last executing test programs:

1m49.703455827s ago: executing program 2 (id=116):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$inet6_int(r0, 0x29, 0x35, 0x0, &(0x7f0000000100))
sched_setaffinity(0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x30002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$CDROMREADAUDIO(r3, 0x530e, &(0x7f0000000180)={@lba=0x8000000, 0x1, 0x37, &(0x7f0000000000)=""/55})

1m48.765803873s ago: executing program 2 (id=118):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000005280)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffc}, 0x1c, 0x0}}], 0x1, 0x44)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
io_setup(0x23, &(0x7f00000001c0)=<r2=>0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000000500000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
ioctl$BINDER_WRITE_READ(r3, 0x40046208, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@filter={'filter\x00', 0x2, 0x4, 0x5b0, 0xffffffff, 0x0, 0x2e8, 0xc8, 0xfeffffff, 0xffffffff, 0x4e8, 0x4e8, 0x4e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [0x0, 0x0, 0xff, 0xffffff00], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'\x00', {0x4000000000004, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c, 0x0, 0xb440adbb44d53f72}, {0x40}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@ipv6={@mcast1, @loopback, [0xff000000, 0xff, 0xff, 0xff000000], [0x0, 0xffffff00, 0xff000000, 0xffffff00], 'veth1_vlan\x00', 'erspan0\x00', {}, {}, 0x88, 0x0, 0x4, 0x8}, 0x0, 0x1dc, 0x200, 0x0, {}, [@common=@rt={{0x138}, {0x6, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0xfc, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @dev={0xfe, 0x80, '\x00', 0x3b}, @remote, @local, @dev={0xfe, 0x80, '\x00', 0x26}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x60c)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x0, 0x0, 0xd, 0x1, 0x200, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x100, {0x7a, 0x0, 0x0, 0x0, 0x41002, 0x408}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x2}]}}}]}, 0x3c}}, 0x0)

1m47.735455559s ago: executing program 2 (id=123):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r1, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES16=r0, @ANYBLOB="eeddc7df10f85881e6c700e6ce2db3bf11047f864b202a011d8e631256b68f93e69999f19571b35c828f234fc64b339177fe5466994d437c84d857358c14d98e08f4eea90c64a621c3c60a49723e87349df47846b2083eef9fb69a1c954d"], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f0000000300)={{0x1, 0x2}})
sched_getattr(r6, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)

1m46.673807333s ago: executing program 2 (id=126):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="180100003c000701000000001df1113f00000000017cfc8000007e00", @ANYRES32=r1, @ANYBLOB="446e5886a35fa82a28f9ff166bdc68fa1912dc70726f5a2bc66278db01733cdc6f73ff9257de307af6409eb955c4335b1fb8a901378031e68fce8fe2dc4ac0f6bec2c199d2196f9c71fe6f88be38dd5f9852f30ce31c378c1dbac5c63cdd4e6cb8034c2d8911a5607e5be4150c00018006000600800a0000e326df25363e78bbe409b9a473ec6290864010fdb11a0ad750be2128d68e667e25871bab26070aaac4cfd502462f76cf612bde60a5b95616a537192e60f3c9ad40fee3fcc6a27cc7f5609274a8428dd331479669d3e9e2981c4939d68fa6b7a0078c807b5fd6079691f063f660ce9a1e7abd7e1ee769ba6a7e02ae9b4594883b7f7bef1bd909e0f1379cf413cc80102038a4aefb787eb6853340778d0b63e143a6d8677db9eff88cd6b9b83214e9ffb889a884fa9602f5a1290dbdc0f547c306d0f5df9ecd77bfcf8b23f452044c31ddb9573279b82d63fa62c557724531c8d69831a04d08fd6379306f8c7260fe0700", @ANYRES32=r0, @ANYBLOB], 0x118}, 0x1, 0x0, 0x0, 0x94}, 0xc010)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = fsmount(0xffffffffffffffff, 0x0, 0x0)
readlinkat(r2, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/204, 0xcc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x200000000000009d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = syz_io_uring_setup(0x0, &(0x7f0000000300)={0x0, 0x4a39, 0x10100, 0x3, 0x33a}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}, 0x1, 0x0, 0x0, 0xc041}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000002d01010026bd7000fcdbdf25040000000c000c000100000001000000"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000804)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r9}})
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840), 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b705000000000000850000009400000095"], &(0x7f0000000040)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000800)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x48, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x24048444}, 0x40)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0xc005}, 0x48884)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents(r13, 0x0, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001", @ANYRESHEX=r13], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYRES16=r3], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

1m46.583020315s ago: executing program 2 (id=129):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/reserved_size', 0x149a82, 0x1a1)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000380)='\f', 0x1}], 0x1)
r3 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x100, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0x10000}, 0x1c)
close(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x30, r1, 0x6b322000)
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000140)={{0xd1d, 0x2a}, 0x10}, 0x10)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x901)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, &(0x7f0000000100)={0x1, r0, 0x1})
mount$bind(&(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000400)='./file0/file1\x00', 0x0, 0x31b3802, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

1m46.465240276s ago: executing program 2 (id=130):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/dev_mcast\x00')
read$FUSE(r2, &(0x7f0000000400)={0x2020}, 0x2020)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
r3 = syz_open_dev$rtc(&(0x7f00000004c0), 0x0, 0x0)
ioctl$RTC_PIE_ON(r3, 0x40187014) (async, rerun: 32)
ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000040)={{r0}, 0x1, &(0x7f0000000000)=[0x2], 0xcc, 0x9, 0x1}) (async, rerun: 32)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x240, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, 0x0) (rerun: 64)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000440)={0x1, @pix_mp={0x66, 0x1, 0x3031334d, 0x3, 0xa, [{0x5, 0x6}, {0x2, 0x2}, {0x3, 0x411}, {0x10001, 0x8}, {0x6, 0x8}, {0x4, 0xd}, {0x8, 0xfffffff8}, {0x5, 0x40}], 0xc, 0x2, 0x0, 0x0, 0x2}}) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000300)="03f6f19a0d084c750059847e72aea4c1", 0x10)
setsockopt$sock_int(r4, 0x1, 0x20, &(0x7f0000000340)=0x5c7, 0x4) (async)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000240), 0x10, 0x80100) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="f4ffffffffffffff410101c0"]) (async)
r8 = openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, 0x0) (async)
r9 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81}) (async)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

1m31.425177128s ago: executing program 32 (id=130):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/dev_mcast\x00')
read$FUSE(r2, &(0x7f0000000400)={0x2020}, 0x2020)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
r3 = syz_open_dev$rtc(&(0x7f00000004c0), 0x0, 0x0)
ioctl$RTC_PIE_ON(r3, 0x40187014) (async, rerun: 32)
ioctl$BTRFS_IOC_SEND(r1, 0x40489426, &(0x7f0000000040)={{r0}, 0x1, &(0x7f0000000000)=[0x2], 0xcc, 0x9, 0x1}) (async, rerun: 32)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x240, 0x0) (async, rerun: 64)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, 0x0) (rerun: 64)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000440)={0x1, @pix_mp={0x66, 0x1, 0x3031334d, 0x3, 0xa, [{0x5, 0x6}, {0x2, 0x2}, {0x3, 0x411}, {0x10001, 0x8}, {0x6, 0x8}, {0x4, 0xd}, {0x8, 0xfffffff8}, {0x5, 0x40}], 0xc, 0x2, 0x0, 0x0, 0x2}}) (async)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000300)="03f6f19a0d084c750059847e72aea4c1", 0x10)
setsockopt$sock_int(r4, 0x1, 0x20, &(0x7f0000000340)=0x5c7, 0x4) (async)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000240), 0x10, 0x80100) (async)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="f4ffffffffffffff410101c0"]) (async)
r8 = openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r8, 0xc0405602, 0x0) (async)
r9 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x81}) (async)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

29.121742258s ago: executing program 4 (id=664):
mknod$loop(0x0, 0x10, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000180)=0x2000000)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00 \x00', @ANYRES16=r3, @ANYBLOB="010000000000fcdbdf250100000008000100000000000400048008000200010000001c0008800c00078008000500000000000c0007800800050000000000"], 0x44}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0xbc, r4, 0x20, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x2a, 0x7, 'system_u:object_r:audisp_var_run_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_SECCTX={0x2f, 0x7, 'system_u:object_r:xserver_misc_device_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_hsr\x00'}]}, 0xbc}, 0x1, 0x0, 0x0, 0x80d0}, 0x40044011)
kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup/syz0\x00', 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
sync()
r7 = socket$inet6(0xa, 0x80002, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80882, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

28.062173781s ago: executing program 4 (id=669):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), r0)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00'})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x2c, r3, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_KEY={0xc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0xfffffffffffffeff}]}]}, 0x2c}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x58, r5, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x38, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x20, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x9}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000010}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x50)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r7, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40)={r7}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000a40)={r7}, 0x4)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r8) (async)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r8)
sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010026bd7000fedbdf250600000008000300fed0b12e08000100", @ANYRES32=0x0, @ANYBLOB="42e8890d50039f390773c2b2ba6ba5e3375e28c36689566c59fa8c238c647d5d75678b03605dce7695cb9b27aa745f1fe3617de99fe53c0e2c9fcd813a0ce7064eb3a95c1ce89a4e411f9c2bcbc56dabdc83c3df52b3747aa4"], 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x8004) (async)
sendmsg$NFC_CMD_START_POLL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010026bd7000fedbdf250600000008000300fed0b12e08000100", @ANYRES32=0x0, @ANYBLOB="42e8890d50039f390773c2b2ba6ba5e3375e28c36689566c59fa8c238c647d5d75678b03605dce7695cb9b27aa745f1fe3617de99fe53c0e2c9fcd813a0ce7064eb3a95c1ce89a4e411f9c2bcbc56dabdc83c3df52b3747aa4"], 0x24}, 0x1, 0x0, 0x0, 0x40c1}, 0x8004)
sendmsg$NFC_CMD_GET_TARGET(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r9, 0x610, 0x70bd27, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2000c011}, 0x1)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r4)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)={0x20, r10, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x100}}]}, 0x20}}, 0x0) (async)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)={0x20, r10, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x100}}]}, 0x20}}, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0x5)
r11 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r12=>0x0, &(0x7f0000000000)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r12, r13, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r11, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_SECCTX={0x28, 0x7, 'system_u:object_r:clock_device_t:s0\x00'}]}, 0x3c}, 0x2, 0x34005, 0x0, 0x400c800}, 0x0)

27.921367386s ago: executing program 4 (id=670):
r0 = socket$inet(0xa, 0x801, 0x84)
listen(r0, 0x208)
shutdown(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x3, 0x9a, 0x4, 0xffffd2b9}]})
r1 = creat(&(0x7f0000000140)='./bus\x00', 0xc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x0, 0x48)
open_by_handle_at(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="080000007c6c8f4c0000000000000000"], 0x2c480)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x34, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x8}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x400c084)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
write$P9_RATTACH(r1, &(0x7f0000000040)={0x14, 0x69, 0x2, {0x8}}, 0x14)
ioctl$VIDIOC_QBUF(r7, 0xc058ff0b, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

26.094674144s ago: executing program 4 (id=677):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', r0, &(0x7f0000000180)='./file0\x00', 0xa6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000), 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000434000/0x2000)=nil, 0x2000, 0xb635773f05ebbee2, 0x2010, r0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000013c0)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000f8eb608d8420020000000000ff070e00"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1c, 0x1, &(0x7f0000000340)=@raw=[@alu], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x1bb9, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r1}})
io_setup(0x1, &(0x7f0000000000)=<r10=>0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x101000, 0x40)
io_submit(r10, 0x1, &(0x7f0000000a40)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfff, r11, &(0x7f0000000300)="e83924", 0x3}])
fsopen(&(0x7f0000000040)='qnx4\x00', 0x0)

25.135271471s ago: executing program 4 (id=685):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x5c, 0x19, 0x1, 0x0, 0x25dfdbfb, {0x1d, 0xd601, 0x9}, [@nested={0x48, 0x12, 0x0, 0x1, [@nested={0x44, 0xd7, 0x0, 0x1, [@nested={0x38, 0xb8, 0x0, 0x1, [@typed={0x8, 0x11d, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x58, 0x0, 0x0, @uid}, @nested={0x4, 0x96}, @typed={0x4, 0x14e}, @typed={0x8, 0x8d, 0x0, 0x0, @uid}, @typed={0x14, 0x12c, 0x0, 0x0, @ipv6=@local}]}, @typed={0x8, 0xf4, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x5}, 0x0)

25.000789415s ago: executing program 4 (id=687):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newchain={0x34, 0x64, 0x2, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0xa, 0xffff}, {0xa, 0x8fb96ccf8172f247}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x40, 0x6}}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000600)) (async)
r5 = socket$packet(0x11, 0x2, 0x300) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES32=0x0], 0x30}}, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x1, 0x0, 0x4}, 0x0) (async)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100)) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) (async)
recvmmsg$unix(r8, &(0x7f0000003100)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x0, 0x28}}], 0x1, 0x0, 0x0) (async)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

24.90710507s ago: executing program 33 (id=687):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newchain={0x34, 0x64, 0x2, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0xa, 0xffff}, {0xa, 0x8fb96ccf8172f247}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x40, 0x6}}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000600)) (async)
r5 = socket$packet(0x11, 0x2, 0x300) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYRES32=r1, @ANYRES32=0x0], 0x30}}, 0x0)
recvmmsg(r5, &(0x7f0000000480), 0x0, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x1, 0x0, 0x4}, 0x0) (async)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100)) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) (async)
recvmmsg$unix(r8, &(0x7f0000003100)=[{{&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1, 0x0, 0x28}}], 0x1, 0x0, 0x0) (async)
sendmmsg(r8, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

2.529614774s ago: executing program 1 (id=829):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000400)={@broadcast, @broadcast, <r2=>0x0}, &(0x7f0000000140)=0xc)
r3 = io_uring_setup(0x4c4a, &(0x7f0000000300)={0x0, 0x2066, 0x1000, 0x2, 0x232})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, 0x0, 0x1e) (async)
r5 = syz_io_uring_setup(0x692, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x2b4, 0x0, r3}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0) (async)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
sendmsg$nl_generic(r8, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x14\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r8}]}, 0x24}}, 0x0) (async)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_RENAMEAT={0x23, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1}) (async)
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0xc8, 0x24, 0x20, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {0xfff1, 0x8}, {0xffff, 0x6165c5453d60890e}}, [@TCA_STAB={0x34, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x1, 0x0, 0x9, 0x0, 0x100, 0x4, 0x8}}, {0x14, 0x2, [0x3ff, 0x8, 0x3, 0xaeb2, 0x8, 0x200, 0x3, 0x6]}}]}, @TCA_RATE={0x6, 0x5, {0x6, 0x3e}}, @TCA_STAB={0x50, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xf, 0x80, 0x8, 0x8, 0x2, 0x1, 0xc, 0x2}}, {0x8, 0x2, [0x200, 0x5]}}, {{0x1c, 0x1, {0xfb, 0x9c, 0x401, 0x1, 0x2, 0x6, 0x7, 0x4}}, {0xc, 0x2, [0x8001, 0xb, 0x80, 0x3]}}]}, @TCA_EGRESS_BLOCK={0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}]}, 0xc8}}, 0x20000008)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="180100001f00010000000000000000000501008014000300fc010000000000000000000000000000140001"], 0x118}], 0x1}, 0x0)

2.490626585s ago: executing program 1 (id=830):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r2, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0xfffffffc, 0x0, r4}, &(0x7f0000000600)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0xacf, 0x78c, 0x8, 0x0, 0x0)
r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r8, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.486439251s ago: executing program 5 (id=831):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x4, 0x28}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xffffffffffffff64, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0xffffffffffffffff, 0x803, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
epoll_create1(0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, 0x0)
sendto$inet(r4, &(0x7f0000001600)="09268a927f1f6588b967481241ba7860fcfaf65ac635ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcec8044ab4ea6f7ae55d88fecf90b1a7511bf746b152124eb38d6c7a207112eb1bf554bc070626792d394df5adf7355fa5f8deb9db3da042d88", 0xfdef, 0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
io_uring_enter(r5, 0x6e2, 0x620, 0x1, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)

2.247086747s ago: executing program 0 (id=832):
socket$inet(0x2, 0x2, 0x0) (async)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r0, 0x1, 0x28, &(0x7f00000003c0)=0x5, 0x4) (async, rerun: 64)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (rerun: 64)
write(r0, &(0x7f00000002c0)="23000000010006", 0x7) (async)
r1 = socket$inet6(0xa, 0x4, 0x7)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x7fff, @loopback}, 0x1c) (async, rerun: 32)
r2 = socket$netlink(0x10, 0x3, 0x10) (async)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, 0x0, 0x0) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000140)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) (async)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 64)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRES64], 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x4040044) (async, rerun: 64)
recvmmsg(r7, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000780)=""/260, 0x104}, {&(0x7f0000000000)=""/32, 0x20}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000017c0)=""/220, 0xdc}, {&(0x7f0000000f40)=""/218, 0xda}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}], 0x8}, 0x80000002}], 0x4, 0x0, 0x0) (async, rerun: 64)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000240)="6848b2796acd812dce3d01d190a3cab1e8ce", 0x12}], 0x2}, 0x0) (async)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x3c, r9, 0xd01, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x851}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r11, @ANYBLOB="08002600940900000400b8000800b70099000000"], 0x30}}, 0x0) (async, rerun: 64)
r12 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8) (rerun: 64)
sendfile(r0, r12, 0x0, 0x1)

2.187748897s ago: executing program 0 (id=833):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x5, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x2}, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}, {0x0, [0x0, 0x51, 0x2e]}}, &(0x7f00000005c0)=""/240, 0x41, 0xf0, 0x1}, 0x28)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8}, @NFTA_NG_DREG={0x8}, @NFTA_NG_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0xffffffd9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
getsockopt(r0, 0xeb, 0x10, &(0x7f0000000340)=""/45, &(0x7f0000000400)=0x2d)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000340)="07000000010001", 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)

2.184118066s ago: executing program 0 (id=834):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227000100000000090400fb015cc7aa00090509"], 0x0) (async)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00)
syz_usb_disconnect(r0)
socket(0x40000000015, 0x5, 0x0) (async)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000140)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x23}}]}}, 0x0)

1.78561618s ago: executing program 3 (id=835):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
r1 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xc, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0cba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34201113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed00083fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f61e00"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r1, 0x80045510, &(0x7f0000000000))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="60000000020601046c0001000000000000000000050005000a000000050001000600000005000400000000000900020073797a3000000000140003"], 0x60}}, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
read$qrtrtun(r3, 0x0, 0xeffd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000180)=r8, 0x4)
sendmsg$unix(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB="cf702e8cf675aaaaaaaaaabb86dd6000000000303afffe880000000000000000000000000001ff0200000000000000000000000000018900907800000000fe800000000000000000000000000000fe8000000000000000000000000000000201703b744dc5c6b54e4278adc038f73ebc1156498d9514a54e1890fc5bb9d3ec38396d48c5f75727601d2644b88fc2c415a3cfde56f252672330b4d8af40e74aac21f113d6c7d60b1399f20cb7fe9a2c2c7360f8c8a23c93cd553688b2cfcfec96743ea89e5a5eb90010f5b31ef5be13caca6975b6c9a83d3b6122baf36b554aae24c1dad6fd6f13db"], 0x0)

1.579518777s ago: executing program 1 (id=836):
r0 = openat$autofs(0xffffff9c, &(0x7f00000000c0), 0x2180, 0x0) (async, rerun: 32)
r1 = socket$key(0xf, 0x3, 0x2) (rerun: 32)
sendmsg$key(r1, &(0x7f0000000000)={0x400000000000000, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x1, 0x0, 0x2, 0x2}, 0x10}}, 0x0) (async, rerun: 32)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) (rerun: 32)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
bind$netlink(r2, 0x0, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 64)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x3, 0x169, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0) (async, rerun: 64)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r8}, 0x90)
signalfd(0xffffffffffffffff, 0x0, 0x0) (async)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x708, 0x41e3, 0x0, 0x0, 0x0) (async, rerun: 64)
pipe(&(0x7f0000000200)={<r9=>0xffffffffffffffff}) (rerun: 64)
r10 = memfd_create(&(0x7f0000000080), 0x0)
splice(r9, 0x0, r10, 0x0, 0x408cd, 0x0) (async)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000000000010d21f066000000000000109020000092100000001220500090581039f00"], 0x0) (async)
r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r11, 0xffffffffffffffff, 0x0)

1.483784161s ago: executing program 3 (id=837):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000300), 0x2, 0x30000)
getrusage(0xffffffffffffffff, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000440)={0x2, 0x3}, 0x4)
socket(0x21, 0x1, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
syz_io_uring_setup(0x7bc6, &(0x7f0000000280)={0x0, 0x1c2a, 0x20, 0x0, 0xfffffffc, 0x0, r1}, &(0x7f0000000100), &(0x7f00000001c0))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000397000/0x2000)=nil, 0x2000, 0x1)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000080)={'veth0_vlan\x00', 0x200})
ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000005c0)={@null, 0x8005, 'lo\x00'})
openat$kvm(0xffffff9c, &(0x7f0000000180), 0x46100, 0x0)
keyctl$read(0x20, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000140), 0x8)
recvmsg$kcm(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{0x0}, {&(0x7f0000001e40)=""/4099, 0x1003}, {&(0x7f00000001c0)=""/32, 0x20}], 0x3, &(0x7f0000000240)=""/49, 0x31}, 0x2140)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYRESDEC], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
setreuid(0xee01, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000001600)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r5, &(0x7f0000000400)='ns\x00')

1.478685058s ago: executing program 1 (id=838):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000c, 0x8031, 0xffffffffffffffff, 0x6105d000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000c, 0x8031, 0xffffffffffffffff, 0x6105d000)
mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000000b000/0x3000)=nil)
mremap(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000008000/0x4000)=nil)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x4000010, r1, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x4000010, r1, 0x0)
unshare(0x6a040000)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) (async)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
syz_pidfd_open(r0, 0x0)
wait4(r0, 0x0, 0x40000000, 0x0)
accept4$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x10, 0x800) (async)
r2 = accept4$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x10, 0x800)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x74}, 0x1, 0x0, 0x0, 0x24040851}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc040ff0b, &(0x7f0000000000)) (async)
ioctl$FS_IOC_GETVERSION(r2, 0xc040ff0b, &(0x7f0000000000))

1.403994495s ago: executing program 5 (id=839):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
write(r0, &(0x7f0000000000), 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000002fc0)=""/4096, 0x1000}], 0x1, 0xcfd2, 0x10001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000080), 0x4)
sendmmsg$inet(r6, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r7)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f0000000080)=""/254, 0xfe, <r8=>0x0, &(0x7f0000000180)=""/31, 0x1f}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000600)=ANY=[@ANYRES16], 0x0, 0x204, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000400000000000000000000850000006900000095000000000000002dd0e000d58874fa32f0748017ed61f3be3b93a7fa93b8ebb66f0ef1ebb8cb8aa8d84ee3e925499949cf942d3b72e2bd183e7e7ffc8d14b55fd31974e94a662e552ed095b0fdbdc21765a7e6b89a83f455a4aeb332280c740e052a3739b58bc64c10e3da22a310cc932c5e70a87457c095bc0c29c8e9784f668c652932e1"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r9, 0x2f, 0x12, 0x0, &(0x7f0000000640)="c1dfb080cd21d308098e000081007e2288a8", 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r10 = socket$inet6(0x10, 0x3, 0x0)
ioctl$sock_SIOCOUTQNSD(r10, 0x894b, &(0x7f0000000040))

1.367446835s ago: executing program 3 (id=840):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = gettid() (rerun: 32)
ioperm(0x2, 0x7, 0x13)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async, rerun: 64)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 64)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async, rerun: 32)
listen(r3, 0x0) (async, rerun: 32)
connect$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0x20008041) (async)
r5 = syz_open_dev$vcsn(&(0x7f0000000180), 0x2, 0x760c3) (async, rerun: 32)
r6 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 32)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='bic\x00', 0x4) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) (async)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x240, 0x0, 0x0) (async)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x10, 0x0, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x9}, @L2TP_ATTR_L2SPEC_LEN={0xffffffffffffffee, 0x6, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048800}, 0x4000) (async)
syz_open_dev$sg(&(0x7f0000000240), 0x0, 0x0) (async, rerun: 64)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') (rerun: 64)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r8}}) (async)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(r5, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00'})

1.293905052s ago: executing program 3 (id=841):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0e85667, &(0x7f0000000040)={0x40000000, 0x3, "54ed301677ed0070876cae12e9578f06dd42a31071d629b6fcf9955e8c1f34e9", 0x840, 0x496, 0x40, 0x1, 0x6, 0x4, 0x60, 0x1, [0xe, 0x8, 0x4, 0x80000001]})
socket(0xa, 0x3, 0x3a)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000400), 0xf, 0x8843)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000000)=ANY=[])
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r7, 0xc0189436, &(0x7f0000000740)={0x0, 0x2, 0x0, 0x2, 0x3})
ioctl$TCSETS(r6, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000000c0)='syz_tun\x00', 0x10)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0)
r9 = memfd_secret(0x0)
ppoll(&(0x7f0000000100)=[{r9, 0x200}], 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={[0x10000, 0x7f55]}, 0x8)
unshare(0x40020000)

874.9519ms ago: executing program 1 (id=842):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf200000000000001500020000000110e5030100000000009500000000000000bc26000000000000bf67000000000000070300000fff070067020000030000001606000000000078bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x4f)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x80}], 0x1, 0x40800)
recvmsg$qrtr(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/3, 0x3}], 0x1, 0x0, 0x0, 0x10000}, 0x1c, 0x2062) (async)
openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)

874.655937ms ago: executing program 0 (id=843):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00')
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000001240))
preadv(r0, &(0x7f00000026c0)=[{&(0x7f0000000240)=""/4088, 0xff8}], 0x1, 0x15f, 0x0)
ioctl$EVIOCREVOKE(r0, 0x40044591, &(0x7f0000000040)=0x1ff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYRES16=r1], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x804)

873.874168ms ago: executing program 1 (id=844):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r1, &(0x7f0000000000)=0x8, r1, 0x0, 0x4, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
renameat2(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x1)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r5, 0x1, 0x12, &(0x7f0000000080), 0x4)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
ioctl$int_in(r7, 0x5452, &(0x7f0000000000)=0x1)
setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)

870.111241ms ago: executing program 5 (id=845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000fffc120003006269746d61703a69702c6d616300000005000400000000000900020073797a3100000000180007800c00018008000140ffffffff080008400005000200000005000100060000000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x25) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7fff}}]}, 0x38}}, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = mq_open(&(0x7f0000000000)='e_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000040000000, 0x4, 0x4, 0x9}) (async)
r3 = epoll_create(0x1e)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)={0x10000000}) (async)
mq_timedsend(r2, 0x0, 0x0, 0x5, 0x0) (async)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write$binfmt_misc(r4, &(0x7f0000000240), 0xfffffecc)
ioctl$FIONREAD(r4, 0x541b, &(0x7f0000000200))
ioctl$VFAT_IOCTL_READDIR_SHORT(r4, 0x82187202, &(0x7f0000000840)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002780)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r5, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026bd7000fedbdf250c00000008000300", @ANYRES32=r7, @ANYBLOB="0400280014006e"], 0x34}}, 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r8, &(0x7f0000001d80)='.\x00', 0x9100, &(0x7f0000000080)={0x81, 0x7a, 0x40000, {r8}}, 0x20) (async)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f0000006380)={0x2020, 0x0, <r10=>0x0, <r11=>0x0, <r12=>0x0}, 0x2020)
syz_fuse_handle_req(r9, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734bc5862ef52983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1d7abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de99a56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea90097babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff14427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x0, {0x0, 0x200000000, 0x9, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x0, 0x7, 0xffffffffffffffff, 0x102, 0xed3, 0x2, 0x5, 0xc000, 0xfffffffc, r11, r12, 0x7, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r9, &(0x7f0000004300)={0x50, 0x0, r10, {0x7, 0x26, 0x8, 0xfffffffff323ca46, 0x0, 0x3, 0x6, 0x5d3184cc, 0x0, 0x0, 0x80, 0x10001}}, 0x50) (async)
r13 = io_uring_setup(0x25f5, &(0x7f00000000c0)={0x0, 0xc63b, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_CLOCK(r13, 0x1d, &(0x7f0000000040)={0x7}, 0x3f)
write$FUSE_INIT(r8, &(0x7f0000000000)={0x50, 0x0, r10, {0x7, 0x2b, 0xe00000, 0x40000, 0x83, 0x5, 0x6, 0x4, 0x0, 0x0, 0x4, 0x9}}, 0x50) (async)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x2008410, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@default_permissions}]})

800.849723ms ago: executing program 0 (id=846):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x0, 0xe, 0x0, &(0x7f0000000180)="6ebca58c08000008beca252388f7", 0x0, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mremap(&(0x7f00008e5000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fdinfo/4\x00')
read$FUSE(r1, &(0x7f0000000700)={0x2020}, 0x2020) (async)
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f0000000040)={{&(0x7f00008bb000/0x2000)=nil, 0x2000}, 0x1}) (async)
remap_file_pages(&(0x7f0000157000/0x2000)=nil, 0x1fffff, 0x0, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000340)="00d60000000000", 0x7}, {0x0, 0x54}], 0x2)

800.460313ms ago: executing program 5 (id=847):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x2)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x2, 0x9, 0x20ff, 0x1, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r2, r0, &(0x7f0000000080)=0x3, 0x1)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)=ANY=[@ANYRESDEC, @ANYRESHEX=r3, @ANYRESOCT=r4, @ANYRESOCT=r3, @ANYBLOB="0c009900f400000017000000080026007f1700000800270001000000"], 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20610640}, 0xc, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYRESOCT=r1], 0x90}, 0x1, 0x0, 0x0, 0x4000850}, 0x880)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000540)={&(0x7f0000000940)=ANY=[@ANYBLOB="4c010000e064f0adcd1da655572716357d1d642c4367a84e1b115c82e51066c101ff1c686043732a6de2569317036e26b6dd4f54eb405d812e385085e21a7e2242afb0c731078f44165976640f79db26b5ebabbe0d8aff5dea2549e153695fd8de77658ac60a7c331d847f32a4b2cd768f5d6b811bf8af38f0e7073af0eed29325d48f604fae128b7b00d1bc28545be8f480460fc3501556eae7ecf0e668773b991c46dceb66e2b164a5581ab640fd9f1779", @ANYRES16=0x0, @ANYBLOB="00042cbd7000fedbdf25460000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00000000000c008f0003000000000000000c00900002000000000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00010000000c008f0002000000000000000c00900003000000000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008e00020000000c008f0003000000000000000c0090000008000000000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f0008000000000000000c0090000c00000000000000080001007063690011000200303030303a30303a31302e300000000008008e00030000000c008f0009000000000000000c0090000700000000000000"], 0x14c}, 0x1, 0x0, 0x0, 0x4000}, 0x10001)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000340)='&%&\x00', &(0x7f0000000380)='\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000640), 0x0, 0x2, 0x0)
r8 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x4, 0x1, 0x37f}, &(0x7f0000000000)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f0000000480)={0x7f, 0x16, 0x8, 0x80, 0xfc})
r11 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
connect$x25(r11, &(0x7f0000000000), 0x12)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r0}})
io_uring_enter(r8, 0x3517, 0x173d, 0x42, 0x0, 0x0)

715.398692ms ago: executing program 0 (id=848):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x2000000000000, 0xfffffdfffffffffe, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB="50000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000300", @ANYRES32=0x0, @ANYBLOB="2800128008000100677470001c00028008000100", @ANYRES32=r3], 0x50}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r4}}, 0x20)
r5 = openat$ppp(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCSACTIVE(r5, 0x40087446, &(0x7f00000002c0)={0x6, &(0x7f0000000180)=[{0x3, 0x49, 0x6f, 0x400}, {0x9, 0xfe, 0x4, 0x69}, {0x6, 0x3, 0x3, 0x8000}, {0x200, 0x3, 0x7f, 0xc8}, {0x0, 0x6, 0x6, 0x6}, {0x9, 0xfe, 0x6, 0x1}]})
read(r3, 0x0, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000004, 0x200000005c831, r1, 0x0)
r6 = socket(0x3, 0x2, 0xda2e)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, &(0x7f0000000100)=0x7ff, 0x4)
openat$ubi_ctrl(0xffffff9c, &(0x7f0000000340), 0x400, 0x0)

545.171943ms ago: executing program 5 (id=849):
getresgid(&(0x7f0000000040)=<r0=>0x0, &(0x7f0000000080), &(0x7f00000000c0)) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xf309961effb08175, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="a4066ab26d759d5cf12bda2d8ace0bbe66daaf8f85dca9d3fc512193ae3425929b070000000000000070b12999c5306de081eff9798681b0fca322b6639e4f7de9f8f43a0d89bfa41e53e5dacc64275a797e45b07682dc01bddbbccab5cc9f053228dc5fd8ae15225b5a03f4bdfc2cfcbee5319025a978fc372b49", @ANYBLOB="2f36c9e41c84512357716bd2c5a117b488042fb388fe232c52020bb692bb34bfd41a07c190977c0d6b14366214a8a42ffdf66ea1bc767b17adeff170aec6cf71f72e726e29f57442b121e38e847bd212dfdde7b75aedc22410ea61b0588b02a8a71ff4bd815e6b4868d567f175abea8f66eccbb19fd2f4b44f5e8b83e1a541e3ec8abea76064c33fdac72ebebaaf16f31fd6ca4260930b1bd42d0ef2e90a4a6232b9f28bccc2d40e52e4223997122a1571ddd38cff61e57cf358b799ee4f482f05e208ca00ca04b6eb60ddefc5349b550571da20b6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES8=<r4=>r1], 0x7c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000900)=@abs={0x1, 0x0, 0x4e20}, 0x79e29a40c4140f82) (async)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0xfffffff6, 0x0, 0x3, 0x0)
sched_setattr(0x0, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x104, &(0x7f0000000480)=0x4, 0x0, 0x4) (async)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}}) (async)
io_uring_enter(r5, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0) (async)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002600)=ANY=[@ANYRES8=r0], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0) (async)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, 0x0) (async)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRES64=r4], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r11}, 0xc)
r12 = fanotify_init(0x4, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r10, 0xc01cf509, &(0x7f0000000300)={<r13=>r1, 0xfffffffffffffff8, 0x8, 0x2})
fanotify_mark(r12, 0x2, 0x8000000, r13, &(0x7f0000000340)='./file1\x00') (async)
statx(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4000, 0x400, &(0x7f00000005c0))

478.723057ms ago: executing program 5 (id=850):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x240881)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x64, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xd3}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x803, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000080)={0x4, 0x1, 0x0, "6cfef8b4b9fdcfc8bf98040c2599e8a8e9f887975c3cc41e122a623eb7c37334", 0x34343459})
syz_usbip_server_init(0x6)
setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newlink={0x44, 0x10, 0x403, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x74, 0x0, 0x1810, 0x55007}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x0)

274.030914ms ago: executing program 3 (id=851):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) (async, rerun: 64)
unlink(0x0) (async, rerun: 64)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000000)={0x0, 0x0, 0x3, &(0x7f00000000c0)={0x19, "90f50180e64f61909103f1fbbc2b81c9f144d76e44c700100000e52829e7cb8393"}}) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x5}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mprotect(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0xa)

0s ago: executing program 3 (id=852):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x9d}, @NFTA_SET_ID={0x8}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x2}]}, 0x30}}, 0x0)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x5c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x22, 0x2a, [@supported_rates={0x1, 0x2, [{0x12}, {0x12}]}, @peer_mgmt={0x75, 0x18, {0x1, 0x5, @val=0x2, @val=0x30, @val="b6dd147f99df362d1c2fd050b63d0e2e"}}]}, @NL80211_ATTR_IE={0x22, 0x2a, [@ibss={0x6, 0x2, 0xfffb}, @perr={0x84, 0x15, {0xff, 0x1, [{{0x0, 0x1}, @broadcast, 0x8, @value, 0x36}]}}, @challenge={0x10, 0x1, 0x68}]}, @fils_params]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004001}, 0x40)

0s ago: executing program 3 (id=853):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) (async)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = socket(0x1d, 0x2, 0x6)
bind$l2tp(r2, &(0x7f0000000200)={0x1d, 0x0, @rand_addr=0x64010102, 0x1}, 0x10) (async)
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x200100, 0x9)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000140097f87059ae08060c040002ff0f0200000000000001870182fa73a69d35a2cca84708f7abca1b4e7d06a6bd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0) (async)
getdents(r3, 0x0, 0x0) (async)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=@framed={{0x6a, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xa9}}, &(0x7f0000000480)='GPL\x00'}, 0x90) (async)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)

kernel console output (not intermixed with test programs):

 vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[   68.905963][ T6229] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   68.910120][ T6229] vhci_hcd vhci_hcd.0: Device attached
[   68.916330][ T6233] netlink: 2 bytes leftover after parsing attributes in process `syz.1.34'.
[   69.181528][ T6241] usb 2-1: USB disconnect, device number 2
[   69.217628][  T980] usb 42-1: SetAddress Request (2) to port 0
[   69.224332][ T6241] hub 2-0:1.0: USB hub found
[   69.226316][ T6241] hub 2-0:1.0: 6 ports detected
[   69.235534][  T980] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[   69.397386][   T70] usb 2-1: new high-speed USB device number 3 using ehci-pci
[   69.581792][   T70] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   69.585670][   T70] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   69.588578][   T70] usb 2-1: Product: QEMU USB Tablet
[   69.590328][   T70] usb 2-1: Manufacturer: QEMU
[   69.592464][   T70] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   69.619838][   T70] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input6
[   69.674033][ T6230] vhci_hcd: connection reset by peer
[   69.677548][ T1145] vhci_hcd: stop threads
[   69.680286][ T1145] vhci_hcd: release socket
[   69.682864][ T1145] vhci_hcd: disconnect device
[   69.686165][   T70] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   69.892742][ T6253] netlink: 'syz.3.37': attribute type 21 has an invalid length.
[   70.007304][ T6257] netlink: 'syz.0.38': attribute type 1 has an invalid length.
[   70.009828][ T6257] netlink: 224 bytes leftover after parsing attributes in process `syz.0.38'.
[   70.102323][ T6260] netlink: 2 bytes leftover after parsing attributes in process `syz.1.39'.
[   71.627671][ T6304] netlink: 12 bytes leftover after parsing attributes in process `syz.2.51'.
[   71.887622][    T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   72.039609][    T9] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   72.044440][    T9] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   72.048646][    T9] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   72.051493][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.058240][ T6304] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   72.069042][    T9] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   72.278066][ T6324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.56'.
[   72.282411][ T6324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.56'.
[   72.296741][ T6327] process 'syz.0.57' launched './file0' with NULL argv: empty string added
[   72.323991][   T40] audit: type=1326 audit(1756315465.044:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm="syz.3.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.330826][   T40] audit: type=1326 audit(1756315465.044:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm="syz.3.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.338072][   T40] audit: type=1326 audit(1756315465.044:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm="syz.3.58" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.357897][   T40] audit: type=1326 audit(1756315465.044:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.364978][   T40] audit: type=1326 audit(1756315465.044:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.365004][   T40] audit: type=1326 audit(1756315465.054:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.365024][   T40] audit: type=1326 audit(1756315465.054:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.387654][   T40] audit: type=1326 audit(1756315465.054:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.397344][   T40] audit: type=1326 audit(1756315465.054:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.404803][   T40] audit: type=1326 audit(1756315465.054:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6328 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000
[   72.543650][ T6339] netlink: 5 bytes leftover after parsing attributes in process `syz.0.62'.
[   72.548851][ T6339] 0�X��D: renamed from macvtap0 (while UP)
[   72.568774][ T6339] 0�X��D: entered allmulticast mode
[   72.570531][ T6339] veth0_macvtap: entered allmulticast mode
[   72.572846][ T6339] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[   73.071653][ T6347] trusted_key: encrypted_key: master key parameter 'c�Y�
�?(<��`Ͼ3Q�#�P��d' is invalid
[   73.760367][ T6374] overlay: filesystem on ./bus not supported as upperdir
[   74.149431][ T6032] usb 7-1: USB disconnect, device number 2
[   74.380131][  T980] usb 42-1: device descriptor read/8, error -110
[   74.417543][ T6391] syz.1.75 uses obsolete (PF_INET,SOCK_PACKET)
[   75.102617][  T980] usb usb42-port1: attempt power cycle
[   75.154995][ T6408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.78'.
[   75.201515][ T6411] capability: warning: `syz.3.79' uses 32-bit capabilities (legacy support in use)
[   75.663199][ T1141] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   76.101645][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[   76.104167][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[   76.131518][  T980] usb usb42-port1: unable to enumerate USB device
[   76.181528][ T6428] capability: warning: `syz.3.84' uses deprecated v2 capabilities in a way that may be insecure
[   76.187321][ T6428] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   76.191505][ T6428] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   76.195832][ T6428] overlayfs: failed to get uuid (30/file1, err=-13); falling back to uuid=null.
[   76.595334][ T6435] netlink: 12 bytes leftover after parsing attributes in process `syz.2.87'.
[   76.815416][ T6433] netlink: 4 bytes leftover after parsing attributes in process `syz.3.86'.
[   77.555986][ T6451] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[   77.558052][ T6451] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   77.686377][ T6458] netlink: 'syz.2.93': attribute type 13 has an invalid length.
[   78.056524][ T6451] vhci_hcd vhci_hcd.0: Device attached
[   78.236048][ T6456] vhci_hcd: connection closed
[   78.241750][ T1150] vhci_hcd: stop threads
[   78.246293][ T1150] vhci_hcd: release socket
[   78.248180][ T1150] vhci_hcd: disconnect device
[   78.492224][ T6480] netlink: 'syz.3.99': attribute type 3 has an invalid length.
[   78.494732][ T6480] netlink: 666 bytes leftover after parsing attributes in process `syz.3.99'.
[   78.681342][ T6489] netlink: 'syz.0.102': attribute type 1 has an invalid length.
[   78.749232][ T6495] netlink: 72 bytes leftover after parsing attributes in process `syz.0.104'.
[   78.753224][ T6497] fuse: Unknown parameter ':'
[   78.762253][ T6497] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+���v3�c���/f���
[   78.990257][ T6517] bond1: entered promiscuous mode
[   78.992098][ T6517] bond1: entered allmulticast mode
[   78.994420][ T6517] 8021q: adding VLAN 0 to HW filter on device bond1
[   79.332196][ T6533] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   79.334886][ T6533] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   79.338725][ T6533] vhci_hcd vhci_hcd.0: Device attached
[   79.558777][ T6537] cdrom: dropping to single frame dma
[   79.617349][  T980] usb 44-1: SetAddress Request (2) to port 0
[   79.621731][  T980] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[   79.903115][ T6534] vhci_hcd: connection reset by peer
[   79.907494][   T12] vhci_hcd: stop threads
[   79.909005][   T12] vhci_hcd: release socket
[   79.910681][   T12] vhci_hcd: disconnect device
[   81.100582][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'.
[   81.373607][ T6561] overlayfs: failed to resolve './file1': -2
[   81.588813][ T6570] 9pnet_virtio: no channels available for device syz
[   82.371270][ T6586] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:20002
[   82.909236][ T6592] syz.1.131: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   82.914772][ T6592] CPU: 3 UID: 0 PID: 6592 Comm: syz.1.131 Not tainted syzkaller #0 PREEMPT(full) 
[   82.914787][ T6592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.914793][ T6592] Call Trace:
[   82.914798][ T6592]  <TASK>
[   82.914803][ T6592]  dump_stack_lvl+0x16c/0x1f0
[   82.914826][ T6592]  warn_alloc+0x248/0x3a0
[   82.914840][ T6592]  ? __pfx_warn_alloc+0x10/0x10
[   82.914857][ T6592]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   82.914869][ T6592]  ? __vmalloc_node_noprof+0xad/0xf0
[   82.914881][ T6592]  __vmalloc_node_range_noprof+0x101b/0x14b0
[   82.914896][ T6592]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   82.914909][ T6592]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   82.914924][ T6592]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   82.914934][ T6592]  vmalloc_user_noprof+0x9e/0xe0
[   82.914944][ T6592]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   82.914955][ T6592]  vb2_vmalloc_alloc+0x135/0x3f0
[   82.914965][ T6592]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[   82.914976][ T6592]  __vb2_queue_alloc+0x8c9/0x1280
[   82.914999][ T6592]  vb2_core_reqbufs+0xa90/0xfe0
[   82.915012][ T6592]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[   82.915023][ T6592]  ? __pfx___might_resched+0x10/0x10
[   82.915037][ T6592]  ? __mutex_lock+0x1c5/0x1060
[   82.915057][ T6592]  vb2_reqbufs+0x1a3/0x1f0
[   82.915072][ T6592]  ? __pfx_vb2_reqbufs+0x10/0x10
[   82.915088][ T6592]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   82.915105][ T6592]  v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0
[   82.915122][ T6592]  v4l_reqbufs+0x152/0x1e0
[   82.915135][ T6592]  __video_do_ioctl+0xb3d/0xfc0
[   82.915150][ T6592]  ? __might_fault+0xe3/0x190
[   82.915162][ T6592]  ? __pfx___video_do_ioctl+0x10/0x10
[   82.915180][ T6592]  video_usercopy+0x47c/0x1440
[   82.915195][ T6592]  ? __pfx___video_do_ioctl+0x10/0x10
[   82.915209][ T6592]  ? __pfx_video_usercopy+0x10/0x10
[   82.915228][ T6592]  ? hook_file_ioctl_common+0x145/0x410
[   82.915245][ T6592]  v4l2_ioctl+0x1ba/0x250
[   82.915257][ T6592]  ? __ia32_compat_sys_openat+0x161/0x210
[   82.915269][ T6592]  v4l2_compat_ioctl32+0x214/0x2c0
[   82.915281][ T6592]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[   82.915294][ T6592]  __ia32_compat_sys_ioctl+0x242/0x370
[   82.915316][ T6592]  __do_fast_syscall_32+0x7c/0x3a0
[   82.915332][ T6592]  do_fast_syscall_32+0x32/0x80
[   82.915346][ T6592]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   82.915360][ T6592] RIP: 0023:0xf7fe5579
[   82.915369][ T6592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   82.915378][ T6592] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   82.915389][ T6592] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0145608
[   82.915395][ T6592] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[   82.915401][ T6592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.915406][ T6592] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   82.915412][ T6592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.915425][ T6592]  </TASK>
[   82.915428][ T6592] Mem-Info:
[   83.012617][ T6592] active_anon:13228 inactive_anon:0 isolated_anon:0
[   83.012617][ T6592]  active_file:12428 inactive_file:39842 isolated_file:0
[   83.012617][ T6592]  unevictable:1768 dirty:331 writeback:0
[   83.012617][ T6592]  slab_reclaimable:10723 slab_unreclaimable:52894
[   83.012617][ T6592]  mapped:27586 shmem:9155 pagetables:1060
[   83.012617][ T6592]  sec_pagetables:299 bounce:0
[   83.012617][ T6592]  kernel_misc_reclaimable:0
[   83.012617][ T6592]  free:28716 free_pcp:15740 free_cma:0
[   83.027193][ T6592] Node 0 active_anon:6000kB inactive_anon:0kB active_file:4kB inactive_file:12044kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7568kB dirty:0kB writeback:0kB shmem:3824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8016kB pagetables:1480kB sec_pagetables:1136kB all_unreclaimable? yes Balloon:0kB
[   83.037404][ T6592] Node 1 active_anon:46912kB inactive_anon:0kB active_file:49708kB inactive_file:147324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:102776kB dirty:1324kB writeback:0kB shmem:32796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5008kB pagetables:2804kB sec_pagetables:60kB all_unreclaimable? no Balloon:0kB
[   83.047659][ T6592] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:532kB local_pcp:196kB free_cma:0kB
[   83.056804][ T6592] lowmem_reserve[]: 0 288 288 288 288
[   83.058916][ T6592] Node 0 DMA32 free:24652kB boost:6144kB min:19364kB low:22668kB high:25972kB reserved_highatomic:4096KB free_highatomic:2284KB active_anon:6000kB inactive_anon:0kB active_file:4kB inactive_file:12044kB unevictable:3536kB writepending:0kB present:1032196kB managed:295136kB mlocked:0kB bounce:0kB free_pcp:12184kB local_pcp:3184kB free_cma:0kB
[   83.069118][ T6592] lowmem_reserve[]: 0 0 0 0 0
[   83.070480][ T6592] Node 1 DMA32 free:88044kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:46912kB inactive_anon:0kB active_file:49708kB inactive_file:147324kB unevictable:3536kB writepending:1324kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:50532kB local_pcp:12008kB free_cma:0kB
[   83.080306][ T6592] lowmem_reserve[]: 0 0 0 0 0
[   83.081827][ T6592] Node 0 DMA: 3*4kB (U) 4*8kB (U) 3*16kB (U) 2*32kB (U) 0*64kB 1*128kB (U) 1*256kB (U) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2076kB
[   83.086979][ T6592] Node 0 DMA32: 851*4kB (UH) 98*8kB (UMH) 37*16kB (UMH) 309*32kB (UMH) 82*64kB (UMH) 19*128kB (U) 3*256kB (UMH) 1*512kB (M) 1*1024kB (H) 0*2048kB 0*4096kB = 24652kB
[   83.092658][ T6592] Node 1 DMA32: 221*4kB (ME) 173*8kB (M) 97*16kB (UME) 58*32kB (ME) 7*64kB (ME) 68*128kB (ME) 20*256kB (M) 17*512kB (M) 8*1024kB (M) 5*2048kB (UM) 10*4096kB (UM) = 88044kB
[   83.098074][ T6592] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   83.101007][ T6592] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   83.103929][ T6592] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   83.106919][ T6592] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   83.109900][ T6592] 61421 total pagecache pages
[   83.111391][ T6592] 0 pages in swap cache
[   83.112687][ T6592] Free swap  = 124996kB
[   83.113983][ T6592] Total swap = 124996kB
[   83.115290][ T6592] 524155 pages RAM
[   83.116496][ T6592] 0 pages HighMem/MovableOnly
[   83.118401][ T6592] 209476 pages reserved
[   83.119802][ T6592] 0 pages cma reserved
[   83.172108][ T6597] netlink: 12 bytes leftover after parsing attributes in process `syz.0.132'.
[   84.580721][ T6635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[   84.587774][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.3.143'.
[   84.657420][  T980] usb 44-1: device descriptor read/8, error -110
[   84.922820][ T6651] binder: 6650:6651 ioctl c0306201 800003c0 returned -14
[   85.072393][  T980] usb usb44-port1: attempt power cycle
[   85.664232][  T980] usb usb44-port1: unable to enumerate USB device
[   85.750952][ T6651] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   85.754281][ T6651] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   85.769157][ T6651] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   85.774784][ T6651] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   85.776762][ T6651] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   85.789126][ T6651] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   85.792960][ T6651] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   85.794966][ T6651] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   85.808067][ T6651] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   86.137396][   T54] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   86.301543][   T54] usb 8-1: config 195 has an invalid interface number: 145 but max is 0
[   86.304210][   T54] usb 8-1: config 195 has no interface number 0
[   86.306180][   T54] usb 8-1: config 195 interface 145 has no altsetting 0
[   86.311427][   T54] usb 8-1: New USB device found, idVendor=055f, idProduct=c211, bcdDevice=9b.e4
[   86.314328][   T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.316830][   T54] usb 8-1: Product: syz
[   86.318390][   T54] usb 8-1: Manufacturer: syz
[   86.319863][   T54] usb 8-1: SerialNumber: syz
[   86.339537][  T840] cfg80211: failed to load regulatory.db
[   86.375504][ T6676] block nbd0: Attempted send on invalid socket
[   86.377917][ T6676] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[   86.559393][   T54] gspca_main: sunplus-2.14.0 probing 055f:c211
[   86.562265][   T54] gspca_sunplus: reg_r err -71
[   87.067455][ T5996] Bluetooth: hci2: command 0x0c1a tx timeout
[   87.117595][ T6692] ieee802154 phy0 wpan0: encryption failed: -22
[   87.130020][ T6694] comedi comedi0: dmm32at: I/O port conflict (0xee,16)
[   87.547362][   T54] sunplus 8-1:195.145: probe with driver sunplus failed with error -71
[   87.551696][   T54] usb 8-1: USB disconnect, device number 2
[   87.777548][ T5996] Bluetooth: hci1: command 0x0c1a tx timeout
[   87.867470][ T5996] Bluetooth: hci3: command 0x0c1a tx timeout
[   89.137355][ T5996] Bluetooth: hci2: command 0x0c1a tx timeout
[   89.867404][ T5996] Bluetooth: hci1: command 0x0c1a tx timeout
[   89.937605][ T5996] Bluetooth: hci3: command 0x0c1a tx timeout
[   90.412046][ T6740] random: crng reseeded on system resumption
[   90.423330][ T6741] netlink: 8 bytes leftover after parsing attributes in process `syz.0.174'.
[   90.428852][ T6741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.174'.
[   90.475456][   T40] kauditd_printk_skb: 4 callbacks suppressed
[   90.475474][   T40] audit: type=1326 audit(1756315483.194:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.487737][   T40] audit: type=1326 audit(1756315483.204:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.494668][   T40] audit: type=1326 audit(1756315483.204:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=103 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.573183][   T40] audit: type=1326 audit(1756315483.294:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.595373][   T40] audit: type=1326 audit(1756315483.304:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.668705][   T40] audit: type=1326 audit(1756315483.394:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.683835][ T6745] netlink: 'syz.0.175': attribute type 1 has an invalid length.
[   90.698857][   T40] audit: type=1326 audit(1756315483.394:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.713320][   T40] audit: type=1326 audit(1756315483.394:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.717871][ T6745] 8021q: adding VLAN 0 to HW filter on device bond1
[   90.720872][   T40] audit: type=1326 audit(1756315483.394:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.731522][   T40] audit: type=1326 audit(1756315483.404:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.0.175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[   90.744910][ T6745] bond1: (slave geneve2): making interface the new active one
[   90.749204][ T6745] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   90.805577][ T6750] netlink: 4 bytes leftover after parsing attributes in process `syz.0.176'.
[   91.017603][ T6752] FAULT_INJECTION: forcing a failure.
[   91.017603][ T6752] name failslab, interval 1, probability 0, space 0, times 1
[   91.021689][ T6752] CPU: 3 UID: 0 PID: 6752 Comm: syz.0.177 Not tainted syzkaller #0 PREEMPT(full) 
[   91.021704][ T6752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.021710][ T6752] Call Trace:
[   91.021715][ T6752]  <TASK>
[   91.021725][ T6752]  dump_stack_lvl+0x16c/0x1f0
[   91.021743][ T6752]  should_fail_ex+0x512/0x640
[   91.021758][ T6752]  ? __kmalloc_noprof+0xbf/0x510
[   91.021772][ T6752]  ? sock_kmalloc+0x111/0x170
[   91.021787][ T6752]  should_failslab+0xc2/0x120
[   91.021801][ T6752]  __kmalloc_noprof+0xd2/0x510
[   91.021812][ T6752]  ? do_raw_spin_lock+0x12c/0x2b0
[   91.021832][ T6752]  sock_kmalloc+0x111/0x170
[   91.021849][ T6752]  hash_alloc_result+0xd7/0x150
[   91.021865][ T6752]  hash_sendmsg+0x6df/0xfb0
[   91.021892][ T6752]  __sys_sendto+0x4a0/0x520
[   91.021905][ T6752]  ? __pfx___sys_sendto+0x10/0x10
[   91.021918][ T6752]  ? __lock_acquire+0xb97/0x1ce0
[   91.021947][ T6752]  __ia32_compat_sys_socketcall+0x625/0x770
[   91.021963][ T6752]  ? __fget_files+0x20e/0x3c0
[   91.021976][ T6752]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[   91.021992][ T6752]  ? fput+0x9b/0xd0
[   91.022011][ T6752]  ? rcu_is_watching+0x12/0xc0
[   91.022024][ T6752]  __do_fast_syscall_32+0x7c/0x3a0
[   91.022039][ T6752]  do_fast_syscall_32+0x32/0x80
[   91.022054][ T6752]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.022067][ T6752] RIP: 0023:0xf70fe579
[   91.022075][ T6752] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   91.022085][ T6752] RSP: 002b:00000000f54ed430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[   91.022096][ T6752] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f54ed444
[   91.022103][ T6752] RDX: 0000000000000000 RSI: 00000000f54ed560 RDI: 00000000f7464ff4
[   91.022109][ T6752] RBP: 00000000f54ed560 R08: 0000000000000000 R09: 0000000000000000
[   91.022129][ T6752] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   91.022135][ T6752] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.022148][ T6752]  </TASK>
[   91.217548][ T5989] Bluetooth: hci2: command 0x0c1a tx timeout
[   91.232373][ T6760] program syz.1.180 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   91.775891][ T6772] netlink: 'syz.1.182': attribute type 4 has an invalid length.
[   91.802638][ T6772] netlink: 'syz.1.182': attribute type 4 has an invalid length.
[   91.897453][  T840] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   91.937366][ T5989] Bluetooth: hci1: command 0x0c1a tx timeout
[   92.017420][ T5989] Bluetooth: hci3: command 0x0c1a tx timeout
[   92.050870][  T840] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   92.055401][  T840] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   92.055567][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.184'.
[   92.059230][  T840] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   92.066061][  T840] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.072824][ T6771] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   92.079846][  T840] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   92.279714][  T840] usb 8-1: USB disconnect, device number 3
[   92.481960][ T6771] IPVS: set_ctl: invalid protocol: 135 224.0.0.1:20001
[   92.554835][ T6782] usb usb1: usbfs: process 6782 (syz.1.186) did not claim interface 42 before use
[   92.812092][ T6786] tmpfs: Bad value for 'mpol'
[   93.833857][ T6807] netlink: 'syz.0.194': attribute type 2 has an invalid length.
[   93.836373][ T6807] netlink: 'syz.0.194': attribute type 8 has an invalid length.
[   93.839178][ T6807] netlink: 1148 bytes leftover after parsing attributes in process `syz.0.194'.
[   93.843412][ T6807] netlink: 60 bytes leftover after parsing attributes in process `syz.0.194'.
[   93.917095][ T6813] 9pnet_virtio: no channels available for device syz
[   94.097357][ T5989] Bluetooth: hci3: command 0x0c1a tx timeout
[   94.239181][ T6831] netlink: 'syz.0.201': attribute type 2 has an invalid length.
[   96.127492][ T6851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.205'.
[   96.130419][ T6851] netlink: 48 bytes leftover after parsing attributes in process `syz.0.205'.
[   96.177838][ T5989] Bluetooth: hci3: command 0x0c1a tx timeout
[   97.191450][ T6859] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[   97.194070][ T6859] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   97.198400][ T6859] vhci_hcd vhci_hcd.0: Device attached
[   97.382667][ T6863] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[   97.384729][ T6863] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   97.387491][ T6863] vhci_hcd vhci_hcd.0: Device attached
[   97.390232][ T6864] vhci_hcd: connection closed
[   97.390512][   T13] vhci_hcd: stop threads
[   97.393342][   T13] vhci_hcd: release socket
[   97.394899][   T13] vhci_hcd: disconnect device
[   97.546697][   T29] usb 38-1: SetAddress Request (2) to port 0
[   97.640640][   T29] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[   97.657641][ T5996] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   97.660779][ T6860] vhci_hcd: connection closed
[   97.661536][   T13] vhci_hcd: stop threads
[   97.661537][ T5996] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   97.667120][   T13] vhci_hcd: release socket
[   97.669135][ T5996] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   97.669301][   T13] vhci_hcd: disconnect device
[   97.675999][ T5996] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   97.679314][ T5996] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   97.820459][ T6877] chnl_net:caif_netlink_parms(): no params data found
[   97.899271][ T6889] libceph: resolve '
[   97.899271][ T6889] -&���f�Y�ǝ�a���2i�
[   97.899271][ T6889] .���?��&�*��&' (ret=-3): failed
[   97.914635][ T6877] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.917031][ T6877] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.919642][ T6877] bridge_slave_0: entered allmulticast mode
[   97.922421][ T6877] bridge_slave_0: entered promiscuous mode
[   97.926983][ T6877] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.930259][ T6877] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.933281][ T6877] bridge_slave_1: entered allmulticast mode
[   97.937586][ T6877] bridge_slave_1: entered promiscuous mode
[   97.990831][ T6877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   98.007402][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.016833][ T6877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   98.068382][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.079988][ T6877] team0: Port device team_slave_0 added
[   98.112267][ T6898] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.132613][ T6877] team0: Port device team_slave_1 added
[   98.322103][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.400890][ T6904] netlink: 112 bytes leftover after parsing attributes in process `syz.1.219'.
[   98.412221][ T6898] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.444471][ T6877] batman_adv: batadv0: Adding interface: batadv_slave_0
[   98.447453][ T6877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.457045][ T6877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   98.468932][ T6877] batman_adv: batadv0: Adding interface: batadv_slave_1
[   98.471642][ T6877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.482769][ T6877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   98.504826][ T6898] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.564914][ T6877] hsr_slave_0: entered promiscuous mode
[   98.568505][ T6877] hsr_slave_1: entered promiscuous mode
[   98.570529][ T6877] debugfs: 'hsr0' already exists in 'hsr'
[   98.572225][ T6877] Cannot create hsr debugfs directory
[   98.656054][ T6898] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.791701][   T13] bridge_slave_1: left allmulticast mode
[   98.797472][   T13] bridge_slave_1: left promiscuous mode
[   98.800009][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.806042][   T13] bridge_slave_0: left allmulticast mode
[   98.809860][   T13] bridge_slave_0: left promiscuous mode
[   98.811819][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.085525][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.093306][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.097114][   T13] bond0 (unregistering): Released all slaves
[   99.161200][   T13] bond1 (unregistering): Released all slaves
[   99.277009][ T1141] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.291441][ T6877] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   99.374583][ T1141] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.381228][ T6877] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   99.394113][ T1141] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.397547][ T6877] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   99.437326][ T6877] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   99.510772][ T1141] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.629494][ T6877] 8021q: adding VLAN 0 to HW filter on device bond0
[   99.641435][ T6877] 8021q: adding VLAN 0 to HW filter on device team0
[   99.649239][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.651445][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.658452][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.660666][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.697414][ T5996] Bluetooth: hci4: command tx timeout
[   99.786716][ T6950] netlink: 'syz.1.220': attribute type 10 has an invalid length.
[   99.802899][ T6950] batman_adv: batadv0: Adding interface: team0
[   99.804859][ T6950] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   99.817428][ T6950] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   99.845949][   T13] hsr_slave_0: left promiscuous mode
[   99.848359][   T13] hsr_slave_1: left promiscuous mode
[   99.850504][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.852875][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.855929][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.858449][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.876922][   T13] veth1_macvtap: left promiscuous mode
[   99.878884][   T13] veth0_macvtap: left promiscuous mode
[   99.881475][   T13] veth1_vlan: left promiscuous mode
[   99.883360][   T13] veth0_vlan: left promiscuous mode
[  100.073341][ T6950] netlink: 'syz.1.220': attribute type 10 has an invalid length.
[  100.100908][ T6950] netlink: 2 bytes leftover after parsing attributes in process `syz.1.220'.
[  100.127707][ T6951] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  100.129672][ T6951] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  100.132953][ T6951] vhci_hcd vhci_hcd.0: Device attached
[  100.396644][ T6953] vhci_hcd: connection closed
[  100.398078][ T1150] vhci_hcd: stop threads
[  100.401203][ T1150] vhci_hcd: release socket
[  100.402927][ T1150] vhci_hcd: disconnect device
[  100.408066][   T54] usb 44-1: enqueue for inactive port 0
[  100.458910][   T13] team0 (unregistering): Port device team_slave_1 removed
[  100.518715][   T13] team0 (unregistering): Port device team_slave_0 removed
[  100.911466][   T54] usb usb44-port1: attempt power cycle
[  100.997732][ T6877] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  101.001480][ T6877] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  101.115673][ T6877] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.290552][ T6877] veth0_vlan: entered promiscuous mode
[  101.299002][ T6877] veth1_vlan: entered promiscuous mode
[  101.310741][ T6877] veth0_macvtap: entered promiscuous mode
[  101.315065][ T6877] veth1_macvtap: entered promiscuous mode
[  101.329380][ T6877] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.333958][ T6877] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.369888][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.372223][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.388906][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.391315][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.441074][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.211'.
[  101.509230][   T54] usb usb44-port1: unable to enumerate USB device
[  101.604367][   T40] kauditd_printk_skb: 33 callbacks suppressed
[  101.604446][   T40] audit: type=1326 audit(1756315494.164:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.633959][   T40] audit: type=1326 audit(1756315494.164:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.655239][   T40] audit: type=1326 audit(1756315494.164:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.684436][   T40] audit: type=1326 audit(1756315494.164:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.705566][   T40] audit: type=1326 audit(1756315494.164:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.732449][   T40] audit: type=1326 audit(1756315494.164:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.211" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf7f26579 code=0x7ffc0000
[  101.779808][ T5996] Bluetooth: hci4: command tx timeout
[  101.840836][ T6950] team0: entered promiscuous mode
[  101.843013][ T6950] team_slave_0: entered promiscuous mode
[  101.845475][ T6950] team_slave_1: entered promiscuous mode
[  101.856893][ T6962] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  101.858944][ T6962] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  101.861309][ T6962] vhci_hcd vhci_hcd.0: Device attached
[  101.868848][ T6980] vhci_hcd: connection closed
[  101.869728][   T12] vhci_hcd: stop threads
[  101.873393][   T12] vhci_hcd: release socket
[  101.875198][   T12] vhci_hcd: disconnect device
[  101.877811][ T6950] 8021q: adding VLAN 0 to HW filter on device team0
[  101.880683][ T6950] batman_adv: batadv0: Interface activated: team0
[  101.883287][ T6950] batman_adv: batadv0: Interface deactivated: team0
[  101.885870][ T6950] batman_adv: batadv0: Removing interface: team0
[  101.894820][ T6950] bridge0: port 3(team0) entered blocking state
[  101.898505][ T6950] bridge0: port 3(team0) entered disabled state
[  101.901122][ T6950] team0: entered allmulticast mode
[  101.903013][ T6950] team_slave_0: entered allmulticast mode
[  101.905268][ T6950] team_slave_1: entered allmulticast mode
[  101.910528][ T6950] bridge0: port 3(team0) entered blocking state
[  101.913281][ T6950] bridge0: port 3(team0) entered forwarding state
[  102.024937][ T1141] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.052109][ T1141] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.055572][ T1141] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.062433][ T1141] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.208542][ T6994] netlink: 56 bytes leftover after parsing attributes in process `syz.3.232'.
[  102.737430][   T29] usb 38-1: device descriptor read/8, error -110
[  103.109527][ T7044] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  103.159543][   T29] usb usb38-port1: attempt power cycle
[  103.377620][  T839] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  103.420388][ T7058] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  103.422462][ T7058] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  103.425304][ T7058] vhci_hcd vhci_hcd.0: Device attached
[  103.527406][  T839] usb 9-1: Using ep0 maxpacket: 32
[  103.531270][  T839] usb 9-1: config 1 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.534786][  T839] usb 9-1: config 1 interface 0 has no altsetting 0
[  103.539439][  T839] usb 9-1: New USB device found, idVendor=056a, idProduct=0057, bcdDevice= 0.40
[  103.542264][  T839] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.544639][  T839] usb 9-1: Product: syz
[  103.546793][  T839] usb 9-1: Manufacturer: syz
[  103.549081][  T839] usb 9-1: SerialNumber: syz
[  103.687338][ T6243] usb 40-1: SetAddress Request (3) to port 0
[  103.694243][ T6243] usb 40-1: new SuperSpeed USB device number 3 using vhci_hcd
[  103.727877][   T29] usb usb38-port1: unable to enumerate USB device
[  103.795386][ T7059] vhci_hcd: connection reset by peer
[  103.797569][ T1142] vhci_hcd: stop threads
[  103.801204][ T1142] vhci_hcd: release socket
[  103.803198][ T1142] vhci_hcd: disconnect device
[  103.858229][ T5996] Bluetooth: hci4: command tx timeout
[  104.140946][  T839] usbhid 9-1:1.0: can't add hid device: -71
[  104.143097][  T839] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  104.153458][  T839] usb 9-1: USB disconnect, device number 2
[  104.431211][ T7091] ������: renamed from hsr0 (while UP)
[  104.604056][ T7095] netlink: 'syz.3.249': attribute type 10 has an invalid length.
[  104.612799][ T7095] team0: Port device dummy0 added
[  104.755623][ T7109] TCP: TCP_TX_DELAY enabled
[  104.784055][ T5996] Bluetooth: hci2: unexpected event for opcode 0x2024
[  104.865703][ T7115] MTD: Attempt to mount non-MTD device "/dev/nbd0"
[  104.883281][ T7115] block nbd0: Attempted send on invalid socket
[  104.887053][ T7115] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  104.941908][ T7123] wireguard0: entered promiscuous mode
[  104.943705][ T7123] wireguard0: entered allmulticast mode
[  105.279186][ T7130] netlink: 'syz.4.258': attribute type 5 has an invalid length.
[  105.281628][ T7130] netlink: 'syz.4.258': attribute type 7 has an invalid length.
[  105.310304][ T7130] : entered promiscuous mode
[  105.526228][ T7136] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  105.774296][ T7152] fuse: Bad value for 'fd'
[  105.911967][ T7152] netlink: 40 bytes leftover after parsing attributes in process `syz.3.265'.
[  105.943210][ T5996] Bluetooth: hci4: command tx timeout
[  106.033762][ T7164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.270'.
[  106.227069][ T7172] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  106.229034][ T7172] overlayfs: failed to set xattr on upper
[  106.229101][ T7172] overlayfs: ...falling back to redirect_dir=nofollow.
[  106.229166][ T7172] overlayfs: ...falling back to index=off.
[  106.620429][ T7178] syz.3.273 (7178) used greatest stack depth: 19560 bytes left
[  106.993192][   T40] audit: type=1326 audit(1756315499.714:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.000246][   T40] audit: type=1326 audit(1756315499.714:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.007020][   T40] audit: type=1326 audit(1756315499.724:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.017342][   T40] audit: type=1326 audit(1756315499.724:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.024288][   T40] audit: type=1326 audit(1756315499.724:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.041165][   T40] audit: type=1326 audit(1756315499.724:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.084485][   T40] audit: type=1326 audit(1756315499.804:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.092251][   T40] audit: type=1326 audit(1756315499.804:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.100093][   T40] audit: type=1326 audit(1756315499.804:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.111892][   T40] audit: type=1326 audit(1756315499.814:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7192 comm="syz.0.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  107.173313][ T7205] fuse: Bad value for 'group_id'
[  107.174913][ T7205] fuse: Bad value for 'group_id'
[  107.347847][ T7222] 9pnet_fd: Insufficient options for proto=fd
[  107.356906][ T7222] overlayfs: failed to resolve './file2': -2
[  107.459212][ T7231] team0: Port device dummy0 removed
[  107.465014][ T7231] bridge_slave_0: left allmulticast mode
[  107.466973][ T7231] bridge_slave_0: left promiscuous mode
[  107.470725][ T7231] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.478846][ T7231] bridge_slave_1: left allmulticast mode
[  107.481298][ T7231] bridge_slave_1: left promiscuous mode
[  107.483855][ T7231] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.504759][ T7231] bond0: (slave bond_slave_0): Releasing backup interface
[  107.511652][ T7231] bond_slave_0: left promiscuous mode
[  107.527965][ T7231] bond0: (slave bond_slave_1): Releasing backup interface
[  107.534773][ T7231] bond_slave_1: left promiscuous mode
[  107.548676][ T7231] team0: Port device team_slave_0 removed
[  107.553005][ T7235] netlink: 'syz.3.285': attribute type 10 has an invalid length.
[  107.554621][ T7231] team0: Port device team_slave_1 removed
[  107.560461][ T7231] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.563383][ T7231] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.567692][ T7231] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.570561][ T7231] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.598027][ T7232] team0: Mode changed to "loadbalance"
[  107.621512][ T7231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.285'.
[  107.624611][ T7235] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.639654][ T7235] team0: Port device bond0 added
[  107.726483][ T7231] team0 (unregistering): Port device bond0 removed
[  107.744920][ T7232] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.828006][ T7232] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.896620][ T7232] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.953392][ T7256] netlink: 96 bytes leftover after parsing attributes in process `syz.0.293'.
[  107.968443][ T7232] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.101527][   T41] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.123289][   T41] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.158113][   T41] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.160734][   T41] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.435273][ T7275] ceph: No mds server is up or the cluster is laggy
[  108.489216][   T29] libceph: connect (1)[c::]:6789 error -101
[  108.492579][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  108.669105][ T7268] wireguard1: entered promiscuous mode
[  108.671444][ T7268] wireguard1: entered allmulticast mode
[  108.737905][ T6243] usb 40-1: device descriptor read/8, error -110
[  108.765329][ T7288] netlink: 4 bytes leftover after parsing attributes in process `syz.4.300'.
[  108.963773][ T7291] netlink: 'syz.0.301': attribute type 1 has an invalid length.
[  108.979585][ T7291] 8021q: adding VLAN 0 to HW filter on device bond2
[  109.008149][ T7291] bond2: (slave veth3): Enslaving as an active interface with a down link
[  109.023904][ T7291] bond2: (slave veth0_to_bond): making interface the new active one
[  109.028377][ T7291] veth0_to_bond: entered promiscuous mode
[  109.031111][ T7291] bond2: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  109.044415][ T7291] vlan2: entered allmulticast mode
[  109.047002][ T7291] veth0_to_bond: entered allmulticast mode
[  109.052144][ T7291] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  109.055817][ T7294] delete_channel: no stack
[  109.186647][ T6243] usb usb40-port1: attempt power cycle
[  109.786473][ T6243] usb usb40-port1: unable to enumerate USB device
[  109.810902][ T7318] netlink: 5 bytes leftover after parsing attributes in process `syz.4.307'.
[  109.814788][ T7318] 0�X��D: renamed from macvtap0 (while UP)
[  109.821353][ T7318] 0�X��D: entered allmulticast mode
[  109.823727][ T7318] veth0_macvtap: entered allmulticast mode
[  109.826671][ T7318] A link change request failed with some changes committed already. Interface 
30�X��D may have been left with an inconsistent configuration, please check.
[  109.922117][ T7318] hub 1-0:1.0: USB hub found
[  109.924297][ T7318] hub 1-0:1.0: 2 ports detected
[  110.023684][ T7325] overlayfs: maximum fs stacking depth exceeded
[  110.029903][ T7325] overlayfs: maximum fs stacking depth exceeded
[  110.064666][ T7329] loop7: detected capacity change from 0 to 7
[  110.084075][ T5991] Dev loop7: unable to read RDB block 7
[  110.087158][ T5991]  loop7: AHDI p1 p2
[  110.097561][ T5991] loop7: partition table partially beyond EOD, truncated
[  110.104714][ T5991] loop7: p1 start 1702000233 is beyond EOD, truncated
[  110.121683][ T7329] Dev loop7: unable to read RDB block 7
[  110.124161][ T7329]  loop7: AHDI p1 p2
[  110.125787][ T7329] loop7: partition table partially beyond EOD, truncated
[  110.133090][ T7329] loop7: p1 start 1702000233 is beyond EOD, truncated
[  110.246918][ T7338] sp0: Synchronizing with TNC
[  110.252344][ T7340] 9pnet_virtio: no channels available for device ./file0
[  110.257623][ T7338] sp0: Found TNC
[  111.934933][ T7373] binder: 7367:7373 ioctl c0306201 800008c0 returned -14
[  111.993312][ T7373] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.031209][ T5996] Bluetooth: hci2: unexpected event for opcode 0x0c12
[  112.040255][ T7377] tipc: Started in network mode
[  112.042281][ T7377] tipc: Node identity c, cluster identity 4711
[  112.044890][ T7377] tipc: Node number set to 12
[  112.144446][ T7373] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.164595][ T7382] netlink: 40 bytes leftover after parsing attributes in process `syz.0.323'.
[  112.294515][ T7373] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.514790][ T7373] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.714855][ T1142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.745726][ T1142] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.887015][   T81] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.890236][   T81] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.187722][ T7435] random: crng reseeded on system resumption
[  114.189733][ T7433] block nbd1: Attempted send on invalid socket
[  114.192842][ T7433] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  114.197675][ T7433] (syz.1.332,7433,3):ocfs2_get_sector:1714 ERROR: status = -5
[  114.200157][ T7433] (syz.1.332,7433,3):ocfs2_sb_probe:753 ERROR: status = -5
[  114.200185][ T7433] (syz.1.332,7433,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  114.205308][ T7433] (syz.1.332,7433,3):ocfs2_fill_super:1177 ERROR: status = -5
[  114.260218][ T7439] program syz.3.336 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.301667][ T7447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.338'.
[  114.353493][ T7454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.340'.
[  115.610333][ T7493] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.613380][ T7493] syzkaller0: entered promiscuous mode
[  115.615372][ T7493] syzkaller0: entered allmulticast mode
[  115.633928][ T7493] tipc: Resetting bearer <eth:syzkaller0>
[  115.640756][ T7493] netlink: 'syz.4.350': attribute type 39 has an invalid length.
[  115.645504][ T7493] veth0_macvtap: left allmulticast mode
[  115.650002][ T7493] veth0_macvtap: left promiscuous mode
[  115.912525][ T7492] tipc: Resetting bearer <eth:syzkaller0>
[  116.031923][ T7492] tipc: Disabling bearer <eth:syzkaller0>
[  116.113862][ T5996] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  116.116393][ T5996] Bluetooth: hci2: Injecting HCI hardware error event
[  116.120004][ T5996] Bluetooth: hci2: hardware error 0x00
[  116.188902][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.1.351'.
[  116.193105][ T7505] openvswitch: netlink: nsh attr 0 has unexpected len 7 expected 0
[  116.195725][ T7505] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  116.580956][ T7512] netlink: 'syz.3.352': attribute type 39 has an invalid length.
[  116.980351][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  116.980363][   T40] audit: type=1326 audit(1756315509.704:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7516 comm="syz.3.357" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd6579 code=0x0
[  117.041310][ T7519] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0
[  117.044487][ T7518] IPVS: stopping backup sync thread 7519 ...
[  117.049749][ T7518] netlink: 20 bytes leftover after parsing attributes in process `syz.3.357'.
[  117.052758][ T7518] netlink: 32 bytes leftover after parsing attributes in process `syz.3.357'.
[  117.356229][ T7525] netlink: 16 bytes leftover after parsing attributes in process `syz.4.358'.
[  117.385725][ T7525] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.457402][ T7525] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.536633][ T7525] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.599099][ T7525] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.676177][ T1145] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.686077][   T81] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.694614][   T81] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.703732][   T81] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.805582][ T7528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  118.060405][ T7535] netlink: 'syz.3.361': attribute type 1 has an invalid length.
[  118.062844][ T7535] netlink: 136 bytes leftover after parsing attributes in process `syz.3.361'.
[  118.065621][ T7535] netlink: 'syz.3.361': attribute type 2 has an invalid length.
[  118.068180][ T7535] netlink: 'syz.3.361': attribute type 1 has an invalid length.
[  118.110942][ T7539] input input12: cannot allocate more than FF_MAX_EFFECTS effects
[  118.187563][ T5996] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  118.257351][ T5989] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  118.258635][ T5996] Bluetooth: hci0: command 0x1003 tx timeout
[  118.538275][ T7550] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  118.540355][ T7550] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  118.543217][ T7550] vhci_hcd vhci_hcd.0: Device attached
[  118.652595][ T7555] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  118.654603][ T7555] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  118.657417][ T7555] vhci_hcd vhci_hcd.0: Device attached
[  118.818233][   T29] usb 46-1: SetAddress Request (2) to port 0
[  118.820203][   T29] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  118.957303][  T980] usb 40-1: SetAddress Request (7) to port 0
[  118.959325][  T980] usb 40-1: new SuperSpeed USB device number 7 using vhci_hcd
[  119.236687][ T7570] kernel read not supported for file /eth0 (pid: 7570 comm: syz.3.371)
[  119.242266][ T7551] vhci_hcd: connection reset by peer
[  119.244467][ T1145] vhci_hcd: stop threads
[  119.245830][ T1145] vhci_hcd: release socket
[  119.247933][ T1145] vhci_hcd: disconnect device
[  119.249528][   T40] audit: type=1800 audit(1756315511.964:115): pid=7570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.371" name="eth0" dev="mqueue" ino=18055 res=0 errno=0
[  119.292874][ T7556] vhci_hcd: connection reset by peer
[  119.295612][   T41] vhci_hcd: stop threads
[  119.296982][   T41] vhci_hcd: release socket
[  119.300602][   T41] vhci_hcd: disconnect device
[  119.339011][ T7573] 9pnet_virtio: no channels available for device syz
[  119.413440][ T7582] 9pnet_virtio: no channels available for device syz
[  119.908889][ T7602] sp0: Synchronizing with TNC
[  120.063605][ T7614] (syz.4.386,7614,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  120.066445][ T7614] (syz.4.386,7614,3):ocfs2_fill_super:1177 ERROR: status = -22
[  120.248115][ T1145] veth0_to_bond: left promiscuous mode
[  120.682806][ T7621] "syz.3.388" (7621) uses obsolete ecb(arc4) skcipher
[  121.483406][ T7631] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  121.486193][ T7631] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  121.490348][ T7631] vhci_hcd vhci_hcd.0: Device attached
[  121.621476][ T7640] fuse: Bad value for 'fd'
[  121.642334][ T7637] vhci_hcd: connection closed
[  121.642581][   T41] vhci_hcd: stop threads
[  121.645671][   T41] vhci_hcd: release socket
[  121.647156][   T41] vhci_hcd: disconnect device
[  121.897317][   T70] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  122.047296][   T70] usb 6-1: Using ep0 maxpacket: 8
[  122.049989][   T70] usb 6-1: config 0 interface 0 has no altsetting 0
[  122.051952][   T70] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  122.054849][   T70] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.060445][   T70] usb 6-1: config 0 descriptor??
[  122.150239][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.395'.
[  122.510990][   T70] usbhid 6-1:0.0: can't add hid device: -71
[  122.518339][   T70] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  122.535196][   T70] usb 6-1: USB disconnect, device number 2
[  122.665788][   T40] audit: type=1326 audit(1756315515.384:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7fc00000
[  122.689042][ T7677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.400'.
[  123.427652][   T40] audit: type=1326 audit(1756315516.114:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7675 comm="syz.1.400" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe5579 code=0x7fc00000
[  123.499707][ T7687] tmpfs: Unknown parameter 'nrMblocks'
[  123.544815][ T7690] hpfs: hpfs_map_sector(): read error
[  123.608897][ T7690] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.403'.
[  123.857543][   T29] usb 46-1: device descriptor read/8, error -110
[  124.017495][  T980] usb 40-1: device descriptor read/8, error -110
[  124.258670][   T29] usb usb46-port1: attempt power cycle
[  124.362670][ T7710] netlink: 152 bytes leftover after parsing attributes in process `syz.0.407'.
[  124.688152][  T980] usb usb40-port1: attempt power cycle
[  124.990954][   T29] usb usb46-port1: unable to enumerate USB device
[  125.438281][ T7738] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  125.565461][ T7738] netlink: 16 bytes leftover after parsing attributes in process `syz.4.413'.
[  125.569880][ T7738] netlink: 16 bytes leftover after parsing attributes in process `syz.4.413'.
[  125.988470][  T980] usb usb40-port1: unable to enumerate USB device
[  126.150354][ T7744] fuse: Invalid rootmode
[  126.395980][ T7750] random: crng reseeded on system resumption
[  127.669756][ T7780] 9pnet_fd: Insufficient options for proto=fd
[  127.861596][ T7788] netlink: 36 bytes leftover after parsing attributes in process `syz.3.427'.
[  127.889645][ T7786] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  127.891743][ T7786] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  127.895196][ T7786] vhci_hcd vhci_hcd.0: Device attached
[  127.902047][ T7786] netdevsim netdevsim0: Direct firmware load for @ failed with error -2
[  127.905297][ T7786] netdevsim netdevsim0: Falling back to sysfs fallback for: @
[  128.102009][ T7798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'.
[  128.105307][ T7798] netlink: 16 bytes leftover after parsing attributes in process `syz.3.429'.
[  128.127449][  T839] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  128.584254][ T7789] vhci_hcd: connection reset by peer
[  128.590269][   T41] vhci_hcd: stop threads
[  128.592279][   T41] vhci_hcd: release socket
[  128.594229][   T41] vhci_hcd: disconnect device
[  128.653893][ T7821] netlink: 12 bytes leftover after parsing attributes in process `syz.1.434'.
[  128.729239][ T7822] netlink: 'syz.1.434': attribute type 4 has an invalid length.
[  128.909769][ T7824] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.912552][ T7824] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.914825][ T7824] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.720536][ T7851] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  129.928708][ T7854] Unsupported ieee802154 address type: 0
[  130.004625][ T7865] qnx6: unable to read the first superblock
[  130.216163][ T7884] befs: (nbd4): No write support. Marking filesystem read-only
[  130.220167][ T7884] block nbd4: Attempted send on invalid socket
[  130.222434][ T7884] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  130.225596][ T7884] befs: (nbd4): unable to read superblock
[  130.450959][ T7890] sock: sock_set_timeout: `syz.1.455' (pid 7890) tries to set negative timeout
[  131.061162][ T7902] netlink: 209832 bytes leftover after parsing attributes in process `syz.4.458'.
[  131.147027][ T7909] trusted_key: syz.4.460 sent an empty control message without MSG_MORE.
[  131.246959][ T7913] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  131.253440][ T7913] overlayfs: NFS export requires an index dir, falling back to nfs_export=off.
[  131.257841][ T7913] netlink: 24 bytes leftover after parsing attributes in process `syz.1.461'.
[  131.533668][ T7925] netlink: 12 bytes leftover after parsing attributes in process `syz.3.466'.
[  132.150147][ T7948] kAFS: unable to lookup cell '�({^�@'
[  132.174009][ T7950] bridge4: entered promiscuous mode
[  132.200557][ T7954] netlink: 32 bytes leftover after parsing attributes in process `syz.4.476'.
[  132.201376][ T7953] fuse: Invalid rootmode
[  132.369316][ T7961] random: crng reseeded on system resumption
[  133.126441][ T7970] mmap: syz.1.480 (7970) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  133.207655][  T839] vhci_hcd: vhci_device speed not set
[  133.960258][ T7983] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  133.962842][ T7983] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  134.700863][ T7995] kAFS: unable to lookup cell '�({^�@'
[  135.008680][ T8002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.487'.
[  135.015628][ T8003] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  135.017743][ T8003] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  135.021581][ T8003] vhci_hcd vhci_hcd.0: Device attached
[  135.308250][ T8016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.488'.
[  135.311118][ T8016] lo: entered promiscuous mode
[  135.312610][ T8016] lo: entered allmulticast mode
[  135.315872][ T8016] tunl0: entered promiscuous mode
[  135.347308][ T8016] tunl0: entered allmulticast mode
[  135.349371][ T8016] gre0: entered promiscuous mode
[  135.351123][ T8016] gre0: entered allmulticast mode
[  135.353031][ T8016] gretap0: entered promiscuous mode
[  135.354727][ T8016] gretap0: entered allmulticast mode
[  135.356884][ T8016] erspan0: entered promiscuous mode
[  135.367429][  T980] usb 40-1: SetAddress Request (11) to port 0
[  135.369443][  T980] usb 40-1: new SuperSpeed USB device number 11 using vhci_hcd
[  135.387323][ T8016] erspan0: entered allmulticast mode
[  135.389479][ T8016] ip_vti0: entered promiscuous mode
[  135.397409][ T8016] ip_vti0: entered allmulticast mode
[  135.399578][ T8016] ip6_vti0: entered promiscuous mode
[  135.402823][ T8016] ip6_vti0: entered allmulticast mode
[  135.405629][ T8016] sit0: entered promiscuous mode
[  135.409806][ T8016] sit0: entered allmulticast mode
[  135.415148][ T8016] ip6tnl0: entered promiscuous mode
[  135.431695][ T8016] ip6tnl0: entered allmulticast mode
[  135.436041][ T8016] ip6gre0: entered promiscuous mode
[  135.439535][ T8016] ip6gre0: entered allmulticast mode
[  135.441647][ T8016] syz_tun: entered promiscuous mode
[  135.443439][ T8016] syz_tun: entered allmulticast mode
[  135.447779][ T8016] ip6gretap0: entered promiscuous mode
[  135.449584][ T8016] ip6gretap0: entered allmulticast mode
[  135.451802][ T8016] bridge0: entered promiscuous mode
[  135.453601][ T8016] bridge0: entered allmulticast mode
[  135.455678][ T8016] vcan0: entered promiscuous mode
[  135.458144][ T8016] vcan0: entered allmulticast mode
[  135.460932][ T8016] bond0: entered allmulticast mode
[  135.463017][ T8016] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.468173][ T8016] dummy0: entered promiscuous mode
[  135.470090][ T8016] dummy0: entered allmulticast mode
[  135.473377][ T8016] nlmon0: entered promiscuous mode
[  135.475334][ T8016] nlmon0: entered allmulticast mode
[  135.477867][ T8016] caif0: entered promiscuous mode
[  135.479551][ T8016] caif0: entered allmulticast mode
[  135.481215][ T8016] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  135.587671][ T8006] vhci_hcd: connection reset by peer
[  135.590352][   T41] vhci_hcd: stop threads
[  135.591760][   T41] vhci_hcd: release socket
[  135.593252][   T41] vhci_hcd: disconnect device
[  135.988860][ T8022] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:20002
[  137.090525][ T8056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.499'.
[  137.329209][ T8065] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  137.331356][ T8065] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  137.333858][ T8065] vhci_hcd vhci_hcd.0: Device attached
[  137.334136][ T8066] vhci_hcd: connection closed
[  137.349749][   T81] vhci_hcd: stop threads
[  137.354038][   T81] vhci_hcd: release socket
[  137.355727][   T81] vhci_hcd: disconnect device
[  137.374008][ T8071] netlink: 'syz.4.503': attribute type 29 has an invalid length.
[  137.550539][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  137.552369][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  137.846042][ T8078] netlink: 'syz.0.505': attribute type 10 has an invalid length.
[  137.849288][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.852311][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.858072][ T8078] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.860160][ T8078] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.862578][ T8078] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.864829][ T8078] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.870222][ T8078] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  137.876645][ T8078] netlink: 210968 bytes leftover after parsing attributes in process `syz.0.505'.
[  137.882000][ T8078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.505'.
[  137.884923][ T8078] bridge_slave_1: left allmulticast mode
[  137.886691][ T8078] bridge_slave_1: left promiscuous mode
[  137.889355][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.893058][ T8078] bridge_slave_0: left allmulticast mode
[  137.894877][ T8078] bridge_slave_0: left promiscuous mode
[  137.896787][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.910138][ T8078] bond0: (slave bridge0): Releasing backup interface
[  138.211812][ T8107] syz.0.510 (8107): drop_caches: 2
[  138.327811][ T8112] batadv_slave_1: entered promiscuous mode
[  139.157493][ T8111] batadv_slave_1: left promiscuous mode
[  139.879563][ T8131] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  139.882603][ T8131] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  139.884718][ T8131] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  139.886646][ T8131] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  139.890360][ T8131] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  139.891796][   T40] audit: type=1326 audit(1756315532.614:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8147 comm="syz.1.521" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe5579 code=0x0
[  139.902904][ T8146] input: syz0 as /devices/virtual/input/input14
[  139.905419][ T8146] input: failed to attach handler leds to device input14, error: -6
[  139.968185][ T8159] overlayfs: overlapping lowerdir path
[  140.030889][ T8162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.525'.
[  140.426969][ T8171] wg2: entered allmulticast mode
[  140.427429][  T980] usb 40-1: device descriptor read/8, error -110
[  140.432628][ T8172] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  140.434733][ T8172] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  140.437585][ T8172] vhci_hcd vhci_hcd.0: Device attached
[  140.717609][   T70] usb 46-1: SetAddress Request (6) to port 0
[  140.720016][   T70] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  140.780731][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.1.530'.
[  140.833645][  T980] usb usb40-port1: attempt power cycle
[  140.864840][ T8173] vhci_hcd: connection reset by peer
[  140.866783][ T1142] vhci_hcd: stop threads
[  140.868346][ T1142] vhci_hcd: release socket
[  140.870020][ T1142] vhci_hcd: disconnect device
[  141.232003][ T5989] Bluetooth: hci1: command 0x0c1a tx timeout
[  141.708055][  T980] usb usb40-port1: unable to enumerate USB device
[  141.947596][ T5996] Bluetooth: hci3: command 0x0c1a tx timeout
[  141.949604][ T5989] Bluetooth: hci4: command 0x0c1a tx timeout
[  142.096699][ T8210] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  142.098905][ T8210] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  142.105167][ T8210] vhci_hcd vhci_hcd.0: Device attached
[  142.387495][  T980] usb 40-1: SetAddress Request (15) to port 0
[  142.390501][  T980] usb 40-1: new SuperSpeed USB device number 15 using vhci_hcd
[  142.662174][ T8211] vhci_hcd: connection reset by peer
[  142.664520][   T41] vhci_hcd: stop threads
[  142.666081][   T41] vhci_hcd: release socket
[  142.671134][   T41] vhci_hcd: disconnect device
[  143.034340][ T8240] netlink: 24 bytes leftover after parsing attributes in process `syz.3.541'.
[  143.371953][ T8247] sp0: Synchronizing with TNC
[  143.376074][ T8246] [U] �
[  143.885770][  T838] libceph: connect (1)[c::]:6789 error -101
[  143.887871][  T838] libceph: mon0 (1)[c::]:6789 connect error
[  144.017375][ T5989] Bluetooth: hci4: command 0x0c1a tx timeout
[  144.148813][  T838] libceph: connect (1)[c::]:6789 error -101
[  144.150868][  T838] libceph: mon0 (1)[c::]:6789 connect error
[  144.446169][ T8279] netlink: 72 bytes leftover after parsing attributes in process `syz.3.550'.
[  144.450613][ T8279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.550'.
[  144.455329][ T8279] netlink: 20 bytes leftover after parsing attributes in process `syz.3.550'.
[  144.549882][ T8270] ceph: No mds server is up or the cluster is laggy
[  144.720631][ T8281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.551'.
[  144.836852][ T8285] erspan0: entered promiscuous mode
[  144.838663][ T8291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.555'.
[  144.841188][ T8285] batman_adv: batadv0: Adding interface: macvlan2
[  144.843831][ T8291] netlink: 104 bytes leftover after parsing attributes in process `syz.4.555'.
[  144.844311][ T8285] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1450) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.848401][ T8291] netlink: 104 bytes leftover after parsing attributes in process `syz.4.555'.
[  144.855805][ T8285] batman_adv: batadv0: Interface activated: macvlan2
[  144.914780][ T8301] netlink: 'syz.0.559': attribute type 10 has an invalid length.
[  144.925696][ T8301] 8021q: adding VLAN 0 to HW filter on device team0
[  144.931066][ T8301] bond0: (slave team0): Enslaving as an active interface with an up link
[  144.941757][ T8301] vlan2: entered promiscuous mode
[  144.943755][ T8301] team0: entered promiscuous mode
[  144.945368][ T8301] team_slave_0: entered promiscuous mode
[  144.947426][ T8301] team_slave_1: entered promiscuous mode
[  144.949381][ T8301] vlan2: entered allmulticast mode
[  144.951011][ T8301] team0: entered allmulticast mode
[  144.952638][ T8301] team_slave_0: entered allmulticast mode
[  144.954727][ T8301] team_slave_1: entered allmulticast mode
[  144.960014][ T8301] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  145.777473][   T70] usb 46-1: device descriptor read/8, error -110
[  146.097506][ T5989] Bluetooth: hci4: command 0x0c1a tx timeout
[  146.201677][   T70] usb usb46-port1: attempt power cycle
[  146.596391][ T8324] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.813763][   T70] usb usb46-port1: unable to enumerate USB device
[  146.842587][ T8324] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.949778][ T8324] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.073444][ T8324] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.160454][   T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.170205][   T13] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.177422][   T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.185060][   T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.467534][  T980] usb 40-1: device descriptor read/8, error -110
[  147.617056][ T8352] __nla_validate_parse: 2 callbacks suppressed
[  147.617066][ T8352] netlink: 148 bytes leftover after parsing attributes in process `syz.0.569'.
[  147.878555][  T980] usb usb40-port1: attempt power cycle
[  148.380829][   T40] audit: type=1326 audit(1756315541.104:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.576" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x0
[  148.468291][  T980] usb usb40-port1: unable to enumerate USB device
[  148.947383][  T980] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  149.108354][  T980] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  149.111860][  T980] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  149.115064][  T980] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  149.118171][  T980] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.124396][ T8385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  149.129480][  T980] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  149.372086][  T980] usb 6-1: USB disconnect, device number 3
[  150.955010][ T8434] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=35 (70 ns) > initial count (64 ns). Using initial count to start timer.
[  151.023444][ T5989] Bluetooth: hci3: unexpected event for opcode 0x0008
[  151.028180][ T8444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.597'.
[  152.171285][ T8471] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  152.180865][ T8471] CIFS mount error: No usable UNC path provided in device string!
[  152.180865][ T8471] 
[  152.184889][ T8471] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  152.195247][ T8475] program syz.3.607 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.204869][ T8471] macsec1: entered allmulticast mode
[  152.205278][ T8473] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  152.206634][ T8471] macsec0: entered allmulticast mode
[  152.209091][ T8473] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  152.209764][ T8473] vhci_hcd vhci_hcd.0: Device attached
[  152.213062][ T8471] veth1_macvtap: entered allmulticast mode
[  152.479506][ T8482] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  152.481618][ T8482] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  152.484995][ T8482] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  152.528951][ T8490] comedi comedi0: pcmda12: I/O port conflict (0x3,16)
[  152.540444][  T980] usb 46-1: SetAddress Request (10) to port 0
[  152.542699][  T980] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  152.879165][ T8476] vhci_hcd: connection reset by peer
[  152.887618][ T1150] vhci_hcd: stop threads
[  152.889190][ T1150] vhci_hcd: release socket
[  152.891327][ T1150] vhci_hcd: disconnect device
[  153.439443][ T8530] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  153.442434][ T8530] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  153.819198][ T5989] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  154.091696][ T8561] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  154.094110][ T8561] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  154.097268][ T8561] vhci_hcd vhci_hcd.0: Device attached
[  154.394312][   T70] usb 44-1: SetAddress Request (10) to port 0
[  154.396494][   T70] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  154.452253][ T8568] autofs4:pid:8568:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  154.617480][ T8574] input: syz1 as /devices/virtual/input/input16
[  154.620187][ T8574] input: failed to attach handler leds to device input16, error: -6
[  154.627879][ T8574] overlayfs: upper fs does not support file handles, falling back to index=off.
[  154.631206][ T8574] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  154.636115][ T5996] Bluetooth: hci4: command 0x0c1a tx timeout
[  154.638913][ T5986] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.638946][ T5986] Bluetooth: hci1: command 0x0c1a tx timeout
[  154.777337][ T8563] vhci_hcd: connection reset by peer
[  154.780852][   T13] vhci_hcd: stop threads
[  154.782462][   T13] vhci_hcd: release socket
[  154.784202][   T13] vhci_hcd: disconnect device
[  154.824128][ T8580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.636'.
[  155.382893][ T8588] FAULT_INJECTION: forcing a failure.
[  155.382893][ T8588] name failslab, interval 1, probability 0, space 0, times 0
[  155.388163][ T8588] CPU: 1 UID: 0 PID: 8588 Comm: syz.0.638 Not tainted syzkaller #0 PREEMPT(full) 
[  155.388178][ T8588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.388184][ T8588] Call Trace:
[  155.388188][ T8588]  <TASK>
[  155.388192][ T8588]  dump_stack_lvl+0x16c/0x1f0
[  155.388231][ T8588]  should_fail_ex+0x512/0x640
[  155.388249][ T8588]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  155.388264][ T8588]  should_failslab+0xc2/0x120
[  155.388278][ T8588]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  155.388290][ T8588]  ? getname_flags.part.0+0x4c/0x550
[  155.388309][ T8588]  getname_flags.part.0+0x4c/0x550
[  155.388324][ T8588]  ? __pfx_ksys_write+0x10/0x10
[  155.388337][ T8588]  getname_flags+0x93/0xf0
[  155.388349][ T8588]  __ia32_sys_unlinkat+0xb4/0x130
[  155.388363][ T8588]  __do_fast_syscall_32+0x7c/0x3a0
[  155.388384][ T8588]  do_fast_syscall_32+0x32/0x80
[  155.388398][ T8588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.388412][ T8588] RIP: 0023:0xf70fe579
[  155.388420][ T8588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.388430][ T8588] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 000000000000012d
[  155.388440][ T8588] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[  155.388446][ T8588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  155.388452][ T8588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.388458][ T8588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.388464][ T8588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.388476][ T8588]  </TASK>
[  156.758929][ T8604] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.761454][ T8604] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.819523][ T8604] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.825944][ T8604] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.859464][ T5996] Bluetooth: hci4: command 0x0c1a tx timeout
[  156.922464][ T1141] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  156.942263][ T1141] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  156.945227][ T1141] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  156.948496][ T1141] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  156.978844][ T8614] netlink: 4 bytes leftover after parsing attributes in process `syz.1.646'.
[  157.130838][ T8620] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=35 (70 ns) > initial count (64 ns). Using initial count to start timer.
[  157.191844][ T8622] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  157.194054][ T8622] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  157.198078][ T8622] vhci_hcd vhci_hcd.0: Device attached
[  157.922678][ T8623] vhci_hcd: connection closed
[  157.925759][ T1150] vhci_hcd: stop threads
[  157.929397][ T1150] vhci_hcd: release socket
[  157.931120][ T1150] vhci_hcd: disconnect device
[  157.982050][  T980] usb 46-1: device descriptor read/8, error -110
[  158.331662][ T8641] Illegal XDP return value 4294967274 on prog  (id 265) dev N/A, expect packet loss!
[  158.624116][  T980] usb usb46-port1: attempt power cycle
[  158.686759][ T8659] netlink: 'syz.1.657': attribute type 1 has an invalid length.
[  158.689398][ T8659] netlink: 224 bytes leftover after parsing attributes in process `syz.1.657'.
[  159.118822][   T40] audit: type=1800 audit(1756315551.228:120): pid=8675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.661" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  159.425788][  T980] usb usb46-port1: unable to enumerate USB device
[  159.900273][   T70] usb 44-1: device descriptor read/8, error -110
[  160.343413][   T70] usb usb44-port1: attempt power cycle
[  160.899976][ T8700] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  160.902116][ T8700] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  160.905182][ T8700] vhci_hcd vhci_hcd.0: Device attached
[  161.073988][   T70] usb usb44-port1: unable to enumerate USB device
[  161.254158][ T7062] usb 38-1: SetAddress Request (6) to port 0
[  161.256880][ T7062] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[  161.587218][ T8701] vhci_hcd: connection reset by peer
[  161.589188][   T81] vhci_hcd: stop threads
[  161.590612][   T81] vhci_hcd: release socket
[  161.592182][   T81] vhci_hcd: disconnect device
[  162.037224][ T8709] tipc: Started in network mode
[  162.039388][ T8709] tipc: Node identity 5e6f473a3879, cluster identity 4711
[  162.042794][ T8709] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  162.048884][ T8709] syzkaller0: entered promiscuous mode
[  162.051235][ T8709] syzkaller0: entered allmulticast mode
[  162.135129][ T8709] tipc: Resetting bearer <eth:syzkaller0>
[  162.142001][ T8709] netlink: 'syz.1.679': attribute type 39 has an invalid length.
[  162.148959][ T8709] veth0_macvtap: left promiscuous mode
[  162.255264][ T8714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.671'.
[  162.259339][ T8714] openvswitch: netlink: nsh attr 0 has unexpected len 7 expected 0
[  162.262123][ T8714] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  162.301446][ T8708] tipc: Resetting bearer <eth:syzkaller0>
[  162.314548][ T8708] tipc: Disabling bearer <eth:syzkaller0>
[  162.846286][ T6057] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  163.029063][ T8738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.680'.
[  163.032846][ T8738] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'.
[  163.040359][ T6057] usb 6-1: config 4 has an invalid interface number: 128 but max is 1
[  163.043771][ T6057] usb 6-1: config 4 has an invalid interface number: 233 but max is 1
[  163.046547][ T6057] usb 6-1: config 4 has no interface number 0
[  163.048486][ T6057] usb 6-1: config 4 has no interface number 1
[  163.051960][ T6057] usb 6-1: config 4 interface 128 altsetting 4 bulk endpoint 0xB has invalid maxpacket 1015
[  163.055781][ T6057] usb 6-1: config 4 interface 128 altsetting 4 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  163.059361][ T6057] usb 6-1: config 4 interface 233 altsetting 255 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  163.068673][ T6057] usb 6-1: config 4 interface 233 altsetting 255 endpoint 0xC has an invalid bInterval 128, changing to 7
[  163.072861][ T6057] usb 6-1: config 4 interface 233 altsetting 255 endpoint 0xE has invalid maxpacket 512, setting to 64
[  163.077127][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0x6, skipping
[  163.082555][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0xC, skipping
[  163.086888][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0xA, skipping
[  163.091078][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0xA, skipping
[  163.097181][ T6057] usb 6-1: config 4 interface 233 altsetting 255 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  163.101501][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0xE, skipping
[  163.105886][ T6057] usb 6-1: config 4 interface 233 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  163.109833][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has an endpoint descriptor with address 0xA3, changing to 0x83
[  163.114917][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0xE, skipping
[  163.120571][ T6057] usb 6-1: config 4 interface 233 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[  163.124864][ T6057] usb 6-1: config 4 interface 128 has no altsetting 0
[  163.127434][ T6057] usb 6-1: config 4 interface 233 has no altsetting 0
[  163.131643][ T6057] usb 6-1: New USB device found, idVendor=0582, idProduct=0060, bcdDevice=6c.02
[  163.135298][ T6057] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.138483][ T6057] usb 6-1: Product: 龡箾銀뮰辺犓恳ꥻ⣨诺๛릡営ⵐ꫺菲樌썇✢눶뱏毛散뗬嬾഻ᎋ묊잵엕勍矕迬䠿﹢ಥ⃛鼱㾛婔祉燿褠壧冤鍳ℷ뼺컜痍撚䑈ޒ熡໹ᔇ꣞᧕馾⒏们͇ꭀ뽩ؤ꘷䟫Â썌鎀᫵ꮏ㺁奋┴⿼絫༌ᬹĨ솫枞窺탱Ợ榺ଁ螶ᖋ鲝譄覀觔猦悧ਁ滛繓
[  163.150093][ T6057] usb 6-1: Manufacturer: 갵烞钔৊뼐
[  163.154441][ T8729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  163.263524][ T8742] netlink: 'syz.3.681': attribute type 30 has an invalid length.
[  163.267494][ T8742] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  163.270445][ T8742] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  163.411485][ T6057] usb 6-1: USB disconnect, device number 4
[  163.563563][ T8751] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.566808][ T8751] batadv_slave_0: entered promiscuous mode
[  163.620216][ T8754] tipc: Started in network mode
[  163.622135][ T8754] tipc: Node identity 080211000001, cluster identity 4711
[  163.624699][ T8754] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  163.632736][ T8754] mac80211_hwsim hwsim5 syzkaller0: entered promiscuous mode
[  163.635358][ T8754] mac80211_hwsim hwsim5 syzkaller0: entered allmulticast mode
[  163.656577][ T8754] tipc: Resetting bearer <eth:syzkaller0>
[  163.662450][ T8754] netlink: 'syz.0.684': attribute type 39 has an invalid length.
[  163.666231][ T8754] veth0_macvtap: left allmulticast mode
[  163.668056][ T8754] veth0_macvtap: left promiscuous mode
[  163.814173][   T40] audit: type=1326 audit(1756315555.643:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.825963][   T40] audit: type=1326 audit(1756315555.643:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.836906][   T40] audit: type=1326 audit(1756315555.652:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.843762][   T40] audit: type=1326 audit(1756315555.652:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.850196][   T40] audit: type=1326 audit(1756315555.652:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.857018][   T40] audit: type=1326 audit(1756315555.652:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.864514][   T40] audit: type=1326 audit(1756315555.652:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.871016][   T40] audit: type=1326 audit(1756315555.652:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  163.879986][   T40] audit: type=1326 audit(1756315555.652:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8755 comm="syz.0.686" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  164.064345][ T8764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.689'.
[  164.070000][ T8764] netlink: 12 bytes leftover after parsing attributes in process `syz.0.689'.
[  164.205043][ T5989] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  164.209429][ T5989] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  164.212603][ T5989] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  164.217268][ T5989] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  164.220879][ T8771] veth0_to_bridge: entered promiscuous mode
[  164.221404][ T5989] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  164.232366][ T8777] veth0_to_bridge: left promiscuous mode
[  164.251971][ T8783] Bluetooth: MGMT ver 1.23
[  164.349680][   T81] bridge_slave_1: left allmulticast mode
[  164.351469][   T81] bridge_slave_1: left promiscuous mode
[  164.353767][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.357338][   T81] bridge_slave_0: left allmulticast mode
[  164.359420][   T81] bridge_slave_0: left promiscuous mode
[  164.361486][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.513905][   T29] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  164.684980][   T29] usb 5-1: Using ep0 maxpacket: 16
[  164.691012][   T29] usb 5-1: config 6 has an invalid interface number: 168 but max is 2
[  164.693567][   T29] usb 5-1: config 6 has an invalid interface number: 105 but max is 2
[  164.696147][   T29] usb 5-1: config 6 has an invalid interface number: 103 but max is 2
[  164.698853][   T29] usb 5-1: config 6 has no interface number 0
[  164.700757][   T29] usb 5-1: config 6 has no interface number 1
[  164.702770][   T29] usb 5-1: config 6 has no interface number 2
[  164.704748][   T29] usb 5-1: config 6 interface 168 altsetting 5 bulk endpoint 0x6 has invalid maxpacket 8
[  164.708655][   T29] usb 5-1: config 6 interface 168 altsetting 5 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  164.711939][   T29] usb 5-1: config 6 interface 168 altsetting 5 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  164.715225][   T29] usb 5-1: config 6 interface 168 altsetting 5 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  164.718696][   T29] usb 5-1: config 6 interface 168 altsetting 5 has a duplicate endpoint with address 0xB, skipping
[  164.719756][  T838] tipc: Node number set to 134418688
[  164.721983][   T29] usb 5-1: config 6 interface 168 altsetting 5 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  164.722005][   T29] usb 5-1: config 6 interface 105 altsetting 1 has a duplicate endpoint with address 0x6, skipping
[  164.730822][   T29] usb 5-1: config 6 interface 105 altsetting 1 has a duplicate endpoint with address 0x1, skipping
[  164.734118][   T29] usb 5-1: config 6 interface 105 altsetting 1 bulk endpoint 0x9 has invalid maxpacket 16
[  164.737175][   T29] usb 5-1: config 6 interface 105 altsetting 1 has a duplicate endpoint with address 0xB, skipping
[  164.740514][   T29] usb 5-1: config 6 interface 105 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[  164.743837][   T29] usb 5-1: config 6 interface 105 altsetting 1 bulk endpoint 0xE has invalid maxpacket 8
[  164.746967][   T29] usb 5-1: config 6 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  164.750452][   T29] usb 5-1: config 6 interface 105 altsetting 1 endpoint 0x4 has an invalid bInterval 64, changing to 7
[  164.753972][   T29] usb 5-1: config 6 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  164.757326][   T29] usb 5-1: config 6 interface 103 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[  164.760716][   T29] usb 5-1: config 6 interface 103 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[  164.764084][   T29] usb 5-1: config 6 interface 168 has no altsetting 0
[  164.766144][   T29] usb 5-1: config 6 interface 105 has no altsetting 0
[  164.768253][   T29] usb 5-1: config 6 interface 103 has no altsetting 0
[  164.772211][   T29] usb 5-1: New USB device found, idVendor=13d3, idProduct=3359, bcdDevice=6c.bd
[  164.775241][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.777714][   T29] usb 5-1: Product: syz
[  164.779056][   T29] usb 5-1: Manufacturer: ѐ懪뷊켇儎뿨뎉⭻ྑ斿悳ⱡ鞿掸ﳧ둲틜
[  164.781876][   T29] usb 5-1: SerialNumber: syz
[  164.788281][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.788309][ T8780] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  164.795809][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.799833][   T81] bond0 (unregistering): Released all slaves
[  164.816348][ T8774] chnl_net:caif_netlink_parms(): no params data found
[  164.888645][   T81] : left promiscuous mode
[  164.900685][ T8774] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.902983][ T8774] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.905215][ T8774] bridge_slave_0: entered allmulticast mode
[  164.907801][ T8774] bridge_slave_0: entered promiscuous mode
[  164.912187][ T8774] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.914458][ T8774] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.916666][ T8774] bridge_slave_1: entered allmulticast mode
[  164.919206][ T8774] bridge_slave_1: entered promiscuous mode
[  164.953306][ T8774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.958529][ T8774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.993040][   T81] tipc: Left network mode
[  164.994769][ T8774] team0: Port device team_slave_0 added
[  165.002325][ T8774] team0: Port device team_slave_1 added
[  165.021850][   T29] usb 5-1: USB disconnect, device number 6
[  165.054923][ T8774] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.057064][ T8774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.065020][ T8774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.069147][ T8774] batman_adv: batadv0: Adding interface: batadv_slave_1
[  165.071392][ T8774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.079183][ T8774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  165.119059][ T8804] netlink: 120 bytes leftover after parsing attributes in process `syz.1.700'.
[  165.127509][ T8774] hsr_slave_0: entered promiscuous mode
[  165.130747][ T8774] hsr_slave_1: entered promiscuous mode
[  165.144426][ T8804] nvme_fabrics: missing parameter 'transport=%s'
[  165.147252][ T8804] nvme_fabrics: missing parameter 'nqn=%s'
[  165.297081][ T8809] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  165.299122][ T8809] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  165.301640][ T8809] vhci_hcd vhci_hcd.0: Device attached
[  165.318039][ T8813] vhci_hcd: connection closed
[  165.318200][ T1150] vhci_hcd: stop threads
[  165.321071][ T1150] vhci_hcd: release socket
[  165.322466][ T1150] vhci_hcd: disconnect device
[  165.406425][ T8805] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  165.425817][   T81] hsr_slave_0: left promiscuous mode
[  165.428193][   T81] hsr_slave_1: left promiscuous mode
[  165.430273][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.433018][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.434465][ T5989] Bluetooth: hci1: unexpected event 0x04 length: 6 < 10
[  165.988920][   T29] IPVS: starting estimator thread 0...
[  166.157902][ T8837] IPVS: using max 46 ests per chain, 110400 per kthread
[  166.288256][   T81] team0 (unregistering): Port device team_slave_1 removed
[  166.350270][   T81] team0 (unregistering): Port device team_slave_0 removed
[  166.441263][ T5989] Bluetooth: hci0: command tx timeout
[  166.705653][ T7062] usb 38-1: device descriptor read/8, error -110
[  166.878857][ T8774] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  166.889615][ T8774] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  166.893805][ T8774] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  166.901036][ T8774] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  166.953662][ T8774] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.963478][ T8774] 8021q: adding VLAN 0 to HW filter on device team0
[  166.968483][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.970743][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.979294][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.981790][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.014137][ T8774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  167.127097][ T8774] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.134897][ T7062] usb usb38-port1: attempt power cycle
[  167.165647][ T8874] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  167.167759][ T8874] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  167.170526][ T8874] vhci_hcd vhci_hcd.0: Device attached
[  167.279668][ T8774] veth0_vlan: entered promiscuous mode
[  167.286479][ T8774] veth1_vlan: entered promiscuous mode
[  167.294888][ T7062] usb 38-1: SetAddress Request (8) to port 0
[  167.303623][ T8774] veth0_macvtap: entered promiscuous mode
[  167.309327][ T8774] veth1_macvtap: entered promiscuous mode
[  167.322492][ T7062] usb 38-1: new SuperSpeed USB device number 8 using vhci_hcd
[  167.324538][ T8774] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.342815][ T8774] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.354249][   T41] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.361213][   T41] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.367450][   T41] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.376333][   T41] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.402654][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.412996][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.438153][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.440699][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.815694][ T8875] vhci_hcd: connection reset by peer
[  167.819904][   T12] vhci_hcd: stop threads
[  167.821325][   T12] vhci_hcd: release socket
[  167.822904][   T12] vhci_hcd: disconnect device
[  168.476189][   T40] kauditd_printk_skb: 253 callbacks suppressed
[  168.476200][   T40] audit: type=1326 audit(1756315560.002:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.487700][   T40] audit: type=1326 audit(1756315560.011:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.494804][   T40] audit: type=1326 audit(1756315560.011:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.501196][   T40] audit: type=1326 audit(1756315560.011:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.507923][   T40] audit: type=1326 audit(1756315560.011:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.521352][   T40] audit: type=1326 audit(1756315560.011:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  168.587874][ T8933] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.672802][ T5989] Bluetooth: hci0: command tx timeout
[  168.698066][ T8938] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  168.700665][ T8938] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  168.704110][ T8938] vhci_hcd vhci_hcd.0: Device attached
[  168.801096][ T6910] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  168.963850][ T8944] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  168.965929][ T8944] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  168.968718][ T8944] vhci_hcd vhci_hcd.0: Device attached
[  168.973346][ T6910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.976667][ T6910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.979763][ T6910] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  168.983962][ T6910] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  168.986837][ T6910] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.992867][ T6910] usb 6-1: config 0 descriptor??
[  169.260602][   T70] usb 48-1: SetAddress Request (2) to port 0
[  169.263757][   T70] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  169.337701][ T8939] vhci_hcd: connection closed
[  169.337932][ T1150] vhci_hcd: stop threads
[  169.341109][ T1150] vhci_hcd: release socket
[  169.343139][ T1150] vhci_hcd: disconnect device
[  169.430215][ T6910] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  169.639381][ T8945] vhci_hcd: connection reset by peer
[  169.642517][   T41] vhci_hcd: stop threads
[  169.643929][   T41] vhci_hcd: release socket
[  169.645867][   T41] vhci_hcd: disconnect device
[  169.703998][  T839] usb 6-1: USB disconnect, device number 5
[  169.742475][ T8951] netlink: 12 bytes leftover after parsing attributes in process `syz.3.719'.
[  170.187653][ T8956] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  170.189773][ T8956] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  170.192773][ T8956] vhci_hcd vhci_hcd.0: Device attached
[  170.652434][ T8969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.724'.
[  170.654772][ T8978] fuse: Bad value for 'user_id'
[  170.658841][ T8978] fuse: Bad value for 'user_id'
[  170.859032][ T8957] vhci_hcd: connection closed
[  170.859467][   T12] vhci_hcd: stop threads
[  170.863251][   T12] vhci_hcd: release socket
[  170.865545][   T12] vhci_hcd: disconnect device
[  170.896264][ T5996] Bluetooth: hci0: command tx timeout
[  170.922103][ T8982] netlink: 'syz.3.727': attribute type 10 has an invalid length.
[  170.924661][ T8982] netlink: 156 bytes leftover after parsing attributes in process `syz.3.727'.
[  171.552164][ T8992] sp0: Synchronizing with TNC
[  171.690104][ T8998] netlink: 'syz.1.731': attribute type 14 has an invalid length.
[  172.120182][ T8990] [U] �`
[  172.590808][ T9024] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.593208][ T9024] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.682908][ T9024] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.685261][ T9024] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.836817][ T7062] usb 38-1: device descriptor read/8, error -110
[  172.933764][ T9038] netlink: 'syz.3.736': attribute type 4 has an invalid length.
[  172.999837][ T9039] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  173.002587][ T9039] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  173.017165][ T9039] vhci_hcd vhci_hcd.0: Device attached
[  173.110863][ T5996] Bluetooth: hci0: command 0x0419 tx timeout
[  173.483483][ T7062] usb 38-1: SetAddress Request (9) to port 0
[  173.485550][ T7062] usb 38-1: new SuperSpeed USB device number 9 using vhci_hcd
[  173.828125][ T9040] vhci_hcd: connection reset by peer
[  173.830038][   T13] vhci_hcd: stop threads
[  173.831410][   T13] vhci_hcd: release socket
[  173.832997][   T13] vhci_hcd: disconnect device
[  174.659275][   T70] usb 48-1: device descriptor read/8, error -110
[  174.668027][   T40] audit: type=1326 audit(1756315565.792:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9060 comm="syz.0.744" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffb0000
[  174.862194][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.865797][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.077174][   T70] usb usb48-port1: attempt power cycle
[  175.343597][ T5989] Bluetooth: hci0: command 0x0419 tx timeout
[  175.707590][   T70] usb usb48-port1: unable to enumerate USB device
[  175.759673][   T40] audit: type=1800 audit(1756315566.811:390): pid=9087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.752" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  175.832322][ T9082] netlink: 48 bytes leftover after parsing attributes in process `syz.3.749'.
[  176.223637][ T9101] program syz.3.762 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  176.557229][ T1111] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  176.560452][ T1111] ata1: failed to read log page 10h (errno=-5)
[  176.563697][ T1111] ata1.00: exception Emask 0x1 SAct 0x400000 SErr 0x0 action 0x0
[  176.567350][ T1111] ata1.00: irq_stat 0x40000000
[  176.569575][ T1111] ata1.00: failed command: WRITE FPDMA QUEUED
[  176.572225][ T1111] ata1.00: cmd 61/00:b0:1e:6f:09/01:00:00:00:00/40 tag 22 ncq dma 131072 out
[  176.572225][ T1111]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  176.580415][ T1111] ata1.00: status: { DRDY }
[  176.582727][ T1111] ata1.00: error: { ABRT }
[  176.590375][ T1111] ata1.00: configured for UDMA/100
[  176.593573][ T1111] ata1: EH complete
[  177.879768][ T9134] trusted_key: encrypted_key: key trusted:syz not found
[  178.028433][ T9138] netdevsim netdevsim5 : renamed from netdevsim0 (while UP)
[  178.232685][   T40] audit: type=1800 audit(1756315569.122:391): pid=9146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.766" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  178.924941][ T7062] usb 38-1: device descriptor read/8, error -110
[  179.042555][ T7062] usb usb38-port1: unable to enumerate USB device
[  179.255051][ T9172] netlink: 'syz.1.773': attribute type 4 has an invalid length.
[  179.438996][ T5989] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  179.439573][ T5996] Bluetooth: hci4: command 0x1003 tx timeout
[  180.264167][ T9202] netlink: 32 bytes leftover after parsing attributes in process `syz.5.784'.
[  180.770519][   T41] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.774441][   T41] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.796305][   T41] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.799229][   T41] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  181.437431][ T9229] random: crng reseeded on system resumption
[  181.468924][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  181.469460][ T9233] netlink: 4 bytes leftover after parsing attributes in process `syz.5.793'.
[  181.635560][   T40] audit: type=1326 audit(1756315572.312:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.645118][   T40] audit: type=1326 audit(1756315572.312:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.655304][   T40] audit: type=1326 audit(1756315572.321:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.655882][ T9239] netlink: 8 bytes leftover after parsing attributes in process `syz.5.795'.
[  181.662287][   T40] audit: type=1326 audit(1756315572.321:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662316][   T40] audit: type=1326 audit(1756315572.321:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662336][   T40] audit: type=1326 audit(1756315572.321:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662356][   T40] audit: type=1326 audit(1756315572.321:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662376][   T40] audit: type=1326 audit(1756315572.330:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662397][   T40] audit: type=1326 audit(1756315572.330:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  181.662417][   T40] audit: type=1326 audit(1756315572.330:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9236 comm="syz.5.795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  183.661564][ T9262] overlayfs: missing 'lowerdir'
[  184.174732][ T9285] wireguard1: entered promiscuous mode
[  184.176605][ T9285] wireguard1: entered allmulticast mode
[  185.163582][ T9307] trusted_key: encrypted_key: insufficient parameters specified
[  185.175295][ T9309] fuse: Unknown parameter '��0xffffffffffffffff'
[  185.194572][ T9307] mkiss: ax0: crc mode is auto.
[  185.214792][ T9312] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  185.218219][ T9316] usb 2-1: USB disconnect, device number 3
[  185.315641][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.5.816'.
[  185.347469][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.5.816'.
[  185.371766][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.5.816'.
[  185.409527][ T9333] syz.0.821: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[  185.415551][ T9333] CPU: 1 UID: 0 PID: 9333 Comm: syz.0.821 Not tainted syzkaller #0 PREEMPT(full) 
[  185.415567][ T9333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.415575][ T9333] Call Trace:
[  185.415579][ T9333]  <TASK>
[  185.415584][ T9333]  dump_stack_lvl+0x16c/0x1f0
[  185.415625][ T9333]  warn_alloc+0x248/0x3a0
[  185.415644][ T9333]  ? __pfx_warn_alloc+0x10/0x10
[  185.415657][ T9333]  ? __pfx_stack_trace_save+0x10/0x10
[  185.415674][ T9333]  ? kasan_save_stack+0x42/0x60
[  185.415688][ T9333]  ? kasan_save_stack+0x33/0x60
[  185.415701][ T9333]  ? kasan_save_track+0x14/0x30
[  185.415713][ T9333]  ? xskq_create+0x52/0x1d0
[  185.415727][ T9333]  ? xsk_setsockopt+0x74e/0x9a0
[  185.415737][ T9333]  ? do_sock_setsockopt+0xf3/0x1d0
[  185.415755][ T9333]  ? xskq_create+0xfb/0x1d0
[  185.415767][ T9333]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  185.415783][ T9333]  ? xskq_create+0xfb/0x1d0
[  185.415798][ T9333]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  185.415813][ T9333]  ? xskq_create+0xfb/0x1d0
[  185.415825][ T9333]  vmalloc_user_noprof+0x9e/0xe0
[  185.415835][ T9333]  ? xskq_create+0xfb/0x1d0
[  185.415847][ T9333]  xskq_create+0xfb/0x1d0
[  185.415860][ T9333]  xsk_setsockopt+0x74e/0x9a0
[  185.415870][ T9333]  ? __pfx_aa_sk_perm+0x10/0x10
[  185.415886][ T9333]  ? __pfx_xsk_setsockopt+0x10/0x10
[  185.415896][ T9333]  ? find_held_lock+0x2b/0x80
[  185.415909][ T9333]  ? aa_sock_opt_perm+0xfd/0x1c0
[  185.415920][ T9333]  ? __pfx_xsk_setsockopt+0x10/0x10
[  185.415932][ T9333]  do_sock_setsockopt+0xf3/0x1d0
[  185.415950][ T9333]  __sys_setsockopt+0x120/0x1a0
[  185.415966][ T9333]  __ia32_sys_setsockopt+0xbc/0x160
[  185.415979][ T9333]  ? lockdep_hardirqs_on+0x7c/0x110
[  185.415993][ T9333]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  185.416008][ T9333]  __do_fast_syscall_32+0x7c/0x3a0
[  185.416024][ T9333]  do_fast_syscall_32+0x32/0x80
[  185.416040][ T9333]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  185.416059][ T9333] RIP: 0023:0xf70fe579
[  185.416069][ T9333] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  185.416080][ T9333] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  185.416092][ T9333] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[  185.416099][ T9333] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  185.416105][ T9333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.416112][ T9333] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  185.416119][ T9333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  185.416134][ T9333]  </TASK>
[  185.416138][ T9333] Mem-Info:
[  185.479484][ T9337] netlink: 'syz.5.822': attribute type 15 has an invalid length.
[  185.481714][ T9333] active_anon:5538 inactive_anon:1103 isolated_anon:0
[  185.481714][ T9333]  active_file:8479 inactive_file:25388 isolated_file:0
[  185.481714][ T9333]  unevictable:1768 dirty:243 writeback:0
[  185.481714][ T9333]  slab_reclaimable:6504 slab_unreclaimable:57189
[  185.481714][ T9333]  mapped:22758 shmem:3374 pagetables:1175
[  185.481714][ T9333]  sec_pagetables:313 bounce:0
[  185.481714][ T9333]  kernel_misc_reclaimable:0
[  185.481714][ T9333]  free:52673 free_pcp:19885 free_cma:0
[  185.521486][ T9333] Node 0 active_anon:528kB inactive_anon:44kB active_file:52kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:4kB writeback:0kB shmem:3640kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8264kB pagetables:1924kB sec_pagetables:1172kB all_unreclaimable? no Balloon:0kB
[  185.530682][ T9333] Node 1 active_anon:22124kB inactive_anon:4368kB active_file:33864kB inactive_file:101552kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:90972kB dirty:968kB writeback:0kB shmem:9856kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:5044kB pagetables:2776kB sec_pagetables:80kB all_unreclaimable? no Balloon:0kB
[  185.540929][ T9333] Node 0 DMA free:2092kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:372kB local_pcp:160kB free_cma:0kB
[  185.550034][ T9333] lowmem_reserve[]: 0 288 288 288 288
[  185.551784][ T9333] Node 0 DMA32 free:18072kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1548KB active_anon:528kB inactive_anon:44kB active_file:52kB inactive_file:0kB unevictable:3536kB writepending:4kB present:1032196kB managed:295136kB mlocked:0kB bounce:0kB free_pcp:14208kB local_pcp:3292kB free_cma:0kB
[  185.561848][ T9333] lowmem_reserve[]: 0 0 0 0 0
[  185.563445][ T9333] Node 1 DMA32 free:190328kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21124kB inactive_anon:4368kB active_file:33864kB inactive_file:101552kB unevictable:6436kB writepending:1168kB present:1048432kB managed:948220kB mlocked:3000kB bounce:0kB free_pcp:62812kB local_pcp:25440kB free_cma:0kB
[  185.573520][ T9333] lowmem_reserve[]: 0 0 0 0 0
[  185.575326][ T9333] Node 0 DMA: 51*4kB (U) 12*8kB (UM) 8*16kB (UM) 2*32kB (M) 1*64kB (U) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2092kB
[  185.580028][ T9333] Node 0 DMA32: 90*4kB (UMEH) 98*8kB (UMEH) 44*16kB (UMH) 127*32kB (UMEH) 48*64kB (UMEH) 39*128kB (UMEH) 10*256kB (UM) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 18072kB
[  185.585515][ T9333] Node 1 DMA32: 1257*4kB (UM) 770*8kB (UME) 632*16kB (UME) 413*32kB (UME) 228*64kB (UME) 238*128kB (UME) 109*256kB (UME) 47*512kB (UME) 19*1024kB (UME) 13*2048kB (UME) 3*4096kB (M) = 189908kB
[  185.591499][ T9333] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.594506][ T9333] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  185.597709][ T9333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.600757][ T9333] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  185.603687][ T9333] 37824 total pagecache pages
[  185.605176][ T9333] 564 pages in swap cache
[  185.606966][ T9333] Free swap  = 119996kB
[  185.608308][ T9333] Total swap = 124996kB
[  185.609630][ T9333] 524155 pages RAM
[  185.610795][ T9333] 0 pages HighMem/MovableOnly
[  185.612302][ T9333] 209476 pages reserved
[  185.613644][ T9333] 0 pages cma reserved
[  186.342530][ T9350] netlink: 20 bytes leftover after parsing attributes in process `syz.1.826'.
[  186.391132][ T9357] fuse: Unknown parameter 'gzoup_id'
[  186.990012][ T9383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.994425][ T9383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.039133][ T6057] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  187.227775][ T6057] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  187.231283][ T6057] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  187.235774][ T6057] usb 5-1: config 0 interface 0 has no altsetting 0
[  187.240830][ T6057] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  187.245005][ T6057] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  187.245550][ T9390] netlink: 20 bytes leftover after parsing attributes in process `syz.3.835'.
[  187.248402][ T6057] usb 5-1: Product: syz
[  187.254350][ T6057] usb 5-1: Manufacturer: syz
[  187.256366][ T6057] usb 5-1: SerialNumber: syz
[  187.273041][ T6057] usb 5-1: config 0 descriptor??
[  187.276875][ T9390] netlink: 20 bytes leftover after parsing attributes in process `syz.3.835'.
[  187.283106][ T6057] hub 5-1:0.0: bad descriptor, ignoring hub
[  187.287965][ T6057] hub 5-1:0.0: probe with driver hub failed with error -5
[  187.293262][ T6057] usb 5-1: selecting invalid altsetting 0
[  187.310435][ T9390] netlink: 20 bytes leftover after parsing attributes in process `syz.3.835'.
[  187.616578][ T6057] usb 5-1: USB disconnect, device number 7
[  188.079174][ T9430] netlink: 16 bytes leftover after parsing attributes in process `syz.5.845'.
[  188.308211][   T40] kauditd_printk_skb: 115 callbacks suppressed
[  188.308224][   T40] audit: type=1326 audit(1756315578.551:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.310578][ T9447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.848'.
[  188.331874][   T40] audit: type=1326 audit(1756315578.551:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.352989][   T40] audit: type=1326 audit(1756315578.551:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.370845][   T40] audit: type=1326 audit(1756315578.551:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.383349][   T40] audit: type=1326 audit(1756315578.551:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.390208][   T40] audit: type=1326 audit(1756315578.551:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.399046][   T40] audit: type=1326 audit(1756315578.551:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.407378][   T40] audit: type=1326 audit(1756315578.551:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.413943][   T40] audit: type=1326 audit(1756315578.551:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.422995][   T40] audit: type=1326 audit(1756315578.551:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9442 comm="syz.0.848" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  188.762268][ T9460] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  188.764331][ T9460] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  188.766944][ T9460] vhci_hcd vhci_hcd.0: Device attached
[  188.978867][ T9473] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] SMP KASAN NOPTI
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  188.982854][ T9473] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
[  188.986698][ T9473] CPU: 3 UID: 0 PID: 9473 Comm: syz.3.853 Not tainted syzkaller #0 PREEMPT(full) 
[  188.990020][ T9473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.994066][ T9473] RIP: 0010:bcsp_recv+0x10a/0x17f0
[  188.995743][ T9473] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 ba 9e 43 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8
[  189.001950][ T9473] RSP: 0018:ffffc900045cfb98 EFLAGS: 00010293
[  189.003925][ T9473] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff8877699a
[  189.006492][ T9473] RDX: ffff888020794880 RSI: ffffffff887769e6 RDI: 0000000000000005
[  189.009073][ T9473] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  189.012231][ T9473] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc900045cfd30
[  189.015393][ T9473] R13: ffffc900045cfd30 R14: 0000000000000001 R15: ffff888021519000
[  189.018557][ T9473] FS:  0000000000000000(0000) GS:ffff8880977c3000(0063) knlGS:00000000f54d5b40
[  189.022195][ T9473] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  189.024955][ T9473] CR2: 00000000570374c0 CR3: 000000004b008000 CR4: 0000000000352ef0
[  189.028359][ T9473] Call Trace:
[  189.029876][ T9473]  <TASK>
[  189.031157][ T9473]  ? __pfx_bcsp_recv+0x10/0x10
[  189.033185][ T9473]  hci_uart_tty_receive+0x254/0x7e0
[  189.035339][ T9473]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  189.037899][ T9473]  tty_ioctl+0x583/0x1680
[  189.039721][ T9473]  ? __pfx_tty_ioctl+0x10/0x10
[  189.041742][ T9473]  ? do_vfs_ioctl+0x128/0x14f0
[  189.043759][ T9473]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  189.045904][ T9473]  ? find_held_lock+0x2b/0x80
[  189.047908][ T9473]  ? hook_file_ioctl_common+0x145/0x410
[  189.050246][ T9473]  ? __fget_files+0x20e/0x3c0
[  189.052241][ T9473]  ? __ia32_compat_sys_openat+0x160/0x210
[  189.054663][ T9473]  tty_compat_ioctl+0x24a/0x4d0
[  189.056725][ T9473]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  189.058980][ T9473]  __ia32_compat_sys_ioctl+0x242/0x370
[  189.061280][ T9473]  __do_fast_syscall_32+0x7c/0x3a0
[  189.063460][ T9473]  do_fast_syscall_32+0x32/0x80
[  189.065525][ T9473]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  189.068199][ T9473] RIP: 0023:0xf7fd6579
[  189.069944][ T9473] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.077937][ T9473] RSP: 002b:00000000f54d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  189.081406][ T9473] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005412
[  189.084728][ T9473] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  189.087580][ T9473] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  189.090104][ T9473] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  189.092485][ T9473] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.094764][ T9473]  </TASK>
[  189.095791][ T9473] Modules linked in:
[  189.097531][ T9473] ---[ end trace 0000000000000000 ]---
[  189.103137][ T9473] RIP: 0010:bcsp_recv+0x10a/0x17f0
[  189.105304][ T9473] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 ba 9e 43 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8
[  189.111931][ T9473] RSP: 0018:ffffc900045cfb98 EFLAGS: 00010293
[  189.114141][ T7062] usb 48-1: SetAddress Request (6) to port 0
[  189.115982][ T7062] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  189.118425][ T9473] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff8877699a
[  189.121228][ T9473] RDX: ffff888020794880 RSI: ffffffff887769e6 RDI: 0000000000000005
[  189.136740][ T9473] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  189.146512][ T9473] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc900045cfd30
[  189.153342][ T9473] R13: ffffc900045cfd30 R14: 0000000000000001 R15: ffff888021519000
[  189.156452][ T9473] FS:  0000000000000000(0000) GS:ffff8880976c3000(0063) knlGS:00000000f54d5b40
[  189.159214][ T9473] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  189.161241][ T9473] CR2: 00000000f7f76e40 CR3: 000000004b008000 CR4: 0000000000352ef0
[  189.163698][ T9473] Kernel panic - not syncing: Fatal exception
[  189.166298][ T9473] Kernel Offset: disabled
[  189.167653][ T9473] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:26:21  Registers:
info registers vcpu 0

CPU#0
RAX=ffffea00019e8b70 RBX=ffffea00019e8b70 RCX=ffffffff8205cf00 RDX=0000000000000000
RSI=0000000000000004 RDI=ffffea00019e8b70 RBP=0000000000000000 RSP=ffffc9000684f5e0
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=00000000f5ef4000 R13=ffffc9000684f778 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff82206376 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54b4da4 CR3=0000000049d48000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000042202c RBX=0000000000000001 RCX=ffffffff8b90abf9 RDX=ffffed1005666656
RSI=ffffffff8c162c80 RDI=ffffffff8190ccb1 RBP=ffffed1003a5a488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801d2d2440 R14=ffffffff90ab8290 R15=0000000000000000
RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032863fff CR3=0000000049d48000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b541d40 RCX=ffffffff81af11e1 RDX=ffff8880253c0000
RSI=ffffffff81af11bb RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000338f4e8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000007b9c
R12=dffffc0000000000 R13=ffffed10056a83a9 R14=0000000000000001 R15=0000000000000003
RIP=ffffffff81af11bd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f76e40 CR3=000000004fec3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7414ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617045 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc900045cf500
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=000000000000005b R14=ffffffff9b0f96c0 R15=ffffffff85616fe0
RIP=ffffffff8561706f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000570374c0 CR3=000000004b008000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000