon:0kB
[  458.395167][T15547] Node 0 DMA free:2096kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:576kB local_pcp:32kB free_cma:0kB
[  458.407876][T15547] lowmem_reserve[]: 0 289 289 289 289
[  458.410168][T15547] Node 0 DMA32 free:16404kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB free_highatomic:1100KB active_anon:2572kB inactive_anon:104kB active_file:0kB inactive_file:76kB unevictable:6520kB writepending:0kB present:1032196kB managed:296728kB mlocked:2984kB bounce:0kB free_pcp:10472kB local_pcp:2508kB free_cma:0kB
[  458.423704][T15547] lowmem_reserve[]: 0 0 0 0 0
[  458.425798][T15547] Node 1 DMA32 free:147676kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:432KB active_anon:38892kB inactive_anon:680kB active_file:65036kB inactive_file:56368kB unevictable:30516kB writepending:2660kB present:1048432kB managed:948268kB mlocked:27060kB bounce:0kB free_pcp:24380kB local_pcp:1360kB free_cma:0kB
[  458.439732][T15547] lowmem_reserve[]: 0 0 0 0 0
[  458.441772][T15547] Node 0 DMA: 18*4kB (UM) 31*8kB (UM) 11*16kB (UM) 8*32kB (UM) 3*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2096kB
[  458.448499][T15547] Node 0 DMA32: 194*4kB (UMEH) 24*8kB (H) 9*16kB (EH) 68*32kB (UMEH) 28*64kB (UMH) 14*128kB (UMH) 7*256kB (UM) 7*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 16344kB
[  458.455636][T15547] Node 1 DMA32: 379*4kB (UE) 406*8kB (UEH) 150*16kB (UMEH) 150*32kB (UEH) 104*64kB (UMEH) 111*128kB (UME) 102*256kB (UME) 59*512kB (UME) 25*1024kB (UM) 8*2048kB (UM) 4*4096kB (UM) = 147516kB
[  458.464465][T15547] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  458.468467][T15547] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  458.472305][T15547] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  458.477313][T15547] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  458.481312][T15547] 37780 total pagecache pages
[  458.483507][T15547] 275 pages in swap cache
[  458.486036][T15547] Free swap  = 120832kB
[  458.487825][T15547] Total swap = 124996kB
[  458.491626][T15547] 524155 pages RAM
[  458.493239][T15547] 0 pages HighMem/MovableOnly
[  458.495354][T15547] 209066 pages reserved
[  458.497109][T15547] 0 pages cma reserved
[  458.974345][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  459.304985][T15575] netlink: 248 bytes leftover after parsing attributes in process `syz.4.2510'.
[  459.390911][T15582] FAULT_INJECTION: forcing a failure.
[  459.390911][T15582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.396776][T15582] CPU: 0 UID: 0 PID: 15582 Comm: syz.4.2515 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  459.396819][T15582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  459.396830][T15582] Call Trace:
[  459.396836][T15582]  <TASK>
[  459.396844][T15582]  dump_stack_lvl+0x16c/0x1f0
[  459.396874][T15582]  should_fail_ex+0x512/0x640
[  459.396903][T15582]  _copy_from_user+0x2e/0xd0
[  459.396921][T15582]  __sys_bpf+0x21d/0x4d80
[  459.396941][T15582]  ? __pfx___sys_bpf+0x10/0x10
[  459.396958][T15582]  ? ksys_write+0x190/0x250
[  459.396987][T15582]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  459.397027][T15582]  ? fput+0x70/0xf0
[  459.397043][T15582]  ? ksys_write+0x1ac/0x250
[  459.397067][T15582]  ? __pfx_ksys_write+0x10/0x10
[  459.397096][T15582]  __ia32_sys_bpf+0x76/0xe0
[  459.397114][T15582]  __do_fast_syscall_32+0x7c/0x3a0
[  459.397141][T15582]  do_fast_syscall_32+0x32/0x80
[  459.397165][T15582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  459.397186][T15582] RIP: 0023:0xf7fd1579
[  459.397200][T15582] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  459.397216][T15582] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  459.397233][T15582] RAX: ffffffffffffffda RBX: 0000000000000022 RCX: 00000000800002c0
[  459.397244][T15582] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  459.397254][T15582] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  459.397264][T15582] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  459.397274][T15582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.397297][T15582]  </TASK>
[  459.653550][T13270] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  459.663547][T13270] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  459.667774][T13270] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  459.671685][T13270] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  459.676847][T13270] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  459.727497][T15592] lo speed is unknown, defaulting to 1000
[  459.731903][T15592] lo speed is unknown, defaulting to 1000
[  459.792669][T12469] : (slave syz_tun): Releasing backup interface
[  459.874111][T15592] chnl_net:caif_netlink_parms(): no params data found
[  459.999726][T15592] bridge0: port 1(bridge_slave_0) entered blocking state
[  460.002107][T15592] bridge0: port 1(bridge_slave_0) entered disabled state
[  460.012001][T15592] bridge_slave_0: entered allmulticast mode
[  460.014450][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  460.015195][T15592] bridge_slave_0: entered promiscuous mode
[  460.021040][T15592] bridge0: port 2(bridge_slave_1) entered blocking state
[  460.023374][T15592] bridge0: port 2(bridge_slave_1) entered disabled state
[  460.028871][T15592] bridge_slave_1: entered allmulticast mode
[  460.031793][T15592] bridge_slave_1: entered promiscuous mode
[  460.132479][T15592] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  460.138012][T15592] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  460.177658][T15592] team0: Port device team_slave_0 added
[  460.181722][T15592] team0: Port device team_slave_1 added
[  460.218627][T15592] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.220841][T15592] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.229067][T15592] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.233344][T15592] batman_adv: batadv0: Adding interface: batadv_slave_1
[  460.235648][T15592] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.243743][T15592] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.290878][T15592] hsr_slave_0: entered promiscuous mode
[  460.298207][T15592] hsr_slave_1: entered promiscuous mode
[  460.303034][T15592] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  460.306850][T15592] Cannot create hsr debugfs directory
[  460.519930][T15618] lo speed is unknown, defaulting to 1000
[  460.522465][T15618] lo speed is unknown, defaulting to 1000
[  461.064320][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  461.183914][T15592] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  461.256725][T15592] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  461.263849][T15592] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  461.271959][T15592] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  461.412783][T15592] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.432697][T15592] 8021q: adding VLAN 0 to HW filter on device team0
[  461.440510][T15631] 9pnet_fd: Insufficient options for proto=fd
[  461.442761][ T7298] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.446474][ T7298] bridge0: port 1(bridge_slave_0) entered forwarding state
[  461.490137][ T7296] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.493249][ T7296] bridge0: port 2(bridge_slave_1) entered forwarding state
[  461.672897][T15592] 8021q: adding VLAN 0 to HW filter on device batadv0
[  461.694619][T13270] Bluetooth: hci2: command tx timeout
[  461.714224][T15592] veth0_vlan: entered promiscuous mode
[  461.720035][T15592] veth1_vlan: entered promiscuous mode
[  461.741794][T15592] veth0_macvtap: entered promiscuous mode
[  461.746876][T15592] veth1_macvtap: entered promiscuous mode
[  461.759307][T15592] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.769866][T15592] batman_adv: batadv0: Interface activated: batadv_slave_1
[  461.776503][T15592] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  461.779265][T15592] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  461.781981][T15592] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  461.785835][T15592] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  461.823767][ T7296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  461.827431][ T7296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  461.841228][ T7294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  461.844056][ T7294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  462.094326][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  462.697761][   T24] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  462.718234][   T24] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  463.144433][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  463.207680][T15662] bond2: entered promiscuous mode
[  463.209659][T15662] bond2: entered allmulticast mode
[  463.211855][T15662] 8021q: adding VLAN 0 to HW filter on device bond2
[  463.511684][T15662] bond2 (unregistering): Released all slaves
[  463.793128][T13270] Bluetooth: hci2: command tx timeout
[  463.943313][T15684] fuse: Bad value for 'fd'
[  464.174381][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  464.356335][T15695] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2545'.
[  464.360158][T15695] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2545'.
[  465.027125][T15711] siw: device registration error -23
[  465.214509][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  465.314608][   T24] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  465.356542][T15725] IPv6: Can't replace route, no match found
[  465.490491][   T24] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  465.496335][   T24] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  465.505753][   T24] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  465.519979][   T24] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  465.525173][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.529055][   T24] usb 10-1: Product: syz
[  465.530702][   T24] usb 10-1: Manufacturer: syz
[  465.532367][   T24] usb 10-1: SerialNumber: syz
[  465.551195][   T24] hub 10-1:1.0: bad descriptor, ignoring hub
[  465.557622][   T24] hub 10-1:1.0: probe with driver hub failed with error -5
[  465.733136][T15738] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  465.737914][T15738] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  465.757091][   T24] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  465.864850][T13270] Bluetooth: hci2: command tx timeout
[  466.254360][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  466.676301][T15756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  466.944808][T14291] usb 10-1: USB disconnect, device number 3
[  466.949836][T14291] usblp0: removed
[  467.037204][T15762] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  467.276566][T15771] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  467.281569][T15771] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  467.294379][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  467.352115][T15776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2568'.
[  467.936193][T13270] Bluetooth: hci2: command tx timeout
[  468.050299][T15783] lo speed is unknown, defaulting to 1000
[  468.053353][T15783] lo speed is unknown, defaulting to 1000
[  468.124201][T15790] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2571'.
[  468.171929][T15796] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.2575'.
[  468.344290][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  468.759388][T15810] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  468.763943][T15810] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  469.362992][T15822] lo speed is unknown, defaulting to 1000
[  469.368235][T15822] lo speed is unknown, defaulting to 1000
[  469.384364][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  469.698474][T15831] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2585'.
[  469.759036][T15831] batadv1: entered allmulticast mode
[  469.991892][T15838] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2587'.
[  470.015349][T15840] random: crng reseeded on system resumption
[  470.414413][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  470.849769][T15854] fuse: Bad value for 'fd'
[  470.958619][T15860] kvm: kvm [15848]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x5e6b769792aa5148
[  471.104992][T15863] 9pnet_fd: Insufficient options for proto=fd
[  471.217380][T15870] fuse: Bad value for 'fd'
[  471.454337][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  472.223211][T13270] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  472.223716][T15897] fuse: Bad value for 'fd'
[  472.258839][T15901] netdevsim netdevsim3: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  472.262531][T15901] netdevsim netdevsim3: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  472.417950][T15913] netlink: 'syz.4.2613': attribute type 4 has an invalid length.
[  472.446959][T15915] FAULT_INJECTION: forcing a failure.
[  472.446959][T15915] name failslab, interval 1, probability 0, space 0, times 0
[  472.450938][T15915] CPU: 3 UID: 0 PID: 15915 Comm: syz.4.2614 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  472.450953][T15915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  472.450960][T15915] Call Trace:
[  472.450964][T15915]  <TASK>
[  472.450969][T15915]  dump_stack_lvl+0x16c/0x1f0
[  472.450988][T15915]  should_fail_ex+0x512/0x640
[  472.451005][T15915]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  472.451022][T15915]  should_failslab+0xc2/0x120
[  472.451033][T15915]  __kmalloc_cache_noprof+0x6a/0x3e0
[  472.451048][T15915]  ? vma_node_allow+0x56/0x300
[  472.451069][T15915]  vma_node_allow+0x56/0x300
[  472.451088][T15915]  drm_gem_handle_create_tail+0x227/0x570
[  472.451108][T15915]  drm_mode_getfb2_ioctl+0x8fd/0x1250
[  472.451128][T15915]  drm_ioctl_kernel+0x1f4/0x3e0
[  472.451138][T15915]  ? __pfx_drm_mode_getfb2_ioctl+0x10/0x10
[  472.451153][T15915]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  472.451167][T15915]  drm_ioctl+0x5c9/0xc30
[  472.451179][T15915]  ? __pfx_drm_mode_getfb2_ioctl+0x10/0x10
[  472.451193][T15915]  ? __pfx_drm_ioctl+0x10/0x10
[  472.451225][T15915]  drm_compat_ioctl+0x327/0x460
[  472.451240][T15915]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  472.451253][T15915]  __ia32_compat_sys_ioctl+0x242/0x370
[  472.451269][T15915]  __do_fast_syscall_32+0x7c/0x3a0
[  472.451286][T15915]  do_fast_syscall_32+0x32/0x80
[  472.451302][T15915]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  472.451316][T15915] RIP: 0023:0xf7fd1579
[  472.451324][T15915] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  472.451336][T15915] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  472.451346][T15915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c06864ce
[  472.451353][T15915] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  472.451359][T15915] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  472.451365][T15915] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  472.451371][T15915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  472.451384][T15915]  </TASK>
[  472.494601][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  472.854375][T15909] afs: Unknown parameter 'dy2þágñ+»ä!o)bû{§›a'
[  473.165534][T15936] FAULT_INJECTION: forcing a failure.
[  473.165534][T15936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.170723][T15936] CPU: 3 UID: 0 PID: 15936 Comm: syz.4.2621 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  473.170751][T15936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  473.170759][T15936] Call Trace:
[  473.170763][T15936]  <TASK>
[  473.170768][T15936]  dump_stack_lvl+0x16c/0x1f0
[  473.170788][T15936]  should_fail_ex+0x512/0x640
[  473.170808][T15936]  strncpy_from_user+0x3b/0x2e0
[  473.170826][T15936]  getname_flags.part.0+0x8f/0x550
[  473.170841][T15936]  getname_flags+0x93/0xf0
[  473.170856][T15936]  user_path_at+0x24/0x60
[  473.170872][T15936]  __ia32_sys_mount+0x1fb/0x310
[  473.170883][T15936]  ? __pfx___ia32_sys_mount+0x10/0x10
[  473.170894][T15936]  ? rcu_is_watching+0x12/0xc0
[  473.170908][T15936]  __do_fast_syscall_32+0x7c/0x3a0
[  473.170925][T15936]  do_fast_syscall_32+0x32/0x80
[  473.170941][T15936]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  473.170955][T15936] RIP: 0023:0xf7fd1579
[  473.170964][T15936] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  473.170974][T15936] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  473.170985][T15936] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000280
[  473.170991][T15936] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  473.170997][T15936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  473.171003][T15936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  473.171009][T15936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  473.171022][T15936]  </TASK>
[  473.534282][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  473.664635][T15950] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  473.668803][T15950] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  474.144640][T15955] Device name cannot be null; rc = [-22]
[  474.317029][T14291] kernel read not supported for file /637/oom_adj (pid: 14291 comm: kworker/0:4)
[  474.444619][T15962] FAULT_INJECTION: forcing a failure.
[  474.444619][T15962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.449915][T15962] CPU: 0 UID: 0 PID: 15962 Comm: syz.5.2631 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  474.449938][T15962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  474.449946][T15962] Call Trace:
[  474.449952][T15962]  <TASK>
[  474.449957][T15962]  dump_stack_lvl+0x16c/0x1f0
[  474.449985][T15962]  should_fail_ex+0x512/0x640
[  474.450016][T15962]  _copy_from_user+0x2e/0xd0
[  474.450035][T15962]  kstrtouint_from_user+0xd6/0x1d0
[  474.450057][T15962]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  474.450078][T15962]  ? __lock_acquire+0xb8a/0x1c90
[  474.450114][T15962]  proc_fail_nth_write+0x83/0x250
[  474.450158][T15962]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  474.450187][T15962]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  474.450222][T15962]  vfs_write+0x2a0/0x1150
[  474.450256][T15962]  ? __pfx_vfs_write+0x10/0x10
[  474.450280][T15962]  ? find_held_lock+0x2b/0x80
[  474.450305][T15962]  ? __fget_files+0x20e/0x3c0
[  474.450338][T15962]  ksys_write+0x12a/0x250
[  474.450364][T15962]  ? __pfx_ksys_write+0x10/0x10
[  474.450399][T15962]  ? rcu_is_watching+0x12/0xc0
[  474.450421][T15962]  __do_fast_syscall_32+0x7c/0x3a0
[  474.450447][T15962]  do_fast_syscall_32+0x32/0x80
[  474.450468][T15962]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  474.450485][T15962] RIP: 0023:0xf7f74579
[  474.450496][T15962] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  474.450510][T15962] RSP: 002b:00000000f5096590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  474.450524][T15962] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5096620
[  474.450532][T15962] RDX: 0000000000000001 RSI: 00000000f7402ff4 RDI: 0000000000000000
[  474.450541][T15962] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  474.450549][T15962] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  474.450557][T15962] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  474.450579][T15962]  </TASK>
[  474.584331][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  475.614300][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  475.683967][T15986] xt_ecn: cannot match TCP bits for non-tcp packets
[  476.243239][T15999] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2641'.
[  476.307601][T16001] fuse: Unknown parameter 'groUp_id'
[  476.654316][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  477.704301][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  477.960571][T16023] wireguard0: entered promiscuous mode
[  477.962401][T16023] wireguard0: entered allmulticast mode
[  477.974092][T14966] Bluetooth: Frame is too long (len 70, expected len 6)
[  477.976673][T14966] Bluetooth: hci0: link tx timeout
[  477.978827][T14966] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[  477.983375][T14966] Bluetooth: hci0: link tx timeout
[  477.985194][T14966] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  477.987859][T14966] Bluetooth: hci0: killing stalled connection 00:00:00:00:00:00
[  478.193062][   T40] audit: type=1326 audit(1749148032.775:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.201701][   T40] audit: type=1326 audit(1749148032.775:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.209983][   T40] audit: type=1326 audit(1749148032.785:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.218738][   T40] audit: type=1326 audit(1749148032.795:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.225424][   T40] audit: type=1326 audit(1749148032.795:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.232912][   T40] audit: type=1326 audit(1749148032.795:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.241857][   T40] audit: type=1326 audit(1749148032.825:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.250342][   T40] audit: type=1326 audit(1749148032.825:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16034 comm="syz.3.2653" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  478.390329][T16042] syz_tun: entered allmulticast mode
[  478.722237][T16041] syz_tun: left allmulticast mode
[  478.733932][T16045] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2656'.
[  478.744277][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  479.564885][T16071] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2664'.
[  479.774324][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  480.024261][T14966] Bluetooth: hci0: command 0x0405 tx timeout
[  480.197505][T16081] FAULT_INJECTION: forcing a failure.
[  480.197505][T16081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.202135][T16081] CPU: 1 UID: 0 PID: 16081 Comm: syz.4.2665 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  480.202150][T16081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  480.202157][T16081] Call Trace:
[  480.202161][T16081]  <TASK>
[  480.202165][T16081]  dump_stack_lvl+0x16c/0x1f0
[  480.202185][T16081]  should_fail_ex+0x512/0x640
[  480.202208][T16081]  _copy_from_iter+0x29f/0x16f0
[  480.202221][T16081]  ? __alloc_skb+0x200/0x380
[  480.202237][T16081]  ? __pfx__copy_from_iter+0x10/0x10
[  480.202253][T16081]  netlink_sendmsg+0x829/0xdd0
[  480.202268][T16081]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.202279][T16081]  ? __import_iovec+0x1dd/0x650
[  480.202293][T16081]  ____sys_sendmsg+0xa95/0xc70
[  480.202306][T16081]  ? __pfx_____sys_sendmsg+0x10/0x10
[  480.202317][T16081]  ? get_compat_msghdr+0x11a/0x170
[  480.202340][T16081]  ___sys_sendmsg+0x134/0x1d0
[  480.202356][T16081]  ? __pfx____sys_sendmsg+0x10/0x10
[  480.202382][T16081]  ? find_held_lock+0x2b/0x80
[  480.202402][T16081]  __sys_sendmsg+0x16d/0x220
[  480.202417][T16081]  ? __pfx___sys_sendmsg+0x10/0x10
[  480.202438][T16081]  ? rcu_is_watching+0x12/0xc0
[  480.202451][T16081]  __do_fast_syscall_32+0x7c/0x3a0
[  480.202469][T16081]  do_fast_syscall_32+0x32/0x80
[  480.202485][T16081]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  480.202498][T16081] RIP: 0023:0xf7fd1579
[  480.202507][T16081] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  480.202517][T16081] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  480.202527][T16081] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000740
[  480.202534][T16081] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  480.202540][T16081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  480.202545][T16081] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  480.202551][T16081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  480.202564][T16081]  </TASK>
[  480.612705][T16089] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  480.615814][T16089] IPv6: NLM_F_CREATE should be set when creating new route
[  480.769227][T16094] netdevsim netdevsim1: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  480.774097][T16094] netdevsim netdevsim1: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  480.824291][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  481.621007][T16113] fuse: Bad value for 'fd'
[  481.648426][T14966] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  481.651859][T14966] CPU: 2 UID: 0 PID: 14966 Comm: kworker/u33:1 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  481.651876][T14966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  481.651885][T14966] Workqueue: hci2 hci_rx_work
[  481.651907][T14966] Call Trace:
[  481.651911][T14966]  <TASK>
[  481.651917][T14966]  dump_stack_lvl+0x16c/0x1f0
[  481.651938][T14966]  sysfs_warn_dup+0x7f/0xa0
[  481.651955][T14966]  sysfs_create_dir_ns+0x24b/0x2b0
[  481.651971][T14966]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  481.651987][T14966]  ? find_held_lock+0x2b/0x80
[  481.652003][T14966]  ? do_raw_spin_unlock+0x172/0x230
[  481.652021][T14966]  kobject_add_internal+0x2c4/0x9b0
[  481.652041][T14966]  kobject_add+0x16e/0x240
[  481.652060][T14966]  ? __pfx_kobject_add+0x10/0x10
[  481.652078][T14966]  ? do_raw_spin_unlock+0x172/0x230
[  481.652095][T14966]  ? kobject_put+0xab/0x5a0
[  481.652116][T14966]  device_add+0x288/0x1a70
[  481.652130][T14966]  ? __pfx_dev_set_name+0x10/0x10
[  481.652144][T14966]  ? __pfx_device_add+0x10/0x10
[  481.652157][T14966]  ? mgmt_send_event_skb+0x2fb/0x460
[  481.652177][T14966]  hci_conn_add_sysfs+0x17e/0x230
[  481.652197][T14966]  le_conn_complete_evt+0x1075/0x1d70
[  481.652220][T14966]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  481.652242][T14966]  ? hci_event_packet+0x459/0x11c0
[  481.652274][T14966]  hci_le_conn_complete_evt+0x23c/0x370
[  481.652305][T14966]  hci_le_meta_evt+0x357/0x5e0
[  481.652339][T14966]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  481.652358][T14966]  hci_event_packet+0x682/0x11c0
[  481.652375][T14966]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  481.652394][T14966]  ? __pfx_hci_event_packet+0x10/0x10
[  481.652411][T14966]  ? kcov_remote_start+0x3c9/0x6d0
[  481.652429][T14966]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.652449][T14966]  hci_rx_work+0x2c5/0x16b0
[  481.652468][T14966]  ? rcu_is_watching+0x12/0xc0
[  481.652481][T14966]  process_one_work+0x9cf/0x1b70
[  481.652504][T14966]  ? __pfx_process_one_work+0x10/0x10
[  481.652525][T14966]  ? assign_work+0x1a0/0x250
[  481.652542][T14966]  worker_thread+0x6c8/0xf10
[  481.652563][T14966]  ? __kthread_parkme+0x19e/0x250
[  481.652578][T14966]  ? __pfx_worker_thread+0x10/0x10
[  481.652595][T14966]  kthread+0x3c2/0x780
[  481.652611][T14966]  ? __pfx_kthread+0x10/0x10
[  481.652627][T14966]  ? rcu_is_watching+0x12/0xc0
[  481.652638][T14966]  ? __pfx_kthread+0x10/0x10
[  481.652654][T14966]  ret_from_fork+0x5d7/0x6f0
[  481.652669][T14966]  ? __pfx_kthread+0x10/0x10
[  481.652684][T14966]  ret_from_fork_asm+0x1a/0x30
[  481.652703][T14966]  </TASK>
[  481.652718][T14966] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  481.760659][T14966] Bluetooth: hci2: failed to register connection device
[  481.854331][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  482.094522][T16116] Bluetooth: hci0: command 0x0405 tx timeout
[  482.495289][T16116] Bluetooth: hci1: command 0x0406 tx timeout
[  482.894595][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  483.934346][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  484.174262][ T5952] Bluetooth: hci0: command 0x0405 tx timeout
[  484.405281][T16173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2693'.
[  484.787070][T16177] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2694'.
[  484.790764][T16177] nbd: must specify a size in bytes for the device
[  484.974590][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  485.268372][T16187] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2697'.
[  485.661207][T16192] lo speed is unknown, defaulting to 1000
[  485.665914][T16192] lo speed is unknown, defaulting to 1000
[  485.814613][T13270] Bluetooth: Frame is too long (len 70, expected len 6)
[  485.819740][T13270] Bluetooth: hci4: link tx timeout
[  485.822210][T13270] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  485.826094][T13270] Bluetooth: hci4: killing stalled connection 00:00:00:00:00:00
[  486.014261][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  486.210951][   T40] audit: type=1326 audit(1749148040.795:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.218635][   T40] audit: type=1326 audit(1749148040.795:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.223094][T16208] 9pnet_fd: Insufficient options for proto=fd
[  486.226071][   T40] audit: type=1326 audit(1749148040.795:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.234406][   T40] audit: type=1326 audit(1749148040.795:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.243519][   T40] audit: type=1326 audit(1749148040.795:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.252252][   T40] audit: type=1326 audit(1749148040.795:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.260319][   T40] audit: type=1326 audit(1749148040.795:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.268724][   T40] audit: type=1326 audit(1749148040.795:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.277016][   T40] audit: type=1326 audit(1749148040.795:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.285806][   T40] audit: type=1326 audit(1749148040.795:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16207 comm="syz.4.2704" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000
[  486.996796][T16229] random: crng reseeded on system resumption
[  487.004398][T16229] IPVS: set_ctl: invalid protocol: 115 172.20.20.11:0
[  487.054348][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  487.867210][T13270] Bluetooth: hci4: command 0x0406 tx timeout
[  488.094449][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  488.347536][ T7290] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.502345][ T7290] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.590239][T16116] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  488.594980][T16116] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  488.599932][T16116] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  488.604245][T16116] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  488.616936][T16116] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  488.666657][ T7290] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.696136][T16259] lo speed is unknown, defaulting to 1000
[  488.699002][T16259] lo speed is unknown, defaulting to 1000
[  488.764064][ T7290] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.924663][T16259] chnl_net:caif_netlink_parms(): no params data found
[  489.134351][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  489.333847][ T7290] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  489.339213][ T7290] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  489.343032][ T7290] bond0 (unregistering): Released all slaves
[  489.443235][T16259] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.445626][T16259] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.447983][T16259] bridge_slave_0: entered allmulticast mode
[  489.450679][T16259] bridge_slave_0: entered promiscuous mode
[  489.453864][T16259] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.456201][T16259] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.458464][T16259] bridge_slave_1: entered allmulticast mode
[  489.461063][T16259] bridge_slave_1: entered promiscuous mode
[  489.509198][T16259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  489.518554][T16259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  489.596199][T16259] team0: Port device team_slave_0 added
[  489.601023][T16259] team0: Port device team_slave_1 added
[  489.728131][T16259] batman_adv: batadv0: Adding interface: batadv_slave_0
[  489.730755][T16259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.741585][T16259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  489.748844][T16259] batman_adv: batadv0: Adding interface: batadv_slave_1
[  489.751126][T16259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.760241][T16259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  489.848726][T16259] hsr_slave_0: entered promiscuous mode
[  489.851084][T16259] hsr_slave_1: entered promiscuous mode
[  489.853236][T16259] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  489.864228][T16259] Cannot create hsr debugfs directory
[  489.944345][T16116] Bluetooth: hci4: command 0x0406 tx timeout
[  490.021489][ T7290] hsr_slave_0: left promiscuous mode
[  490.024370][ T7290] hsr_slave_1: left promiscuous mode
[  490.026692][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  490.029096][ T7290] batman_adv: batadv0: Removing interface: batadv_slave_0
[  490.032261][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  490.036832][ T7290] batman_adv: batadv0: Removing interface: batadv_slave_1
[  490.080791][ T7290] veth1_macvtap: left promiscuous mode
[  490.083609][ T7290] veth0_macvtap: left promiscuous mode
[  490.085565][ T7290] veth1_vlan: left promiscuous mode
[  490.087307][ T7290] veth0_vlan: left promiscuous mode
[  490.120573][T16306] netlink: 'syz.1.2725': attribute type 27 has an invalid length.
[  490.184268][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  490.744910][T16116] Bluetooth: hci1: command tx timeout
[  491.175215][ T7290] team0 (unregistering): Port device team_slave_1 removed
[  491.214293][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  491.286235][ T7290] team0 (unregistering): Port device team_slave_0 removed
[  492.129032][T16306] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.131539][T16306] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.219848][T16306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.231070][T16306] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  492.254356][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  492.298099][T16306] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  492.301006][T16306] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  492.303905][T16306] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  492.307484][T16306] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  492.393422][T16309] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.399719][T16309] 8021q: adding VLAN 0 to HW filter on device team0
[  492.409017][T16309] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  492.536336][T16325] batman_adv: batadv0: Adding interface: ip6gretap1
[  492.538560][T16325] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.546808][T16325] batman_adv: batadv0: Interface activated: ip6gretap1
[  492.814463][T13270] Bluetooth: hci1: command tx timeout
[  492.814541][T16116] Bluetooth: hci4: command 0x0406 tx timeout
[  492.901534][ T7290] IPVS: stop unused estimator thread 0...
[  493.108132][ T7290] bridge_slave_1: left allmulticast mode
[  493.110186][ T7290] bridge_slave_1: left promiscuous mode
[  493.112143][ T7290] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.120912][ T7290] bridge_slave_0: left allmulticast mode
[  493.122826][ T7290] bridge_slave_0: left promiscuous mode
[  493.129790][ T7290] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.304246][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  493.703712][ T7290] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  493.708089][ T7290] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  493.711813][ T7290] bond0 (unregistering): Released all slaves
[  493.758789][T16259] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  493.767271][T16259] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  493.857227][T16259] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  493.870574][T16259] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  494.161131][T16259] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.172399][T16259] 8021q: adding VLAN 0 to HW filter on device team0
[  494.179668][T16322] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.182110][T16322] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.244126][T16322] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.246466][T16322] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.341300][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  494.371402][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  494.376293][ T7290] batman_adv: batadv0: Removing interface: batadv_slave_0
[  494.380405][ T7290] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  494.382843][ T7290] batman_adv: batadv0: Removing interface: batadv_slave_1
[  494.423272][ T7290] veth1_macvtap: left promiscuous mode
[  494.427280][ T7290] veth0_macvtap: left promiscuous mode
[  494.894377][ T5952] Bluetooth: hci1: command tx timeout
[  495.384325][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  495.511120][ T7290] team0 (unregistering): Port device team_slave_1 removed
[  495.682225][ T7290] team0 (unregistering): Port device team_slave_0 removed
[  496.416579][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  496.730635][T16259] 8021q: adding VLAN 0 to HW filter on device batadv0
[  496.984492][ T5952] Bluetooth: hci1: command tx timeout
[  497.017530][T16259] veth0_vlan: entered promiscuous mode
[  497.027148][T16259] veth1_vlan: entered promiscuous mode
[  497.047415][T16259] veth0_macvtap: entered promiscuous mode
[  497.051882][T16259] veth1_macvtap: entered promiscuous mode
[  497.069991][T16259] batman_adv: batadv0: Interface activated: batadv_slave_0
[  497.088542][T16259] batman_adv: batadv0: Interface activated: batadv_slave_1
[  497.096039][T16259] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  497.101175][T16259] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  497.106023][T16259] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  497.109673][T16259] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.158340][ T7290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.161993][ T7290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.192563][T16322] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.199843][T16322] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.314576][T16422] netlink: 'syz.3.2746': attribute type 10 has an invalid length.
[  497.327104][T16425] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2747'.
[  497.343431][T16422] ==================================================================
[  497.346807][T16422] BUG: KASAN: global-out-of-bounds in fib6_clean_node+0x51c/0x5b0
[  497.349842][T16422] Read of size 8 at addr ffffffff9b00aa48 by task syz.3.2746/16422
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  497.355224][T16422] 
[  497.356350][T16422] CPU: 3 UID: 0 PID: 16422 Comm: syz.3.2746 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  497.356375][T16422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  497.356388][T16422] Call Trace:
[  497.356401][T16422]  <TASK>
[  497.356410][T16422]  dump_stack_lvl+0x116/0x1f0
[  497.356440][T16422]  print_report+0xcd/0x680
[  497.356459][T16422]  ? __virt_addr_valid+0x81/0x610
[  497.356479][T16422]  ? __phys_addr+0xe8/0x180
[  497.356498][T16422]  ? fib6_clean_node+0x51c/0x5b0
[  497.356516][T16422]  kasan_report+0xe0/0x110
[  497.356532][T16422]  ? fib6_clean_node+0x51c/0x5b0
[  497.356549][T16422]  fib6_clean_node+0x51c/0x5b0
[  497.356565][T16422]  ? __pfx_fib6_clean_node+0x10/0x10
[  497.356585][T16422]  fib6_walk_continue+0x452/0x8d0
[  497.356614][T16422]  fib6_walk+0x182/0x370
[  497.356639][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.356656][T16422]  fib6_clean_tree+0xd4/0x110
[  497.356681][T16422]  ? __pfx_fib6_clean_tree+0x10/0x10
[  497.356706][T16422]  ? notifier_call_chain+0xbc/0x410
[  497.356727][T16422]  ? call_netdevice_notifiers_info+0xbe/0x140
[  497.356750][T16422]  ? __pfx_fib6_clean_node+0x10/0x10
[  497.356767][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.356787][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.356804][T16422]  __fib6_clean_all+0x107/0x2d0
[  497.356835][T16422]  rt6_disable_ip+0x2ec/0x990
[  497.356857][T16422]  ? __mutex_trylock_common+0xe9/0x250
[  497.356883][T16422]  ? __pfx___mutex_trylock_common+0x10/0x10
[  497.356908][T16422]  ? __pfx_rt6_disable_ip+0x10/0x10
[  497.356931][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.356957][T16422]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  497.356978][T16422]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  497.357009][T16422]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  497.357034][T16422]  addrconf_notify+0x220/0x19e0
[  497.357053][T16422]  ? ip6mr_device_event+0x1bc/0x230
[  497.357075][T16422]  notifier_call_chain+0xbc/0x410
[  497.357095][T16422]  ? __pfx_addrconf_notify+0x10/0x10
[  497.357115][T16422]  call_netdevice_notifiers_info+0xbe/0x140
[  497.357134][T16422]  __dev_notify_flags+0x1f7/0x2e0
[  497.357154][T16422]  ? __pfx___dev_notify_flags+0x10/0x10
[  497.357169][T16422]  ? __dev_change_flags+0x3d5/0x720
[  497.357184][T16422]  ? __pfx___dev_change_flags+0x10/0x10
[  497.357200][T16422]  ? lock_acquire+0x179/0x350
[  497.357214][T16422]  ? __pfx_validate_linkmsg+0x10/0x10
[  497.357232][T16422]  netif_change_flags+0x108/0x160
[  497.357248][T16422]  do_setlink.constprop.0+0xb53/0x4380
[  497.357265][T16422]  ? trace_sched_exit_tp+0xde/0x130
[  497.357279][T16422]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  497.357297][T16422]  ? __lock_acquire+0xb8a/0x1c90
[  497.357312][T16422]  ? __pfx___schedule+0x10/0x10
[  497.357326][T16422]  ? do_raw_spin_lock+0x12c/0x2b0
[  497.357344][T16422]  ? mark_held_locks+0x49/0x80
[  497.357358][T16422]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  497.357372][T16422]  ? lockdep_hardirqs_on+0x7c/0x110
[  497.357387][T16422]  ? __mutex_lock+0x1ca/0xb90
[  497.357408][T16422]  ? rtnl_newlink+0x600/0x2000
[  497.357424][T16422]  ? __pfx___mutex_lock+0x10/0x10
[  497.357439][T16422]  ? apparmor_capable+0x114/0x1d0
[  497.357454][T16422]  ? netlink_ns_capable+0xfa/0x130
[  497.357472][T16422]  rtnl_newlink+0x1446/0x2000
[  497.357491][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.357508][T16422]  ? kasan_quarantine_put+0x10a/0x240
[  497.357524][T16422]  ? lockdep_hardirqs_on+0x7c/0x110
[  497.357539][T16422]  ? kmem_cache_free+0x2d1/0x4d0
[  497.357554][T16422]  ? kfree_skbmem+0x1a4/0x1f0
[  497.357568][T16422]  ? __lock_acquire+0x622/0x1c90
[  497.357583][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.357594][T16422]  ? trace_cap_capable+0x18d/0x200
[  497.357607][T16422]  ? find_held_lock+0x2b/0x80
[  497.357617][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.357632][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.357648][T16422]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  497.357664][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.357680][T16422]  rtnetlink_rcv_msg+0x95e/0xe90
[  497.357697][T16422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  497.357715][T16422]  ? ref_tracker_free+0x37c/0x830
[  497.357735][T16422]  netlink_rcv_skb+0x155/0x420
[  497.357745][T16422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  497.357762][T16422]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  497.357775][T16422]  ? netlink_deliver_tap+0x1ae/0xd30
[  497.357793][T16422]  netlink_unicast+0x53a/0x7f0
[  497.357804][T16422]  ? __pfx_netlink_unicast+0x10/0x10
[  497.357817][T16422]  netlink_sendmsg+0x8d1/0xdd0
[  497.357828][T16422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.357839][T16422]  ? __import_iovec+0x1dd/0x650
[  497.357851][T16422]  ____sys_sendmsg+0xa95/0xc70
[  497.357863][T16422]  ? __pfx_____sys_sendmsg+0x10/0x10
[  497.357875][T16422]  ? get_compat_msghdr+0x11a/0x170
[  497.357892][T16422]  ? try_to_wake_up+0xa2f/0x1680
[  497.357904][T16422]  ___sys_sendmsg+0x134/0x1d0
[  497.357920][T16422]  ? __pfx____sys_sendmsg+0x10/0x10
[  497.357974][T16422]  ? find_held_lock+0x2b/0x80
[  497.357990][T16422]  __sys_sendmsg+0x16d/0x220
[  497.358006][T16422]  ? __pfx___sys_sendmsg+0x10/0x10
[  497.358022][T16422]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  497.358042][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.358054][T16422]  __do_fast_syscall_32+0x7c/0x3a0
[  497.358072][T16422]  do_fast_syscall_32+0x32/0x80
[  497.358088][T16422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  497.358103][T16422] RIP: 0023:0xf7fb3579
[  497.358112][T16422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  497.358124][T16422] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  497.358134][T16422] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  497.358142][T16422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  497.358148][T16422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  497.358155][T16422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.358161][T16422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  497.358171][T16422]  </TASK>
[  497.358176][T16422] 
[  497.464345][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  497.464740][T16422] The buggy address belongs to the variable:
[  497.464751][T16422]  binder_devices+0x8/0x40
[  497.596072][T16422] 
[  497.597107][T16422] The buggy address belongs to the physical page:
[  497.599755][T16422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1b00a
[  497.603348][T16422] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  497.606642][T16422] raw: 00fff00000002000 ffffea00006c0288 ffffea00006c0288 0000000000000000
[  497.610200][T16422] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  497.613738][T16422] page dumped because: kasan: bad access detected
[  497.616375][T16422] page_owner info is not present (never set?)
[  497.618880][T16422] 
[  497.619910][T16422] Memory state around the buggy address:
[  497.622173][T16422]  ffffffff9b00a900: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  497.625470][T16422]  ffffffff9b00a980: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  497.628690][T16422] >ffffffff9b00aa00: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[  497.631594][T16422]                                               ^
[  497.634222][T16422]  ffffffff9b00aa80: 00 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
[  497.637522][T16422]  ffffffff9b00ab00: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
[  497.640746][T16422] ==================================================================
[  497.643881][T16422] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  497.646197][T16422] CPU: 3 UID: 0 PID: 16422 Comm: syz.3.2746 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full) 
[  497.650843][T16422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  497.655193][T16422] Call Trace:
[  497.656603][T16422]  <TASK>
[  497.658073][T16422]  dump_stack_lvl+0x3d/0x1f0
[  497.660024][T16422]  panic+0x71c/0x800
[  497.661589][T16422]  ? __pfx_panic+0x10/0x10
[  497.663127][T16422]  ? mark_held_locks+0x49/0x80
[  497.665099][T16422]  ? fib6_clean_node+0x51c/0x5b0
[  497.667039][T16422]  ? fib6_clean_node+0x51c/0x5b0
[  497.669136][T16422]  check_panic_on_warn+0xab/0xb0
[  497.671155][T16422]  end_report+0x107/0x170
[  497.672525][T16422]  kasan_report+0xee/0x110
[  497.674158][T16422]  ? fib6_clean_node+0x51c/0x5b0
[  497.676272][T16422]  fib6_clean_node+0x51c/0x5b0
[  497.678068][T16422]  ? __pfx_fib6_clean_node+0x10/0x10
[  497.680287][T16422]  fib6_walk_continue+0x452/0x8d0
[  497.682091][T16422]  fib6_walk+0x182/0x370
[  497.683914][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.685998][T16422]  fib6_clean_tree+0xd4/0x110
[  497.688008][T16422]  ? __pfx_fib6_clean_tree+0x10/0x10
[  497.690251][T16422]  ? notifier_call_chain+0xbc/0x410
[  497.692464][T16422]  ? call_netdevice_notifiers_info+0xbe/0x140
[  497.695041][T16422]  ? __pfx_fib6_clean_node+0x10/0x10
[  497.697258][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.699391][T16422]  ? __pfx_fib6_ifdown+0x10/0x10
[  497.701528][T16422]  __fib6_clean_all+0x107/0x2d0
[  497.703609][T16422]  rt6_disable_ip+0x2ec/0x990
[  497.705705][T16422]  ? __mutex_trylock_common+0xe9/0x250
[  497.708007][T16422]  ? __pfx___mutex_trylock_common+0x10/0x10
[  497.710525][T16422]  ? __pfx_rt6_disable_ip+0x10/0x10
[  497.712748][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.714781][T16422]  addrconf_ifdown.isra.0+0x11d/0x1a90
[  497.717105][T16422]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  497.719478][T16422]  ? __pfx_addrconf_ifdown.isra.0+0x10/0x10
[  497.721976][T16422]  addrconf_notify+0x220/0x19e0
[  497.724052][T16422]  ? ip6mr_device_event+0x1bc/0x230
[  497.726269][T16422]  notifier_call_chain+0xbc/0x410
[  497.728365][T16422]  ? __pfx_addrconf_notify+0x10/0x10
[  497.730591][T16422]  call_netdevice_notifiers_info+0xbe/0x140
[  497.733142][T16422]  __dev_notify_flags+0x1f7/0x2e0
[  497.735267][T16422]  ? __pfx___dev_notify_flags+0x10/0x10
[  497.737581][T16422]  ? __dev_change_flags+0x3d5/0x720
[  497.739789][T16422]  ? __pfx___dev_change_flags+0x10/0x10
[  497.742113][T16422]  ? lock_acquire+0x179/0x350
[  497.744126][T16422]  ? __pfx_validate_linkmsg+0x10/0x10
[  497.746359][T16422]  netif_change_flags+0x108/0x160
[  497.748470][T16422]  do_setlink.constprop.0+0xb53/0x4380
[  497.750765][T16422]  ? trace_sched_exit_tp+0xde/0x130
[  497.752932][T16422]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  497.755408][T16422]  ? __lock_acquire+0xb8a/0x1c90
[  497.757493][T16422]  ? __pfx___schedule+0x10/0x10
[  497.759553][T16422]  ? do_raw_spin_lock+0x12c/0x2b0
[  497.761688][T16422]  ? mark_held_locks+0x49/0x80
[  497.763749][T16422]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  497.766114][T16422]  ? lockdep_hardirqs_on+0x7c/0x110
[  497.768287][T16422]  ? __mutex_lock+0x1ca/0xb90
[  497.770231][T16422]  ? rtnl_newlink+0x600/0x2000
[  497.772225][T16422]  ? __pfx___mutex_lock+0x10/0x10
[  497.774342][T16422]  ? apparmor_capable+0x114/0x1d0
[  497.776426][T16422]  ? netlink_ns_capable+0xfa/0x130
[  497.778628][T16422]  rtnl_newlink+0x1446/0x2000
[  497.780608][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.782726][T16422]  ? kasan_quarantine_put+0x10a/0x240
[  497.784959][T16422]  ? lockdep_hardirqs_on+0x7c/0x110
[  497.787154][T16422]  ? kmem_cache_free+0x2d1/0x4d0
[  497.789241][T16422]  ? kfree_skbmem+0x1a4/0x1f0
[  497.791249][T16422]  ? __lock_acquire+0x622/0x1c90
[  497.793394][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.795424][T16422]  ? trace_cap_capable+0x18d/0x200
[  497.797559][T16422]  ? find_held_lock+0x2b/0x80
[  497.799698][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.801976][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.804311][T16422]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  497.806167][T16422]  ? __pfx_rtnl_newlink+0x10/0x10
[  497.807778][T16422]  rtnetlink_rcv_msg+0x95e/0xe90
[  497.809409][T16422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  497.811153][T16422]  ? ref_tracker_free+0x37c/0x830
[  497.812789][T16422]  netlink_rcv_skb+0x155/0x420
[  497.814320][T16422]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  497.816026][T16422]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  497.817687][T16422]  ? netlink_deliver_tap+0x1ae/0xd30
[  497.819361][T16422]  netlink_unicast+0x53a/0x7f0
[  497.820885][T16422]  ? __pfx_netlink_unicast+0x10/0x10
[  497.822580][T16422]  netlink_sendmsg+0x8d1/0xdd0
[  497.824102][T16422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  497.825773][T16422]  ? __import_iovec+0x1dd/0x650
[  497.827311][T16422]  ____sys_sendmsg+0xa95/0xc70
[  497.828821][T16422]  ? __pfx_____sys_sendmsg+0x10/0x10
[  497.830490][T16422]  ? get_compat_msghdr+0x11a/0x170
[  497.832135][T16422]  ? try_to_wake_up+0xa2f/0x1680
[  497.833731][T16422]  ___sys_sendmsg+0x134/0x1d0
[  497.835246][T16422]  ? __pfx____sys_sendmsg+0x10/0x10
[  497.836883][T16422]  ? find_held_lock+0x2b/0x80
[  497.838391][T16422]  __sys_sendmsg+0x16d/0x220
[  497.839852][T16422]  ? __pfx___sys_sendmsg+0x10/0x10
[  497.841491][T16422]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  497.843308][T16422]  ? rcu_is_watching+0x12/0xc0
[  497.844778][T16422]  __do_fast_syscall_32+0x7c/0x3a0
[  497.846411][T16422]  do_fast_syscall_32+0x32/0x80
[  497.847941][T16422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  497.849917][T16422] RIP: 0023:0xf7fb3579
[  497.851263][T16422] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  497.858460][T16422] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  497.861731][T16422] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[  497.864395][T16422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  497.866872][T16422] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  497.869565][T16422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.872295][T16422] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  497.874840][T16422]  </TASK>
[  497.876510][T16422] Kernel Offset: disabled
[  497.877762][T16422] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:19:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000ace983 RBX=0000000000000000 RCX=ffffffff8b7b4c69 RDX=0000000000000000
RSI=ffffffff8dc0ea98 RDI=ffffffff8bf55a60 RBP=fffffbfff1c12ef0 RSP=ffffffff8e007e08
R8 =0000000000000001 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097780 R14=ffffffff90881950 R15=0000000000000000
RIP=ffffffff8b7b37cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097765000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002e106ffc CR3=0000000054ffd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000001 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000fffffffd Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb4fd075b 00007ffeb4fd075b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb4fd0c60 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb4fd0c60 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5353424920646574 61657243203a306e 616c77205d303932 3754205b5d303400
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5353424320646574 6165724320303064 6166772057303332 3754205157303400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74746120676e6973 7261702072657466 61207265766f7466 656c207365747962
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 206f742055544d20 65687420676e6974 746553202e65636e 616d726f66726570
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e6d656c626f7270 206568742065766c 6f7320646c756f77 2030363531206f74
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2055544d20656874 20676e6974746553 202e65636e616d72 6f66726570206568
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420746361706d69 20646c756f632068 6369687720327265 79616c206e6f2064
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000001472ce3 RBX=0000000000000001 RCX=ffffffff8b7b4c69 RDX=0000000000000000
RSI=ffffffff8dc0ea98 RDI=ffffffff8bf55a60 RBP=ffffed1003a57488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666645 R10=ffff88802b33322b R11=0000000000000001
R12=0000000000000001 R13=ffff88801d2ba440 R14=ffffffff90881950 R15=0000000000000000
RIP=ffffffff8b7b37cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097865000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c291fa2 CR3=0000000059fb9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000021c00000000 0000000800000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b5438e0 RCX=ffffffff81af6fed RDX=ffff888022f6a440
RSI=ffffffff81af6fc9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90002e27500
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed10056a871d R15=ffff88802b43d080
RIP=ffffffff81af6fcb RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097965000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f16e40 CR3=000000004f4ef000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73b2ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8557aa85 RDI=ffffffff9ae69a00 RBP=ffffffff9ae699c0 RSP=ffffc900041963e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3966666666666666
R12=0000000000000000 R13=000000000000000d R14=ffffffff9ae699c0 R15=ffffffff8557aa20
RIP=ffffffff8557aaaf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097a65000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f3e48218 CR3=0000000054ffd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcfeffd0 Opmask01=0000000000000003 Opmask02=00000000ffff7fdf Opmask03=0000000082000020
Opmask04=00000000ffdfffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561b27b6ddc0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561b27b64480
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 de614368a8fb4588 7373256d3577bfec
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737372f2 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00316963682f6874 6f6f7465756c622f 6c6175747269762f 736563697665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6d697377685f31 3132303863616d2f 6c6175747269762f 736563697665642f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001c1 6c2f0073656c7572 00000033746e6500 307761726469682f
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3139312c3039312c 4638312c4538312c 4238312c3938312c 3838312c3538312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3438312c3138312c 3937312c3737312c 3437312c4436312c 4336312c3636312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3336312c3136312c 3036312c30462c46 442c30442c46432c 38412c37412c4639
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000