last executing test programs:

25.620445174s ago: executing program 1 (id=1433):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xe, 0x4, 0x4, 0x20002, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)

25.341100983s ago: executing program 1 (id=1434):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe"], 0xfe33)

25.340875472s ago: executing program 1 (id=1435):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b7040000000000008500000033000000850000000500000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

25.261125191s ago: executing program 1 (id=1436):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair(0x2, 0x3, 0x0, &(0x7f0000000740))
close(r0)

25.230683166s ago: executing program 1 (id=1437):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200"], 0x50)

25.179898382s ago: executing program 1 (id=1438):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef)
r3 = syz_clone(0x5000, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0)
write$cgroup_pid(r2, &(0x7f00000005c0)=r3, 0x12)

24.938005208s ago: executing program 32 (id=1438):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef)
r3 = syz_clone(0x5000, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0)
write$cgroup_pid(r2, &(0x7f00000005c0)=r3, 0x12)

5.441902455s ago: executing program 3 (id=1597):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1050, 0x0, 0x11, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000400)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x13}, @fda={0x66646185, 0x2, 0x1, 0x2e}, @fd={0x66642a85, 0x0, r3}}, &(0x7f0000000200)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

5.411462769s ago: executing program 3 (id=1599):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x28980, 0x108)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

5.320882021s ago: executing program 3 (id=1600):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000000)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r1, &(0x7f0000005100)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/106, 0x6a}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x101d0, 0x0)

4.489859393s ago: executing program 3 (id=1604):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
sendmsg$key(0xffffffffffffffff, &(0x7f00005f5000)={0x1000000, 0x0, 0x0}, 0x0)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
fstat(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r2}})
removexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB='o'])
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2a442, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000000100000000000000000000000000000000000000ff"])
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f00000007c0)={{0x1, 0x0, 0x80, {0x8000000, 0x1000, 0x300}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca520dd948ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238d428f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa374a876e5d4604a5f590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d16749446fdadd97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a86ca14818b9dae534559c2c5a542a12949a22fddb9060e8a4336de96276dd92124000f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc9fc22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898b6d77600e047a1ac73b99cc9348e60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f7a166629cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af00459b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8e81015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748b5544f3f89cfb6437085543c10e96b8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49bd86f14c65e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f43bc32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff509d2407214c02e7020ca479e93c3fb2b867ad73e6babb4d35f329cd54c4c80d227d0710cf384fd9a39d444053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a6882aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe38a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe55e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f444379182f5356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db41e4dfb96d0fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda1d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d56", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c111d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0fb91aa4e1a545b34a9b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000600)={0xa})
syz_fuse_handle_req(r1, &(0x7f0000006340)="0cd15f7906ac04277a537a2e6a7d63435a18364a6caf07d596947d034ed0ffeac99f2006e277ef5a1c7b92cb60a68c268a96f309c25c8b9f21e88485e96161b4d3cd135c8c778bc218c7c12b23638a72d82aea29c582f0f02afe3991d3bef475df98cf78bafb14e0f199c08c35edb6221e68d27e71db10d6221c412f848279240df410d67a002400c04d8514ee5a4b4a3ab7d6ceb2572ad1622f33d1253016b77d9203b1f4ff252437ab08a43056fc5df16b3731d167cf921c9b7d0cf1098914ddb6ed543f4e1cc0ca9824f29bd6e56819b92bb968a85bb0612cd814d601d0e943b1aceeb21b49909ab065a3e2af92191c84411d5f03246b11a6d4c855428086d34f508dd7ea0d5d69d421db76e6b8e328e325dfd7bc0b8f4d9c0bac4fa4ea121da3b4f5a19debeb9bc38e946055ead9724998c6dccfbc54344218b1d25ad27f3ed7c07ec39c452d55d34772ce47abaab20fe8acf436a78ba32ba95371f8a2185d0a025f13baa9c9fd264cd534039ac07e54299a46bdbd96d4ed1485da7ef147cbef745178706df7d2810c4b326aafdff4c7cb1f0881d709e96c5b1b6ad9f314d24f0a91238edb3d6402f668ea773a346667548f5f63e7f780af63fd669be53e9ab1215e823eb5e0670e6acfbd1923d69fccace4a6bf9f0cf25574b5d4aaec3211bc3ce5b0035070c237ec53738441ef2d64f89be34e5aa2a9b38b171545a0465725c3dc76eb0757eb7f6fafaf07b383fd6d4c42c3710dda60d729c79f7a38e12f5dcd9eb3e4f0713db7f0cc163041d4d868c5fb5d4627f3639de8366ca25d4eb3079500e7dfb85059c25f4483790b1f17e7d36a4f8ead2549920f4887b7e2b77b1189ee58f85e21de1e5914d0d53bfd3093546f0f1a90405e7b2a9ba633ee645f9f5a0b113517da1266b8752b66a57bdebff937ae03108fdf5707f5ad931f83ac072458969443f0d1ab987f7ef54bcb3ebc78cf13137f063c9e94c926dfed19cd35e00e8a7343d890413b99eb1cbd04a76c2f933a9315d7fda83def51373d30cbafa227e5cbbf5f5a7869620f20f426e9e88aee3ddad5b29ff6081184893bbe823015ed9b0873914db257bb6d12a291b18f579544457d24f3698c61b9381b913aebc28c91e032d77285cac49e85e3529b5b1736460f95519d15cbc7cde61a858584567717a6d7c2a3c840cbe6ffbb79d2f524f5040b4acaf62d8ab48704ffdf6e6774aa555cec17f96a6e862e3f9a0a9aa1f161aa6488abbde9caa9b8bae758a1e489f60dfb052c03ec0f8af0910d60adf76537dbcd8a4c1d2a188bd0fde6e3539e3ebcd3f331656227cad53d583dd19395b3188f3d1fe71b7afe0977210da9d5411c8c8abddd7d2c8973c8cdc19f6c6df6cf26cb480a17c5a5c61517dc6488f41bbea804a78ae75909f3705a011632f897ceaba8bdd5a8ccb693d43c0334c775f379ad7c181839b5965ef389bebea126d6bf745082fff440b1afbe5653513d43d3eed9d4f926e4325e38497add0fba5de6d0694c30ed242ce73a9e6f8ab7f50fd741c839968058888a693e4c0ed648e97e2039c6714980752edf56108645139e96d19be00b63354966dd39bb3a88fc4cbbaa381c62374cef22310d016721ca68683fa5469bd5c562aeb6e1d9fa8fc0c166e0e63c34ee69c9eb237b2c4ddfc16842f84c16931ee30e7c6f9b04dc1cfecb26098d4b81187af7726f528c1f0fb8e31d830b11ed5ffd05758fcedeb21e3e3d2ab12ba71afd3bf857241afcbb25fe0bc801e15ce3221c7e7e1bf17bbd584248ed526dac14366a3e60fea1037985c3391def643fecaea653643511ca87cf7384eec38dc1fc1e54d74a5f85d277d88bd706e54ae8945b90357c4a9ada1457f8aa7367286ce9d1248d704d8980b80eda6a000db5350b90489d964a4abf63b1a0dd99c57fa20e491f4e919bedc887cd5878ff6bbb423a039632cdea4d69b317f7a3f52c16e15e30569ed6c79671d7cbc2e80f483c194f3aa9d1b9e7d092e4b9bd267f9e85b4dced73db2d7683c7f480154417def78d14f792310ab7097ae8c7b2b78c37fc58605d14109930f69f04bb8a653fd15eea379812e565f99d912729aa59d57f2e7099981ce7d01e4889c50bbf22c620be26ad47002808e114ab0a1cd2f670ffddaee63040479609ecee62a0abe087aa2660de7a999109363bf9404b1858ed357fa25ed3c921526eac32d831a5b4a17a4d4b9f794bdd4b132d4672e34682a62db192f2ac2036fb9162773e9c4c14691c6bd0f7d12b2e81e0a78b97ea077138abb6720ab45cfe306b864df32b279457474297bb48ffb6ad8524ac8729f42f3873bc3e422e4448e28b41a1baf05bcb91ce0010074262b4d7204274819229a9b879946c067466910c58565a4adac8956847d81b343476fd456cc2929d3c69936551a469d6946cc01161c88fc0fc654988271808bb96a77bedd2ec31270107461078edc1218388341773fa05b3f19213997ac5c9455ffbcb9db1f8421985cc2603ad5df3141610ec4b840e628bcc8514eebc1570ccc93ebcb7310ec80b606cd1e914f5a77959710c005bc35a09f92e36dcf9466d015cd93fb0204d5f51166ecf66cc226849da72a202650fe96b70ee0e84888a94b50f2a9f51ed0d20d081e53967d6c88007610f8c2d22e321105a2424619deba220b008c13342360e1c67b01557e5093eb6101f491632589b841200fb14825c5199d264c0937d6555f9b39bce32ba3be9e22ccfd20260a1fa825bfc29b76dae9ffc4e11fddb5617ba0cebb8625ae7eae7655482079832344a60f6b569ff2194df6c6dc739ab5fca7ba7b89f5b759f09763811357e438444c4fdeae9178e4c913dfbcb55411ce706dfbe711712b21e2fa1b7b93a28422179edc32ecae404fa3a71eaa7471aa455fff72a3d83114ceb1476cee1dad8edadd1128396c6aba248fe2c408b3fd7059eedea84b45204b50a69e0061e44a95ef8aa126b103934f024f2cfaf4a027a8316111a053d665e0e613770c5f556c0a83edb6fc07b616ce48e37a7faa0f219c2691c246c28b3115ae03f4976ead15a30e0740e3fc11b5190a431a8b801ee6a5c4379ca7fca95a728c5154ffdba085f51f6f4a4f245c704ea9e8b32bb0d5a51b3aaec38e58acd35d46ee0b854594c416861a40be5337f0faa9d7ea62f640b2f8dbddebb745425edddbc5fd60db0b5a9c5ec00846c0284312a75af11b89bc60c9e85f9c5562694a19022b997b1625c6299724250b987067f598a3a63d62db67f9404b416292dc23035a96411065667587b6ce4bff38f870c3964f4cf0c765cc8aadadff9138bdcd624900920b0c8c0564bffa3a0dc16c7ec7e7ad4af3f01e9e25b573ac39837373ce14d1707e5bf364efe92799ce68b52551b24d2033a04b20df2b706e7d02d4d4b81d935b0016cacf37485c4251d9b5e8f0aa04e40a64f2a817b7d3fc625ad91811db20d7a832aa3f0d06c2ce53b6dd91930b25acb5e28595a4c5f16c425d77f2fdab31e9294cb99877396cbfc9309ae2ed3bf1001685d1b80839f70c0729649d6f5b3dc35b64eae2162e65963ce75503970390df8a8727148262a42f93707d0b7ec665f913d886ec86d3f807b2153504b0e3fc2b5e6c25f38b8b12c4e3c71e9606744729fb858354fb2c94f140ddf96c151c988d07ecd9013b846e78c7893ebfcab42da2ce141f4a04dee9edde3fca26a22b5cd04eb060adc3d51de6211f3287a0aad1c8b687a292b03d444fef2631b3b371cbf01ae2cdadba3fd89a3da699c9f41309aa0e514dc9fbbc4c9897d96d9ef948006763c4043b292616f48da709f139a7481545eeaf988792690aad75ee281a61081bcc486a52707e1863223a1cbe77a67231fc0b5e8019828ced740874463bd125a183386e45bf08fbb3724471a080f120987ec39b74b60f8adaf828ee7d97b265c9536a4b90a64dbb0d82e631c78ff86880ab2b0d1c23e1bcf343fff0bbb5577991b9e98da217259786505ef8825b9eff7160f3204c89a5dbc1282bb8194fee5eaa104c388c20d9185c36932cd737eb09f958133775500b9ca548ffdc515725a5493c7a74e932546b4f503789e338ddc4d7f664868a44e80a298e9177382054511f2b91ffabe30b7eb6e2bb59351e49b2dc5581685564788bd7d336176d60435ffa61742dd867a9bbddd145a6cfd809da0b73efd968fb135014b5fa25c1e8e6f23c05548cc54dfb4ea29e20e9ac4cfbd18667cfbd5a4ba807d6dbd76f7e70c4c6b5d2373c2dbb99e0f9f048dd3c53df3c35c84e07a58e1b4b5d8d383d625a95d53b0d616bb33c8a0bfd25d140f058c88a1e0c0da958a7791c1eb46077c4c2b5a51e6320c0b1e2254e0f50cbe2fe66e730a2de638204db83e550c6eb41e5be4caf060732ab388670a1d2ea8cb927747da1aa1f0b2e4eaa866f40538b96c3dad8ba94807f27c9e8042b3025b60b4b17cd2ec911c3570bbd3a5c1d54853c3ad724f913342c68021557bcfde0ad378dac777e4c94bee6eac8780ccf84dc177e51a6c6bac93e92a3e9c2f1436101f5d2119df61e1e80ce22a751878a1dab7c48fb34ea28cbd49dad4e09098133f881c66cbaafb8c3b7f74d02823b2dc8cfd4ad2e08fbfc79356d678a1432458d75a153817a6ed507200127e9f82288d35dd7d67454469ff9cc8920cb950fd90487397719a2ab2b29bd09f3459594a96303f96b5160e45656765029c6bfdc3e48d12eff7b34f7a119c1b0da347f12b207c5021ecf8c98c3db3ca9310dd73767a5389bc2d6eee51dc9a2b76138114b9a0bc90a50e9ea46f5146aabd49c6593f23b755326bc335955cf9d9b5bab95076f202671b092915ed8b29f657e3144b0bc7c5d1787d9c6a66a166478e1a7e128d519a8b6776c0b219e98dd3b17c3e0d43362a1a34f595ba02ede00a3f2af76783a433d635d07c6d72298936a00870290e7c1978eb526b01cd09d425ed29558328822bb30b21abdd9db4ab353da5881392dd91204f2e6d0e5417de19ac1d015fc058b94d31196d174d04934f868c195c603de7a1dafe05e6fba8fd33574342bb9c5d32a49126e0bdeb07fa67247ee943822da5cb0366732f75c1603c09bc1de96b815a84f9fb431fad9e845ef6c642579030ae4f165ee0bb25111d2e2274c5934b49fe2aaf658bc19f28f3555f3fb340e716b4cc9632973f852f2cdb3434da8744852a34a25ec6141cc86804f8d70f9a4582b0314e897d3342d3c349440f216a58797ce32d5d478dcadacc1acff6249b40361d2c03af51db53099b72be5ae233617cef9658e1803f020adf5ca8bf6caa69df04e787b1a368ff8f5ff9f273ad32ff56cfdd265da1fd3510d0544642a424623255a38ed29990a7e8a21ae2c525550bdf9f08056a9bd9bbe8010957484d1695d177176e4bf8cff836117579fca592fd3af4ac318e4ca772b8f1d70838d4dacedce54e0b5dd1db4926866f384da29c200e2bef9ee4f532f7081737b5abff424142db70bd10a2306f1f9e97dd95496ae4c50d2cb75ba249bbc2d9af3adcc5c32393bc959b49903e733af8928ab898fed718564a82ad40dca4ec952e789f329d6cd2971a2c56ad4026b8e476a83fc83bbbc2d3d21d46530970f69d575a228397e4ab0338119c4c99696406432d510bde3cfdc7c23ba154c12d9ab458bb85b3225619d222021b17169bfce494176210e39c6b461ff0b0c690f32986b6dd07bfb8fac428485ac2c8089e9b575e6ec4543276fcbebd1a4f84b27a34bc549621d2698b36fad4fe9b249dc79bf240334eb0d1bac8a7ace7ebb96bf8826cb17eea25b30e17b3dffe9d8f1ab146ddde005dbcfd5cfa90f170b73a6e90f55cc414c0603579b22f7a1d0cf34a4ad622c455b60ac09afa900c892a27ef35026f2524f7f2a9a7cc67e82abc429ef2b9f531f37c97622056384ebc7c077b456ea21d1173fc1a2b7ce459b0f6dcb59d05299eea96899d1ec75790156f755adeab17da3dea97586b6912e931fd02781a8d24c0cc20b5cee1e3d5b29e9d5eebc15cb96582e092f2f5f1ca5df5d2e0daf05975e88d950cf8a7814e7480c83034de0300dc6c27fc56664d9d95a96ee30964b673cac6fe71173276a756a6a14f92e26bb62655936095699329c16d6b2ad8bc15a77aae785433e67bcc52b67eda27a8a6f89b00a0f919b0beb02f5e8a53b8fa587b5e252c1c250adef4d93da09ac42a819a2421a4811e30b29d1ec30a47e157320f3f8939156c1419bb35e4b8e6ae324bdf790da2cd9f921212ff5882f920254678e921ca89f0e49c7898767664b456e390fd6ac756663e06a443ab8d5751a2ccddda6ab40f1c29576b823ea629d4beb53ddf49ead8cae0fa3714a1b8a0e57a7c43f57086557b1e7995ca45d447be3bf43d5e9c91e3d9629d7871fb2fdbd125baef441e1adf690b4b3c4d0a35ae85c68587ee88bf3379cb3e9b7aca2e0857edc379a81c3462b8193a1fbbdbfc7754ff020dceec499556c235aeb8f2f33bb9f6e8aee37860729c9330566462c22c5772706e62ff629baa4db89dcf6ecd9475238c3b0ffd10849585f7dea1e0241b47e2810f5965e4e516ea33274e9c05a8396081e009e876d7f81bee70b86d48bcc1161387a5605ca3a1a30eedb9d00956ad4a258b13c8bd7387683abff9ea11edf2a292f8f6d3477d9807987c7735059015fa34c2905b27c4b360cef715fae6fce746ff91f19bcbe989cf58d1898e31f073aae079929654ab73c47007c03fc9a7d6e7e9a167ec6230fd488561bf8687723977302631db33f4042f9bec35ed02aa2040c7d700b81a350be6efa5ec43e7eb4c8bf0247284115c524022cfb1ea4088e703049db693b38dce222b2350b8de7592e224c2daeea218763998e74d5550dffc16b04d30c40a52678e5e8d4b36439c1db1e859fbf80c5b422c9b2c1e979e0273782469a736fa66eae3228c870fc42d7ffd554cd557d7fb178c9289cef0eb988aa416a8359d490c408b44b0dd24982179d7bd8e361eb590891c7061a337ab31ff5442c08bb3c1d62446186a1d843ecae84a1ef11d23ef6c8876fc71ba17d0c9ba979558e435dc45f566feedbb1f42c8531a553e1b2bb037fda28a8eb64275e022bf895a863463f33e85d7705f4238e9cd1d60d2c33276521599c11ed736ea3cc81d082e91f8329a330ad4de97c245534ded1da241b4c8375f625272e3936cbba901c8cf6e5c5cdb3d4c773671698a25036446fa0d3de82fac47b7f56925009db08720825e6bd27c7b14b20ae37c312204b605f56c4ba3745eb2caab9880e5c963a338d6e1bb2c852681c715f74da0f6ef36f2cd85dc99b27f2403dd688487182d810b23391fed2dbe4d3b4b7bc12ba58f7353f920950fe5a070e2a9139f51f094ea46208d98b960dd41ba3fcf71cc20548c8f51bd9c37575c1b24b94a41a085ac695a775701080657bb9e4a0dbfc009293c789f415b0dd461e3d6b65a04dc04de67a2fb9f77cf52db0c8f435ebf99222a484b9c2244a8ea5c7844d15a71302b8c5f1557a50ab00e59ad153853ddc70037fddf9889b8bde5fa0102e9d97dbe2d9a4c7e0f3d0c9d5106b833db011483e0658a7b5a65c208cfa0ad5438763a11610dec05aee6706ee57731a9777cf1973a15e1ae515e9260d7ab1600e7f7e6275262cc8e06ad8681ae5b4d57b7ef7f6b315553c7ab5bf3177ec6485179ff37d688f9f4d4a860396a67d4ab48549647f919fb5144e512db376467573589a1cca028bb40c183be2be87674fffe2de0573c6ea17d4342199af3fc8c786ed9d76d733f9979f53788b703223a7fa8abc90e6f208202b52fcf2efd1f93e9456c3bf9584bae3fe4ad3d8a674d60a594b4daf32555dc9cf5d8195408596e4b6d337a0af098766c08d750e41bcc3074e26155983b1876ab50337a95773885561fcf5023a68297cd55c4ce66fdb24bf8efbd091c451247f08b993bee449bf49046e91d76f4a69fefe4028fc9b64655771db37aaf24de7e6dbec9e05dc2837f394f81ae662d60571d0f3f49902c93e17ff598aa3c39753f806fcfba75bde010adbf3a4a5b3b15331d233608b7cf54cb3e7fc2e28a5cd9ec3feee1e5496916af8ca1b17997e4aaa01bd4a251e557b27919611805d2eea5dfc1352dcf61a047293eaa97aec6209f12da5425fd4520197d548e6526786462768b467b13216a83463e5d102f50279ca28e26ee4fbc5cbc6ccf35c02d669ee7bf013905434d7008be424fa7542ce3ba4022bd8370d3b4e59a298a3ca4472a452406bec673873b77e8542e2ca3f61de782d023a735829bcef423a02c8f112dd0be106c961fdb3b5e9622af4ac1e5202479eaeb2a110b401fa784d4a5a9b6991eeeeb8b074638b312bf9a487824abdab13e94c564d3906c1c319571a35e7567655d37b699f707762695e369ce16686ad4c2be90acdc58c7c4984488c14fce3ca09faf7889f810876f021f76f5fcf3ec69c5f2edd551532fe04758041ea310d1fa8c4e6c3235b2bc03c97a0159fe2d2451726dc7e3b45010fb9481f59a0700f875f3d985af1815c4e662cecd8d9dfc005d574a34a7b57d893e2e8f92f457296a22eee67438ca8621c314a258d68dcd8e5a288085f7302cc3e407bd702ffe909a85378364d61d64cf405e090262aa1886c4be1a3d477e76a976f79000f83b1316a0ea3800f3d633a22eb8398fdb26e85cdc0fa2beaa2087299b042ad68a3de73bfcc16ec2057f1964af6a15b84faf994f0f8bf7c2dceb6105e487a1fc9e1160c3515d8ec740f94ac9f1725064c2c704f7fe32b3fb85fff5bac21f84a172ea5c7ab1c44d58cc9a20f3bc54de2ea5374474dc8f84b10852af56dce720d3f1a421d26ad784bbce3214d7ae1997d9b284d17028179b8eb6c361459e82be12ab9638a264d2e13c8259713121a854bc3ff552302b9316108d66e8698f24e191af18fad5ec9c452c1af01e9438cad0400b8b3cd40b3dc289c61e22399add76ba5ea87b726d1c5dae5459d073ed22b2541ef51f2fac5f8ba9621c3e7e4d95ec6f28da0e7bfc5004955068e8faf0b454a0304862b0b92f10274faf33f00ffdedfabd42c5cf1bdd49a701f7908fe7de54d12ab621a17b1f7ef232d833ffffd8f5515c96dade731649bd366326d9ee39b6ce9f952e4846218036fdc39518bd15137cf4d3f4d4b50e9f491a613a5450e4cfce62580b80f49baf7869d7db409b412984d75cd06363c71b8bf84106c216763099f89c7fd210ff9de88e5e9f3008448b3a3727eb36ce5fce3585be3988da82ec8c2914000c6422638d19da2136ca6630150b0e32f2cfdb0c9f099eee576caf9bd78ea304639adf8a1b7e6d20fedb91cfeee41c5c366059a9f5be78db250214dfcfb98bcdcde5dae44162a569cb086e184c6b39ed942286e53ac277e025e01b62790c25da6bd24784ab4acef226297f4648f85ab2849e9fa449f2d6d0f604b156c3878ad01ff89c6340d82ebb7596a44e83d0ba51a6d9ff84550f97a8745d08db57fc741c9e9d8d53903bad0d9dd07e3aae0ab3accf327e21730d3066c4d1f7a5eea3dc30d1e458cd496aa18ad6597bbb590c4a940841625eb5f7833b8babb0f9783371abe0ee5a89f7775946ea49b772cfaa5860d02f9fc7dee2d82791a358a94e013c1fea69815a53347b78fca75f245f77858fb2d1b27a2f2839cedd8ba894d64d50820e82548c14f1b8f5cb3f8d828c7baf756f3b1f9a584d9245cf18726a8173b58c854efce860b81fbd7aa8c0278a65f12e319fc617669ad4d78b735d2a5841bd691928399673a1aae1704ac2ad129206fac70817739e9c69622bf1f9c051d4352ebdc260296a6714106bd47a6cb46c03fd3d3c554ab799a8a2a89748f96d79efeafe0664a8e6714d15f509497704310aef19eea123a4f923a7fd51241f6af76c6365ff42a67123402075c1bef1623068ac4cae2e00cf41fb3172b4ad4de5102eeb0f27c054918d2b823b63a002550e0d4f1ff63817c05b9e32342400861264d9a0a6f1b0d5c4a178f1e5a6b6d59d22f611d5f908cb75b56fcfc9e0772e86b78205834e812ae407047a691eb42c6c321db3e6d59ee08456f77a0b416f267a28fa81866ed80829b7edc34d13a4ada2a95fec5be41d316e1ef2a898fc944d509f66fe925302543041bb0aa1f1a472366674b039f434d9a01190024e1fe5993bb5966a95a69332f10cbc673ebcc1e8a46e316c8e176c55e7e34239137fb34a253f39d0e2182097ac5d0374ab17af9564a667840d84ec9f6b5e5173f5106cc384290c76c261734d6e72ec4ad07d986d18c4aaf10105a38b9847f4372527188279ed0187a4e8116ed8fdfc70c71703311da061d4c50fac15642835a0df433ff8feca2bacedad4ac9526d693b02b35eaf90c610a9d3bacc92cef4073cc2dc4ca5787a53c7f62dc65236163f4629449cd03ad14c8b47e6ac362267428f2519172c60dddefea2405f9657de9ce2c4c2b43fd1d389cbb12535b7eb02df7e66a5bcf3aedec84a55dc3f7166e996ee50f720f3c5d52e18cf44ce327d6a0f99954a867ac086e882338d8149cb58065b41dba27115ea2b06a5b541ec8084518c80b127425c5afbb6bb8bffcc0e07a1bde2d3a63eb0166e6a70a930873180358fe8084208d7220f81ac461b5f41153fc2bdb8be7e558b24d37edad411ead7d5173cca3dea424df368b3622e0ef3ac575f0ca093ccee7cea3fc4fa32c90881a0a508101071ab0c8b60db29b89386b23d2aaa28bb432908ba459a8fd1eec37614668d27d3c9a6fc2975a815cc854724157dfe81cdaed6e0279f76242e95933147b2fbd69282e168bd5cb3073a3dc34ee97ef3c61c6d3a6d2dfdf5da581ff1f610d107c449c7a3aa7430bc61fbf95863f3c4251c7b5a15a5f09e445da8b526d5b960cfc725a7ab48dab166506fb23981e479b74977f2addd3acf57d26d069fc3d3119db1021d9a106cb2747ebd6aa36d479e9f255ec9ecbc46569bd8bc6eea00af39b97621f7dd161500be73fd60c8ed8bd6808c7b786e4bd34976e11fbb70d1188de1a251f934ecf5ba7a120cc61ea73f13d3fdb2e25873b9827f20b815f136e66adfc0eab80c284dcd58e491df270cf54bbcb8a57517129198e4c7c923f1d825333b16ec3f6d367f7ca60edc3f61afc0e4e42595eb8e51ee2a7a4ca164cc3c5b3aa41603469bd768cc87879206938fa20fc9fe08af22433d826b5f1c9f66f9eec8c132be1a3765191aaa3fa4ab8c5a3213846673d98db3544755d085deee609fb6a071c2f3d5686ce6cb0bb0decb661be2a56b986078f8d32297128691197c100a93cf75d7d08bdcdc10b768c5e43ca597d452f0d3f024db1dd7aa35a86c83ecae445c180da8b5069b32db4a235781eeff31da6ae6cc0b2ee5458da57acbd886202007063bff57cd06d6f72bea14772c5a69841467e360f29b6fbbfe8d4a6f33c0c5fa400f3c532a750d7fecc61d93f3c83e86fe9bcf7a93bd76886bc3605c9bdd53fec07c9727943ddf00260a39309be2ebf99542cb9109fe567a20c71736c6fcaf220fd73881b9a28da85a9411249b67da37e2f2c386162cc7ba519b873434ab20d96fb3bcada318", 0x2000, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x27, 0x0, 0x4a5a1aa33e4f1aec, 0x6, 0x0, 0x1, 0xfffffffc, 0x0, 0x0, 0x80}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.317918461s ago: executing program 4 (id=1607):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r0, 0x1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000500)=[{{&(0x7f0000000300)=@hci, 0x80, &(0x7f0000000440)=[{&(0x7f0000000380)=""/184, 0xb8}, {&(0x7f00000001c0)=""/8, 0x8}], 0x2, &(0x7f0000000480)=""/90, 0x5a}, 0x7}], 0x1, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt(r6, 0x84, 0x19, &(0x7f00000002c0)="1a00000002000000", 0x8)
r7 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x80c0, 0x40, 0x28}, 0x18)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xffff, 0x0)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f00000002c0)={'wg0\x00', {0x2, 0x4e24, @broadcast}})
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x10, 0x4, 0x4, 0x9, 0x1800, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000740)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0})

4.260547105s ago: executing program 2 (id=1608):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
unshare(0x6c060c80)
syz_usb_connect$cdc_ncm(0x5, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000002295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='contention_begin\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), r1)
r2 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
mq_getsetattr(r2, &(0x7f0000000080)={0x0, 0x20006, 0x0, 0x1}, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x14}, 0x1, 0x40030000000000, 0x0, 0x60004000}, 0x0)

4.259080642s ago: executing program 3 (id=1609):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0) (async, rerun: 64)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d0000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) (async)
r3 = socket(0x840000000002, 0x3, 0x100)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x20) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x34, 0x0, &(0x7f0000000100)=0x2) (async)
inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (rerun: 32)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512e72ce4e34ecdfdd7f1f465fefe585a9bf648fb5e334df14f514eba0f21a80004cbfafc028f589191f023c40ad4789a20ba3fa015c22b8bd3ef32dcfc1c8bc07eadf18b1f097ec0bf0adf68f94071291fd62b14e669398f1556c65224387dae27e2e57a90a44861eb8061058e536bd082da52223407261ce4ba3ed5e9b7838ae2791eb11923eff8fb2c2051ce889ae51f2eb1d9a7055c213adf114d58fb9429fb26c0a99f7980fe4cd5de05d59385cb04900d296207ab157f72f0d185d259371f189926ee5c84c114146995b3907030262e172f8ca7069a6c2146795c075f4ed569d8fd8c1c83caea4c2dfdba5275a0d1fe9a20f694055ba8b72507dafce6440434c25e4eb41fed2a567a7ae4108759bc93686e8848fd514ef0dc5c1890b5d30ce911830ad7d98d0387b15a8fed1e4c47e8f081c2e9ac08bda6826bd812779502112a2b0567c54439ef8a89d4eac603f65fc04ec6baf7c9b3990ad1fa89190217708ceaec6bcb3fcb29e770182e859341a0246541f578793cf399e711f8246e37bdd0afa46e8d0022499c9282176edbb00d13932415772850c067a56432751bdb177c269d08031e10e77a4ec85af9023886f2a1560866ff8ddb6b94f2d80ec4f357b8af1ba312c15bf9adb5cb600fae5fbc6f9a0396b78a048dabb34b0fe93bd5e0f0c5ff330f09471b396b8d2fcf872a381c78b2bbb4223979e65003c7fcf958f04363f7cd0d351d6713fdb2e9c4513ce36e5b877a56380bd192cb3ee27ace92f64d056be8e0997b691cb6bc26ef68b90b"}}, &(0x7f0000000040)) (async)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCFLSH(r4, 0x80045438, 0x300000000000000) (async)
timer_create(0x3, &(0x7f0000000240)={0x0, 0x12, 0x4}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 64)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (rerun: 64)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) (async)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) (async)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x14ba82, 0x18)
write$cgroup_int(r8, &(0x7f0000000000)=0xfe8e, 0x12) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1806000000000000000000000300000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000040000095000000000000002ace025fa44c7def2387147e65c00b9e9bae1dcc06f97b853de23eb0d59d7c8fdab4c10a20cb2644a64eca3ea8e802f6bcad8e82cc6b207f9b2df57464dd69d45ffb1c4d1c82e9d9e205da03a13aabbf602b6e9549969a8a2392a801c8da21b9bc276aa9ca12dab85f03e491ea3b8a5d97520787120442abbe12d6861150a5d90c719cd799146089625e2edb539cdea40f7fe4471240550116c81b9730c994eee106257c062f7f94a5f76efcce5bab1e9348fdf17f0b3c4a811ec8f581000000000000003435e1fe01bd82e23c2ce23868ad077e84f8aa193d4a"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r7}, &(0x7f0000000180)=0x2, &(0x7f00000000c0)=r6}, 0x20) (async, rerun: 32)
socket$inet6_mptcp(0xa, 0x1, 0x106) (rerun: 32)

3.890031254s ago: executing program 3 (id=1612):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc25c4110, &(0x7f0000000100)={0x300, [[0x10001, 0x9, 0x0, 0x0, 0x40], [0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5], [0x1, 0x2000101, 0x2000, 0x1, 0x3, 0x1, 0x0, 0xfffffffc]], '\x00', [{0x0, 0xc278}, {0x7, 0x0, 0x0, 0x1}, {0xffbffbfd, 0x0, 0x0, 0x1}, {0x1, 0x80000}, {0x0, 0x1}, {0x3}, {0x400, 0x3}, {0x0, 0x7}, {}, {0x0, 0x4}, {}, {0x800}], '\x00', 0x8})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x59})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)=@deltaction={0x1a4, 0x31, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2defa634}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0x14, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8d29}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xea8}}]}, @TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4bdb21b4}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x10}, 0x41)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, 0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r4, 0xc00864c0, &(0x7f0000000140))
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc(0x0, r2)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2b, &(0x7f0000000040)=ANY=[@ANYBLOB="01e080c2000000a538ae46463208004500001d0000000000029078ac1e0001e000000111009078e000000100"], 0x0)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)
sendmsg(r6, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYRES16=r4], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3.879941275s ago: executing program 33 (id=1612):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc25c4110, &(0x7f0000000100)={0x300, [[0x10001, 0x9, 0x0, 0x0, 0x40], [0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5], [0x1, 0x2000101, 0x2000, 0x1, 0x3, 0x1, 0x0, 0xfffffffc]], '\x00', [{0x0, 0xc278}, {0x7, 0x0, 0x0, 0x1}, {0xffbffbfd, 0x0, 0x0, 0x1}, {0x1, 0x80000}, {0x0, 0x1}, {0x3}, {0x400, 0x3}, {0x0, 0x7}, {}, {0x0, 0x4}, {}, {0x800}], '\x00', 0x8})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x59})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)=@deltaction={0x1a4, 0x31, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x5c, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2defa634}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0x14, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8d29}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xea8}}]}, @TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4bdb21b4}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x1a4}, 0x1, 0x0, 0x0, 0x10}, 0x41)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, 0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r4, 0xc00864c0, &(0x7f0000000140))
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc(0x0, r2)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2b, &(0x7f0000000040)=ANY=[@ANYBLOB="01e080c2000000a538ae46463208004500001d0000000000029078ac1e0001e000000111009078e000000100"], 0x0)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)
sendmsg(r6, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYRES16=r4], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3.719315287s ago: executing program 2 (id=1614):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5c, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040), 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES8=r1], 0x80}}, 0x40)
write$bt_hci(r2, &(0x7f0000000080)=ANY=[], 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r5 = socket$netlink(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000100)={'wg1\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000d0000000c00018008000100", @ANYRES32=r6], 0x20}}, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="030e82634f3ddfa1ccc857216e95f8dcf83108a5960c7af7810f1cde995f1e4579eb58d8b482ff80fa2e5cb9ec9ba222f0ac6a0710813ef910aa97cba9e2cd065c47c1920e8eda63856c716fe228e033f726bd7360608c7d13ae43880e04f604780dce6dee36069e3c07e0be1b24dc8ecf8c5cd2ec2a64090fd050d00dd1b4c75ef4383a7527872432addfd29031831f2f3e7cd20e093f5c370e37f3834c82f98342622e2ef2d34507b69a", 0xab}, {&(0x7f0000000700)="c4755e9db224dd81d433d0470bf81e3a599c41cb6d819e0db36bb46e33c9c34052", 0x21}], 0x2}, 0x8041)
recvmsg(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x12043)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="140000000400000008000000da"], 0x48)
bpf$BPF_GET_MAP_INFO(0x4, &(0x7f0000000140)={r10, 0x6d, &(0x7f0000000080)}, 0x10)
openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
lseek(r0, 0x5, 0x0)
r11 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r8, 0x800442d3, &(0x7f00000000c0)={0xc3, 0x3, 0x2, @broadcast, 'bridge_slave_1\x00'})
bind$bt_hci(r11, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r11, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r12 = openat$ipvs(0xffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
connect$inet6(r12, &(0x7f0000000380)={0xa, 0x4e20, 0x9, @loopback, 0xb46f}, 0x1c)

3.648862215s ago: executing program 2 (id=1615):
socket$kcm(0x10, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
openat$rtc(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r1])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a00000000000061115400000000001800"/32], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x0, 0x0)
io_setup(0x3, &(0x7f00000003c0)=<r3=>0x0)
io_submit(r3, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaa0aaa5368b20b024d45a5aaaaaaaa1a08004503002400660000095290788e0c0831a74d1e05b4c5cbd1d02f572c3526be1a4e214e2404119078288780ff061cc93876e01fa4264159069e697a75e74f0625a947a8a7decc9d6d103665af3dca991d8668a3c40d76ede096832cfc9e73d07666a19433497483305bcbdd359ee875ddcd898b410a3e4168e81bd30d8238374f406234a82f572eb7cc78b0d0b217b21197f6587462bc477a"], 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$media(&(0x7f0000000080), 0x100001, 0x40000)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})

3.357779394s ago: executing program 4 (id=1616):
r0 = userfaultfd(0x1) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) (async)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) (async)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="38000000121401fcff000f000000000008004b0013000000080001000000000008004f00000000000800150000000000080003"], 0x38}}, 0x80) (async)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f0000000340)={r1, r1, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c6, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x400}) (async)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
r5 = openat$ptmx(0xffffff9c, &(0x7f0000000100), 0x606043, 0x0)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000140)={0x4, 0x6, 0x9, 0x739c, 0x18, "ca0fdb6e6f024c55"}) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x2c, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000})

3.259570018s ago: executing program 4 (id=1618):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="001286dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)
socket$inet6_sctp(0xa, 0x1, 0x84)

2.941069743s ago: executing program 4 (id=1621):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000180), 0x45}, 0x8}], 0x1, 0x40000001, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
close(r2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e22, 0x5a08e6cb, @mcast1, 0x64}], 0x1c)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
ioctl$CDROMRESET(r2, 0x5312)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000100002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)

2.647265574s ago: executing program 5 (id=1613):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000600)=""/81})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f00000004c0)={0x4, 0x1, 0x0, 'queue0\x00', 0x5})

2.540891861s ago: executing program 5 (id=1622):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x4, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x4}, {0x8, 0xb}, {0x8, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000048}, 0x8040)
write$tun(r2, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x700, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast1, @loopback}}}}, 0x3e)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r4, 0x4030ae7b, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x5, @mcast2, 0x2}}, 0xe841, 0x343, 0xef, 0x2, 0x38, 0x3, 0x1}, 0x9c)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$KVM_GET_EMULATED_CPUID(r6, 0xc008ae09, &(0x7f00000000c0)=""/15)

2.320827386s ago: executing program 2 (id=1623):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000140), 0x0, &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x5f, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x33, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000990500000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00%\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r5, 0x0, 0x1ba8847c99}, 0x38)
write$binfmt_script(r1, &(0x7f0000000100), 0x3af4701e)
r6 = openat$binderfs(0xffffff9c, &(0x7f0000000080)='./binderfs2/binder0\x00', 0x2, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/custom0\x00', 0x2, 0x0)
r8 = mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0xc, 0x0, &(0x7f0000000300)=[@free_buffer={0x40086303, r8}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000200)={0xc, 0x0, &(0x7f00000001c0)=[@free_buffer={0x40086303, r8}], 0x9f, 0x0, &(0x7f00000002c0)="c0fae2631ecece14eea80ef6d63f6247aa8b35ba183e17fa7fe9316e169720bc4834aba38dc38ac0e43ac3a56c86455bc39881800ea96022b8791e04be5a03d73cb8d16b794a8a45fd55b0bb23cbc3dbc0d60eee106c32cb12c7a82e01887c9b64efbe6de715ea8dfd7415979e0067bf195b424f589af7a5642f913fe90aac844b9e030f6f4ff2b30562428e4ea5e97508ba8eaa017d6854e0dbc886bbbd91"})

2.01073715s ago: executing program 4 (id=1625):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/resume_offset', 0xa0042, 0x0)
write$tcp_mem(r0, &(0x7f0000000280)={0x7, 0x2d, 0xffffffffffffffff, 0x3a, 0x0, 0x2c}, 0x48)
socket(0x2, 0x80805, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r2 = syz_open_dev$hidraw(0x0, 0x0, 0x0)
r3 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
ioctl$HIDIOCGFEATURE(r2, 0x4004480c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b400000000000000791095000000000061000000000000009500000000000000a45c8b106d45385a1964b904e462de529745a4cd61a7a0d25ddfd38b8b9a36c14ae1ee5ae29051b28b53a4182deb5ae03bc2644f3f168925abb901765f30c1d039e73af80f39ba982e44fe40c17211db9c82e6da61712f41775115599d65c29cfcd0bffd10d2c62aebfbf41dd375c71938ddfaa1df3117a99ecbddbfee7f7abeba22c29a9cb001001079a87ed58d2cbaf30b8fc3b5fd11e6ca750a6dc5dba2cd1d9fed1fb63bafef7d7bdd5bad81e40379623de9000000000054395605e46e00ded1acb26f8fa9c2702a8aac94fcbbdd2fbbba184bc337d5cb0c04a788fd76b402d5229125c274b171290fdfb32d00504a2a4f797a0103b19a04911e2ab1f208858be1873ee684e45ce2dd5de070f1aabdaa2de7edcbd27f403caffe57995b4e2d914a3c5b9bcf7ba242d1ed391d564b18b3de9c1d"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r6, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x5c, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x7000000, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r8, 0x10f, 0x81, 0xffffffffffffffff, &(0x7f0000000700)=0x12)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0xc)
mkdir(&(0x7f0000000300)='./file0\x00', 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0)
preadv(r3, &(0x7f0000000380)=[{&(0x7f0000000340)=""/14, 0xe}], 0x1, 0x0, 0xe)

1.450696944s ago: executing program 2 (id=1626):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000038cbd9afa03b5d0000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001000100090000000100", @ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r1, @ANYRES32=<r3=>r1], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r4)
sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES8, @ANYBLOB="0100ffffff412c1442000000000c0008000000000000000015efb507d84a5db19900"/46], 0x30}, 0x1, 0x0, 0x0, 0x44810}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'virt_wifi0\x00', 0x0})
fcntl$getownex(r0, 0x10, &(0x7f0000000300)={0x0, <r6=>0x0})
syz_clone3(&(0x7f0000000140)={0xc3204000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r6, 0x0, 0x0, 0x0, r6, r6], 0x7}, 0x58)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r7, &(0x7f0000000080), 0x8)
r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r8, 0x402, 0x8000003d)
r9 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000100)='.pending_reads\x00', 0x14b742, 0xa)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c"], 0x0)
syz_usb_disconnect(r10)
r11 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000100)={0x4, 0x0, 0x7f, 0x0, 0x3}, &(0x7f0000000080)={0x1f, 0x5, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffe, 0x2}, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r12=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r13=>0xffffffffffffffff})
r14 = userfaultfd(0x801)
ioctl$UFFDIO_API(r14, 0xc018aa3f, &(0x7f0000000180))
r15 = epoll_create(0x400)
epoll_ctl$EPOLL_CTL_ADD(r15, 0x1, r14, &(0x7f0000000200))
sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001c40)={0x0, 0x0, &(0x7f0000001c00)={&(0x7f00000006c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYRESDEC=r11, @ANYRES32=r7, @ANYBLOB="0804010072dcf7b814cdf4c03409422f34248456a45dc2443524d1944ef966c15c5786a7356686e54243224a70822a6cabf0783f5899c38071f161caffe8d80b902d1e494db6d2479a0227f7956a3a01d28c399293ec46970b550a5a56dfb94d6063443fe7ae5237db87087fed611c2b96aea2a5ea2ce4dc290dbbfecbc3c09719d5fe3a39b4787e53999c8570252612422d9b94230af8eb3028a6dc3d259665c505623da4f532733c243b03a983b3c6071fcb62866cd4b874c04c97e54698bfa3976ba56b7874b7868c7be9cef5f6aa84d4df8020587ee8b9985b159bee5fa99be4d8906f9c32f0e19fe83877b792c4bcad6ac5a0650358602a47a0a3d29d76f891ba7b35b6c8c71a7c7bfafef55d5496e708d11c719bd4fa159abbabdfb35a90e1afd8e62d09066245d9a403a6e6f30862dc081faaca70657ede83e4938dc9090a6946651d354a1297281532ba6e27746b0f97db62af80b8019ef61a86740d4e057f4b0eebfbfb69ab52d2133235bbd2ef0e219fca0e0321f92719dfb0ee09cb775e97d06e090b52965a3913625a02464cbd4f5ebc8314a5ed89e9d52fd466a5d4463446e963d70842f8addf039c9749fa540683602da8621bd6bb2919a41c031fb51bee23cea0e663545102be624e36a151442abea917c809816ef8fb535cc0d30c13f944dc6c71a8deb229a2c900b522a59bea80b526a98366f9703aec45b04b32500163b4ca39dd5243f6d6885b57b5e6", @ANYRES8=r3, @ANYBLOB="08000100", @ANYRESOCT=r9, @ANYRES32=r14, @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB='\b\x00', @ANYRES32=r13, @ANYBLOB], 0x4c}}, 0x4040)

1.249675582s ago: executing program 0 (id=1627):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYRESOCT], &(0x7f0000000080)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x0, 0x5f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x80000000, @void, @value}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
socket$l2tp(0x2, 0x2, 0x73) (async)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000240)) (async)
mmap(&(0x7f000006f000/0x4000)=nil, 0x4000, 0x0, 0x40010, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x0, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$loop(0x0, 0x0, 0x108000)
ioctl$LOOP_SET_CAPACITY(r2, 0x4c07)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20008000) (async)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000fe01080102000000000000000020000009"], 0x14}, 0x1, 0x0, 0x0, 0x4007}, 0x8000) (async)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0) (async)
unshare(0x26020280) (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='autogroup\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
syz_clone3(&(0x7f0000000540)={0x20000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
r4 = epoll_create(0x9)
epoll_wait(r4, &(0x7f0000000040)=[{}, {}, {}], 0x3, 0x1000) (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r5, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) (async)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0xa1a)

1.119215175s ago: executing program 0 (id=1628):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000000066000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r1, 0x6, 0x1e, 0x0, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r2, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket(0x0, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x2116, 0x800, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value=0x180, @void, @value}, 0x48)

1.118721124s ago: executing program 4 (id=1629):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(0xffffffffffffffff, 0x7a6, 0x0)
r2 = add_key$keyring(0x0, &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff8)
r3 = add_key(&(0x7f00000000c0)='blacklist\x00', 0x0, 0x0, 0x0, r2)
keyctl$clear(0x7, r3)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r6, &(0x7f0000000000)=""/73, 0x49)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000280)={0x0, 0x4}, &(0x7f00000002c0)=0x8)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x1c7181, 0x0)

1.113552665s ago: executing program 0 (id=1630):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
socket$inet6_dccp(0xa, 0x6, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
socket$netlink(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xa}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0xf4000000)

1.000758223s ago: executing program 0 (id=1631):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
openat$rtc(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r1])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a00000000000061115400000000001800"/32], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x0, 0x0)
io_setup(0x3, &(0x7f00000003c0)=<r3=>0x0)
io_submit(r3, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaa0aaa5368b20b024d45a5aaaaaaaa1a08004503002400660000095290788e0c0831a74d1e05b4c5cbd1d02f572c3526be1a4e214e2404119078288780ff061cc93876e01fa4264159069e697a75e74f0625a947a8a7decc9d6d103665af3dca991d8668a3c40d76ede096832cfc9e73d07666a19433497483305bcbdd359ee875ddcd898b410a3e4168e81bd30d8238374f406234a82f572eb7cc78b0d0b217b21197f6587462bc477a"], 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000001a40), 0x1003, r5}, 0x38)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$media(&(0x7f0000000080), 0x100001, 0x40000)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})

438.479648ms ago: executing program 5 (id=1632):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f080, 0x1})

437.997256ms ago: executing program 5 (id=1633):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(0x0, 0x1, 0x0)
ioctl$I2C_PEC(r1, 0x708, 0x2)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000200)={0x1, 0x0, 0x5, &(0x7f0000000340)={0x0, "90f541a5e64f610100000000002b0592410aefd9cca7b2986ed6650529e7cb8393"}})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
modify_ldt$read(0x0, &(0x7f0000000180)=""/73, 0x49)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newtfilter={0x10cc, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0xf2ff, r9, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x10a0, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x104c, 0x1, [@m_ctinfo={0x50, 0xb, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xffffff80}]}, {0x1b, 0x6, "5d5ca850bfd5896bf5e868b3cacf996e99011406987245"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_pedit={0xef8, 0x8, 0x0, 0x0, {{0xa}, {0xe6c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0xc, 0x100, 0x1, 0x7, 0x5}, 0x7, 0x5, [{0x0, 0x2, 0x4aa, 0x40, 0x3, 0x6}, {0x9, 0x3, 0xfffffffb, 0x80000000, 0xfff, 0x38}, {0x9, 0x7, 0x100, 0xfffffffc, 0xffffffff, 0x7fff}]}, [{0x8, 0x6, 0x80, 0x2, 0x8, 0x12ec}, {0x6, 0x7, 0x9, 0x251c, 0x4, 0xffffffff}, {0x3, 0x6, 0x101, 0x9, 0x3, 0x6}, {0x6, 0x0, 0x6, 0x80, 0xffa, 0x3}, {0x7f, 0xb2eb, 0x9, 0x8, 0x6, 0x45b}, {0x5, 0x5, 0x7, 0xfffffff9, 0x80000000, 0xffff}, {0xbd83, 0x8, 0x81, 0x1, 0x5, 0x2}, {0x6a4, 0x0, 0x9, 0x8, 0x100, 0x6}, {0x1, 0x1, 0xf, 0xfffffff8, 0xa, 0x66b}, {0x0, 0x1, 0x3076, 0x40, 0x400, 0xf}, {0x2, 0x1, 0x1, 0x7, 0x5, 0x3}, {0x7, 0x9, 0x1, 0x2, 0x6, 0xf}, {0x1ff, 0x6, 0xcc, 0xf, 0x5, 0x7}, {0x0, 0x4, 0x1, 0xcc, 0xf, 0x9}, {0xffffff86, 0x3dc8, 0xc6, 0x1ff, 0x930c, 0x9}, {0x6, 0x9ba8, 0x2, 0x2, 0x3, 0x8}, {0x3, 0xf, 0x0, 0x0, 0x7, 0xffff}, {0x2, 0x0, 0x6d, 0xf, 0x9, 0x4}, {0xfffffffc, 0xe68, 0x8, 0x5, 0x5, 0x10000}, {0x8, 0xc1, 0x8, 0x6, 0x7fffffff, 0x58923aed}, {0x120000, 0x9, 0x3, 0x6, 0x8, 0x4}, {0x5e, 0x3, 0x57b, 0x4, 0x8, 0x8}, {0xffffffff, 0xfffffffb, 0x7, 0x5, 0xffff6297, 0x8}, {0xffffffff, 0x581d, 0x758, 0x4280, 0x9, 0xc}, {0x8, 0xfffffe00, 0x5, 0x6, 0x5d051184, 0xffff}, {0x2, 0x80, 0x1, 0x31f, 0x8}, {0x3, 0x2, 0xffff, 0x7d54, 0x0, 0x4e}, {0x8001, 0x6, 0x5d01, 0x0, 0x3, 0x10000}, {0x8000, 0x9, 0x10, 0x6, 0x1000, 0xf7}, {0x7, 0x4, 0x6, 0xfff, 0xffffff40, 0x1f99}, {0x10001, 0x4, 0xc16, 0x8, 0x2, 0x3}, {0x80000000, 0xfffffff2, 0xffffffc0, 0x7fff, 0x80000000, 0x80000000}, {0x8, 0xffffdfb2, 0x5, 0x4, 0x4, 0xffff717b}, {0x435, 0xf96, 0x4, 0xe1, 0x4014, 0x4}, {0x48fd0356, 0x4, 0x0, 0x0, 0x2, 0xffffffa4}, {0x200, 0x1ff, 0x7, 0x4, 0x100, 0x4}, {0xa0000000, 0xfa2, 0x6, 0x3, 0x4, 0x2000}, {0x1, 0x2, 0x8, 0xa40, 0x1, 0x1}, {0x6, 0x0, 0xc6, 0x1, 0x5, 0x80000001}, {0x4, 0x3, 0x2, 0xac72, 0x101, 0x87ee}, {0xd, 0x7f, 0x6, 0xa, 0x415, 0x15917b80}, {0xffff, 0x3, 0x9, 0x7, 0x40, 0x80000001}, {0xacc9, 0x6, 0x9, 0xab, 0x1, 0x1}, {0x7, 0x1, 0xff, 0x100, 0x3, 0xa4e}, {0x9, 0x2000, 0x6a, 0x2, 0x100, 0x7fff}, {0x100, 0x7, 0x8, 0x8001, 0x6, 0x4}, {0x5, 0x5, 0x7f, 0x7, 0xc2, 0x3bdb}, {0x3dea, 0xea, 0x3, 0x9, 0x7, 0x10001}, {0x6, 0xf, 0x88d, 0xfffffff7, 0xd, 0x3}, {0x3, 0x7, 0xeb5, 0x4f1f, 0xd4, 0x5}, {0x1, 0xfffff249, 0x12, 0x6, 0x7, 0x80}, {0xfffffff7, 0x7, 0x7613, 0x1, 0x7fff, 0x9}, {0x1, 0xfffeffff, 0x12b7, 0x100, 0x0, 0x8000}, {0x8, 0x3, 0x1, 0x90000000, 0x8, 0x73}, {0x7, 0x7fff, 0x7, 0x10000, 0x0, 0x2}, {0x4, 0x3, 0xfffffffa, 0x28, 0xfffffffe}, {0x80000000, 0x2, 0x80000000, 0x4, 0x8037f, 0x4}, {0x7, 0xe9c0, 0x401, 0x3, 0x6, 0x8}, {0x9, 0x8001, 0x8, 0x7, 0x6, 0x789}, {0x1, 0x50232b77, 0xfffffffd, 0xb53, 0x5, 0xfff}, {0x7, 0x2, 0x0, 0xfe, 0x6, 0x1}, {0x0, 0x9, 0x7, 0x7, 0x5, 0x1}, {0xffffff5f, 0x8, 0x7, 0x7, 0x5, 0x4}, {0x1, 0x0, 0x78, 0x2, 0x411e82c3, 0x9}, {0x1, 0x6, 0x7f, 0x7, 0xa2f, 0x7c}, {0x10000, 0x3, 0x2, 0x4, 0x400, 0x7}, {0x7ff, 0x0, 0x4, 0xfffffffb, 0xa8a, 0x5f}, {0x5b6f, 0xdb7, 0x80000000, 0x8, 0x2, 0xe029}, {0xffff, 0x0, 0x7fffffff, 0x0, 0x4, 0x3}, {0xd, 0x2, 0x0, 0x2, 0x6, 0x8}, {0x101, 0x7fffffff, 0xb7f, 0x4, 0x9, 0x4}, {0x1, 0x81, 0x7, 0x1ff, 0x101, 0x80000001}, {0xe4, 0x5, 0x3, 0x188d0f6b, 0x11}, {0x6, 0x2, 0x3, 0xd5c, 0x101, 0x10000}, {0x3ab1, 0xb7a, 0x3, 0xd0, 0x1000}, {0x7f, 0x0, 0xffffffff, 0xc, 0x8000000, 0x8}, {0x8, 0x5, 0x475d75cf, 0x7, 0x6, 0xff}, {0x10001, 0x80000000, 0x2, 0x5, 0xfff, 0x8000}, {0x9, 0x9, 0x2, 0x3, 0xffffff14}, {0x5, 0x4, 0xb28, 0x9, 0xfff, 0x4}, {0x100, 0x10000, 0x0, 0x7fffffff, 0xe, 0x9}, {0x1c0e, 0x18, 0x0, 0x2, 0xffff, 0xffffff01}, {0x3, 0xc, 0x7, 0x4, 0x8c, 0xfffffff9}, {0x10001, 0x341, 0xb06, 0x401, 0x8, 0x5}, {0xf04c, 0x9, 0x9, 0x8, 0xc2f0, 0x401}, {0x95d7, 0x4f41, 0x4, 0xa8f8, 0x1, 0x400}, {0xfffffff8, 0x5, 0x0, 0x8, 0x5c, 0xda6}, {0x1, 0x4, 0xffffffff, 0x4, 0x8, 0x168d}, {0x3, 0x3, 0x0, 0x2, 0x9}, {0x193, 0x4, 0x0, 0x7, 0x2, 0x391a}, {0x8, 0x5, 0xdf, 0xa7a5, 0x5, 0x9}, {0x10001, 0x27, 0x3, 0x4, 0x4e518663, 0x6}, {0x1, 0x7, 0x9, 0xa1e, 0xff, 0x4}, {0x7, 0x80000000, 0x40, 0x7, 0x500, 0x8}, {0x842e, 0x1, 0x8, 0x3, 0x7, 0x4}, {0x7fffffff, 0x8, 0x2, 0x10000, 0x7, 0x9}, {0x7, 0x5, 0x9, 0x5, 0x9, 0x6}, {0x3, 0x8, 0x8, 0x61e5e3d7, 0xffff0ce2}, {0x6, 0xfffffff8, 0xfffffff8, 0x3, 0x8, 0xffffff26}, {0x2, 0x6, 0x90, 0x80000001, 0xe, 0xfff}, {0x8, 0x70d, 0x3, 0x81, 0x9, 0x27}, {0x7, 0x5, 0x2, 0x1, 0x7fffffff, 0x3}, {0x7d, 0xa5, 0x8, 0x1, 0x8000, 0x8}, {0x5a7, 0x0, 0x8, 0x3, 0xffffffff, 0x3}, {0x2, 0x8, 0x1, 0x0, 0x6, 0xffff}, {0x4, 0x5, 0x7f, 0x1000, 0x3, 0xe}, {0xea57, 0x200, 0x9, 0xfffffff7, 0x28a, 0x293}, {0x89, 0x0, 0x9, 0x16, 0x9, 0xfff}, {0x6, 0x6, 0x100, 0x5, 0xc4, 0x4b}, {0x3, 0x80, 0x2, 0x1000, 0x0, 0x16ca}, {0x0, 0x3, 0x4, 0x4, 0x672, 0x101}, {0x200, 0x1, 0xf0a, 0x0, 0x7, 0x3}, {0xff6, 0x2, 0x0, 0x7, 0x8000, 0x40000000}, {0x32ade5cd, 0x9, 0x80000000, 0x0, 0x10, 0x4}, {0x2, 0x2, 0x5, 0x9, 0x2, 0x7}, {0x5, 0x8, 0x3, 0x9, 0x4, 0xdd0}, {0xf, 0x7, 0xfa, 0x0, 0x548, 0x629be3b7}, {0x0, 0xc4, 0x80000000, 0xa, 0x4d1c, 0x9}, {0x9f, 0x5, 0xfffffffe, 0x7, 0x401, 0x6}, {0x9, 0xfffffffc, 0x80000000, 0x3, 0x9, 0x9}, {0x99a0, 0x5, 0x35c, 0xf05c, 0x5, 0x2}, {0x80000001, 0x6, 0x7, 0xffffffff, 0x4}, {0x8, 0x4d2, 0x5000, 0x9, 0x9, 0x80000000}, {0xfffffffb, 0xfffffffc, 0x7, 0x6, 0x5, 0xff}, {0x7f, 0x7, 0x48, 0x6, 0x0, 0x830}, {0x7, 0x7e, 0x7, 0x0, 0x8, 0xb}, {0x4, 0x7fffffff, 0x264, 0x7, 0x5, 0x8}, {0x7, 0x1, 0x4, 0x3, 0x1ff, 0x1}], [{0x5, 0x1}, {0x1}, {0x3, 0x1}, {0x3}, {0x1}, {0x1, 0xf3441b64d9aa0ab0}, {0x1}, {}, {0x5}, {0x5}, {0x3}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x5}, {0x5}, {0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x0, 0x1}, {0x5}, {0x1, 0x1}, {0x4}, {0x4}, {0x0, 0x1}, {0x1, 0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x3}, {0x3}, {0x2, 0x1}, {0x1}, {0x34ead4492a78b643, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4}, {0x3}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {}, {0x2, 0x1}, {0x3}, {}, {0x3}, {0x2, 0x1}, {}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x5}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x1}, {0x4}, {0x2}, {0x2}, {0x4}, {0x1, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4}, {0x4, 0x1}, {}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {}, {0x5}, {0x1}, {0x2}, {0x2, 0x1}, {0x2}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x2}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x1, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x5}, {0xaffaaf9ad1c203f3}, {0x2}, {0x2, 0x1}, {}, {0x3, 0x1}, {0x2, 0xbca2bbbeeec3ad07}, {0x5}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x3, 0x36f1cf603bd88fb5}, {}, {0x5}, {0x4}, {0x5}, {}, {0x1, 0x1}, {0x3}]}}]}, {0x64, 0x6, "c44357e8e572fd3599a1083b11bdae40ba16efd094efe6919f67ec1e08fb00c924f27e93df366d3eb925dbe9eabb3cf305bb6769398b8333f2443a6f785f0ca844a573416283008aa423fa0aab41828b3ccc4bccfb4a34798b304138b99d7d06"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ctinfo={0x100, 0xb, 0x0, 0x0, {{0xb}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x4}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x1}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x901d}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x3ab}, @TCA_CTINFO_ACT={0x18, 0x3, {0x7f, 0x5, 0x8, 0x0, 0x9}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x3}, @TCA_CTINFO_ZONE={0x6}]}, {0x8a, 0x6, "ada32f4ea30f42bc082abf6430615e8d57acf9555d8b6cb1f9981722d69197f3b9e8b26d14f064703e370af9fe46447e39c2a5a0662f4dbbccc8e6247d4bf7026f075df7c4df61469d61e600840e635bc2acc75b2bf6410efedcf755a70948253140f700b1afcab660b35586546982943b402a0f58aa2ff21eb2d562185b0e7111f735644da5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_BPF_OPS={{0x6, 0x4, 0x5}, {0x2c, 0x5, [{0x8, 0x6, 0xbb, 0x6}, {0x5, 0xb, 0x0, 0xa8}, {0x3ff, 0x2, 0x8, 0xfffffffe}, {0x27b5, 0xe, 0x7, 0x7}, {0xd, 0x8, 0x3}]}}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}]}}]}, 0x10cc}, 0x1, 0x0, 0x0, 0x10}, 0x0)

215.421361ms ago: executing program 0 (id=1634):
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) (async)
r0 = creat(0x0, 0x20) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @remote}, 0x10)
setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f0000000100)={r3, 0x1, 0x6, @local}, 0x10) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) (async)
write$P9_RSTATu(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="500000007d900000003531c559090000221001000000040000000000000000000080ff0300000c02002e5e03002d405c000000000300637400", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x50) (async, rerun: 32)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async, rerun: 64)
r7 = accept4(r6, 0x0, 0x0, 0x0) (rerun: 64)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f90fa3c92b", 0x14}], 0x1}, 0x0) (async)
recvmmsg$unix(r7, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6(0xa, 0x1, 0x8010000000000084) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c0100003d000900000000000000000048b5a7010000000491c26d873a9619f6f60000000c0001800800108004000b0008000200", @ANYRES32, @ANYRES64=r3], 0x2c}, 0x1, 0x0, 0x0, 0x51}, 0x0) (async, rerun: 64)
bind$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e21, 0xffffffff, @empty}, 0x1c) (async, rerun: 64)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @private0, 0x3}, 0x1c)

149.979343ms ago: executing program 0 (id=1635):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d51dc30209872ec602af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d77549"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000001f80)=r0, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x4)
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f00000000c0), 0xc5000002)
r3 = openat2(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x308300, 0xdb, 0x2}, 0x18)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r3)
r5 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r5, 0xab00, r6)
r7 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f00000000c0)=0x12, 0x100000)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000400))
ioctl$SIOCX25SCUDMATCHLEN(r7, 0x89e7, &(0x7f0000000100)={0x67})
r8 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r8, 0xab0a, 0x1000101)
ioctl$NBD_SET_SOCK(r8, 0xab00, r6)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in=@multicast2, 0x0, 0x2}, [@srcaddr={0x14, 0xd, @in=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x3c}, 0x1, 0x6c00, 0x0, 0x40000}, 0x0)
ioctl$NBD_DO_IT(r5, 0xab03)
ioctl$NBD_CLEAR_SOCK(r8, 0xab04)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="02002bbd7000fbdbdf2511000063"], 0x14}}, 0x4040010)
r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000440)={0x1, r3})
sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r10, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8810}, 0x4000000)
r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000001800), 0x40000, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000003c0), 0x10003, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0)
ioctl$CDROM_CLEAR_OPTIONS(r11, 0x5321, 0x8)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000680)='\\', 0x1}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

0s ago: executing program 2 (id=1636):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000010000fbffffffffffffff0000806e0000", @ANYRES32=0x0, @ANYBLOB="000100"/20, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x200000f, 0x11, r0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$sock_int(r1, 0x1, 0x2, 0x0, &(0x7f0000000300))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r3 = syz_io_uring_setup(0x881, &(0x7f0000000480)={0x0, 0xeb6a, 0x0, 0x2}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioperm(0x83, 0x6, 0x8)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000080)={0xf0f080, 0x19})
r8 = dup(r6)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r8, 0x4040534e, &(0x7f0000000200)={0x40, @tick=0x401, 0x9, {0x2, 0x2}, 0x81, 0x2, 0xe0})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
bind$unix(r9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x2})
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r10 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r10, 0x0)
accept4$x25(r10, 0x0, 0x0, 0x80800)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x200})

kernel console output (not intermixed with test programs):

ng interface team0 (retrying later): interface not active
[  106.990199][ T5963] Bluetooth: hci1: command 0x0406 tx timeout
[  107.089448][ T7673] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  107.216204][ T5963] Bluetooth: hci3: unexpected event for opcode 0x044b
[  107.250941][ T7688] fuse: Bad value for 'group_id'
[  107.252463][ T7688] fuse: Bad value for 'group_id'
[  107.366123][ T7694] netlink: 'syz.3.447': attribute type 6 has an invalid length.
[  107.439460][ T7662] vivid-001: reconnect
[  107.688595][    T8] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  107.793281][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  107.855951][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  107.860619][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  107.864932][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  107.877558][    T8] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  107.881430][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.884785][    T8] usb 8-1: Product: syz
[  107.886580][    T8] usb 8-1: Manufacturer: syz
[  107.888482][    T8] usb 8-1: SerialNumber: syz
[  107.895164][    T8] usb 8-1: config 0 descriptor??
[  107.988642][ T5990] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  108.108215][    T8] adutux 8-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  108.162124][ T5990] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  108.165560][ T5990] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  108.169795][ T5990] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  108.173127][ T5990] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  108.177276][ T5990] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  108.184475][ T5990] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  108.188043][ T5990] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  108.191465][ T5990] usb 5-1: Product: syz
[  108.193148][ T5990] usb 5-1: Manufacturer: syz
[  108.197959][ T5990] cdc_wdm 5-1:1.0: skipping garbage
[  108.200691][ T5990] cdc_wdm 5-1:1.0: skipping garbage
[  108.203825][ T5990] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  108.206200][ T5990] cdc_wdm 5-1:1.0: Unknown control protocol
[  108.235615][ T7705] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  108.295162][ T7707] lo speed is unknown, defaulting to 1000
[  108.316444][    T8] usb 8-1: USB disconnect, device number 7
[  108.398800][ T7703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.401424][ T7703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.474072][ T7711] overlayfs: maximum fs stacking depth exceeded
[  108.485307][ T7711] afs: Unknown parameter ''
[  108.759191][ T7724] unknown channel width for channel at 909000KHz?
[  108.762029][ T7724] unknown channel width for channel at 909000KHz?
[  108.764286][ T7724] unknown channel width for channel at 909000KHz?
[  109.878603][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  110.612942][ T7746] lo speed is unknown, defaulting to 1000
[  110.758082][   T73] usb 5-1: USB disconnect, device number 3
[  110.781158][ T7751] FAULT_INJECTION: forcing a failure.
[  110.781158][ T7751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.786731][ T7751] CPU: 2 UID: 0 PID: 7751 Comm: syz.0.465 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  110.789978][ T7751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.793412][ T7751] Call Trace:
[  110.794464][ T7751]  <TASK>
[  110.795280][ T7751]  dump_stack_lvl+0x16c/0x1f0
[  110.796613][ T7751]  should_fail_ex+0x497/0x5b0
[  110.797973][ T7751]  _copy_from_iter+0x29b/0x1400
[  110.799561][ T7751]  ? trace_lock_acquire+0x14e/0x1f0
[  110.801177][ T7751]  ? __pfx__copy_from_iter+0x10/0x10
[  110.802757][ T7751]  ? __virt_addr_valid+0x1a4/0x590
[  110.804292][ T7751]  ? __virt_addr_valid+0x5e/0x590
[  110.805794][ T7751]  ? __phys_addr_symbol+0x30/0x80
[  110.807271][ T7751]  ? __check_object_size+0x488/0x710
[  110.808834][ T7751]  tipc_msg_build+0x9f0/0x10d0
[  110.810522][ T7751]  ? __pfx_tipc_msg_build+0x10/0x10
[  110.812553][ T7751]  tipc_send_group_bcast+0x7ce/0xa60
[  110.814686][ T7751]  ? __pfx_tipc_send_group_bcast+0x10/0x10
[  110.816564][ T7751]  ? __pfx_mark_lock+0x10/0x10
[  110.818006][ T7751]  ? hlock_class+0x4e/0x130
[  110.819352][ T7751]  ? __pfx_mark_lock+0x10/0x10
[  110.820820][ T7751]  ? __page_table_check_zero+0x2d7/0x360
[  110.822435][ T7751]  ? __pfx_woken_wake_function+0x10/0x10
[  110.824052][ T7751]  ? __pfx_mark_lock+0x10/0x10
[  110.825497][ T7751]  ? post_alloc_hook+0x2c0/0x350
[  110.826966][ T7751]  ? hlock_class+0x4e/0x130
[  110.828279][ T7751]  ? __lock_acquire+0x15a9/0x3c40
[  110.829748][ T7751]  __tipc_sendmsg+0x4a5/0x1990
[  110.831634][ T7751]  ? __pfx___tipc_sendmsg+0x10/0x10
[  110.833717][ T7751]  ? __pfx_mark_lock+0x10/0x10
[  110.835675][ T7751]  ? lock_acquire.part.0+0x11b/0x380
[  110.837852][ T7751]  ? find_held_lock+0x2d/0x110
[  110.839814][ T7751]  ? mark_held_locks+0x9f/0xe0
[  110.841379][ T7751]  ? __local_bh_enable_ip+0xa4/0x120
[  110.843581][ T7751]  tipc_sendmsg+0x4f/0x70
[  110.845336][ T7751]  ____sys_sendmsg+0x9ae/0xb40
[  110.847326][ T7751]  ? __pfx_____sys_sendmsg+0x10/0x10
[  110.849498][ T7751]  ? get_compat_msghdr+0x11b/0x170
[  110.851608][ T7751]  ___sys_sendmsg+0x135/0x1e0
[  110.853611][ T7751]  ? __pfx____sys_sendmsg+0x10/0x10
[  110.855840][ T7751]  ? trace_lock_acquire+0x14e/0x1f0
[  110.858072][ T7751]  __sys_sendmmsg+0x2fa/0x420
[  110.860068][ T7751]  ? __pfx___sys_sendmmsg+0x10/0x10
[  110.862130][ T7751]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  110.863935][ T7751]  ? fput+0x67/0x440
[  110.865138][ T7751]  ? ksys_write+0x1ba/0x250
[  110.866524][ T7751]  ? __pfx_ksys_write+0x10/0x10
[  110.867962][ T7751]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  110.869964][ T7751]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  110.872758][ T7751]  __do_fast_syscall_32+0x73/0x120
[  110.874922][ T7751]  do_fast_syscall_32+0x32/0x80
[  110.876990][ T7751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.879671][ T7751] RIP: 0023:0xf706e579
[  110.880956][ T7751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.888020][ T7751] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  110.891122][ T7751] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200030c0
[  110.893422][ T7751] RDX: 0000000000000181 RSI: 0000000000000000 RDI: 0000000000000000
[  110.895726][ T7751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.897958][ T7751] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.900219][ T7751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.903270][ T7751]  </TASK>
[  111.229454][ T5963] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  111.232954][ T5963] Bluetooth: hci3: Injecting HCI hardware error event
[  111.237383][ T5963] Bluetooth: hci3: hardware error 0x00
[  111.648132][ T7765] program syz.0.468 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.830726][ T7771] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.833826][ T7771] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.959930][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout
[  112.098636][ T6971] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  112.248692][ T6971] usb 8-1: Using ep0 maxpacket: 8
[  112.251561][ T6971] usb 8-1: config 0 has no interfaces?
[  112.253307][ T6971] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  112.255983][ T6971] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.257090][ T7786] overlayfs: failed to clone lowerpath
[  112.263421][ T6971] usb 8-1: config 0 descriptor??
[  112.628269][ T7773] netlink: 8 bytes leftover after parsing attributes in process `syz.3.471'.
[  112.636889][ T7773] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  112.647535][   T73] usb 8-1: USB disconnect, device number 8
[  113.108634][ T7799] vivid-001: disconnect
[  113.318758][ T5963] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  113.524698][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.482'.
[  113.624457][ T7796] vivid-001: reconnect
[  114.685277][ T7827] netlink: 12 bytes leftover after parsing attributes in process `syz.2.489'.
[  114.826078][ T7823] netfs: Couldn't get user pages (rc=-14)
[  114.969208][ T7836] lo speed is unknown, defaulting to 1000
[  114.991320][ T7837] SET target dimension over the limit!
[  115.466284][ T7847] infiniband s
z1: set active
[  115.474763][ T7847] bridge_slave_0: left allmulticast mode
[  115.477237][ T7847] bridge_slave_0: left promiscuous mode
[  115.490504][ T7847] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.497563][ T7847] bridge_slave_1: left allmulticast mode
[  115.499440][ T7847] bridge_slave_1: left promiscuous mode
[  115.501185][ T7847] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.507398][ T7847] bond0: (slave bond_slave_0): Releasing backup interface
[  115.513557][ T7847] bond0: (slave bond_slave_1): Releasing backup interface
[  115.533892][ T7847] team0: Port device C removed
[  115.540967][ T7847] team0: Port device team_slave_1 removed
[  115.543034][ T7847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.545130][ T7847] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.549387][ T7847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.551545][ T7847] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.559697][ T7847] batadv1: left allmulticast mode
[  115.561272][ T7847] batadv1: left promiscuous mode
[  115.562826][ T7847] bridge0: port 3(batadv1) entered disabled state
[  115.571701][   T25] lo speed is unknown, defaulting to 1000
[  115.587805][   T12] tipc: Resetting bearer <eth:team0>
[  115.609657][ T7849] geneve2: entered promiscuous mode
[  115.612445][ T7849] geneve2: entered allmulticast mode
[  115.617774][ T7849] batman_adv: batadv0: Adding interface: geneve2
[  115.624181][ T7849] batman_adv: batadv0: Interface activated: geneve2
[  115.756955][ T7855] netlink: 12 bytes leftover after parsing attributes in process `syz.0.496'.
[  116.113721][ T7863] netlink: 12 bytes leftover after parsing attributes in process `syz.0.498'.
[  116.396754][ T7867] netlink: 36 bytes leftover after parsing attributes in process `syz.3.497'.
[  116.508660][ T7866] netlink: 12 bytes leftover after parsing attributes in process `syz.3.497'.
[  116.576306][ T7871] lo speed is unknown, defaulting to 1000
[  116.680137][ T7871] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  116.710439][ T7877] netlink: 'syz.1.502': attribute type 10 has an invalid length.
[  116.713147][ T7877] bond0: (slave wlan1): Opening slave failed
[  116.753928][ T7871] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  116.997957][ T7891] program syz.2.507 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.272379][ T7908] binder: BINDER_SET_CONTEXT_MGR already set
[  118.282348][ T7908] binder: 7907:7908 ioctl 4018620d 20000040 returned -16
[  118.567059][ T7922] overlayfs: failed to clone upperpath
[  118.734711][ T7925] lo speed is unknown, defaulting to 1000
[  119.057812][ T7939] overlayfs: conflicting lowerdir path
[  119.113619][ T7941] rdma_rxe: rxe_newlink: failed to add lo
[  119.585450][ T7946] netlink: 'syz.2.520': attribute type 21 has an invalid length.
[  119.846273][   T39] audit: type=1326 audit(1736925335.810:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.852574][   T39] audit: type=1326 audit(1736925335.820:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=135 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.858832][   T39] audit: type=1326 audit(1736925335.820:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.864793][   T39] audit: type=1326 audit(1736925335.820:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.870963][   T39] audit: type=1326 audit(1736925335.820:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.877916][   T39] audit: type=1326 audit(1736925335.820:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.884851][   T39] audit: type=1326 audit(1736925335.820:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.909445][   T39] audit: type=1326 audit(1736925335.820:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.915669][   T39] audit: type=1326 audit(1736925335.820:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f7f579 code=0x7ffc0000
[  119.924975][   T39] audit: type=1326 audit(1736925335.820:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7958 comm="syz.2.525" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f7f579 code=0x7ffc0000
/machine/unattached/device[28]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[29]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[30]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[31]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[32]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[33]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[34]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[35]: smbus: error: Unexpected send start condition in state 2
/machine/unattached/device[28]: smbus: error: Unexpected write in state -1
/machine/unattached/device[29]: smbus: error: Unexpected write in state -1
/machine/unattached/device[30]: smbus: error: Unexpected write in state -1
/machine/unattached/device[31]: smbus: error: Unexpected write in state -1
/machine/unattached/device[32]: smbus: error: Unexpected write in state -1
/machine/unattached/device[33]: smbus: error: Unexpected write in state -1
/machine/unattached/device[34]: smbus: error: Unexpected write in state -1
/machine/unattached/device[35]: smbus: error: Unexpected write in state -1
/machine/unattached/device[28]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[29]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[30]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[31]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[32]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[33]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[34]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[35]: smbus: error: Unexpected recv start condition in state -1
[  120.790350][ T7990] lo speed is unknown, defaulting to 1000
[  121.214148][ T8015] netlink: 'syz.2.543': attribute type 1 has an invalid length.
[  121.261111][ T8015] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  121.275487][ T8015] 8021q: adding VLAN 0 to HW filter on device bond1
[  121.278389][   T76] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  121.281227][ T8015] vlan0: entered promiscuous mode
[  121.284014][ T8015] bond1: entered promiscuous mode
[  121.285468][ T8015] ip6gretap1: entered promiscuous mode
[  121.293425][ T8015] bond1: left promiscuous mode
[  121.295377][ T8015] ip6gretap1: left promiscuous mode
[  121.399485][   T12] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  121.821045][ T8029] lo speed is unknown, defaulting to 1000
[  122.297784][ T8038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.549'.
[  122.511929][ T8054] netfs: Couldn't get user pages (rc=-14)
[  122.708235][ T8048] input: syz1 as /devices/virtual/input/input15
[  123.710891][ T8078] md: md2 stopped.
[  124.354828][ T8088] netlink: 12 bytes leftover after parsing attributes in process `syz.3.563'.
[  124.374944][ T8086] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.507160][ T8086] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.532683][ T8091] netlink: 'syz.0.561': attribute type 4 has an invalid length.
[  124.585836][ T8086] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.601730][ T8097] random: crng reseeded on system resumption
[  124.642011][ T8099] vivid-000: disconnect
[  124.654457][ T8086] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.754281][ T8086] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.763437][ T8086] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.772233][ T8086] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.778772][ T8086] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.231768][ T8098] vivid-000: reconnect
[  125.611097][ T8125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.573'.
[  125.703330][ T8129] lo speed is unknown, defaulting to 1000
[  126.265647][ T8141] vivid-001: disconnect
[  126.734755][ T8137] vivid-001: reconnect
[  126.894818][ T8165] lo speed is unknown, defaulting to 1000
[  126.989915][ T8173] xt_bpf: check failed: parse error
[  127.064159][ T8173] bio_check_eod: 2 callbacks suppressed
[  127.064170][ T8173] syz.2.586: attempt to access beyond end of device
[  127.064170][ T8173] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  127.073302][ T8173] (syz.2.586,8173,3):ocfs2_get_sector:1769 ERROR: status = -5
[  127.075857][ T8173] (syz.2.586,8173,3):ocfs2_sb_probe:749 ERROR: status = -5
[  127.078446][ T8173] (syz.2.586,8173,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  127.091429][ T8173] (syz.2.586,8173,3):ocfs2_fill_super:1178 ERROR: status = -5
[  127.251686][ T8173] netlink: 12 bytes leftover after parsing attributes in process `syz.2.586'.
[  127.644007][ T8197] loop9: detected capacity change from 0 to 7
[  127.653499][ T8197] Dev loop9: unable to read RDB block 7
[  127.655250][ T8197]  loop9: unable to read partition table
[  127.657347][ T8197] loop9: partition table beyond EOD, truncated
[  127.659607][ T8197] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  127.659607][ T8197] 
) failed (rc=-5)
[  128.371963][ T8206] vivid-002: disconnect
[  128.706364][ T8213] lo speed is unknown, defaulting to 1000
[  128.835312][ T8203] vivid-002: reconnect
[  129.345110][ T8228] xt_hashlimit: Unknown mode mask 368, kernel too old?
[  130.704202][ T8260] lo speed is unknown, defaulting to 1000
[  130.853116][ T8263] mkiss: ax0: crc mode is auto.
[  130.976306][ T8272] can0: slcan on ttyS3.
/machine/unattached/device[28]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[29]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[30]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[31]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[32]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[33]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[34]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[35]: smbus: error: Unexpected send start condition in state -1
/machine/unattached/device[28]: smbus: error: Unexpected write in state -1
/machine/unattached/device[29]: smbus: error: Unexpected write in state -1
/machine/unattached/device[30]: smbus: error: Unexpected write in state -1
/machine/unattached/device[31]: smbus: error: Unexpected write in state -1
/machine/unattached/device[32]: smbus: error: Unexpected write in state -1
/machine/unattached/device[33]: smbus: error: Unexpected write in state -1
/machine/unattached/device[34]: smbus: error: Unexpected write in state -1
/machine/unattached/device[35]: smbus: error: Unexpected write in state -1
/machine/unattached/device[28]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[29]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[30]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[31]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[32]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[33]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[34]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[35]: smbus: error: Unexpected recv start condition in state -1
/machine/unattached/device[28]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[29]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[30]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[31]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[32]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[33]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[34]: smbus: error: Unexpected NACK in state -1
/machine/unattached/device[35]: smbus: error: Unexpected NACK in state -1
[  131.107565][ T8282] netlink: 20 bytes leftover after parsing attributes in process `syz.3.613'.
[  131.357801][ T8291] block device autoloading is deprecated and will be removed.
[  131.364259][ T8286] md: md2 stopped.
[  131.380381][ T8248] can0 (unregistered): slcan off ttyS3.
[  132.229124][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  132.231477][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  132.800746][ T8327] netlink: 8 bytes leftover after parsing attributes in process `syz.3.626'.
[  132.803305][ T8327] netlink: 40 bytes leftover after parsing attributes in process `syz.3.626'.
[  132.937435][ T8342] netdevsim netdevsim3: Direct firmware load for .
[  132.937435][ T8342]  failed with error -2
[  132.944435][ T8342] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  132.944435][ T8342] 
[  132.945756][ T8343] netlink: 32 bytes leftover after parsing attributes in process `syz.0.630'.
[  132.952088][ T8343] netlink: 32 bytes leftover after parsing attributes in process `syz.0.630'.
[  133.005300][ T8343] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  133.007836][ T8343] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  133.010423][ T8343] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  133.012869][ T8343] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  133.015707][ T8343] geneve3: entered promiscuous mode
[  133.017223][ T8343] geneve3: entered allmulticast mode
[  133.591118][ T8363] syzkaller1: entered promiscuous mode
[  133.592812][ T8363] syzkaller1: entered allmulticast mode
[  134.258651][   T35] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  134.422617][   T35] usb 8-1: config 0 has no interfaces?
[  134.424096][   T35] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  134.426746][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.430891][   T35] usb 8-1: config 0 descriptor??
[  134.710876][ T8389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.716314][ T8389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.011863][ T6013] usb 8-1: USB disconnect, device number 9
[  137.579155][ T8443] netlink: 36 bytes leftover after parsing attributes in process `syz.3.661'.
[  137.647106][ T8444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.661'.
[  137.686756][ T8444] lo speed is unknown, defaulting to 1000
[  138.653762][ T8464] bridge0: port 1(hsr_slave_1) entered blocking state
[  138.758705][ T8464] bridge0: port 1(hsr_slave_1) entered disabled state
[  138.772552][ T8468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.663'.
[  138.799093][ T8464] hsr_slave_1: entered allmulticast mode
[  139.436855][ T8464] hsr_slave_1: left allmulticast mode
[  139.568090][ T8468] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  139.767767][ T8483] netlink: 24 bytes leftover after parsing attributes in process `syz.2.671'.
[  139.847753][ T8487] program syz.2.673 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.028662][ T6013] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  141.179040][ T6013] usb 7-1: Using ep0 maxpacket: 16
[  141.184995][ T6013] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.187932][ T6013] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  141.190838][ T6013] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.195681][ T6013] usb 7-1: config 0 descriptor??
[  141.944700][ T8552] vivid-000: =================  START STATUS  =================
[  141.947109][ T8552] vivid-000: Test Pattern: 75% Colorbar
[  141.949828][ T8552] vivid-000: Fill Percentage of Frame: 100
[  141.951857][ T8552] vivid-000: Horizontal Movement: No Movement
[  141.953689][ T8552] vivid-000: Vertical Movement: No Movement
[  141.955456][ T8552] vivid-000: OSD Text Mode: All
[  141.956919][ T8552] vivid-000: Show Border: false
[  141.958374][ T8552] vivid-000: Show Square: false
[  141.959869][ T8552] vivid-000: Sensor Flipped Horizontally: false
[  141.961700][ T8552] vivid-000: Sensor Flipped Vertically: false
[  141.963508][ T8552] vivid-000: Insert SAV Code in Image: false
[  141.965290][ T8552] vivid-000: Insert EAV Code in Image: false
[  141.967027][ T8552] vivid-000: Insert Video Guard Band: false
[  141.968990][ T8552] vivid-000: Reduced Framerate: false
[  141.970595][ T8552] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  141.972871][ T8552] vivid-000: S-Video 000-0 Is Connected To: Output S-Video 023-0
[  141.975180][ T8552] vivid-000: Enable Capture Cropping: true
[  141.976915][ T8552] vivid-000: Enable Capture Composing: true
[  141.978792][ T8552] vivid-000: Enable Capture Scaler: true
[  141.980495][ T8552] vivid-000: Timestamp Source: End of Frame
[  141.982258][ T8552] vivid-000: Colorspace: sRGB
[  141.983668][ T8552] vivid-000: Transfer Function: Default
[  141.985344][ T8552] vivid-000: Y'CbCr Encoding: Default
[  141.986935][ T8552] vivid-000: HSV Encoding: Hue 0-179
[  141.988567][ T8552] vivid-000: Quantization: Default
[  141.990048][ T8552] vivid-000: Apply Alpha To Red Only: false
[  141.991807][ T8552] vivid-000: Standard Aspect Ratio: 4x3
[  141.993476][ T8552] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  141.995753][ T8552] vivid-000: DV Timings: 640x480p59 inactive
[  141.997530][ T8552] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  142.000047][ T8552] vivid-000: Maximum EDID Blocks: 2
[  142.001619][ T8552] vivid-000: Limited RGB Range (16-235): false
[  142.003434][ T8552] vivid-000: Rx RGB Quantization Range: Automatic
[  142.005328][ T8552] vivid-000: Power Present: 0x00000001
[  142.006962][ T8552] tpg source WxH: 320x180 (Y'CbCr)
[  142.008609][ T8552] tpg field: 1
[  142.009656][ T8552] tpg crop: 320x180@0x0
[  142.010902][ T8552] tpg compose: 320x180@0x0
[  142.012232][ T8552] tpg colorspace: 8
[  142.013389][ T8552] tpg transfer function: 0/0
[  142.014784][ T8552] tpg Y'CbCr encoding: 0/0
[  142.016116][ T8552] tpg quantization: 0/0
[  142.017363][ T8552] tpg RGB range: 0/2
[  142.018602][ T8552] vivid-000: ==================  END STATUS  ==================
[  142.084393][ T8554] program syz.0.687 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  142.632105][   T25] usb 7-1: USB disconnect, device number 6
[  142.816633][ T8563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.690'.
[  142.819196][ T8563] netlink: 72 bytes leftover after parsing attributes in process `syz.3.690'.
[  143.171914][ T8569] Cannot find add_set index 0 as target
[  143.557291][ T8562] block nbd3: shutting down sockets
[  144.298473][ T8591] netlink: 'syz.2.698': attribute type 10 has an invalid length.
[  144.348831][ T8591] netlink: 'syz.2.698': attribute type 10 has an invalid length.
[  144.407737][ T8592] netlink: 32 bytes leftover after parsing attributes in process `syz.2.698'.
[  144.445906][ T8591] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  146.078192][ T8612] random: crng reseeded on system resumption
[  146.121049][ T8612] lo speed is unknown, defaulting to 1000
[  146.832385][ T8629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.709'.
[  146.836081][ T8629] netlink: 12 bytes leftover after parsing attributes in process `syz.0.709'.
[  147.108633][   T35] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  147.135962][ T8634] netlink: 'syz.3.711': attribute type 10 has an invalid length.
[  147.138202][ T8634] netlink: 40 bytes leftover after parsing attributes in process `syz.3.711'.
[  147.142563][ T8634] team0: entered promiscuous mode
[  147.144012][ T8634] team_slave_0: entered promiscuous mode
[  147.145914][ T8634] team_slave_1: entered promiscuous mode
[  147.147866][ T8634] team0: entered allmulticast mode
[  147.151787][ T8634] team_slave_0: entered allmulticast mode
[  147.154903][ T8634] team_slave_1: entered allmulticast mode
[  147.156946][ T8634] bridge0: port 3(team0) entered blocking state
[  147.159376][ T8634] bridge0: port 3(team0) entered disabled state
[  147.163087][ T8634] bridge0: port 3(team0) entered blocking state
[  147.165087][ T8634] bridge0: port 3(team0) entered forwarding state
[  147.231156][ T8634] overlayfs: missing 'workdir'
[  147.234952][ T8634] netlink: 12 bytes leftover after parsing attributes in process `syz.3.711'.
[  147.258672][   T35] usb 5-1: Using ep0 maxpacket: 8
[  147.263565][   T35] usb 5-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[  147.266131][   T35] usb 5-1: config 167 has 1 interface, different from the descriptor's value: 202
[  147.274346][   T35] usb 5-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[  147.277859][   T35] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.277880][   T35] usb 5-1: Product: syz
[  147.277894][   T35] usb 5-1: Manufacturer: syz
[  147.295718][   T35] usb 5-1: SerialNumber: syz
[  147.300888][   T35] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[  147.314933][   T35] dvb-usb: bulk message failed: -22 (3/0)
[  147.345605][   T35] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  147.351276][   T35] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[  147.355416][   T35] usb 5-1: media controller created
[  147.362307][   T35] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  147.402398][   T35] dvb-usb: bulk message failed: -22 (6/0)
[  147.404820][   T35] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[  147.412008][   T35] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input16
[  147.416934][   T35] dvb-usb: schedule remote query interval to 150 msecs.
[  147.419270][   T35] dvb-usb: bulk message failed: -22 (3/0)
[  147.438666][   T35] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[  147.523128][   T35] usb 5-1: USB disconnect, device number 4
[  147.547868][   T35] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[  147.926089][ T8649] netlink: 'syz.1.715': attribute type 10 has an invalid length.
[  147.930094][ T8649] bond0: (slave netdevsim0): Releasing backup interface
[  147.936505][ T8649] team0: Port device netdevsim0 added
[  148.189661][ T8660] program syz.3.719 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  148.216460][ T8658] lo speed is unknown, defaulting to 1000
[  149.235645][ T8681] No source specified
[  149.278407][ T8683] lo speed is unknown, defaulting to 1000
[  149.329465][ T8684] netlink: 'syz.1.725': attribute type 1 has an invalid length.
[  149.332086][ T8684] netlink: 'syz.1.725': attribute type 2 has an invalid length.
[  149.334416][ T8684] netlink: 20 bytes leftover after parsing attributes in process `syz.1.725'.
[  149.338145][ T8684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.725'.
[  149.634554][ T8702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.728'.
[  149.644181][ T8702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.728'.
[  149.724692][ T8704] lo speed is unknown, defaulting to 1000
[  150.722396][ T8716] overlayfs: failed to clone upperpath
[  151.249279][ T8732] 9pnet_fd: Insufficient options for proto=fd
[  152.182530][ T8757] vivid-000: disconnect
[  152.374222][ T8742] vivid-000: reconnect
[  154.654900][ T8802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.757'.
[  154.719739][ T8806] sg_write: data in/out 875837202/12 bytes for SCSI command 0x0-- guessing data in;
[  154.719739][ T8806]    program syz.3.759 not setting count and/or reply_len properly
[  154.944782][ T8816] lo speed is unknown, defaulting to 1000
[  155.310766][ T8825] program syz.0.764 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  157.037682][ T8853] 9pnet_fd: Insufficient options for proto=fd
[  157.825935][ T8867] tc_dump_action: action bad kind
[  158.076490][ T8885] 9pnet_virtio: no channels available for device syz
[  158.083132][ T8886] ppp0: entered promiscuous mode
[  158.084587][ T8886] ppp0: entered allmulticast mode
[  158.155230][ T8893] Invalid option length (1048409) for dns_resolver key
[  158.235580][ T8897] netfs: Couldn't get user pages (rc=-14)
[  159.230007][   T30] libceph: connect (1)[c::]:6789 error -101
[  159.232084][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  159.474354][ T8920] netlink: 20 bytes leftover after parsing attributes in process `syz.3.794'.
[  159.492196][   T30] libceph: connect (1)[c::]:6789 error -101
[  159.500000][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  159.584042][ T8923] lo speed is unknown, defaulting to 1000
[  159.648590][   T57] usb 7-1: new low-speed USB device number 7 using dummy_hcd
[  159.801115][   T57] usb 7-1: Invalid ep0 maxpacket: 64
[  159.852521][ T8911] ceph: No mds server is up or the cluster is laggy
[  159.938969][   T57] usb 7-1: new low-speed USB device number 8 using dummy_hcd
[  160.358572][   T57] usb 7-1: Invalid ep0 maxpacket: 64
[  160.360248][   T57] usb usb7-port1: attempt power cycle
[  160.698569][   T57] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  160.725362][   T57] usb 7-1: Invalid ep0 maxpacket: 64
[  160.848888][   T57] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  160.869339][   T57] usb 7-1: Invalid ep0 maxpacket: 64
[  160.871021][   T57] usb usb7-port1: unable to enumerate USB device
[  160.913139][ T8966] netlink: 12 bytes leftover after parsing attributes in process `syz.0.810'.
[  160.915640][ T8966] bridge_slave_0: default FDB implementation only supports local addresses
[  161.696298][ T8987] kernel profiling enabled (shift: 7)
[  161.906276][ T8992] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  162.054179][ T9003] pim6reg: entered allmulticast mode
[  162.057299][ T9004] batman_adv: batadv0: Adding interface: dummy0
[  162.059755][ T9004] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.070079][ T9004] batman_adv: batadv0: Interface activated: dummy0
[  162.072347][ T9003] pim6reg: left allmulticast mode
[  162.084974][ T9004] batadv0: mtu less than device minimum
[  162.087832][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.092345][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.096073][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.099787][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.104182][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.108725][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.113259][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.116892][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.120670][ T9004] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.158232][ T9007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.827'.
[  162.206518][ T9013] netlink: 64 bytes leftover after parsing attributes in process `syz.1.830'.
[  162.880261][ T9035] kvm: apic: phys broadcast and lowest prio
[  163.054065][   T39] kauditd_printk_skb: 28 callbacks suppressed
[  163.054076][   T39] audit: type=1326 audit(1736925379.020:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.0.840" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706e579 code=0x0
[  163.108603][   T57] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  163.258584][   T57] usb 7-1: Using ep0 maxpacket: 8
[  163.261302][   T57] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.264067][   T57] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  163.267223][   T57] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.270012][   T57] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  163.272450][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.277910][   T57] hub 7-1:1.0: bad descriptor, ignoring hub
[  163.280099][   T57] hub 7-1:1.0: probe with driver hub failed with error -5
[  163.282421][   T57] cdc_wdm 7-1:1.0: skipping garbage
[  163.283957][   T57] cdc_wdm 7-1:1.0: skipping garbage
[  163.285921][   T57] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  163.383871][ T9061] trusted_key: syz.1.847 sent an empty control message without MSG_MORE.
[  163.588756][ T6010] usb 7-1: USB disconnect, device number 11
[  163.928637][ T6010] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  164.461358][ T9077] lo speed is unknown, defaulting to 1000
[  164.488685][ T6010] usb 7-1: device descriptor read/64, error -71
[  164.728753][ T6010] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  164.816995][ T9083] lo speed is unknown, defaulting to 1000
[  164.928607][ T6010] usb 7-1: device descriptor read/64, error -71
[  164.987451][ T9088] trusted_key: encrypted_key: insufficient parameters specified
[  165.038879][ T6010] usb usb7-port1: attempt power cycle
[  165.388654][ T6010] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  165.409210][ T6010] usb 7-1: device descriptor read/8, error -71
[  165.506811][ T9104] program syz.2.861 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  165.950780][ T9108] netlink: 80 bytes leftover after parsing attributes in process `syz.0.862'.
[  166.598207][ T9131] lo speed is unknown, defaulting to 1000
[  166.719302][ T9132] lo speed is unknown, defaulting to 1000
[  167.417454][ T9146] program syz.2.875 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.220963][ T9158] infiniband syz1: set down
[  168.222666][ T9158] infiniband syz1: added syzkaller0
[  168.244060][ T9158] RDS/IB: syz1: added
[  168.245458][ T9158] smc: adding ib device syz1 with port count 1
[  168.247896][ T9158] smc:    ib device syz1 port 1 has pnetid 
[  168.494977][ T9169] netlink: 'syz.2.882': attribute type 1 has an invalid length.
[  168.522528][ T9169] 8021q: adding VLAN 0 to HW filter on device bond2
[  168.550113][ T9169] bond2: (slave veth5): Enslaving as an active interface with a down link
[  168.623816][   T11] smc: removing ib device syz1
[  168.816184][ T9183] infiniband s
z1: set active
[  168.818234][ T9183] net_ratelimit: 10 callbacks suppressed
[  168.820242][ T9183] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  168.828139][   T35] lo speed is unknown, defaulting to 1000
[  169.574220][ T9198] program syz.3.891 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  169.756759][   T39] audit: type=1800 audit(1736925385.720:44): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.894" name="bus" dev="overlay" ino=993 res=0 errno=0
[  170.639561][ T9228] vivid-002: disconnect
[  171.001017][ T9227] vivid-002: reconnect
[  171.107152][ T9246] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  171.180118][ T9252] netlink: 24 bytes leftover after parsing attributes in process `syz.1.907'.
[  171.400884][   T39] audit: type=1326 audit(1736925387.370:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.407314][   T39] audit: type=1326 audit(1736925387.370:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.418105][   T39] audit: type=1326 audit(1736925387.380:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.427455][   T39] audit: type=1326 audit(1736925387.390:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.436114][   T39] audit: type=1326 audit(1736925387.390:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.442712][   T39] audit: type=1326 audit(1736925387.390:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.453460][   T39] audit: type=1326 audit(1736925387.420:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.459595][   T39] audit: type=1326 audit(1736925387.420:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.466587][   T39] audit: type=1326 audit(1736925387.420:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9263 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  171.608772][ T9271] netlink: 40 bytes leftover after parsing attributes in process `syz.1.911'.
[  171.786732][ T9277] netlink: 24 bytes leftover after parsing attributes in process `syz.1.914'.
[  171.807238][ T9235] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  171.810035][ T9235] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  172.048593][ T6010] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  172.191142][ T9285] netfs: Couldn't get user pages (rc=-14)
[  172.208815][ T6010] usb 8-1: Using ep0 maxpacket: 8
[  172.214437][ T6010] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  172.217655][ T6010] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  172.222914][ T6010] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.231211][ T6010] usb 8-1: config 0 descriptor??
[  172.236491][ T6010] iowarrior 8-1:0.0: no interrupt-in endpoint found
[  172.611496][ T9297] veth1_to_team: default FDB implementation only supports local addresses
[  173.078625][ T5958] Bluetooth: hci1: command 0x0406 tx timeout
[  173.518244][ T9315] lo speed is unknown, defaulting to 1000
[  173.878608][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout
[  174.260002][ T6010] usb 8-1: USB disconnect, device number 10
[  174.467505][ T9348] 9pnet_fd: Insufficient options for proto=fd
[  174.910622][ T9361] xt_CT: You must specify a L4 protocol and not use inversions on it
[  174.916716][ T9358] netlink: 'syz.0.940': attribute type 10 has an invalid length.
[  174.919410][ T9358] tipc: Resetting bearer <eth:team0>
[  174.924240][ T9358] batman_adv: batadv0: Adding interface: team0
[  174.926123][ T9358] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.933444][ T9358] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  174.937851][ T9358] netlink: 'syz.0.940': attribute type 10 has an invalid length.
[  174.940242][ T9358] netlink: 2 bytes leftover after parsing attributes in process `syz.0.940'.
[  174.942927][ T9358] team0: entered promiscuous mode
[  174.944701][ T9358] 8021q: adding VLAN 0 to HW filter on device team0
[  174.946804][ T9358] batman_adv: batadv0: Interface activated: team0
[  174.948827][ T9358] batman_adv: batadv0: Interface deactivated: team0
[  174.950802][ T9358] batman_adv: batadv0: Removing interface: team0
[  174.953632][ T9358] bridge0: port 1(team0) entered blocking state
[  174.955613][ T9358] bridge0: port 1(team0) entered disabled state
[  174.957728][ T9358] team0: entered allmulticast mode
[  175.004625][ T9367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.942'.
[  175.948752][ T5963] Bluetooth: hci2: command 0x0c1a tx timeout
[  176.252530][ T9388] 9pnet_virtio: no channels available for device syz
[  176.375427][ T9393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.949'.
[  177.004065][ T9406] netlink: 16 bytes leftover after parsing attributes in process `syz.1.954'.
[  177.042347][ T9408] lo speed is unknown, defaulting to 1000
[  177.601826][ T9434] lo speed is unknown, defaulting to 1000
[  177.639106][   T57] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  177.788598][   T57] usb 5-1: Using ep0 maxpacket: 8
[  177.791241][   T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  177.794412][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  177.797260][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  177.800583][   T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  177.804292][   T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  177.806855][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.920400][ T9442] afs: Unknown parameter '��n'
[  177.962379][ T9442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.966'.
[  178.002355][ T9447] program syz.3.968 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  178.024667][   T57] usb 5-1: GET_CAPABILITIES returned 0
[  178.026283][   T57] usbtmc 5-1:16.0: can't read capabilities
[  178.226543][   T57] usb 5-1: USB disconnect, device number 5
[  178.922728][ T9465] netlink: 'syz.1.973': attribute type 10 has an invalid length.
[  178.944933][ T9465] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.947002][ T9465] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.950219][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.952278][ T9465] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.956564][ T9465] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  179.048586][ T9464] netlink: 4 bytes leftover after parsing attributes in process `syz.1.973'.
[  179.172720][ T9472] lo speed is unknown, defaulting to 1000
[  180.907186][ T9496] lo speed is unknown, defaulting to 1000
[  181.609661][ T9501] vivid-002: disconnect
[  181.699436][ T9506] lo speed is unknown, defaulting to 1000
[  181.859349][ T6971] libceph: connect (1)[c::]:6789 error -101
[  181.861222][ T6971] libceph: mon0 (1)[c::]:6789 connect error
[  182.122222][   T30] libceph: connect (1)[c::]:6789 error -101
[  182.124738][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  182.197397][ T9500] vivid-002: reconnect
[  182.395449][ T9515] ceph: No mds server is up or the cluster is laggy
[  182.519262][    T8] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  182.670308][    T8] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  182.676490][    T8] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  182.680700][    T8] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  182.685547][ T9538] FAULT_INJECTION: forcing a failure.
[  182.685547][ T9538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.686247][    T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.690106][ T9538] CPU: 2 UID: 0 PID: 9538 Comm: syz.2.995 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  182.696587][ T9538] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.699639][ T9538] Call Trace:
[  182.700491][ T9525] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  182.700595][ T9538]  <TASK>
[  182.700603][ T9538]  dump_stack_lvl+0x16c/0x1f0
[  182.705030][ T9538]  should_fail_ex+0x497/0x5b0
[  182.706913][ T9538]  _copy_from_user+0x2e/0xd0
[  182.708240][ T9538]  get_compat_msghdr+0xa8/0x170
[  182.709660][ T9538]  ? __pfx_get_compat_msghdr+0x10/0x10
[  182.711292][ T9538]  ___sys_recvmsg+0x193/0x1a0
[  182.711533][    T8] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  182.712659][ T9538]  ? __pfx____sys_recvmsg+0x10/0x10
[  182.712679][ T9538]  ? __fget_files+0x1fc/0x3a0
[  182.712692][ T9538]  ? trace_lock_acquire+0x14e/0x1f0
[  182.712709][ T9538]  ? __fget_files+0x206/0x3a0
[  182.712728][ T9538]  do_recvmmsg+0x55d/0x740
[  182.712745][ T9538]  ? __pfx_do_recvmmsg+0x10/0x10
[  182.723987][ T9538]  ? vfs_write+0x306/0x1150
[  182.725526][ T9538]  ? __fget_files+0x206/0x3a0
[  182.727346][ T9538]  __sys_recvmmsg+0x21e/0x280
[  182.728734][ T9538]  ? __pfx___sys_recvmmsg+0x10/0x10
[  182.730200][ T9538]  ? __pfx_ksys_write+0x10/0x10
[  182.731580][ T9538]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  182.733375][ T9538]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.735004][ T9538]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  182.736952][ T9538]  __do_fast_syscall_32+0x73/0x120
[  182.738414][ T9538]  do_fast_syscall_32+0x32/0x80
[  182.739812][ T9538]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.741623][ T9538] RIP: 0023:0xf7f7f579
[  182.742797][ T9538] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.748926][ T9538] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  182.751221][ T9538] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200037c0
[  182.753382][ T9538] RDX: 0000000000000002 RSI: 0000000040010101 RDI: 0000000000000000
[  182.755666][ T9538] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.757935][ T9538] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  182.760133][ T9538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.762348][ T9538]  </TASK>
[  182.763289][    C2] vkms_vblank_simulate: vblank timer overrun
[  182.975634][ T9545] binder: 9524:9545 ioctl c018620b 0 returned -14
[  183.057290][   T57] usb 8-1: USB disconnect, device number 11
[  183.632064][ T9552] lo speed is unknown, defaulting to 1000
[  184.025385][ T9565] netfs: Couldn't get user pages (rc=-14)
[  184.224355][ T9568] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1004'.
[  184.277119][ T9573] 9pnet_virtio: no channels available for device syz
[  184.795735][ T9602] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1016'.
[  185.504150][ T9632] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1025'.
[  185.663345][ T9636] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  185.669310][ T9634] sp0: Synchronizing with TNC
[  185.691333][   T57] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  185.849980][   T57] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  185.871307][   T57] usb 8-1: config 0 has no interface number 0
[  185.884018][   T57] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  185.887219][   T57] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  185.896119][   T57] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  185.900508][   T57] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  185.903839][   T57] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  185.907707][   T57] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  185.910782][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.954946][   T57] usb 8-1: config 0 descriptor??
[  185.959081][ T9628] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  185.960802][ T9631] [U] �
[  185.966157][   T57] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  186.081929][ T9648] overlayfs: failed to resolve './file1': -2
[  186.115136][ T9653] netlink: 'syz.0.1031': attribute type 12 has an invalid length.
[  186.251400][   T39] kauditd_printk_skb: 85 callbacks suppressed
[  186.251411][   T39] audit: type=1326 audit(1736925402.220:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9659 comm="syz.0.1034" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  186.453692][ T9664] netlink: 'syz.0.1034': attribute type 10 has an invalid length.
[  187.030264][ T9676] program syz.2.1039 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.390939][   T57] usb 8-1: USB disconnect, device number 12
[  187.395093][   T57] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  187.583118][ T9691] 9pnet_fd: Insufficient options for proto=fd
[  187.588065][ T9691] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1044'.
[  187.929975][ T9695] lo speed is unknown, defaulting to 1000
[  188.173902][ T9707] 9pnet_fd: Insufficient options for proto=fd
[  188.231697][   T39] audit: type=1800 audit(1736925404.190:140): pid=9710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1051" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  188.698447][ T9732] pim6reg: entered allmulticast mode
[  188.702914][ T9732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1058'.
[  188.706044][ T9732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1058'.
[  188.708876][ T9732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1058'.
[  188.768670][ T9732] pim6reg: left allmulticast mode
[  189.004590][ T9741] Invalid option length (1048435) for dns_resolver key
[  190.440465][ T9768] netfs: Couldn't get user pages (rc=-14)
[  190.929630][ T9776] netlink: 'syz.2.1071': attribute type 1 has an invalid length.
[  190.932458][ T9776] netlink: 'syz.2.1071': attribute type 2 has an invalid length.
[  190.936428][ T9776] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1071'.
[  190.976646][ T9780] Invalid option length (1048435) for dns_resolver key
[  191.687178][ T9802] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1077'.
[  192.106338][ T9808] netlink: 'syz.3.1081': attribute type 1 has an invalid length.
[  192.110083][ T9808] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1081'.
[  192.112678][ T9808] NCSI netlink: No device for ifindex 0
[  192.131942][ T9810] Invalid option length (1048435) for dns_resolver key
[  192.155608][ T9814] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1084'.
[  192.203212][ T9818] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  192.407959][ T9827] Process accounting resumed
[  192.586873][ T9829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1088'.
[  192.591447][ T9829] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1088'.
[  192.739018][ T9841] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1091'.
[  192.770757][ T9845] Invalid option length (1048435) for dns_resolver key
[  192.902614][ T9848] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1092'.
[  193.191067][ T9859] openvswitch: netlink: Message has 2 unknown bytes.
[  193.193140][ T9859] openvswitch: netlink: Actions may not be safe on all matching packets
[  193.274451][   T39] audit: type=1804 audit(1736925409.240:141): pid=9862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1097" name="/newroot/239/file0/cgroup.controllers" dev="9p" ino=38666574 res=1 errno=0
[  193.629991][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  193.631835][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  193.809841][ T9873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1101'.
[  193.819289][ T9876] Invalid option length (1048435) for dns_resolver key
[  193.847058][ T9878] 9pnet_virtio: no channels available for device syz
[  194.671465][ T9890] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1106'.
[  194.755706][ T9896] bridge_slave_1: left allmulticast mode
[  194.757406][ T9896] bridge_slave_1: left promiscuous mode
[  194.759643][ T9896] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.762806][ T9896] bridge3: port 1(bridge_slave_1) entered blocking state
[  194.764877][ T9896] bridge3: port 1(bridge_slave_1) entered disabled state
[  194.767004][ T9896] bridge_slave_1: entered allmulticast mode
[  194.770227][ T9896] bridge_slave_1: entered promiscuous mode
[  194.854536][ T9903] binder: 9899:9903 ioctl c04c5609 20000240 returned -22
[  195.929760][ T9932] netfs: Couldn't get user pages (rc=-14)
[  196.327837][ T9947] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  196.329758][ T9947] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  196.332101][ T9947] vhci_hcd vhci_hcd.0: Device attached
[  196.339284][ T9948] vhci_hcd: unknown pdu 2
[  196.341080][ T9947] netlink: 'syz.0.1122': attribute type 4 has an invalid length.
[  196.341648][   T11] vhci_hcd: stop threads
[  196.344791][   T11] vhci_hcd: release socket
[  196.346735][   T11] vhci_hcd: disconnect device
[  196.348416][ T9947] infiniband s
z1: set down
[  196.351149][ T6013] lo speed is unknown, defaulting to 1000
[  196.353437][ T6013] lo speed is unknown, defaulting to 1000
[  196.356864][ T9947] netlink: 'syz.0.1122': attribute type 4 has an invalid length.
[  196.363911][ T9947] infiniband s
z1: set active
[  196.365497][ T5994] lo speed is unknown, defaulting to 1000
[  196.367344][ T5994] lo speed is unknown, defaulting to 1000
[  196.858593][   T39] audit: type=1326 audit(1736925412.819:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9956 comm="syz.1.1126" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x0
[  197.801112][ T9981] netlink: zone id is out of range
[  198.041070][ T6010] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  198.189686][ T6010] usb 7-1: Using ep0 maxpacket: 8
[  198.192329][ T6010] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  198.194648][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  198.197817][ T6010] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  198.201763][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  198.205142][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  198.209290][ T6010] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  198.211442][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  198.214600][ T6010] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  198.218026][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  198.221504][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  198.225408][ T6010] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  198.227518][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  198.231363][ T6010] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  198.234680][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  198.237733][ T6010] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  198.243879][ T6010] usb 7-1: string descriptor 0 read error: -22
[  198.245745][ T6010] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  198.248305][ T6010] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.259590][ T6010] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  198.319397][ T9996] program syz.3.1138 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  199.796029][T10027] Invalid option length (1048435) for dns_resolver key
[  202.610375][    T8] usb 7-1: USB disconnect, device number 16
[  203.193538][T10120] __nla_validate_parse: 1 callbacks suppressed
[  203.193548][T10120] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1177'.
[  203.198171][T10120] tipc: Invalid UDP bearer configuration
[  203.198192][T10120] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  203.339821][T10124] netlink: 'syz.1.1178': attribute type 1 has an invalid length.
[  203.392275][T10124] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  203.403460][T10124] 8021q: adding VLAN 0 to HW filter on device bond1
[  203.406424][ T6931] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  203.419972][T10124] vlan0: entered promiscuous mode
[  203.423358][T10124] bond1: entered promiscuous mode
[  203.425471][T10124] ip6gretap1: entered promiscuous mode
[  203.432927][T10124] bond1: left promiscuous mode
[  203.434933][T10124] ip6gretap1: left promiscuous mode
[  203.518592][   T45] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  203.618820][T10135] ipt_REJECT: ECHOREPLY no longer supported.
[  203.623376][T10135] bridge2: entered promiscuous mode
[  203.625055][T10135] bridge2: entered allmulticast mode
[  203.635214][T10135] team0: Port device bridge2 added
[  203.745689][T10143] lo speed is unknown, defaulting to 1000
[  203.757494][T10145] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1189'.
[  203.791697][T10147] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1190'.
[  203.856065][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1192'.
[  203.948244][T10161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1193'.
[  203.957453][T10161] netlink: 'syz.0.1193': attribute type 12 has an invalid length.
[  204.314618][T10173] netlink: 'syz.0.1195': attribute type 1 has an invalid length.
[  204.658215][T10183] netfs: Couldn't get user pages (rc=-14)
[  204.833961][T10195] netlink: 'syz.1.1200': attribute type 1 has an invalid length.
[  204.845022][T10195] 8021q: adding VLAN 0 to HW filter on device bond2
[  204.852382][T10195] vlan0: entered promiscuous mode
[  204.854825][T10195] bond2: entered promiscuous mode
[  204.858287][T10195] bond2: left promiscuous mode
[  204.893322][T10182] input: syz1 as /devices/virtual/input/input17
[  205.287901][T10201] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  205.295779][T10201] CIFS mount error: No usable UNC path provided in device string!
[  205.295779][T10201] 
[  205.299940][T10201] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  205.658302][T10207] xt_CT: No such helper "snmp_trap"
[  205.996322][T10213] trusted_key: encrypted_key: insufficient parameters specified
[  206.234678][T10218] netlink: 'syz.3.1206': attribute type 1 has an invalid length.
[  206.256942][T10218] 8021q: adding VLAN 0 to HW filter on device bond2
[  206.267655][T10218] vlan2: entered promiscuous mode
[  206.269933][T10218] bond2: entered promiscuous mode
[  206.273668][T10218] bond2: left promiscuous mode
[  206.606346][T10233] random: crng reseeded on system resumption
[  206.884121][T10236] fuse: Unknown parameter '0xffffffffffffffff0x0000000000000003'
[  207.479041][T10254] Invalid option length (1048437) for dns_resolver key
[  207.488621][   T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  207.612459][T10257] bridge0: port 3(team0) entered disabled state
[  207.654181][   T39] audit: type=1326 audit(1736925423.619:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  207.658716][   T25] usb 5-1: Using ep0 maxpacket: 32
[  207.662042][   T39] audit: type=1326 audit(1736925423.619:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  207.668441][   T39] audit: type=1326 audit(1736925423.629:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1215" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  207.675337][   T39] audit: type=1326 audit(1736925423.629:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  207.681878][   T25] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  207.684257][   T25] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  207.687401][   T25] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  207.695268][   T39] audit: type=1326 audit(1736925423.629:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.3.1215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83579 code=0x7ffc0000
[  207.701697][   T25] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  207.707126][   T25] usb 5-1: config 0 interface 0 has no altsetting 0
[  207.717872][   T25] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  207.720681][   T25] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  207.723475][   T25] usb 5-1: Product: syz
[  207.724729][   T25] usb 5-1: Manufacturer: syz
[  207.726063][   T25] usb 5-1: SerialNumber: syz
[  207.731220][   T25] usb 5-1: config 0 descriptor??
[  207.735856][   T25] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  207.740272][   T25] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  207.746705][T10257] bridge0: port 3(team0) entered disabled state
[  207.757682][T10257] team_slave_0: left promiscuous mode
[  207.759788][T10257] team_slave_0: left allmulticast mode
[  207.815810][T10257] team0 (unregistering): Port device team_slave_0 removed
[  207.818088][T10257] team_slave_1: left promiscuous mode
[  207.820984][T10257] team_slave_1: left allmulticast mode
[  207.831119][T10257] team0 (unregistering): Port device team_slave_1 removed
[  208.239635][T10276] IPv6: sit1: Disabled Multicast RS
[  209.010845][T10295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1225'.
[  209.013601][T10295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1225'.
[  209.196046][T10293] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1224'.
[  209.198856][T10293] netlink: 'syz.2.1224': attribute type 2 has an invalid length.
[  209.201217][T10293] netlink: 'syz.2.1224': attribute type 1 has an invalid length.
[  209.242597][T10303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.247408][T10303] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.882362][T10315] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1230'.
[  209.998646][   T30] usb 5-1: USB disconnect, device number 6
[  210.002333][   T30] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  210.017493][T10318] loop7: detected capacity change from 0 to 16384
[  210.050185][T10318] loop7: detected capacity change from 16384 to 16383
[  210.254383][T10326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1234'.
[  210.536464][T10335] Bluetooth: MGMT ver 1.23
[  210.589329][T10330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1235'.
[  210.607568][T10336] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1237'.
[  210.767472][T10341] netlink: 'syz.3.1238': attribute type 10 has an invalid length.
[  211.803694][T10372] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1250'.
[  211.832502][T10375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1251'.
[  211.835918][T10375] IPVS: Error joining to the multicast group
[  212.021349][T10388] input: syz0 as /devices/virtual/input/input18
[  212.114772][T10397] Process accounting resumed
[  212.272205][T10402] lo speed is unknown, defaulting to 1000
[  212.328773][T10399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1255'.
[  213.158662][ T6013] usb 8-1: new full-speed USB device number 13 using dummy_hcd
[  213.309932][ T6013] usb 8-1: config index 0 descriptor too short (expected 26395, got 27)
[  213.313097][ T6013] usb 8-1: config 130 has 1 interface, different from the descriptor's value: 20
[  213.315812][ T6013] usb 8-1: config 130 interface 0 has no altsetting 0
[  213.319500][ T6013] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  213.328623][ T6013] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.331030][ T6013] usb 8-1: Product: syz
[  213.332322][ T6013] usb 8-1: Manufacturer: syz
[  213.334885][ T6013] usb 8-1: SerialNumber: syz
[  214.051379][T10470] netlink: 'syz.1.1268': attribute type 9 has an invalid length.
[  214.055639][T10470] __nla_validate_parse: 1 callbacks suppressed
[  214.055648][T10470] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1268'.
[  214.204367][ T6013] usblp 8-1:130.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 245 proto 1 vid 0x0525 pid 0xA4A8
[  214.209780][ T6013] usb 8-1: USB disconnect, device number 13
[  214.213828][ T6013] usblp0: removed
[  214.856416][T10488] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  214.868313][T10487] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  214.895467][T10490] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  215.048652][ T6971] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  215.220983][ T6971] usb 7-1: unable to get BOS descriptor or descriptor too short
[  215.224651][ T6971] usb 7-1: config 1 interface 0 altsetting 170 bulk endpoint 0x82 has invalid maxpacket 16
[  215.228162][ T6971] usb 7-1: config 1 interface 0 has no altsetting 0
[  215.233890][ T6971] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  215.237763][ T6971] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.241374][ T6971] usb 7-1: Product: syz
[  215.243074][ T6971] usb 7-1: Manufacturer: syz
[  215.244653][ T6971] usb 7-1: SerialNumber: syz
[  215.251011][T10483] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  215.838132][T10519] netlink: 'syz.0.1280': attribute type 21 has an invalid length.
[  215.841571][T10519] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1280'.
[  215.844185][T10519] netlink: 'syz.0.1280': attribute type 5 has an invalid length.
[  215.846418][T10519] netlink: 'syz.0.1280': attribute type 6 has an invalid length.
[  215.849440][T10519] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1280'.
[  216.205307][T10531] netfs: Couldn't get user pages (rc=-14)
[  217.518595][T10542] nbd3: detected capacity change from 0 to 67108884
[  217.526470][ T9541] block nbd3: Send control failed (result -89)
[  217.528482][ T9541] block nbd3: Request send failed, requeueing
[  217.530510][ T5963] block nbd3: Receive control failed (result -32)
[  217.530792][ T1304] block nbd3: Dead connection, failed to find a fallback
[  217.535082][ T1304] block nbd3: shutting down sockets
[  217.536895][ T1304] blk_print_req_error: 24 callbacks suppressed
[  217.536903][ T1304] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.542302][ T1304] buffer_io_error: 23 callbacks suppressed
[  217.542369][ T1304] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.547786][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.550580][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.556145][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.559286][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.562998][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.565590][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.568113][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.570995][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.573735][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.576687][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.579215][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.581839][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.584217][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.587385][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.590270][ T9541] ldm_validate_partition_table(): Disk read failed.
[  217.592518][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.595298][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.597872][ T9541] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  217.600610][ T9541] Buffer I/O error on dev nbd3, logical block 0, async page read
[  217.603365][ T9541] Dev nbd3: unable to read RDB block 0
[  217.606391][ T9541]  nbd3: unable to read partition table
[  217.620464][ T9541] ldm_validate_partition_table(): Disk read failed.
[  217.623279][ T9541] Dev nbd3: unable to read RDB block 0
[  217.626965][ T9541]  nbd3: unable to read partition table
[  217.728269][   T35] IPVS: starting estimator thread 0...
[  217.740032][T10550] input: syz1 as /devices/virtual/input/input19
[  217.818718][T10551] IPVS: using max 40 ests per chain, 96000 per kthread
[  217.862245][ T6971] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71
[  217.963348][ T6971] usb 7-1: USB disconnect, device number 17
[  218.006048][T10558] kAFS: No cell specified
[  218.554323][T10568] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1294'.
[  218.662161][T10576] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1296'.
[  218.834429][T10580] Invalid option length (1048437) for dns_resolver key
[  218.933439][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1298'.
[  219.178612][   T35] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  219.340046][   T35] usb 7-1: config 0 has no interfaces?
[  219.341933][   T35] usb 7-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=52.4d
[  219.344897][   T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.348788][   T35] usb 7-1: config 0 descriptor??
[  219.634860][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1298'.
[  219.802676][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.806705][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.810587][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.814448][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.818080][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.822060][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.825765][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.829369][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.832996][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.836480][T10612] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 40:00:63:2f:77:fb
[  219.861455][T10612] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1308'.
[  219.933547][T10615] Invalid option length (1048437) for dns_resolver key
[  221.039818][ T6013] kernel read not supported for file /video7 (pid: 6013 comm: kworker/0:3)
[  221.802262][T10664] input: syz1 as /devices/virtual/input/input20
[  221.818783][ T5954] udevd[5954]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  221.887425][   T35] usb 7-1: USB disconnect, device number 18
[  222.149427][T10674] lo speed is unknown, defaulting to 1000
[  222.192181][T10673] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1324'.
[  222.194857][T10673] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1324'.
[  222.383121][T10676] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  222.724357][T10692] program syz.3.1330 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  222.908901][T10675] block nbd2: shutting down sockets
[  224.031308][T10765] netlink: 'syz.3.1337': attribute type 10 has an invalid length.
[  224.046896][T10765] netlink: 'syz.3.1337': attribute type 10 has an invalid length.
[  224.059380][T10765] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  224.138797][T10771] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1337'.
[  224.998322][T10799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1346'.
[  225.002681][T10799] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1346'.
[  225.006476][T10799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1346'.
[  225.136107][T10806] netlink: 'syz.2.1349': attribute type 7 has an invalid length.
[  225.141508][T10806] netlink: 211728 bytes leftover after parsing attributes in process `syz.2.1349'.
[  225.298412][T10820] Invalid option length (1048441) for dns_resolver key
[  225.371172][T10822] 9pnet_virtio: no channels available for device syz
[  226.263087][T10834] netlink: 'syz.1.1357': attribute type 10 has an invalid length.
[  226.503268][T10844] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1360'.
[  226.572249][T10846] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1361'.
[  226.702999][T10848] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1356'.
[  227.559294][T10875] program syz.0.1366 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  227.643486][T10884] Invalid option length (1048441) for dns_resolver key
[  227.742223][T10894] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1369'.
[  227.911405][T10909] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=536870912 (1073741824 ns) > initial count (12 ns). Using initial count to start timer.
[  228.174066][   T39] audit: type=1326 audit(1736925444.139:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10923 comm="syz.3.1377" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f83579 code=0x0
[  228.199333][T10929] Invalid option length (1048441) for dns_resolver key
[  228.298953][T10932] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.301554][T10932] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.359819][T10936] net_ratelimit: 250 callbacks suppressed
[  228.359830][T10936] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  228.588652][T10944] lo speed is unknown, defaulting to 1000
[  228.653267][   T39] audit: type=1326 audit(1736925444.619:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10943 comm="syz.1.1383" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f04579 code=0x0
[  229.190143][T10960] Invalid option length (1048441) for dns_resolver key
[  229.968650][   T39] audit: type=1326 audit(1736925445.919:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  229.975293][   T39] audit: type=1326 audit(1736925445.929:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  229.984783][   T39] audit: type=1326 audit(1736925445.949:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  229.996439][   T39] audit: type=1326 audit(1736925445.949:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  230.002985][   T39] audit: type=1326 audit(1736925445.949:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  230.009665][   T39] audit: type=1326 audit(1736925445.949:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  230.015859][   T39] audit: type=1326 audit(1736925445.949:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  230.022167][   T39] audit: type=1326 audit(1736925445.949:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10977 comm="syz.0.1392" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[  230.670687][T11013] sctp: [Deprecated]: syz.2.1403 (pid 11013) Use of struct sctp_assoc_value in delayed_ack socket option.
[  230.670687][T11013] Use struct sctp_sack_info instead
[  230.676991][T11013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1403'.
[  230.715408][T11016] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.717893][T11016] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.808965][T11022] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1407'.
[  230.858740][ T6971] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  231.008716][ T6971] usb 8-1: Using ep0 maxpacket: 8
[  231.013942][ T6971] usb 8-1: config 1 has an invalid interface number: 0 but max is -1
[  231.016587][ T6971] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  231.019615][ T6971] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 0
[  231.022667][ T6971] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  231.028355][ T6971] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  231.031827][ T6971] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  231.034729][ T6971] usb 8-1: SerialNumber: syz
[  231.049720][ T6971] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  231.218744][ T6010] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  231.324971][   T35] usb 8-1: USB disconnect, device number 14
[  231.378623][ T6010] usb 7-1: Using ep0 maxpacket: 32
[  231.381340][ T6010] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  231.383836][ T6010] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  231.386949][ T6010] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  231.390117][ T6010] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  231.392863][ T6010] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  231.396715][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0
[  231.400186][ T6010] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  231.402742][ T6010] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  231.405064][ T6010] usb 7-1: Product: syz
[  231.406238][ T6010] usb 7-1: Manufacturer: syz
[  231.407648][ T6010] usb 7-1: SerialNumber: syz
[  231.410882][ T6010] usb 7-1: config 0 descriptor??
[  231.413475][ T6010] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  231.417423][ T6010] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  231.615170][T11033] ldusb 7-1:0.0: Couldn't submit interrupt_in_urb -90
[  231.794027][ T6971] usb 7-1: USB disconnect, device number 19
[  231.800860][ T6971] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  231.865502][T11046] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1415'.
[  231.869692][T11046] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1415'.
[  231.885686][T11048] gfs2: gfs2 mount does not exist
[  232.011263][T11061] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1420'.
[  232.014898][T11061] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1420'.
[  232.122263][T11068] FAULT_INJECTION: forcing a failure.
[  232.122263][T11068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  232.125580][T11068] CPU: 2 UID: 0 PID: 11068 Comm: syz.3.1422 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  232.128302][T11068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.131583][T11068] Call Trace:
[  232.132773][T11068]  <TASK>
[  232.133818][T11068]  dump_stack_lvl+0x16c/0x1f0
[  232.135501][T11068]  should_fail_ex+0x497/0x5b0
[  232.137204][T11068]  _copy_from_user+0x2e/0xd0
[  232.138866][T11068]  get_compat_msghdr+0xa8/0x170
[  232.140595][T11068]  ? __pfx_get_compat_msghdr+0x10/0x10
[  232.142509][T11068]  ___sys_recvmsg+0x193/0x1a0
[  232.144245][T11068]  ? __pfx____sys_recvmsg+0x10/0x10
[  232.146138][T11068]  ? __fget_files+0x1fc/0x3a0
[  232.147405][T11068]  ? trace_lock_acquire+0x14e/0x1f0
[  232.148823][T11068]  ? __fget_files+0x206/0x3a0
[  232.150215][T11068]  ? __pfx___might_resched+0x10/0x10
[  232.151588][T11068]  do_recvmmsg+0x55d/0x740
[  232.152760][T11068]  ? __pfx_do_recvmmsg+0x10/0x10
[  232.154050][T11068]  ? vfs_write+0x306/0x1150
[  232.155185][T11068]  ? __fget_files+0x206/0x3a0
[  232.156398][T11068]  __sys_recvmmsg+0x21e/0x280
[  232.157606][T11068]  ? __pfx___sys_recvmmsg+0x10/0x10
[  232.158930][T11068]  ? __pfx_ksys_write+0x10/0x10
[  232.160144][T11068]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  232.161720][T11068]  ? lockdep_hardirqs_on+0x7c/0x110
[  232.163019][T11068]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  232.164656][T11068]  __do_fast_syscall_32+0x73/0x120
[  232.165961][T11068]  do_fast_syscall_32+0x32/0x80
[  232.167244][T11068]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  232.168881][T11068] RIP: 0023:0xf7f83579
[  232.169908][T11068] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  232.174886][T11068] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  232.177055][T11068] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200037c0
[  232.179097][T11068] RDX: 0000000000000002 RSI: 0000000040010101 RDI: 0000000000000000
[  232.181153][T11068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  232.183169][T11068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  232.185181][T11068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  232.187237][T11068]  </TASK>
[  232.314595][T11076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1426'.
[  232.475626][T11084] binder: 11083:11084 ioctl c018620c 20000140 returned -22
[  232.531621][T11088] lo speed is unknown, defaulting to 1000
[  232.537269][T11090] netlink: 'syz.1.1433': attribute type 39 has an invalid length.
[  233.313967][ T5958] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  233.317861][ T5958] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  233.321486][ T5958] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  233.323795][ T5958] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  233.326091][ T5958] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  233.328195][ T5958] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  233.358371][T11115] lo speed is unknown, defaulting to 1000
[  233.412244][T11118] program syz.0.1441 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  233.447603][T11115] chnl_net:caif_netlink_parms(): no params data found
[  233.521899][T11115] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.524073][T11115] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.526136][T11115] bridge_slave_0: entered allmulticast mode
[  233.528229][T11115] bridge_slave_0: entered promiscuous mode
[  233.531296][T11115] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.533410][T11115] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.535538][T11115] bridge_slave_1: entered allmulticast mode
[  233.537674][T11115] bridge_slave_1: entered promiscuous mode
[  233.560250][T11115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  233.565059][T11115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.592498][T11115] team0: Port device team_slave_0 added
[  233.595448][T11115] team0: Port device team_slave_1 added
[  233.615623][T11115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.617596][T11115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.626856][T11115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.630761][T11115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.632703][T11115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.640055][T11115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.666082][T11115] hsr_slave_0: entered promiscuous mode
[  233.668354][T11115] hsr_slave_1: entered promiscuous mode
[  233.670717][T11115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.672856][T11115] Cannot create hsr debugfs directory
[  233.753990][T11115] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  233.757779][T11115] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  233.761137][T11115] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  233.764294][T11115] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  233.773388][T11115] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.775491][T11115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.777616][T11115] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.779662][T11115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.803677][T11115] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.818156][ T6931] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.821899][ T6931] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.862921][T11115] 8021q: adding VLAN 0 to HW filter on device team0
[  233.956805][ T6931] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.958927][ T6931] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.966715][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.968923][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.019119][T11115] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  234.022102][T11115] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  234.304879][T11115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.317629][T11146] overlayfs: missing 'lowerdir'
[  234.330833][T11149] mkiss: ax0: crc mode is auto.
[  234.413337][T11115] veth0_vlan: entered promiscuous mode
[  234.420342][T11115] veth1_vlan: entered promiscuous mode
[  234.431819][T11115] veth0_macvtap: entered promiscuous mode
[  234.436603][T11115] veth1_macvtap: entered promiscuous mode
[  234.444892][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.448089][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.451944][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.455919][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.459120][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.463009][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.466337][T11115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.472941][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.475943][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.482034][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.484997][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.487697][T11115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.498577][T11115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.502512][T11115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.505869][T11115] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.508404][T11115] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.511825][T11115] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.514433][T11115] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.546289][ T6931] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.552895][ T6931] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.563316][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.565814][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.581513][T11163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1450'.
[  234.584156][T11163] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1450'.
[  234.625151][T11166] Invalid option length (1048441) for dns_resolver key
[  234.659282][T11168] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1451'.
[  234.662051][T11168] bridge_slave_0: default FDB implementation only supports local addresses
[  235.169008][T11181] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.382232][T11191] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  235.388686][ T5958] Bluetooth: hci4: command tx timeout
[  235.724647][T11215] batman_adv: batadv0: Adding interface: dummy0
[  235.726636][T11215] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.734943][T11215] batman_adv: batadv0: Interface activated: dummy0
[  235.746438][T11215] batadv0: mtu less than device minimum
[  235.749822][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.754906][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.759014][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.762934][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.767270][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.771240][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.774928][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.778407][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.782305][T11215] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  235.823215][T11220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1466'.
[  237.468736][ T5958] Bluetooth: hci4: command tx timeout
[  237.601698][T11249] program syz.0.1474 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.009215][T11255] FAULT_INJECTION: forcing a failure.
[  238.009215][T11255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.012950][T11255] CPU: 3 UID: 0 PID: 11255 Comm: syz.3.1476 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  238.016026][T11255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  238.019087][T11255] Call Trace:
[  238.020047][T11255]  <TASK>
[  238.020913][T11255]  dump_stack_lvl+0x16c/0x1f0
[  238.022266][T11255]  should_fail_ex+0x497/0x5b0
[  238.023642][T11255]  _copy_from_iter+0x29b/0x1400
[  238.025051][T11255]  ? trace_lock_acquire+0x14e/0x1f0
[  238.026548][T11255]  ? __alloc_skb+0x200/0x380
[  238.027873][T11255]  ? __pfx__copy_from_iter+0x10/0x10
[  238.029381][T11255]  ? __virt_addr_valid+0x1a4/0x590
[  238.030861][T11255]  ? __virt_addr_valid+0x5e/0x590
[  238.032312][T11255]  ? __phys_addr_symbol+0x30/0x80
[  238.033768][T11255]  ? __check_object_size+0x488/0x710
[  238.035295][T11255]  netlink_sendmsg+0x813/0xd70
[  238.036685][T11255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.038195][T11255]  ____sys_sendmsg+0x9ae/0xb40
[  238.039774][T11255]  ? __pfx_____sys_sendmsg+0x10/0x10
[  238.041284][T11255]  ? get_compat_msghdr+0x11b/0x170
[  238.042742][T11255]  ___sys_sendmsg+0x135/0x1e0
[  238.044107][T11255]  ? __pfx____sys_sendmsg+0x10/0x10
[  238.045631][T11255]  ? __pfx_lock_release+0x10/0x10
[  238.047063][T11255]  ? trace_lock_acquire+0x14e/0x1f0
[  238.048563][T11255]  ? __fget_files+0x206/0x3a0
[  238.049912][T11255]  __sys_sendmsg+0x16e/0x220
[  238.051226][T11255]  ? __pfx___sys_sendmsg+0x10/0x10
[  238.052701][T11255]  __do_fast_syscall_32+0x73/0x120
[  238.054195][T11255]  do_fast_syscall_32+0x32/0x80
[  238.055599][T11255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  238.057412][T11255] RIP: 0023:0xf7f83579
[  238.058580][T11255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  238.064015][T11255] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  238.066387][T11255] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200
[  238.068626][T11255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  238.070875][T11255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.073115][T11255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  238.075362][T11255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  238.077604][T11255]  </TASK>
[  238.191265][T11262] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1472'.
[  238.207748][T11263] veth0_to_team: entered promiscuous mode
[  238.209635][T11263] veth0_to_team: entered allmulticast mode
[  238.481495][T11276] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1484'.
[  238.783931][T11295] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  238.791684][T11295] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  238.897724][T11301] netlink: 308 bytes leftover after parsing attributes in process `syz.4.1492'.
[  238.998017][T11303] lo speed is unknown, defaulting to 1000
[  239.181730][T11310] program syz.2.1495 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.553707][ T5958] Bluetooth: hci4: command tx timeout
[  239.583636][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060303800: rx timeout, send abort
[  239.829410][T11325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1499'.
[  239.832067][T11325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1499'.
[  239.915582][T11330] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$���UL�vy��آ
�D��UD�w�}�zR'
[  239.919083][T11330] CPU: 0 UID: 0 PID: 11330 Comm: syz.4.1500 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  239.922170][T11330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.925261][T11330] Call Trace:
[  239.926259][T11330]  <TASK>
[  239.927119][T11330]  dump_stack_lvl+0x16c/0x1f0
[  239.928509][T11330]  sysfs_warn_dup+0x7f/0xa0
[  239.929832][T11330]  sysfs_do_create_link_sd+0x124/0x140
[  239.931416][T11330]  sysfs_create_link+0x61/0xc0
[  239.932799][T11330]  device_add+0x62e/0x1a70
[  239.934130][T11330]  ? __pfx_device_add+0x10/0x10
[  239.935544][T11330]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  239.937283][T11330]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  239.939005][T11330]  wiphy_register+0x1c7a/0x2860
[  239.940431][T11330]  ? netdev_run_todo+0x837/0x12d0
[  239.941899][T11330]  ? __pfx_wiphy_register+0x10/0x10
[  239.943428][T11330]  ieee80211_register_hw+0x2951/0x3fa0
[  239.945040][T11330]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  239.946705][T11330]  ? net_generic+0xea/0x2a0
[  239.948030][T11330]  ? lockdep_init_map_type+0x16d/0x7d0
[  239.949603][T11330]  ? rcu_is_watching+0x12/0xc0
[  239.951004][T11330]  ? trace_hrtimer_init+0x1a6/0x230
[  239.952502][T11330]  ? __hrtimer_init+0x106/0x2c0
[  239.953944][T11330]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  239.955588][T11330]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  239.957341][T11330]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  239.958857][T11330]  hwsim_new_radio_nl+0xb42/0x12b0
[  239.960330][T11330]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  239.961916][T11330]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  239.964019][T11330]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  239.966416][T11330]  genl_family_rcv_msg_doit+0x202/0x2f0
[  239.968003][T11330]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  239.969782][T11330]  ? genl_get_cmd+0x195/0x580
[  239.971159][T11330]  ? bpf_lsm_capable+0x9/0x10
[  239.972528][T11330]  ? security_capable+0x7e/0x260
[  239.973967][T11330]  ? ns_capable+0xd7/0x110
[  239.975255][T11330]  genl_rcv_msg+0x565/0x800
[  239.976587][T11330]  ? __pfx_genl_rcv_msg+0x10/0x10
[  239.978043][T11330]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  239.979630][T11330]  ? __pfx___lock_acquire+0x10/0x10
[  239.981127][T11330]  netlink_rcv_skb+0x165/0x410
[  239.982502][T11330]  ? __pfx_genl_rcv_msg+0x10/0x10
[  239.983960][T11330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  239.985541][T11330]  ? down_read+0xc9/0x330
[  239.986807][T11330]  ? __pfx_down_read+0x10/0x10
[  239.988191][T11330]  ? netlink_deliver_tap+0x1ae/0xca0
[  239.989712][T11330]  genl_rcv+0x28/0x40
[  239.990882][T11330]  netlink_unicast+0x53c/0x7f0
[  239.992275][T11330]  ? __pfx_netlink_unicast+0x10/0x10
[  239.993805][T11330]  ? __phys_addr_symbol+0x30/0x80
[  239.995323][T11330]  ? __check_object_size+0x488/0x710
[  239.996858][T11330]  netlink_sendmsg+0x8b8/0xd70
[  239.998240][T11330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.999761][T11330]  ____sys_sendmsg+0x9ae/0xb40
[  240.001122][T11330]  ? __pfx_____sys_sendmsg+0x10/0x10
[  240.002641][T11330]  ? get_compat_msghdr+0x11b/0x170
[  240.004140][T11330]  ___sys_sendmsg+0x135/0x1e0
[  240.005512][T11330]  ? __pfx____sys_sendmsg+0x10/0x10
[  240.007577][T11330]  ? __pfx_lock_release+0x10/0x10
[  240.009033][T11330]  ? trace_lock_acquire+0x14e/0x1f0
[  240.010539][T11330]  ? __fget_files+0x206/0x3a0
[  240.011971][T11330]  __sys_sendmsg+0x16e/0x220
[  240.013310][T11330]  ? __pfx___sys_sendmsg+0x10/0x10
[  240.014808][T11330]  ? __ia32_sys_futex_time32+0x1da/0x460
[  240.016455][T11330]  __do_fast_syscall_32+0x73/0x120
[  240.017933][T11330]  do_fast_syscall_32+0x32/0x80
[  240.019337][T11330]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.021162][T11330] RIP: 0023:0xf709e579
[  240.022335][T11330] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.028664][T11330] RSP: 002b:00000000f506f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  240.031046][T11330] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000040
[  240.033299][T11330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.035531][T11330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.037915][T11330] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  240.040185][T11330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.042453][T11330]  </TASK>
[  240.087298][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060303800: abort rx timeout. Force session deactivation
[  241.201587][T11353] netfs: Couldn't get user pages (rc=-14)
[  241.543574][T11370] program syz.2.1510 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  241.641706][ T5958] Bluetooth: hci4: command tx timeout
[  241.656391][T11371] syz.3.1511 (11371): drop_caches: 2
[  242.287961][T11383] 9pnet_fd: Insufficient options for proto=fd
[  242.677293][T11397] 9pnet_fd: p9_fd_create_unix (11397): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  242.762485][T11405] FAULT_INJECTION: forcing a failure.
[  242.762485][T11405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.792765][T11405] CPU: 3 UID: 0 PID: 11405 Comm: syz.2.1521 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  242.795856][T11405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.798933][T11405] Call Trace:
[  242.799906][T11405]  <TASK>
[  242.800772][T11405]  dump_stack_lvl+0x16c/0x1f0
[  242.802118][T11405]  should_fail_ex+0x497/0x5b0
[  242.803534][T11405]  _copy_from_user+0x2e/0xd0
[  242.804883][T11405]  kstrtouint_from_user+0xd7/0x1c0
[  242.806337][T11405]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  242.808010][T11405]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  242.809609][T11405]  proc_fail_nth_write+0x84/0x250
[  242.811071][T11405]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  242.812740][T11405]  ? ksys_write+0x12b/0x250
[  242.814075][T11405]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  242.815670][T11405]  vfs_write+0x24c/0x1150
[  242.816892][T11405]  ? __fget_files+0x1fc/0x3a0
[  242.818362][T11405]  ? __pfx___mutex_lock+0x10/0x10
[  242.819780][T11405]  ? __pfx_vfs_write+0x10/0x10
[  242.821141][T11405]  ? __fget_files+0x206/0x3a0
[  242.822465][T11405]  ksys_write+0x12b/0x250
[  242.823687][T11405]  ? __pfx_ksys_write+0x10/0x10
[  242.825074][T11405]  __do_fast_syscall_32+0x73/0x120
[  242.826576][T11405]  do_fast_syscall_32+0x32/0x80
[  242.827968][T11405]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.829741][T11405] RIP: 0023:0xf7f7f579
[  242.830903][T11405] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.836408][T11405] RSP: 002b:00000000f50d6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  242.838805][T11405] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f50d6620
[  242.840991][T11405] RDX: 0000000000000001 RSI: 00000000f7413ff4 RDI: 0000000000000000
[  242.843183][T11405] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  242.845430][T11405] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  242.847626][T11405] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.849885][T11405]  </TASK>
[  243.419043][T11423] program syz.4.1525 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  243.569691][T11426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1526'.
[  243.709322][T11435] lo speed is unknown, defaulting to 1000
[  243.879099][T11452] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  243.986975][T11460] tipc: Started in network mode
[  243.988660][T11460] tipc: Node identity f7, cluster identity 4711
[  243.990984][T11460] tipc: Node number set to 247
[  244.105710][T11467] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1539'.
[  244.963405][T11484] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1542'.
[  244.989904][T11488] net_ratelimit: 10 callbacks suppressed
[  244.989915][T11488] openvswitch: netlink: Actions may not be safe on all matching packets
[  245.661241][T11503] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  245.723612][T11516] program syz.0.1549 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  245.917172][T11532] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1551'.
[  245.952074][T11523] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1548'.
[  246.904676][T11591] lo speed is unknown, defaulting to 1000
[  247.148702][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  248.750068][T11616] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  248.758697][   T57] kernel write not supported for file /audio (pid: 57 comm: kworker/3:1)
[  248.849517][T11620] netlink: 'syz.0.1573': attribute type 3 has an invalid length.
[  248.851741][T11620] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1573'.
[  250.422622][T11667] netlink: 'syz.2.1583': attribute type 29 has an invalid length.
[  250.424950][T11667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1583'.
[  250.973052][T11690] netlink: 1220 bytes leftover after parsing attributes in process `syz.0.1590'.
[  250.976686][T11690] openvswitch: netlink: Missing key (keys=40, expected=80)
[  252.237324][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  252.971407][   T56] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  253.118733][   T56] usb 5-1: Using ep0 maxpacket: 8
[  253.123789][   T56] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  253.127453][   T56] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  253.130871][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.135208][   T56] usb 5-1: config 0 descriptor??
[  253.140792][   T56] iowarrior 5-1:0.0: no interrupt-in endpoint found
[  253.373971][ T5994] usb 5-1: USB disconnect, device number 7
[  253.582360][T11734] devtmpfs: Cannot change global quota limit on remount
[  253.587965][T11734] 9pnet_fd: Insufficient options for proto=fd
[  253.623259][T11738] lo speed is unknown, defaulting to 1000
[  253.670915][T11742] netlink: 'syz.2.1603': attribute type 4 has an invalid length.
[  253.734956][T11746] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  253.737570][T11746] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  253.800078][T11747] vcan0: tx drop: invalid da for name 0x0000000000000003
[  253.930335][   T56] libceph: connect (1)[c::]:6789 error -101
[  253.932193][   T56] libceph: mon0 (1)[c::]:6789 connect error
[  254.190637][   T56] libceph: connect (1)[c::]:6789 error -101
[  254.192649][   T56] libceph: mon0 (1)[c::]:6789 connect error
[  254.381953][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  254.390006][ T5963] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  254.395685][ T5963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  254.400019][ T5963] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  254.402901][ T5963] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  254.405529][ T5963] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  254.433689][T11770] lo speed is unknown, defaulting to 1000
[  254.541812][T11770] chnl_net:caif_netlink_parms(): no params data found
[  254.599230][T11770] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.601588][T11770] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.603953][T11770] bridge_slave_0: entered allmulticast mode
[  254.608207][T11770] bridge_slave_0: entered promiscuous mode
[  254.614288][T11770] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.616952][T11770] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.619963][T11770] bridge_slave_1: entered allmulticast mode
[  254.622898][T11770] bridge_slave_1: entered promiscuous mode
[  254.653997][T11770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  254.660695][T11770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.679115][T11759] ceph: No mds server is up or the cluster is laggy
[  254.727187][T11770] team0: Port device team_slave_0 added
[  254.730624][T11770] team0: Port device team_slave_1 added
[  254.764855][T11770] batman_adv: batadv0: Adding interface: batadv_slave_0
[  254.766868][T11770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.770560][T11786] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input22
[  254.774326][T11770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  254.781104][T11770] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.783343][T11770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  254.791814][T11770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.857558][T11770] hsr_slave_0: entered promiscuous mode
[  254.860675][T11770] hsr_slave_1: entered promiscuous mode
[  254.864689][T11770] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  254.866815][T11770] Cannot create hsr debugfs directory
[  255.005450][T11770] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  255.042516][T11770] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  255.046038][T11770] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  255.061759][T11770] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  255.080235][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  255.082082][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  255.100881][T11770] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.108176][T11770] 8021q: adding VLAN 0 to HW filter on device team0
[  255.112460][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.114543][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.120208][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.122264][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.150747][T11770] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  255.221590][T11770] 8021q: adding VLAN 0 to HW filter on device batadv0
[  255.318708][T11770] veth0_vlan: entered promiscuous mode
[  255.322381][T11770] veth1_vlan: entered promiscuous mode
[  255.333092][T11770] veth0_macvtap: entered promiscuous mode
[  255.336182][T11770] veth1_macvtap: entered promiscuous mode
[  255.344234][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.347253][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.350748][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.353752][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.356827][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.359960][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.362775][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  255.365754][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.369953][T11770] batman_adv: batadv0: Interface activated: batadv_slave_0
[  255.375693][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.379095][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.381853][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.384770][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.387520][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.390656][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.393457][T11770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  255.396418][T11770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.401143][T11770] batman_adv: batadv0: Interface activated: batadv_slave_1
[  255.405445][T11770] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.407926][T11770] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.410711][T11770] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.413226][T11770] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.442428][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.444768][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.455893][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.458285][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.580173][T11829] syzkaller1: entered promiscuous mode
[  255.581850][T11829] syzkaller1: entered allmulticast mode
[  256.428711][ T5958] Bluetooth: hci0: command tx timeout
[  256.699422][T11844] lo speed is unknown, defaulting to 1000
[  256.980171][   T57] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  257.128596][   T57] usb 7-1: Using ep0 maxpacket: 32
[  257.132129][   T57] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  257.134515][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  257.137383][   T57] usb 7-1: config 0 has no interfaces?
[  257.141119][   T57] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  257.143695][   T57] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  257.146073][   T57] usb 7-1: Product: syz
[  257.147281][   T57] usb 7-1: Manufacturer: syz
[  257.149065][   T57] usb 7-1: SerialNumber: syz
[  257.151693][   T57] usb 7-1: config 0 descriptor??
[  257.258614][   T35] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  257.362165][    T8] usb 7-1: USB disconnect, device number 20
[  257.418819][   T35] usb 9-1: Using ep0 maxpacket: 8
[  257.422490][   T35] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  257.425664][   T35] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  257.428244][   T35] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.431660][   T35] usb 9-1: config 0 descriptor??
[  257.648672][   T35] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  257.923299][T11870] veth0_to_bridge: entered promiscuous mode
[  257.934381][T11873] veth0_to_bridge: left promiscuous mode
[  257.968594][    T8] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  258.119539][    T8] usb 10-1: Using ep0 maxpacket: 8
[  258.124946][    T8] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  258.127887][    T8] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  258.130571][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.133663][    T8] usb 10-1: config 0 descriptor??
[  258.137494][    T8] iowarrior 10-1:0.0: no interrupt-in endpoint found
[  258.150161][T11877] 
[  258.150300][   T30] usb 9-1: USB disconnect, device number 2
[  258.150886][T11877] ======================================================
[  258.150893][T11877] WARNING: possible circular locking dependency detected
[  258.156939][T11877] 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0 Not tainted
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  258.159574][T11877] ------------------------------------------------------
[  258.162535][T11877] syz.0.1635/11877 is trying to acquire lock:
[  258.164250][T11877] ffff888023f9d0b8 (&eq->sysfs_lock){+.+.}-{4:4}, at: elevator_disable+0xb5/0x490
[  258.166952][T11877] 
[  258.166952][T11877] but task is already holding lock:
[  258.169006][T11877] ffff888044035de0 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x1460
[  258.171799][T11877] 
[  258.171799][T11877] which lock already depends on the new lock.
[  258.171799][T11877] 
[  258.174673][T11877] 
[  258.174673][T11877] the existing dependency chain (in reverse order) is:
[  258.177189][T11877] 
[  258.177189][T11877] -> #5 (&q->sysfs_lock){+.+.}-{4:4}:
[  258.179303][T11877]        __mutex_lock+0x19b/0xa60
[  258.180821][T11877]        __blk_mq_update_nr_hw_queues+0x446/0x1460
[  258.182659][T11877]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  258.184402][T11877]        nbd_start_device+0x15b/0xd70
[  258.185942][T11877]        nbd_ioctl+0x21a/0xfd0
[  258.187307][T11877]        compat_blkdev_ioctl+0x2f7/0x750
[  258.188904][T11877]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  258.190577][T11877]        __do_fast_syscall_32+0x73/0x120
[  258.192195][T11877]        do_fast_syscall_32+0x32/0x80
[  258.193716][T11877]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.195639][T11877] 
[  258.195639][T11877] -> #4 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  258.198080][T11877]        blk_mq_submit_bio+0x1fb6/0x24c0
[  258.199685][T11877]        __submit_bio+0x384/0x540
[  258.201134][T11877]        submit_bio_noacct_nocheck+0x698/0xd70
[  258.202847][T11877]        submit_bio_noacct+0x93a/0x1e20
[  258.204406][T11877]        mpage_readahead+0x41d/0x590
[  258.205895][T11877]        read_pages+0x1a8/0xdc0
[  258.207276][T11877]        page_cache_ra_unbounded+0x3dc/0x750
[  258.209018][T11877]        force_page_cache_ra+0x24b/0x340
[  258.210624][T11877]        page_cache_sync_ra+0x110/0x9c0
[  258.212195][T11877]        filemap_get_pages+0xd7b/0x1be0
[  258.213887][T11877]        filemap_read+0x3ca/0xd70
[  258.215350][T11877]        blkdev_read_iter+0x187/0x480
[  258.216878][T11877]        vfs_read+0x87f/0xbe0
[  258.218246][T11877]        ksys_read+0x12b/0x250
[  258.219735][T11877]        do_syscall_64+0xcd/0x250
[  258.221419][T11877]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.223343][T11877] 
[  258.223343][T11877] -> #3 (mapping.invalidate_lock#2){.+.+}-{4:4}:
[  258.225802][T11877]        down_read+0x9a/0x330
[  258.227217][T11877]        filemap_fault+0x2e0/0x2820
[  258.228899][T11877]        __do_fault+0x10a/0x490
[  258.230312][T11877]        do_pte_missing+0x99f/0x3e00
[  258.231860][T11877]        __handle_mm_fault+0x103c/0x2a40
[  258.233500][T11877]        handle_mm_fault+0x3fa/0xaa0
[  258.235034][T11877]        __get_user_pages+0x8d9/0x3b50
[  258.236611][T11877]        populate_vma_page_range+0x27f/0x3a0
[  258.238358][T11877]        __mm_populate+0x1d6/0x380
[  258.239875][T11877]        do_mlock+0x40a/0x7d0
[  258.241254][T11877]        __ia32_sys_mlock+0x57/0x80
[  258.242761][T11877]        __do_fast_syscall_32+0x73/0x120
[  258.244424][T11877]        do_fast_syscall_32+0x32/0x80
[  258.245981][T11877]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.247944][T11877] 
[  258.247944][T11877] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  258.250141][T11877]        __might_fault+0x11b/0x190
[  258.251639][T11877]        _copy_from_user+0x29/0xd0
[  258.253133][T11877]        compat_blk_trace_setup+0xc9/0x200
[  258.254834][T11877]        blk_trace_ioctl+0x24a/0x290
[  258.256366][T11877]        compat_blkdev_ioctl+0x13c/0x750
[  258.257990][T11877]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  258.259669][T11877]        __do_fast_syscall_32+0x73/0x120
[  258.261299][T11877]        do_fast_syscall_32+0x32/0x80
[  258.262852][T11877]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.264827][T11877] 
[  258.264827][T11877] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  258.267072][T11877]        __mutex_lock+0x19b/0xa60
[  258.268537][T11877]        blk_mq_exit_sched+0xd1/0x310
[  258.270098][T11877]        elevator_disable+0xc0/0x490
[  258.271637][T11877]        __blk_mq_update_nr_hw_queues+0x3bb/0x1460
[  258.273518][T11877]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  258.275265][T11877]        nbd_start_device+0x15b/0xd70
[  258.276832][T11877]        nbd_ioctl+0x21a/0xfd0
[  258.278205][T11877]        compat_blkdev_ioctl+0x2f7/0x750
[  258.280305][T11877]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  258.282378][T11877]        __do_fast_syscall_32+0x73/0x120
[  258.284339][T11877]        do_fast_syscall_32+0x32/0x80
[  258.285857][T11877]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.287794][T11877] 
[  258.287794][T11877] -> #0 (&eq->sysfs_lock){+.+.}-{4:4}:
[  258.289982][T11877]        __lock_acquire+0x249e/0x3c40
[  258.291527][T11877]        lock_acquire.part.0+0x11b/0x380
[  258.293145][T11877]        __mutex_lock+0x19b/0xa60
[  258.294601][T11877]        elevator_disable+0xb5/0x490
[  258.296136][T11877]        __blk_mq_update_nr_hw_queues+0x3bb/0x1460
[  258.297988][T11877]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  258.299730][T11877]        nbd_start_device+0x15b/0xd70
[  258.301278][T11877]        nbd_ioctl+0x21a/0xfd0
[  258.302656][T11877]        compat_blkdev_ioctl+0x2f7/0x750
[  258.304285][T11877]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  258.305959][T11877]        __do_fast_syscall_32+0x73/0x120
[  258.307575][T11877]        do_fast_syscall_32+0x32/0x80
[  258.309129][T11877]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.311099][T11877] 
[  258.311099][T11877] other info that might help us debug this:
[  258.311099][T11877] 
[  258.314005][T11877] Chain exists of:
[  258.314005][T11877]   &eq->sysfs_lock --> &q->q_usage_counter(io)#52 --> &q->sysfs_lock
[  258.314005][T11877] 
[  258.317920][T11877]  Possible unsafe locking scenario:
[  258.317920][T11877] 
[  258.320039][T11877]        CPU0                    CPU1
[  258.321596][T11877]        ----                    ----
[  258.323134][T11877]   lock(&q->sysfs_lock);
[  258.324393][T11877]                                lock(&q->q_usage_counter(io)#52);
[  258.326645][T11877]                                lock(&q->sysfs_lock);
[  258.328604][T11877]   lock(&eq->sysfs_lock);
[  258.329910][T11877] 
[  258.329910][T11877]  *** DEADLOCK ***
[  258.329910][T11877] 
[  258.332230][T11877] 5 locks held by syz.0.1635/11877:
[  258.333730][T11877]  #0: ffff888023f97998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xfd0
[  258.336385][T11877]  #1: ffff888023f978d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x20/0x40
[  258.339432][T11877]  #2: ffff8880440358b0 (&q->q_usage_counter(io)#49){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x1460
[  258.342831][T11877]  #3: ffff8880440358e8 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x1460
[  258.346270][T11877]  #4: ffff888044035de0 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x1460
[  258.349327][T11877] 
[  258.349327][T11877] stack backtrace:
[  258.351033][T11877] CPU: 3 UID: 0 PID: 11877 Comm: syz.0.1635 Not tainted 6.13.0-rc7-syzkaller-00039-gc3812b15000c #0
[  258.354088][T11877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  258.357145][T11877] Call Trace:
[  258.358112][T11877]  <TASK>
[  258.358968][T11877]  dump_stack_lvl+0x116/0x1f0
[  258.360345][T11877]  print_circular_bug+0x41c/0x610
[  258.361809][T11877]  check_noncircular+0x31a/0x400
[  258.363253][T11877]  ? __pfx_check_noncircular+0x10/0x10
[  258.364835][T11877]  ? lockdep_lock+0xc6/0x200
[  258.366167][T11877]  ? __pfx_lockdep_lock+0x10/0x10
[  258.367614][T11877]  ? __lock_acquire+0xcc5/0x3c40
[  258.369045][T11877]  __lock_acquire+0x249e/0x3c40
[  258.370447][T11877]  ? __pfx___lock_acquire+0x10/0x10
[  258.371944][T11877]  ? find_held_lock+0x2d/0x110
[  258.373355][T11877]  lock_acquire.part.0+0x11b/0x380
[  258.374833][T11877]  ? elevator_disable+0xb5/0x490
[  258.376274][T11877]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  258.377885][T11877]  ? rcu_is_watching+0x12/0xc0
[  258.379266][T11877]  ? trace_lock_acquire+0x14e/0x1f0
[  258.380781][T11877]  ? elevator_disable+0xb5/0x490
[  258.382215][T11877]  ? lock_acquire+0x2f/0xb0
[  258.383538][T11877]  ? elevator_disable+0xb5/0x490
[  258.384977][T11877]  __mutex_lock+0x19b/0xa60
[  258.386296][T11877]  ? elevator_disable+0xb5/0x490
[  258.387727][T11877]  ? elevator_disable+0xb5/0x490
[  258.389171][T11877]  ? __pfx___mutex_lock+0x10/0x10
[  258.390634][T11877]  ? __pfx_blk_mq_sched_free_rqs+0x10/0x10
[  258.392313][T11877]  ? mark_held_locks+0x9f/0xe0
[  258.393710][T11877]  ? elevator_disable+0xb5/0x490
[  258.395148][T11877]  elevator_disable+0xb5/0x490
[  258.396538][T11877]  __blk_mq_update_nr_hw_queues+0x3bb/0x1460
[  258.398265][T11877]  ? lock_acquire.part.0+0x11b/0x380
[  258.399789][T11877]  ? __mutex_trylock_common+0xea/0x250
[  258.401359][T11877]  ? __pfx___mutex_trylock_common+0x10/0x10
[  258.403049][T11877]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  258.404701][T11877]  ? rcu_is_watching+0x12/0xc0
[  258.406266][T11877]  ? __pfx___blk_mq_update_nr_hw_queues+0x10/0x10
[  258.408643][T11877]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  258.410754][T11877]  ? __pfx___mutex_lock+0x10/0x10
[  258.412624][T11877]  ? lockdep_hardirqs_on+0x7c/0x110
[  258.414548][T11877]  ? __mutex_lock+0x1cc/0xa60
[  258.416309][T11877]  ? nbd_ioctl+0x151/0xfd0
[  258.417976][T11877]  ? __pfx___mutex_lock+0x10/0x10
[  258.419854][T11877]  blk_mq_update_nr_hw_queues+0x2a/0x40
[  258.421910][T11877]  nbd_start_device+0x15b/0xd70
[  258.423717][T11877]  ? bpf_lsm_capable+0x9/0x10
[  258.425089][T11877]  nbd_ioctl+0x21a/0xfd0
[  258.426324][T11877]  ? __pfx_nbd_ioctl+0x10/0x10
[  258.427707][T11877]  ? __pfx_lock_release+0x10/0x10
[  258.429167][T11877]  ? trace_lock_acquire+0x14e/0x1f0
[  258.430684][T11877]  ? __pfx_nbd_ioctl+0x10/0x10
[  258.432058][T11877]  compat_blkdev_ioctl+0x2f7/0x750
[  258.433547][T11877]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  258.435161][T11877]  ? __fget_files+0x206/0x3a0
[  258.436608][T11877]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  258.438264][T11877]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  258.439799][T11877]  __do_fast_syscall_32+0x73/0x120
[  258.441286][T11877]  do_fast_syscall_32+0x32/0x80
[  258.442695][T11877]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.444544][T11877] RIP: 0023:0xf706e579
[  258.445724][T11877] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  258.451161][T11877] RSP: 002b:00000000f503f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  258.453614][T11877] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ab03
[  258.456374][T11877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  258.459261][T11877] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.462199][T11877] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  258.464442][T11877] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.466724][T11877]  </TASK>
[  258.516837][ T5958] Bluetooth: hci0: command tx timeout
[  258.559026][T11877] block nbd0: shutting down sockets
[  258.598822][T11880] bond0: (slave syz_tun): Releasing backup interface
[  258.951771][ T6931] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.070532][ T6931] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.190413][ T6931] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.259231][   T35] usb 10-1: USB disconnect, device number 2
[  259.290583][ T6931] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.382727][ T6931] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.433912][ T6931] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.502121][ T6931] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.577698][ T6931] bond0: (slave netdevsim0): Releasing backup interface
[  259.581132][ T6931] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.660972][ T6931] bridge_slave_1: left allmulticast mode
[  259.662495][ T6931] bridge_slave_1: left promiscuous mode
[  259.664005][ T6931] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.666580][ T6931] bridge_slave_0: left allmulticast mode
[  259.668214][ T6931] bridge_slave_0: left promiscuous mode
[  259.670475][ T6931] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.676101][ T6931] bridge_slave_1: left allmulticast mode
[  259.677577][ T6931] bridge_slave_1: left promiscuous mode
[  259.679804][ T6931] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.682230][ T6931] bridge_slave_0: left allmulticast mode
[  259.683705][ T6931] bridge_slave_0: left promiscuous mode
[  259.685298][ T6931] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.720609][ T6931] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  259.723176][ T6931] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  260.051822][ T6931] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.055221][ T6931] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.058244][ T6931] bond0 (unregistering): Released all slaves
[  260.135460][ T6931] bond1 (unregistering): Released all slaves
[  260.142945][ T6931] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.147002][ T6931] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.150963][ T6931] bond0 (unregistering): Released all slaves
[  260.157853][ T6931] bond1 (unregistering): Released all slaves
[  260.236860][ T6931] bond2 (unregistering): (slave veth5): Releasing active interface
[  260.239925][ T6931] bond2 (unregistering): Released all slaves
[  260.654092][ T6931] hsr_slave_0: left promiscuous mode
[  260.658607][ T6931] hsr_slave_1: left promiscuous mode
[  260.660484][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.662518][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.664717][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.666805][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.672281][ T6931] hsr_slave_0: left promiscuous mode
[  260.674108][ T6931] hsr_slave_1: left promiscuous mode
[  260.675850][ T6931] batman_adv: batadv0: Removing interface: team0
[  260.677844][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.680350][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.683337][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.686084][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.692678][ T6931] veth1_macvtap: left promiscuous mode
[  260.694731][ T6931] veth0_macvtap: left promiscuous mode
[  260.696790][ T6931] veth1_vlan: left promiscuous mode
[  260.699093][ T6931] veth0_vlan: left promiscuous mode
[  260.704393][ T6931] veth1_macvtap: left promiscuous mode
[  260.705942][ T6931] veth0_macvtap: left promiscuous mode
[  260.707466][ T6931] veth1_vlan: left promiscuous mode
[  260.708946][ T6931] veth0_vlan: left promiscuous mode
[  260.898607][ T6931] team0 (unregistering): Port device team_slave_1 removed
[  260.943483][ T6931] team0 (unregistering): Port device team_slave_0 removed
[  261.410433][ T6931] team0 (unregistering): Port device team_slave_1 removed
[  261.450529][ T6931] team0 (unregistering): Port device team_slave_0 removed
[  262.242551][ T6931] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.320838][ T6931] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.392023][ T6931] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.471134][ T6931] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.553136][ T6931] bridge_slave_1: left allmulticast mode
[  262.554804][ T6931] bridge_slave_1: left promiscuous mode
[  262.556462][ T6931] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.559216][ T6931] bridge_slave_0: left allmulticast mode
[  262.560866][ T6931] bridge_slave_0: left promiscuous mode
[  262.562500][ T6931] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.652278][ T6931] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.655628][ T6931] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.658849][ T6931] bond0 (unregistering): Released all slaves
[  262.897156][ T6931] hsr_slave_0: left promiscuous mode
[  262.899759][ T6931] hsr_slave_1: left promiscuous mode
[  262.902196][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.904959][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.907959][ T6931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.911291][ T6931] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.915609][ T6931] veth1_macvtap: left promiscuous mode
[  262.917759][ T6931] veth0_macvtap: left promiscuous mode
[  262.919869][ T6931] veth1_vlan: left promiscuous mode
[  262.921502][ T6931] veth0_vlan: left promiscuous mode
[  263.099626][ T6931] team0 (unregistering): Port device team_slave_1 removed
[  263.142771][ T6931] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
07:17:54  Registers:
info registers vcpu 0

CPU#0
RAX=fffffbfff2039edb RBX=fffffbfff2039edb RCX=ffffffff817649e9 RDX=fffffbfff2039edb
RSI=0000000000000008 RDI=ffffffff901cf6d0 RBP=fffffbfff2039eda RSP=ffffc90002b7f700
R8 =0000000000000000 R9 =fffffbfff2039eda R10=ffffffff901cf6d7 R11=0000000000005baf
R12=ffffffff8ddbac80 R13=0000000000000008 R14=0000000000000001 R15=ffffc90002b7fcb8
RIP=ffffffff81fbb91f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f56e40 CR3=000000004a02a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73f3ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffff888043bb9d60 RCX=ffffffff82384f16 RDX=1ffff110087773b9
RSI=ffffffff82384f23 RDI=ffff888043bb9dc8 RBP=0000000000000000 RSP=ffffc90003fcf998
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=00000000000a2001
R12=0000000000000004 R13=ffffc90003fcfc68 R14=ffffc90003fcfc40 R15=ffff88806f4b442d
RIP=ffffffff82384f3c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f417deaa280 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020000080 CR3=000000004b8b0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000001000 Opmask01=00000000000003ff Opmask02=00000000010003ff Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb1296740 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464646464646464 6464646464646464
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff ffffff00ffffff00
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64695f6273752d6e 69746c6975622d76 6564750073726f74 706972637365642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 414c5f475650084b 4c51494c50470853 4041500056574a51 554c57465640410a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000003f1 0000000000000034 2e6463685f796d6d 75642f6d726f6674
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d002a5d392d305b 7466717761726e00 2a5d392d305b7466 717761003100312d
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3b3b263849263b 49263a49264c4826 4f48264e48264948 264848264b482633
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f7fdfff7d7f7fff 7f7dbf7fffffffff fffbf7fe6d7f7fdf 7f3fef7f7f777eef
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a754b7404eab6 0a0a0a0a0a0a0a0a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4954444900494d 4449004743454857 5355504e494e4449 0049004448414442
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 004954444900494d 44000000432f482f 5355504e494e4449 0049004400412f42
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0001a0ac40982313 RCX=ffff88801efda530 RDX=dffffc0000000000
RSI=ffff88802b63edc0 RDI=ffff88801efda530 RBP=ffff88801efda4c0 RSP=ffffc90002e8fae8
R8 =ffff88801efda4c0 R9 =00000000000001d7 R10=ffffffff901cf6d7 R11=0000000000000001
R12=0000000000015ced R13=0000000000000234 R14=0000000000015ab9 R15=ffff88802b63edc0
RIP=ffffffff816c5914 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002036b000 CR3=000000002908c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85145da5 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90003f4efd0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff85145d40 R15=0000000000000000
RIP=ffffffff85145dcf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020024000 CR3=0000000060a76000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000