last executing test programs:

4.616568795s ago: executing program 2 (id=2184):
landlock_create_ruleset(&(0x7f0000000180)={0x5a00, 0x3}, 0x18, 0x2)
openat$random(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000000), 0x131040, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
socket(0x1, 0x803, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x400}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x50}}, 0x2)

4.56024687s ago: executing program 2 (id=2185):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.387759729s ago: executing program 2 (id=2186):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x915, &(0x7f0000000300)={0x0, 0x20400, 0x8000, 0x1, 0x13d}, &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000440)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x110, &(0x7f0000000100)=0x1, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x14, 0x6000, @fd_index=0x2008, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mkdir(0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0xfdb, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, 0x7}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8040)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x882, 0x5800, 0x3147504d, 0x5, 0x4, [{0x5, 0x1}, {0xffffffff, 0x6}, {0x2, 0x1}, {0x6, 0xe6f3}, {0x7fff, 0xa666}, {0xffff, 0x100}, {0xe, 0xb}, {0x9}], 0x1, 0xe0, 0x1, 0x1, 0x1}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x6, 0x0, 0x10, 0x0, 0x3, 0x8], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

3.437210282s ago: executing program 2 (id=2194):
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x20000800)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r0, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0) (fail_nth: 3)

3.279652316s ago: executing program 2 (id=2195):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = syz_open_dev$I2C(&(0x7f0000000480), 0x1, 0x42200)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r1, 0x407, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x28, 0xd19e, 0x0, 0x0, 0x4, 0x8d, 0x40000000, 0x0, 0x0, 0x10, 0x2}}, 0x50)
vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r1, 0x407, 0x2000000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000500)="7c5331fc9356b5b1000600008100", 0x0, 0xd5a2, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x8031, 0xffffffffffffffff, 0x6a855000)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$6lowpan_enable(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000600)={0x100, 0x0, &(0x7f0000001740)=[@clear_death={0x400c630f, 0x3}, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@flat=@binder={0x73622a85, 0x1100, 0x2}, @flat=@binder={0x73622a85, 0x101, 0x3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000100)={0x0, 0x18, 0x30}}, 0x1000}, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@ptr={0x70742a85, 0x0, &(0x7f0000000740)=""/4096, 0x1000, 0x1, 0x200000000009}, @fd={0x66642a85, 0x0, r4}, @fda={0x66646185, 0x5, 0x2, 0x27}}, &(0x7f0000000140)={0x0, 0x28, 0x40}}, 0x40}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000180)={@fd={0x66642a85, 0x0, r3}, @fda={0x66646185, 0x0, 0x1, 0x9}, @flat=@weak_handle={0x77682a85, 0xa, 0x2}}, &(0x7f00000003c0)={0x0, 0x18, 0x34}}}, @acquire_done], 0x0, 0x0, 0x0})

3.184263194s ago: executing program 3 (id=2196):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffc, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmmsg$sock(r0, &(0x7f00000095c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@timestamping={{0x10, 0x1, 0x25, 0x2}}], 0x10}}], 0x1, 0x20000000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
read$FUSE(0xffffffffffffffff, &(0x7f0000000580)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
fstat(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300), 0x100000, &(0x7f00000025c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@nodevmap}, {@uname={'uname', 0x3d, '/proc/sys/kernel/yama/ptrace_scope\x00'}}, {@posixacl}], [{@euid_gt}, {@dont_measure}, {@appraise}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@fowner_gt={'fowner>', 0xee00}}, {@euid_gt={'euid>', r5}}, {@obj_user={'obj_user', 0x3d, 'ct\x00'}}, {@appraise_type}, {@euid_eq={'euid', 0x3d, r6}}]}})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503, 0xffa1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x80}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x2f5380, 0x41414770, 0x58595556, 0x425, 0x10001, 0xa, 0x9e0, 0x1, 0x3, 0x0, 0x7}})
clock_adjtime(0x0, &(0x7f0000000040)={0xd4e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x3})

2.85104485s ago: executing program 2 (id=2197):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
r3 = syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000140)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe1, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d", 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
syz_usb_control_io(r7, &(0x7f0000000480)={0x18, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="000302000f"], 0x0, 0x0, 0x0}, 0x0)
io_uring_enter(r3, 0x2ded, 0x4000, 0x46, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x1000000)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004}, &(0x7f0000000000))
futex(&(0x7f0000000180)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

2.746948558s ago: executing program 1 (id=2198):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x14, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x7000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.644560641s ago: executing program 1 (id=2199):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f018581c0bc0065666765f36f0f33f0100a660f3a0cb9000000752066b9800000c00f3a32c632c6004000a50f01d70f0901", 0x32}], 0x1, 0x54, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtfilter={0x3c, 0x2c, 0x400, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x1fdbdccca50667ed, 0x10}, {0xe, 0x2}, {0xfff3, 0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}, @TCA_CHAIN={0x8, 0xb, 0x502}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24008041}, 0x14088810)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000040000000000000000000080950000000000000005b821edf961a59c5cd68695d34cd6d63891609ccd5dec49f080f6ee0ac1b063754a4735d9d5c7d28dd8c9d0925641f63239abac6fabeb185ca8b424d5931330a38b116029ea269dad360c"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @loopback, 0x6}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000002940), 0x0, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x1, @local, 0xd6c}}, 0x24)
listen(r4, 0xc)

2.09275309s ago: executing program 3 (id=2204):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0) (async)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000040), 0x4) (async)
syz_emit_ethernet(0x66, &(0x7f00000010c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "003a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @time_exceed={0x3, 0x1, 0x0, 0x2, '\x00', {0x7, 0x6, "c3c772", 0x4, 0x3b, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2}}}}}}}, 0x0) (async, rerun: 32)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 32)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2) (rerun: 64)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) (async)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x0, 0x5, 0x1000}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async, rerun: 32)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r4, 0x0, 0x0, 0x0, 0x80800}) (async, rerun: 32)
io_uring_enter(r5, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

2.004484087s ago: executing program 3 (id=2205):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0xfc, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0xe8, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xa0, 0x3, 0x0, 0x0, {{0x8}, {0x78, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x38, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x9}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x3}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x1}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x15e5ca3d}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xd93}]}, @TCA_IFE_SMAC={0xa, 0x4, @local}, @TCA_IFE_METALST={0x30, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x8000}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0xdc6c}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0xf924}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x593002, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4cc, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x404, 0x3d8, 0x3d8, 0x404, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x28c, 0x2d4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [0x0, 0x0, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0xff000000, 0xffffffff], 'team_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {}, 0x886215f4d37bb4bb, 0x90, 0x1, 0x69}, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x528)

1.630609454s ago: executing program 1 (id=2206):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x800, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0xfff3, 0x8}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0xffff7fff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x224e}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)

1.52459948s ago: executing program 1 (id=2207):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010008000900010073797a30000000006c000000090a010400000000000000000100000008000a40000000000900020000087a32000000000900010073797a3000000000080005400000003d300011800b00010074617267657400002000028005"], 0xb4}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000440)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000600), &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x45, &(0x7f0000000680), 0x0, 0x10, &(0x7f00000006c0), 0x0, 0x0, 0x81, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000005c0)=ANY=[@ANYRES16=r1], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{0x0}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}], 0x3, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, &(0x7f0000000a00)={0x0, 0x3938700})
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x41, 0x0, 0x7, 0x7ffc0001}]})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.190493517s ago: executing program 0 (id=2212):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x6}]}], {0x14}}, 0x5c}}, 0x2000000)

1.095003674s ago: executing program 0 (id=2213):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = socket$inet(0xa, 0x801, 0x5)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xfffffffd)
accept4(r0, &(0x7f00000005c0)=@xdp, 0x0, 0x80000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
msgsnd(0x0, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing', 0x0, 0xefaace022867884)
close(0x3)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000240)=0x8)
socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1b}}}, 0x1c)
r4 = syz_io_uring_setup(0x55f3, &(0x7f0000000480)={0x0, 0xbd84, 0x0, 0x1, 0x24b}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000640)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r4, 0x47bc, 0x20, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
close(0x3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRESDEC=r2, @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000000000009500000000000000"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
getrlimit(0x5, 0x0)
syz_emit_ethernet(0x76, 0x0, 0x0)

1.077201161s ago: executing program 3 (id=2214):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x44, 0x30, 0x1, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = syz_clone(0xa0000280, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
sched_setaffinity(r0, 0x8, &(0x7f0000000280)=0x100000000000a7)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = add_key(&(0x7f0000000000)='cifs.spnego\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x4, r5, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xa0})
r6 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000040), 0x2103, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000140))
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @broadcast, @empty}, 0xc)

726.66202ms ago: executing program 0 (id=2215):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [], {0x95, 0x0, 0x0, 0x20}}, &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000340)={0x6, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)

654.954089ms ago: executing program 0 (id=2216):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="34d8b700a610000425bd7000fddbdf2583c16181c452db7e36961760e59f01c3901d0b4ff6c32b1f48178a38525a521971800484d96e71e66950d9722972ed2b9bde951a9f855ff9064c78976fefc7220d58c2c2f004842c45508870026ed31e231a53795a94c4c21002a1663cdc222dfe31159bc32741bf0d569564e54711"], 0x10}, 0x1, 0x0, 0x0, 0x10000044}, 0x4044080)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000070601030000000000034000000000000500010007000000c6a95e8de72a33eb92e129d9bfe8d0293a155c6b8c46bff7046824c2f9caa94c5ccf15ac158fd7e5d5b19da7fed881caf459b490abe7ecb8d51e3957f3cbb604f920181ff440cf5444d064a37220c8ecc1036f33c034d6e78d0d96144f5515e5602090feb101d7091f28c1075276b7643ff81d55a4655380da214b85b9506175b10d70f66218ed0354b73ebb9e039cad96909098d703099aecaba620e9deb6cd6cba1878f7a80e2963cca30c6820e86b1af6073c2a614bd17e44f0aa94dbe3af473695d3277e226cbd0748a7e6a87dc926f7000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

600.006935ms ago: executing program 0 (id=2217):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0) (async)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
sendto$x25(r1, &(0x7f0000000080)="ae0cc983b7711caafbcc45e87537faec5fff830199d3baea2658bd680afb0bd4d877a604b8e4a2b316c5015749e3afc79adf53476ae694e8847bed10ff33f97f7ce7e48e10b40d9b10bf3d0adca6829e37ac3f8e7f74ef134b314054171ddf320e0f89b7cc9566f32a6f4f3bf6acd1a67eefa972eee01a56cf2eff676635427ab067ecf82ffcd85637ffd2feb1ff6f0a50b033ca8137d433b00013fb7d0da620241153d035c5192c190ae488ae1eacc2d7a13ecb51523f04eca11aaaa7633ffc1174c4e631", 0xc5, 0x1, &(0x7f0000000000), 0x12)
openat$adsp1(0xffffff9c, &(0x7f0000000040), 0x80, 0x0) (async)
r2 = openat$adsp1(0xffffff9c, &(0x7f0000000040), 0x80, 0x0)
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x12, r2, 0x0)

539.121358ms ago: executing program 1 (id=2218):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010008000900010073797a30000000006c000000090a010400000000000000000100000008000a40000000000900020000087a32000000000900010073797a3000000000080005400000003d300011800b00010074617267657400002000028005"], 0xb4}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000440)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000600), &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x45, 0x0, 0x0, 0x10, &(0x7f00000006c0), 0x0, 0x0, 0x81, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000005c0)=ANY=[@ANYRES16=r1], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{0x0}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}], 0x3, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, &(0x7f0000000a00)={0x0, 0x3938700})
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x41, 0x0, 0x7, 0x7ffc0001}]})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80, 0x10000000}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

355.106249ms ago: executing program 0 (id=2219):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x915, &(0x7f0000000300)={0x0, 0x20400, 0x8000, 0x1, 0x13d}, &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000440)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x110, &(0x7f0000000100)=0x1, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x14, 0x6000, @fd_index=0x2008, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mkdir(0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0xfdb, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, 0x7}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8040)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x882, 0x5800, 0x3147504d, 0x5, 0x4, [{0x5, 0x1}, {0xffffffff, 0x6}, {0x2, 0x1}, {0x6, 0xe6f3}, {0x7fff, 0xa666}, {0xffff, 0x100}, {0xe, 0xb}, {0x9}], 0x1, 0xe0, 0x1, 0x1, 0x1}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x6, 0x0, 0x10, 0x0, 0x3, 0x8], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

69.406155ms ago: executing program 1 (id=2220):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x915, &(0x7f0000000300)={0x0, 0x20400, 0x8000, 0x1, 0x13d}, &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000440)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x110, &(0x7f0000000100)=0x1, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x14, 0x6000, @fd_index=0x2008, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mkdir(0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0xfdb, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, 0x7}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8040)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x882, 0x5800, 0x3147504d, 0x5, 0x4, [{0x5, 0x1}, {0xffffffff, 0x6}, {0x2, 0x1}, {0x6, 0xe6f3}, {0x7fff, 0xa666}, {0xffff, 0x100}, {0xe, 0xb}, {0x9}], 0x1, 0xe0, 0x1, 0x1, 0x1}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x6, 0x0, 0x10, 0x0, 0x3, 0x8], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

7.794367ms ago: executing program 3 (id=2221):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x2040, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gre0\x00'})
ioctl$SNDCTL_DSP_GETCAPS(r0, 0x8004500f, &(0x7f0000000080))
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000003600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000035c0)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSETELEM={0x20, 0xc, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELSETELEM={0x1a54, 0xe, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1a1c, 0x3, 0x0, 0x1, [{0x2b8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x1cc, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0xdf, 0x1, "4af6c820bedb77e9fcfbc47f28336ad0cf13bc11f70b49f184cc52c6df85208298ade6226fc501db921c1efe7439e87f261a41417c0559927303f29080bdae37d91178a6a9df3825a6ba9b622fed97299a03c8a1acecb784e915075ca38b8a71231a9616f6b6963686e4a828f7359ce46e524c6cc9e87efb20f614ac799b62325933002486a14369e83ede7e99c358d80deaaa40ff9805516abbac25284f1e70e201528288691368e628e14165060f5d2b965a8b70f98bf3de140bea26342408c961062d77ac5c8f40698a20697f5a92229a1a87d64ab31d23c095"}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VALUE={0x12, 0x1, "e17504683956b433d8af16e3be55"}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x24}, @NFTA_SET_ELEM_KEY={0x44, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_SET_ELEM_KEY={0x98, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}]}, {0x1f8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x14, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xe, 0x1, "50a4d12c10e6510fb825"}]}, @NFTA_SET_ELEM_DATA={0x17c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7d, 0x1, "44066afafd8c939777641ddbc17912f8a0c1b4db733dda2014896cbaa62dcf77a702d9ffcf5e6588e9f9c6ba7a516b42f34aef74ec0723edbde5c34bc8759e87a9579101b05f544ed2a2b643fe65caccd0b1a3c451c04d1c04b51b8352c3056fb431f78674addf91c4dc4b77f8325abc8bb48e822f1eaff43d"}, @NFTA_DATA_VALUE={0xeb, 0x1, "6236f68ccfe3d573b8479ec13a9899a2dd7eead215dab42df18bec594b84beeec3a43eab30611ad6c5325fbd169f3519522f3be2bcff45cdf2481423a5d4bfcc2038ec6b989433236e01b958b2c69e860024d5c036c1b7768343c970661fa1255448dfe4bd3a0e6ed364fad9545158f964d7c2cb1dd8bfe0461c19b143a6580505bffd35cd0ddbb7da1da01c63564409d0339a0398fe2a3879dd12829e7bc8b1c8e5df0ad5afcee3129dc556ff7df380e41b93b1142df3c08eb6efa6cec6cc5d4568af7444b0dae631b66a82c4ca4aae5b001f89cacd675098e915b6483287408aa51909c2a0fd"}, @NFTA_DATA_VALUE={0xa, 0x1, "114c65aeb540"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x58, 0xb, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}, {0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x1}]}}}, {0x14, 0x1, 0x0, 0x1, @synproxy={{0xd}, @void}}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x575}]}, {0x150, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x14c, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xd6, 0x1, "1bb45d6b538793214d3c537f63b7d3c9734bd80c9b2cf3a9d90daa87b13908402cdcd8b7525885cb62879bd79f535688f0463d5234d1d31d2cfc8eaa9f83988f76fdfbbe1057b06f4924b029e3601ed4dcf1cdd58f36ea2b2557271103611ce665a086abacbf8ee7929bd5d6c13f4ba0f3dc44967868995e6cf0f9a94fe633835bc4f3626b19865661ffc7fd06f177c2447fe04b59f47cff7b1eaf787552e734e1c30db08f40cbc1c105c322e560bf76a6d43ab776cdd20168dbace2513a34b30c733ddf004e41431cddef2eb3aa80f5b83a"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}]}, {0x1118, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xff}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x762b0849}, @NFTA_SET_ELEM_DATA={0x10fc, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0xfffffffa}]}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "05e5fcdd073643df9d79af22a6467626213d49368bf9984f80cd19edafcb6c2aac724d04ae6915180324fe91482e99ddec2d7a8a36bfba08e144cc358687e6dadac4108157ec3343f0a028a262cc9666692daa93651c58f6fbd5fc2f0750d07b912f3415ae5de3f5d63fbcfbb38ab5007bea4d905e74116d1b3e52b38a32e45a5698a12465eb73e27659136867a53a4bca316d14f30bd33ed5d9adf6490545806e5bf498df51b881caa1fc96fad463b05741df8dd7e9e34bd0149e63a270a4f0ad1e5d42b37588e908e5167461d63f04bf3a9e7a493141e3f4f6405acaa20a9fbfd6eb5b347a3a708c61f08a015a57267df214541a681982b552c518ea9de142e1fd9899604355cae076ef217da85bb3cdf65dbf2287178e3992f5ae9dc4f6ee9c73257d174f0749dec099dbaeb58e8e100c31c4ab82a4cc8ed1f6fff924db7c2e26612d97aafd9a08308610526376158e8544063a9171a4307148d32a7e5593a88d6c3e7dff5b29ac8c07ef711257fda4594b57bd400721fa239afd970287773d983578c3f808c4558836bc0e68a526d9ea81db995e1fbc1fdfbb5bb7a56d7a25796dffcc2afbebf6a168ba76e7454fc5363532f25e5ecc1cd9fac72f4fa413ab9b68f5e2e8680d089d7aa5a43d6eecf3ff6895582a9859694eff7e5a2d3eb99e0aba5e747b6bef9d416738f4c35f2d8b1789603bfff183e757f93e52d91246ae82d8b8fa12035b4efbc83a2e30ab7c08953a10268b3be330e48ea1b15785353373639d332fecd7e4683640912b806bbd1142ff31dc2fa8ab812f585dfd724158c533bd9897bf8ef84950a3e893b6f1e1452ce08f001f5a02d34c30a4082a7cfa8a624b3c7d710e1ddf94ee1aa0a477d1f1c3f838164edbf7c67ab7bbdd3d0370f25efac0d2590b46f9b4e22c31df73a5b8226c377e00ea0822bdbc43f44380eaea6bd8c8cda20f5c48821d284e0cd6a8cf0dd31b2421f7c0f3d0700a4763d67efa4ce38fd653340cd8d4ad51e55020fdf92cc76af355834b5a5104d78997c5859524ce81cb0c0eb27cb66623957908eb0b1ead6947b940c94a37b03e3a44ce897faf68b2f481bc25e3edf413b68a69878d10b0a2dd5ed46fed5f6aabd321599a65d7ed85ae7544c84659f077f05c4570d2edadcf7513e1cd25c301e39ccb3f41a86c77796c4dbb0a9c0c30b2b524ef336c194d26b11974e1be623a40c9d698ef79df8c24e5cbffd1f2f5c9d800bbf873584985d3530baaa0138e31b3108f41eaf66edb483f5f2c9c90a1286c4a6c4d10a2b6097c649fe8dd3df9ae0707ad0e9a07e6ba173518091a8e331020ba09d1062ef0a56a3971d280a41cac9c7ee2b464150e8bd2764ece84c8e2428262450830ca51092497f74e58a6d66cafd95c8eb83271f0bf72b7ab0c81165f6d7daf71af0770be2da0872cee6dd76e0c910f9e82580bead86532b0e13105ae9883890a05beb2a2c710c19d951fab1d43b7c93504ef83f2980aea6671e99204a719bf155903fb2f181d07de92c7c4b31db5aafa4f2a3061283a64b022355eb8c442ca5756ca09a8766bf0351203da5f0ac4fbd2720c2514602a0d686fa9f8916bec46de2d2989051760c8fbe46093a6215e36ee6cd6f67db5c02af013d7531f5d337b4d522df6a0b777e80baecbe9ff26de8bc41243604fa03bf398312de0e141bdf98e53c6e875ba368f1bdd66bed8184b36045c697a2c23db478fb21493364d41f5b3a6280d46a221514594fe7f9e20bf65b5fa8ec412dc7da33e470d88029d8e4c0146da9fa96ec05cc0cec93e5953b0fd9a5b1adf388bcfafe374708b00bd1867b86e8f2c260ffa5df3a3b2a110f6fb5a080451a241781a45cd756accfc0294d7c72f30b7ede6ee8d35c1c2ee6a8d3fdf45aa7dd17cfb242cba5b482ee74997be96066ed89aa9e17b2dfb5ae59cf2091153d70533bb9cf728151900f7ed16942e836083bcc7f1befe7d55ce14a3648d46e14305170fb38da490413d500b977ea3a7c15983c5f2c8a1f816d6d836bc2872bcf5bea4700d0532f2a8bbfc9bb54acebf312c918600bab0d556936821ab1755e80833530c5b8636600dd33097d9d344a95ca5ee4d7f2e86e8a240464746dd82e0aa15035586014dedd63626ebe88d0d7557b09841777c65807b40bb90094b9de7092c95b6de87c9764e01d95e145d8103c84cc04a71fda13088901d277e9fcdcccd7c1bfe9d5dc8e1bb86f524723c038ad2565bc6d970689d734cd67cd55f2290faa021765f9e9a99b7d7215be73cb08e4c1b3bfe1c83501b2732b73b78583541ef1158b1ffdc925d5f01097e1f7b13161289a7facb5d95bd34c41d3ba5dfca3273e37555d1dc256f67e8d2bcbd24a29fe53f352f2dbb6c375806f16ec04278f3d1f1bbac005779c42d748e9d79867fc887fe671bdbfe3a45f6821b0660b11d40cb5640f2b00e221f7e4f24d30ef2f5831192386b6d23811ac0a17a52f610c2b0805223a30daa1f99bff560a37ac12ad40da0b6bbcc6e0dfcb9bf364dc973521fb9b7ff387d6a1497ae5c21fd4d03d9f1aef1a24fec6da3a7dd0ddaf2aa4a62dd6c4378e325b98c54451cc66b68745373f5dbc2bd1fefa35ddf3a2416e4d8f1fe19976937447caeb0aafc4e740b2261686a99499036bc5e6863f531750ce4d70ca92c54c7cecc66c58cb2337453e011a3d01b3868ab5ccf36100112ff7a7a841868b4ca2015112a0a2701c020d07da6fa632ad15c445e12e631555260fb9d694d1cb6bb30535a75c77f87ee3a057fd97e61aa8b658e7b84751f131080a68bda57cebaba031304135345ee70319b8f347dc4881d32b0af8b78ee92f3896154d3398828a2ecf812b4c35811ac12d09ab783090418166bafa33570972c1cccec7e2093b211c3c0ff61b5b8b55beb989732834c4a3e00f32d3f6a2b167ecd14a3ebe22401fefdd523ceb17a0ea5b3c5eef3be835b91f812aca12f948b630d49ea54fe88f93049bf6ddc799306250da3f14e49aeb1d9e0b4a9fd2af1668c58bfa8096a95ff4f27170033ac6a3d5446d38de89f586a76c5c46ffcef55aadab21320addf1fec19d5c5743e8abd0525843b7e04566fc37ba4907eae9d57fe7e967ff20da09a84a030fadef8c9be53b1399cac2bb66958b5d8b3a4759dfa37c267933ac0c890ba5b8b4120d9e477289130fcbaa1ece076b58661a8c14817632a151166c2a7613adeef0ed61ef261c14eb1ad03f4b878bd58cfa764490dc94a7f6d54498d8874c5b0186de574d0aafe35a6a34cb4061ffacdecc2fb445838d3bcbc9db5d8feda8c3cee0e164dbeba50ea8cbf0a26fd755c6c6b21573e8f52f5619bc3879e7411a7fe9fa332466025f52edecf74be619f3eb4fdb8cd6a9638ca53ef80f5110701aeea564bc841ab861363d95b999ab85b384f3c95bba811ba442ffe90356b55e3d14e9c7f51c3410c1c1542266794a2bae2a939c469d11dc5e11c0a5d2d7c1eeed8fbbf203e2e5999a57389b8e05b783ae314d7ed58475cbff0c8bd1e74b9d5e2bd1f84a41a69014f2dab1547a5de91e3c82207e81156e9e589280cab80d20aa0ab96ca978bb3e94ad883fa93b76025d13296224e21bc5048b3214a4e1651106f34edab2a1c2cc994b78584ec2dc7ef33002b3e94f25a94e4bb7fdb317da382c0d9fde1f1d54f8a46a904584bd1339d87f8bfed9d9a8e3b51add94be19244ae261748647ed51a97a0fe0732357b0ba87829bd6a4e4668b6f85111faca4d945213b00275fd1983224c93b5eb87b3795d523faedd838b336cc205e0787d477cbeb95935255f636c231f5ff8f5ec84f4efb074ca6049208058cc70295f2c7a651d9ceb2b69a6a1e26523eaefbffcab772bcfc7b8af691d691fbf26fe3332c24bf078890b2cd82005b19914369c4b0713123f5983e4f4a00abfac2adfbf36f584fd7dfc9ee87b269b13ef0a0d638aafd741cd1b4f264846290ae8c96f03eca058fbaa7263900146eb7ba3faedbef679ccba69250ca1509fb92700561e19beadf558aa8e8c6c5e6dd6d2bc76ec7b96d36983f9765f5e8ab21e67ee70bf15bf0d7995d765e7cec4bc8ceffca05e864fd54bbc6b7ee7f0c9c7e2e3e11f6c5c7bc303806d28422a4fc31612b52df8b5467f53b44ce19dc5714271bbf5094f52a15fb253ea8f2ebdf3d14aedbcad929f82a344f11b25c5567c9ef2bf1881fbbc7c8af80596ae136d938f80a54dfb4ef8d3ebdc045b50e8e33610381b3077d96fb50db378d9b91e0477aac9f03223005acccc7ba628c7c5a0e88031bff6c912c7d1b75cf7e38df60235b8e116dbc26c0626ca983ee0273663524d4461f50b156b9107cec619c9db6f65779fc3b05b5227e4481892dfbf4a51e948a3aa6c6cb70c32af4faf7788aab0bbb9a10954ab6c66be9c3ed921cc95757eb557bb5be58297fc68dd0a2f8f41f7ea3d9c693f716a52cd20334bc86d8835ef800cd5a31debac9ca1e6bbf0592a110df690769b67a3598943b236809966d71caa57fbcd34092a32ea02148d4ac38e9ac0ccb765fa619b24d5fd394ba97dcc57820c9b9a95f97332c7526a08648a432c973593bd1fb330378733702f541962b3fb4579f75ff61946683defb45ec6e6fdb93384afe56361232e6b06b88897a28fab168cf5139b7da1498b34005eed250454a4511fefbeff4bc5a70d6baeee3f22b610ae87052199808be734290c90dc0434b3674be4ca111608329d8dd278448dce975fe9ae8e85ea2f38901ceaec2371effa3dbfa208031346c18e09fb6c9e50c6784e33346aa35c429abcd5bfb5119b19c946c669490d46d3aaab267fb58a3d13488432ae7557f2261bdebe2bfe897cdafcb0cf90dce126695b4fe1fdfa7ab1c61d90cdb98062067f9b5cc50d05c544f27c1471b9b09ffd9c6efb8beda94d40b927ba28241021a89d6ad49e33774188e472093cf91b49497e83bee9ef54540a0e7b16b22a7b2ef43b08a199717e6926ca0efba6ef143d999a1c8ad1512437286e74298dff3804c1d6815596e6468a73d998d23987b21e21e63aa65ac5b569c3f713bcd21aab3b8a43ca3ebc7f1c81cfa35b5eaad5fef4845c90438512efc6ed3c4fe3df25547f1fca810b57abd6f0ee57beca83e9085b5265d66158e28bd4a4a3aef106d169daba703da51c00fda15632dc5310a03a916ef4817be40b22085ee07abf52dbd4da141599c47501ef1b01ddd7f8df85d65a9f0bb8fa9d087ce8d11f85681d879c0e917519d3d88badb63353d0723c3a203eff4558bc295b82837a9cadd8faf450ac08dba69d8bcce4948bdd22672c9376de41dbe93241266867c295b9152727a5b8ea303a74171300614b9b85167d56830571a672883aff489b137ec5dc30b01946279caeaad594e0bff8f426d924ef9a5dd9be0fcdff13b39e0d8075336832fbe5e57351420ae509e100f98ad1db864be3c3bdb4fa92d5e1d07d151c53bda0ef455dc24c45a24bf9ed7f21c1fec9428678ae8ad03993ee4e669b05e3b4dd1e66a9a4dd9ad6c04507902948f5cee0c5d1b59f627da9540b40205866e064593139bb1d5629ab8774e8273c1248c6a31deceae346b22796ed457ce9993dc0a66d0ac189d89cd5e58a2ceed7cc5c440b268ab054530423cf4429fd7caba104a6a7de7c819a022e7cdf6c1e9d43e3734143019780b287cc1c405622a8d3615416a2ea69055db9a75e40b0e541be4689a60309cc22467f1c71128eb128682c53d0feb88a850d03389640c48d8e90923796e05017e295983a987ee221781faf4ffe351042fb4492ae"}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VALUE={0x20, 0x1, "3b903d8890de84f49c76afcb883c04c7e98c005bf86aa03a28708c0f"}]}]}, {0x300, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_EXPRESSIONS={0x54, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x20, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0xb, 0x1, 'TCPMSS\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @xfrm={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x90, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0x28, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xb}]}}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x44, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x68}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}]}}}]}, @NFTA_SET_ELEM_DATA={0x210, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x13547df36e4d5a5}]}, @NFTA_DATA_VALUE={0x6, 0x1, "8818"}, @NFTA_DATA_VALUE={0x2e, 0x1, "a0a79e3a4d2b64ed3ee610bd59e2de9d55a399ae9c5b23c624dd47dfa6523b00015b5f410dea138845f1"}, @NFTA_DATA_VALUE={0xb2, 0x1, "866211933ee2dcc9ff4e610b328b9af366ee465fe99cd11c456da6fe81106c6cbe52d20c460c003761820dafaad02c7e0e0a7a554f635c9fba405ff09d7eccdd19afd88bd514844e1fd618c53cb5e29e5facf4ba505cdce4e9eddbc9628c4c09e233e9caead811423ae31898fd21c475fb9bbcc8bca09598fe9ac5d2cca44edb5a65980cfd55cf0efa06cb6694c4cb7ad98b2d1b53ee14b9482cd4500a3802748f8f77fad0434e11db9435a44a53"}, @NFTA_DATA_VERDICT={0x64, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VALUE={0x4b, 0x1, "5bee54fdea217842d6e69c064aaf41ac5b850bc521a78ce014f8e76684b682514c9f6d57a36348b8ddc167b947e5f4cb367a8542ffbfee422b288177235bbfb49f390ca0ca8a7a"}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELSETELEM={0x1928, 0xe, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18e8, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0xb}]}}}, {0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @tunnel={{0xb}, @void}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}]}, {0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_USERDATA={0x37, 0x6, 0x1, 0x0, "707ae86cffc29992fa2dc6214d8c1d19f67a41247853f2503c91d83f113add3a029363364d4480134b95ddfb7ae57d981d9741"}]}, {0x74, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x70, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}]}]}, {0x17e8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x6}, @NFTA_SET_ELEM_DATA={0x1130, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VERDICT={0x6c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VALUE={0x1004, 0x1, "99bfdc18ac65d5c97bec26cb848275544bf67f092b7f3ff4fada64a0c7f210e7556ab4f554c4d7c2607a13d894508826538d7f666a85d80b79e784ae9e7c9c48bf6515291829707859bb25b664328fe6a95bfe7a03df79a74f97544a9bd871a856020664be6c083abb75d259fb9de5fba42f9329f9e4557a4f8ae073b7366c375a5c49d184ab33a0d05598dd46f985eb7a73a21945cd3122b556ca8d0da1f7b914c60bdcdd1b80699d6e6c1217203896343a4f47eb3e9cd18486d268cac8434c5fe213c6add7151752434feceddeaad5acddd28208b7eb7b83e577e8715bbbef2ea78b518bcf3e280ae40ab2ab37292e9e8cdf6ad3c5e3da63e0ce8b7004a6c4a94a7303f30df6e7ad11bd76c5cf3ccf9813010090005725060dc465dcbf60b057de59b6576fff52408fb8601bad6fa805edabbda71e89ba9c0b681caac1d93b5a881f680a2bbd3568402105af3cd814b8c37a80d531d2edd38551607653cf1b5037bd355d09855621cde704849c91d5129c151edffbc1bd2ceb7e42cd29090bf65417c7b565efe55b9adfa4323e8d18059f80a60b827facc6c7cb8840042169c699b7cdf3b21028ac74774caddef1c984c747719131d8796676a28d1777fe1cc7ee0e95b383c4e15aa57504fb422488382dca6d8ed75cc4ec4cdb2b0a558a3ea88b6e9e1d914aa091cf3b78e5ec93151aa451bff0bdd02f56b5faf9fbca02ec145fc8849de68c07c842156e749c80798feb07a981ce64c41ef2928d499059286c1992c0fdc9048beacc5f4e60ae75b3d6183230d0b762923923f5b1f57fdeadf7f6f7d651e4ae6becb5e080679efaa9c6f07c6bc660dfa12dbeb8642465de71d494dc26e5aafb4ed9f951d6e3eba81b11d040e8b49cfe7f31866eaff69484e740c69169e2b6bd223840c4129356505c9876bb824d8e7069cddf487d20cf874c7e1ac898d07cfbd868eb7d2fbad0ebcac4c413bbac6c5a5fbf01bf12241f8648cc8b2b06de9a6c93ef38d09d2bfc72a24b5b17087909fe146b3a182d3a68797fe481fe4e18c1772d1a852921258f4104b24aa4b36b4fb3fff75b5d481adca6a7dc26802eda70276d9ec2c7111a3461362663a7b4c239b8118e9baae036b7e8e05ba3b1b58196e6b7086ddf806cf46506053f9c9b77e945877162b4d0aa1c9ea45a6169bdff0ee06c7644d5a0e91fad7d39d760cb9c35be124bbb4151840e63a3f33af46f78bd478db3eb347d3360357685d5946d273dd0015b9e5e2e95439b00fa6b869757b4ee3e0ee9e6895c663c89d5eb8439886b715a2da05c6ed36c91aae4b8dfc5ae0bc4d9a9eee5f7b9f9e33f10f89a9ec9a269cf5eb94cf3838aeb3c0281fa70c532c37c2da70543afb6f599e4e1a90a019f57997f6d7a9dc6340869f76322cd6d69ee59ae4ade4b6cc7817f1e64270ad1976e3df4e50d6a2646f8079e6a1797667c775f746ea80b270ba62a6e23971260b2e98de34050de891850292435f95a37871a12b6039fa6225b3f200e25103f8cdd5bd203e399e9d6f6320d9174deb92cc28ad657acdb99bd3d31b848ab21597bd03e3622703dd16beb0bc1dc025cfdb1293c87546129b5ed0587f38efbe4753edc81667f45787e0e8d88a190189692362bc9bbcdbaedbfdc0bf771192c9b564fba472862039bdc083a14347fcdc2d61d36d65d100e21c40cce15589a6124a5258eacf1976152095c986bb7d3ec1f8049c5f143c8b08f30df2ca6fc0c4369af0dc4b1f5039c56fbd7339e3560754b8bc1bec28fd9437f0df31791a1dfb2e66f5bded3bc39f7c7ff1af314ff99e7fdf886cd70d6297215c83b1110bdccb126c404c1dc37613480cc2aae5372b6992976accc46d8c5b3de7cdbfcbb9c843b3d7363369c854dcf31da0e9cda23a10c742801030b75582d05be7917fbe45836284908dfc28132b5f5f57663e40ddec8dafccaa23ddcf9e9825805cd21322583b71e366a3acb23ff415f6cd6e6e29640b0650c24938ad45fc6e47273948ee12cb30e7c7cb23a1d828b97db7aaf51d382ea9b653026bd6c38a484fbb6b74d0be0985f0bdb492218515fa5d2707108928ed19c626d1b5fdcccdf8669910ff08d685a46bd1ac64de227df25737a2da06892dbc164fc03c0dfea25b26214bd7321e4aed3f73219f03036b1537a85c1765abe78947b1fb77daa1fee81f8fe3324f73485c79af09ccf9076659952264d133ec622ecf7c83e0ade667730831f4737545fa42b160365c5463f51a5b1e465b200a708aadd528f4acf2b1a9da1901bf988c91746c06f41ff5b65982c05711e994f70cd8fc6803f37efdac01d011c8e533176da3aafb42f211d4ac80b7056f645671edeeea6507cf1cfc2a564baacf6f408a6803c4368f7976d6d499cdaa5812502bfe6dfd006520ae7f81c48d40d33f7fdf4dc656ba467482daa09106f0778945067de4a8848639e8341074dab5963000477040f79e4d49ba5544aed13f2339f0823fb917187d59408cfe6bc316bec46cd04e92b7bab2465c47ac62eed76483c40e3bacc0ace8f29fe51fabe2190dd5cd77e649e2327114edefc284b1964b6061117b4ce8c8c34657f20a644c5f9235a56a8752fb0a8bd41a635624f632154a7ad9feb65e9d8933f08c54d45bc42864565e6176488b00ec941972b3590b68fb4e085c19d1431466b71702dd33d162fea4a7535d150a3b8a06b70a7ebcb548f44ed5bec8707f58df5d5fbc6a4072bf27a81a491422442d6c9c0009db40094cf98017dcf82404edd4fc4732cc2b3d68ada5b2b09efbf928785bfddee92acb91b11c0d7f0a707a9806032b0020ede913a9d18078614b4c313869dc5a07323913cf941b4dd11330d6ea8fb6c39bd61a88115cbbc31770d24c1f3179366c136e0bdbfc8b79f4f5ba268919d69ffc2e5a5c4541dd943c6a854f0a87a5ef7cc2e939870eba81bc60c3e87ed1bbe8292dc2855446f6b5d72e852d9168c5e451abff3998ced3169d92cb4699d2bcce7c5642095768c5c73e29703c8c476b919c8ca7db8e004de7a92843f2db8e830182433c4da87e9664c5c8db100d6e1d70980fa8b296db16d612c9a8ead9707e3a02a0a138ce3a49186028b6cbad33527a077896ddef2228a4f6f94b48da6f5db9d3f441c8d586218c38ff1824e38b55c9f3134d26fd94a29bad06ffeca765f80faefaf3a0c4c889b129f5b37ca9eaafbbb7365d4d7a2bbf6f62d6531b4e34943295b1f1a8544a0c2f121792ba4dc1644081463e2cd84d5b19b027d602ea9ec33dc3bce6ad8bab3a51c0bf3c2eb963ba77a6fc95d3a14bcfb23cc0e0bf273e981aba22691949de8efb794aae0da2d4266ac96850fc75e676afdcef9bee7e1e6731a7685ab396690d65ce48550192e18f1fbd53bad5dd55947287eb0272cc71670783a58a8d98f5f697d9dba958e0cb5117b3188eacaec9e9e35d8e9c1167ff7881bcf791de67f15269c12d557cf54cc6a33034c5fbb3a838ff670db1eacc399826c5cb90fb344d939efd71fa37ecf3d20102ef5d3d06edd24b5d8c138edc0a9e330dd4863bdba4e80fb0b73279f35e7076bc6443e7ffaa874221995e82da09a719fc39e584f59474d381b703cfa75e3e6f72af0efb387c26f44326f567a694f4206bceaedbc29afdea05a9504e5ee87dac688f4ea7c9992a44c24b474231d463eb6580004fa521c4210d78f229190388af5ce34628bd551c500eba21989d5997c240d3e0625931a99e20af3bbb2fe754c355157426a021e2f25b787eee2b79717b3e07aff017aae9d0dd0d2a0cfa7250d3da6cdf119c4387a2f89dc4283aacb38a4575add2e3a58fc101e2bc2d8a2de3ca2dac213a9d3b07e00c8c63ff5fb20b42f9724e1d54796f7728e74a3e3227db24a36da72f0b82353cb73174d5c67ff554544f2cf5bb9d529814389c10fcf97b2642a6971d06e27b0ac959920bea718873276d9d122238b2f77ad864fbc62c73ae829317d4a71e396bdcdd0fde2f05081253b467e47159f85ff36b4be8f2fc5ee743a8f59c6075269af10595f7b456e82ca75c301360434a543a75c7f12ce1802b11b2dd8a6b649136f75084405dbd361e615e9baa72b9843e67a1646f59f19a19087f00c8afa44b59c5f6b21659e32518704bb30fd1ea83b3b187a72841d5e12867d3eb514be75d2691cdcc514b829d0b06338628e01b4f00fda6ab66fc61077cf2967223b96a555cb0adc12a4be16f9b32886fc7a39a90c638619e06d0dec1c896b4481b72f8ebf7522b5a06af993f5eca2dfb3014f21a0f18609a65912797b87cd2ebdbcf9580a026a059f410658b381dd474ff1e695c4c282ed69748b124b8b7ed6950ba5b3829f52cc331355e43397a238e5c223abd36edc714fcc1f1160b01a0f17ec253a555dc06ea27e3812f5ccbc9d4c1415874e742238f995624cda480eb442fbdf7857bed890891fac3fb8c550737c31ed04812fdfb103b9e9c1ca8cd6059c41699bdc7556d091af44e11f5e7a74ac3639d8e5103164500fec79f8da7cee38c990c2f460ef8c9d8fcb5c146a87823907310086a9f93e6d554c431f9fe4c5c337e0c6b5dbb1f3f38c084234850e308db555308760bec68e11190b4b4a0b6af0ff9969cfc4ea74fb970525a0fd046b46fc66cd9b9048c385488f06d09bba94f8783ac9512acec88c50244a1ed2e2aa5cf814f569282d2cdd421f43fb8e44f1f122a164968d88c1e264953f42e3af5facdca29c251114f5af5590082f6a7114289de6777647862acdb7cc7556a4a3ea6ad1c14ebc99e7827e7215ea7620352e6ebb3bc534e30e43f7a1aeea7e5022dfd766870eef0545284debe6e728e1f7cebeed1584c14f00dd93f4096be705d2544db2e1ef9a13291460c17533565aedd43bb489a388f56a91e0957e6e436e9e7d253cfd35069cbd6e9f6ba8cd0d2f985f28ef504570fbb23e444928ae2934889e6defcf23ad2ff2f8e892a5aad2bb751bbb87f90bcce7cbdf2c2d436b924f063b680ea7d4a4e83e5cf819f618ab1e3bb97f04723837b86c0ed73e7160b633d31c22f92c2ad82b95853752609c1a473a04e6f39d6ac0730440d09c5819f62314406c2bccaec81ca6682ff051b1c8ad283117db6a611248c7b460a8e886f5d249251677bf8769fd502c84e03047fd24d360a66429cc51269e86c384cac96c5468841f54510088b7d078b782b3f975fd27b7ea7c190aae41d1783ca3d01a7eca1adc90e298e8f29ec14faab3056a1b0215e94172ed374d5b82cb9398d36bff13f83ae8513cd718aa2e642643e258b75223e07904b455f4df2d478e4bab61935da3149016f4d27450adb6f72e0bf33aff3a24dfd68aac9804ff83a82d74c5094d302251f460df1cfe4b1cef19a63c450f3d3e04f8d19c359475dcecc4750a8233a174c0b105f8e231f6d963248190ff9af9975402c0e1068a1f8811409594212878c7b93c2324ca7e3a9352eaa7a363028e043f05949c72b290a2003515f2aecd186f2e7da906f15b0c4cfdf0afb822b066419d504110b138c5dd7da92b4e1adfcf2f58bb5a92f47e537cc8e3c7c557b14659a6c1b9e78d1079b3dd4dc1f6dd255dd3938d193f1bc23780ceccab0084f0de437a77590f2f78c98e0677285c0fbeec7fba03c1a9d134dd003ea9834a8b344266f5241771bb26ed2505d42d60a9d931fa470013a45a39077a337533d3438b2b6102a59ab622742d41aa0199f2f90c5487d7c1c525c0c11860451e61ca20f6216cd6db98e8d586902cb26d87e9aae38d627b022ed738f20314489591833a1b92ca6411f6"}, @NFTA_DATA_VERDICT={0x4c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_KEY_END={0x39c, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VALUE={0xd2, 0x1, "a35ed0911c77610bc1e62bb2431d038fb19d5e67bc439b8e8c54e3c3d8f5af6cb4f40ef695f9c4f81280428dacf9188960de18300abd12b2b09203ebb66f94c53f3bcdc40666305722b665399160f3f725e1dd2f22e058e36ac6a24a67692e800daaffac183c10d1bd72107c2b358f7df4b480b89528af9264ee58b24d7f66d19a492fa942efe4830fcdf98efb4d3201d0f4b25e474a79999811b537cd080cff5000e58d218bfcab81a45ccfcf3dc572666e0f1d9cf1461bef9a408c110ebfc460c0777031b8190fe23494d77ade"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0xa5, 0x1, "e64d6022742eb2b0a23f7cf269afacc8bba425a990a026841eac8010c80414a27ca1e1339dabbd051d72ca4f1d0b7b73e18eb098ba6dc9465e43cc557d631595207f262fd4846dd78029f08b9cf56f196dc80b077ad4b15cbee06c0693c63ab00c3f31c87b0f05dff4e3f5690220791aff8683da0236917f8b70c149975a9debd6ed8f70c19768eb7e8465bb07507c7ed69124451dbcbb01d10ed691dfb53ceb86"}, @NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VALUE={0xe5, 0x1, "010e438b5d9274729467cd3c3901ffc8d5c86d03094f823a6d5474acf97725d1a95a3f5340aa893f6d123cbbdd0f02fd709645649818c982cd560863e9a2ccd8a4d5b7158710948047d315b6d40d3769dad3f839b51ce1aaa22371296bd635f3f981478c4a42ddf8549c4073213b626ec9880496191aa95d1c3dabb63077e85a89dae961c484528824176edccbf7529a79041ee144b5486b1be29d257f394627b479fe43e574405c689ca1218d223f6bc572fb6de5f626a063c03f4b7a75bf80c5e32b3e41f83f4e462741bae3c5890d5272a24d2b4b85f67b8864f3bc496256c4"}, @NFTA_DATA_VALUE={0x95, 0x1, "50ece37429c8bea4299bcda04c0f27a621ad297945bc387040aea8d8ba11f06ab65865e15d8a9acc617b87e748da6f09c3b1092b5e5f26848314a3920fe957afa4ae9c07244e38f3183b5906080ee4cf33cf0d39c0da899013c675aae7e039f9fd1f78140d815b6d1bf6b0512af616c12d3bb59c5b1517d98de63ee88e593543107f269149aa95c7c190eef060f9124ee4"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x274, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}, {0x30, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xe}]}}}, {0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x59}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}, {0x64, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x41}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x37}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x34}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x23}, @NFTA_INNER_EXPR={0x10, 0x5, 0x0, 0x1, @payload={{0xc}, @void}}, @NFTA_INNER_EXPR={0x10, 0x5, 0x0, 0x1, @payload={{0xc}, @void}}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0xb0}]}}}, {0x164, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x154, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TARGET_NAME={0x10, 0x1, 'TCPOPTSTRIP\x00'}, @NFTA_TARGET_INFO={0xdf, 0x3, "13f5cc5000a0117efb9fa6936f290d572698dbe7dc9edcb65fdaf6978375903fc0f770ed22ba987ade540ac3594f11c8019dbfd6bc8c097ee4b4c559f444de6d88ca15319d6d8dafb335e22a1554607a5548d9d3b8ccd72f23328b4b82b80204200af9917a8460042bac5217885182e62e5105748e0831672df6b4b837462b453c1722820eb929d09ea1667a3f3fa9d062b6d51f009bfe423111fdf08fe5ea8a6c67d21566acce98adf3c3b66daa7cbbe0ce5fe61c45d2f27b2dd10e704fea5e7d0808ed7a11debbed834db7f61182171dc62f3a5fbf6751fce198"}, @NFTA_TARGET_INFO={0x4d, 0x3, "8d801e4e6c1721c3b4e7a2ca22d85116d9b721c9306fbfb53b47c68daa2dd595c66afa92ddee10879b93e3c1783fb5f1d52207059cfc2796d52d8dd258b7678d69a95b0d6de8864c26"}, @NFTA_TARGET_NAME={0x8, 0x1, 'LED\x00'}]}}}, {0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}]}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @payload={{0xc}, @void}}, @NFTA_SET_ELEM_USERDATA={0x7e, 0x6, 0x1, 0x0, "78361c7bb98f73b6d22753a0257d9d9237387748e9d0e6c7dc74fdd3fd101035df49a3d3499c2133f1750b184eb19df975dfa93e1a8c04d1b086eba6c81bb7afad91b3269545b555ddb53b7eff0918cb6fe2a621f19c27cc0afd09266e81edfa7493c232b8ef805c67e9f515154feb139b28b3f6c23e6745e5a8"}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x33c4}, 0x1, 0x0, 0x0, 0x80}, 0x42)
sendto$inet6(r0, &(0x7f0000003640)="a5fdc30abd1dfe27fc217b2ab710f773593b768482e2134b9542fc1b0e4ee0f8a856b397b756c9a5e00da2cad392fc", 0x2f, 0x4000000, &(0x7f0000003680)={0xa, 0x4e24, 0xf, @dev={0xfe, 0x80, '\x00', 0xe}, 0x3}, 0x1c)
syz_emit_vhci(&(0x7f00000036c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x1, 0x0, 0x40}, @l2cap_cid_signaling={{0x3c}, [@l2cap_info_rsp={{0xb, 0xf9, 0x19}, {0x5, 0x2, "08bf8d73d15b58b299570455144dd16ee97b3a8ec0"}}, @l2cap_conn_req={{0x2, 0xcc, 0x4}, {0x2de6, 0x9}}, @l2cap_disconn_req={{0x6, 0x1, 0x4}, {0x8, 0x2}}, @l2cap_info_req={{0xa, 0x0, 0x2}, {0x4}}, @l2cap_create_chan_req={{0xc, 0x67, 0x5}, {0x4, 0x101, 0x9}}]}}, 0x45)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000003740)={{{@in6=@dev, @in=@multicast1}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000003840)=0xe4)
getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, &(0x7f0000003880), &(0x7f00000038c0)=0x40)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000003900)={0x30, 0x8001, 0x7, 0x8})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000003940)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f00000039c0)={r1, 0x0, r0, 0x2})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000003a00)={0x4, {{0xa, 0x4e21, 0x5, @loopback, 0x1}}, 0x0, 0x7, [{{0xa, 0x4e22, 0x8, @loopback, 0x5}}, {{0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}}, {{0xa, 0x4e23, 0x3ff, @remote, 0xffffffff}}, {{0xa, 0x4e22, 0x80000001, @mcast1, 0x4}}, {{0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x215}}, {{0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x41}, 0x1000}}, {{0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}}]}, 0x40c)
mknod(&(0x7f0000003e40)='./file0\x00', 0x208, 0xa)
syz_genetlink_get_family_id$ethtool(&(0x7f0000003ec0), r0)
ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c)
write$eventfd(0xffffffffffffffff, &(0x7f00000044c0)=0x6, 0x8)
socket$nl_audit(0x10, 0x3, 0x9)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 3 (id=2222):
syz_open_dev$usbmon(&(0x7f0000001980), 0x1, 0x10280)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xc2354000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0xae)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0xfffffffd, 0x0, 0x30, 0x0, @ib={0x1b, 0x0, 0xfffffffd, {"857aa325e897a3b1b1856e1ee4068b08"}, 0x1, 0x7e1f, 0x1}, @ib={0x1b, 0x0, 0x0, {"7d0300"}, 0x0, 0x0, 0x376060b0}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r4, 0x9}}, 0x10)
close(r3)
getgroups(0x1, &(0x7f00000003c0)=[<r5=>0xee00])
setregid(r5, 0x0)
setuid(0xee01)
r6 = socket$kcm(0x10, 0x2, 0x4)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000000008010100800000000000000000000006000240900000000c00046108000140000000050900010073797a31000000000500030001000000"], 0x3c}}, 0x40000d0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40448c0)
syz_io_uring_setup(0x109, 0x0, 0x0, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

 268.537095][ T7401] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.541409][ T7401] usb 5-1: config 0 descriptor??
[  269.472484][ T7501] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  269.625403][ T7501] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  269.628366][ T7501] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.630984][ T7501] usb 6-1: Product: syz
[  269.632652][ T7501] usb 6-1: Manufacturer: syz
[  269.634290][ T7501] usb 6-1: SerialNumber: syz
[  269.641215][ T7501] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  269.654624][  T839] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  270.077290][ T6060] usb 6-1: USB disconnect, device number 26
[  270.086954][T10670] ip6tnl1: entered allmulticast mode
[  270.090961][ T1143] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  270.184725][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'.
[  270.193679][T10675] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1292'.
[  270.702371][  T839] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  270.704726][  T839] ath9k_htc: Failed to initialize the device
[  270.709351][ T6060] usb 6-1: ath9k_htc: USB layer deinitialized
[  270.825182][T10679] wireguard0: entered promiscuous mode
[  270.827049][T10679] wireguard0: entered allmulticast mode
[  271.027519][ T7401] usbhid 5-1:0.0: can't add hid device: -71
[  271.029860][ T7401] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  271.036147][ T7401] usb 5-1: USB disconnect, device number 26
[  271.843357][T10706] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1301'.
[  271.846828][T10706] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1301'.
[  271.882481][T10708] lo speed is unknown, defaulting to 1000
[  272.572305][ T7501] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  272.640391][T10715] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1304'.
[  272.644147][T10715] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1304'.
[  272.674761][T10718] netlink: 'syz.1.1305': attribute type 1 has an invalid length.
[  272.695529][T10718] 8021q: adding VLAN 0 to HW filter on device bond1
[  272.706022][T10719] ip6erspan0: entered promiscuous mode
[  272.709883][T10719] bond1: (slave ip6erspan0): making interface the new active one
[  272.715313][T10719] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  272.728529][ T7501] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  272.731874][ T7501] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.735790][ T7501] usb 5-1: Product: syz
[  272.737515][ T7501] usb 5-1: Manufacturer: syz
[  272.739467][ T7501] usb 5-1: SerialNumber: syz
[  272.746710][ T7501] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  272.758404][  T839] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  272.977913][T10731] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1310'.
[  273.226434][ T7501] usb 5-1: USB disconnect, device number 27
[  273.823346][  T839] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  273.825431][  T839] ath9k_htc: Failed to initialize the device
[  273.828768][ T7501] usb 5-1: ath9k_htc: USB layer deinitialized
[  273.833077][T10748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1316'.
[  274.124688][T10754] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  274.222345][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  274.748110][T10757] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  274.750197][T10757] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  274.753458][T10757] vhci_hcd vhci_hcd.0: Device attached
[  274.759131][T10758] usbip_core: unknown command
[  274.761114][T10758] vhci_hcd: unknown pdu 0
[  274.763524][T10758] usbip_core: unknown command
[  274.766840][T10035] vhci_hcd: stop threads
[  274.768683][T10035] vhci_hcd: release socket
[  274.770534][T10035] vhci_hcd: disconnect device
[  274.931936][T10762] team0: No ports can be present during mode change
[  274.943747][T10762] netlink: 'syz.2.1318': attribute type 10 has an invalid length.
[  275.437724][T10769] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1326'.
[  275.448469][T10769] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1326'.
[  275.487052][ T1328] Process accounting resumed
[  275.608629][T10769] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1326'.
[  275.611567][T10769] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1326'.
[  275.750120][T10784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1324'.
[  275.757307][T10784] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1324'.
[  276.772026][ T7401] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  276.993261][ T7401] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.996621][ T7401] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.999581][ T7401] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  277.016481][ T7401] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  277.024422][ T7401] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.029973][ T7401] usb 6-1: config 0 descriptor??
[  277.467973][T10828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1339'.
[  277.474158][T10828] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1339'.
[  277.494230][T10830] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1340'.
[  277.622456][ T5951] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  278.221952][T10848] netlink: 'syz.0.1347': attribute type 1 has an invalid length.
[  278.264460][T10848] bond2: entered promiscuous mode
[  278.266265][T10848] 8021q: adding VLAN 0 to HW filter on device bond2
[  278.287637][T10848] bond2: (slave dummy0): making interface the new active one
[  278.290011][T10848] dummy0: entered promiscuous mode
[  278.294685][T10848] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  278.977401][T10860] bridge5: entered promiscuous mode
[  279.041197][ T7401] usbhid 6-1:0.0: can't add hid device: -71
[  279.062006][ T7401] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  279.066817][ T7401] usb 6-1: USB disconnect, device number 27
[  279.894924][T10885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1356'.
[  281.345008][  T839] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  281.524988][  T839] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.529283][  T839] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.535029][  T839] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  281.539852][  T839] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  281.543820][  T839] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.548384][  T839] usb 8-1: config 0 descriptor??
[  281.656042][T10923] __nla_validate_parse: 1 callbacks suppressed
[  281.658156][T10923] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1367'.
[  281.671988][   T54] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  281.685015][T10924] bridge4: entered promiscuous mode
[  281.829564][   T54] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  281.832454][   T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.834876][   T54] usb 6-1: Product: syz
[  281.836704][   T54] usb 6-1: Manufacturer: syz
[  281.838152][   T54] usb 6-1: SerialNumber: syz
[  281.847548][   T54] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  281.871436][ T6012] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  281.963628][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  281.966583][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  282.071290][   T53] Process accounting resumed
[  282.170371][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  282.174183][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  282.323543][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  282.326813][T10930] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1368'.
[  282.450536][T10929] usb 6-1: USB disconnect, device number 28
[  282.621939][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  282.951894][ T6012] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  282.955059][ T6012] ath9k_htc: Failed to initialize the device
[  282.958251][T10929] usb 6-1: ath9k_htc: USB layer deinitialized
[  283.041670][T10950] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  283.045898][T10950] overlayfs: failed to set xattr on upper
[  283.048208][T10950] overlayfs: ...falling back to redirect_dir=nofollow.
[  283.050776][T10950] overlayfs: ...falling back to index=off.
[  283.054626][T10950] overlayfs: ...falling back to uuid=null.
[  283.566998][T10960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1376'.
[  283.638606][  T839] usbhid 8-1:0.0: can't add hid device: -71
[  283.642649][  T839] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  283.656115][  T839] usb 8-1: USB disconnect, device number 19
[  283.804135][T10971] syz.3.1380 (10971): drop_caches: 2
[  283.834574][T10970] syz.3.1380 (10970): drop_caches: 2
[  283.980205][T10961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1377'.
[  283.983477][T10961] netlink: 'syz.2.1377': attribute type 5 has an invalid length.
[  283.985937][T10961] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1377'.
[  284.000174][T10972] bridge10: entered promiscuous mode
[  284.434305][T10978] lo speed is unknown, defaulting to 1000
[  284.741894][ T5983] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  284.832251][ T7401] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  284.894597][ T5983] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  284.897490][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.900917][ T5983] usb 7-1: Product: syz
[  284.906218][ T5983] usb 7-1: Manufacturer: syz
[  284.907749][ T5983] usb 7-1: SerialNumber: syz
[  284.913342][ T5983] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  284.929786][ T5983] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  285.029658][ T7401] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  285.033545][ T7401] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.037613][ T7401] usb 6-1: Product: syz
[  285.039116][ T7401] usb 6-1: Manufacturer: syz
[  285.040813][ T7401] usb 6-1: SerialNumber: syz
[  285.094524][ T7401] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  285.110413][    T9] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  285.370170][   T53] usb 7-1: USB disconnect, device number 26
[  285.523212][ T6251] usb 6-1: USB disconnect, device number 29
[  285.916954][T11001] vxcan0: tx address claim with dlc 0
[  285.942155][ T5951] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  285.981913][ T5983] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  285.984905][ T5983] ath9k_htc: Failed to initialize the device
[  285.987687][   T53] usb 7-1: ath9k_htc: USB layer deinitialized
[  286.011516][T11004] loop6: detected capacity change from 0 to 524287999
[  286.104367][ T5951] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.114373][ T5951] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.123393][ T5951] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  286.142039][ T5951] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  286.145929][ T5951] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.152753][ T5951] usb 8-1: config 0 descriptor??
[  286.302496][    T9] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  286.304679][    T9] ath9k_htc: Failed to initialize the device
[  286.306916][ T6251] usb 6-1: ath9k_htc: USB layer deinitialized
[  286.611842][ T6251] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  286.782168][ T6251] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  286.784929][ T6251] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.787459][ T6251] usb 6-1: Product: syz
[  286.792445][ T6251] usb 6-1: Manufacturer: syz
[  286.794029][ T6251] usb 6-1: SerialNumber: syz
[  286.799987][ T6251] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  286.811626][   T53] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  287.229670][T10929] usb 6-1: USB disconnect, device number 30
[  287.821918][   T53] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  287.825417][   T53] ath9k_htc: Failed to initialize the device
[  287.828739][T10929] usb 6-1: ath9k_htc: USB layer deinitialized
[  287.857912][T11014] netlink: 'syz.1.1394': attribute type 1 has an invalid length.
[  288.007136][T11014] 8021q: adding VLAN 0 to HW filter on device bond2
[  288.013341][T11018] erspan0: entered allmulticast mode
[  288.051201][T11018] bond2: (slave erspan0): making interface the new active one
[  288.055918][T11018] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  288.504324][ T5951] usbhid 8-1:0.0: can't add hid device: -71
[  288.507497][ T5951] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  288.514640][ T5951] usb 8-1: USB disconnect, device number 20
[  288.536707][T11026] lo speed is unknown, defaulting to 1000
[  288.767484][T11032] netlink: 'syz.1.1398': attribute type 4 has an invalid length.
[  289.492011][ T5951] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  289.665386][ T5951] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  289.668092][ T5951] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.719644][ T5951] usb 7-1: Product: syz
[  289.725180][ T5951] usb 7-1: Manufacturer: syz
[  289.726620][ T5951] usb 7-1: SerialNumber: syz
[  289.744091][ T5951] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  289.783091][ T5951] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  290.161852][    T9] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  290.212567][ T5990] usb 7-1: USB disconnect, device number 27
[  290.344682][    T9] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  290.347495][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.350142][    T9] usb 8-1: Product: syz
[  290.351454][    T9] usb 8-1: Manufacturer: syz
[  290.353169][    T9] usb 8-1: SerialNumber: syz
[  290.364827][    T9] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  290.380487][    T9] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  290.417305][T11047] FAULT_INJECTION: forcing a failure.
[  290.417305][T11047] name failslab, interval 1, probability 0, space 0, times 0
[  290.421323][T11047] CPU: 0 UID: 0 PID: 11047 Comm: syz.0.1402 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  290.421349][T11047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  290.421357][T11047] Call Trace:
[  290.421362][T11047]  <TASK>
[  290.421367][T11047]  dump_stack_lvl+0x16c/0x1f0
[  290.421403][T11047]  should_fail_ex+0x512/0x640
[  290.421423][T11047]  ? __kvmalloc_node_noprof+0x124/0x620
[  290.421440][T11047]  should_failslab+0xc2/0x120
[  290.421450][T11047]  __kvmalloc_node_noprof+0x137/0x620
[  290.421465][T11047]  ? xt_alloc_entry_offsets+0x3a/0x60
[  290.421481][T11047]  ? xt_alloc_entry_offsets+0x3a/0x60
[  290.421492][T11047]  xt_alloc_entry_offsets+0x3a/0x60
[  290.421505][T11047]  translate_table+0x22d/0x17b0
[  290.421520][T11047]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  290.421542][T11047]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  290.421560][T11047]  ? __pfx_translate_table+0x10/0x10
[  290.421576][T11047]  translate_compat_table+0x1474/0x18d0
[  290.421596][T11047]  ? __pfx_translate_compat_table+0x10/0x10
[  290.421620][T11047]  compat_do_replace+0x255/0x3c0
[  290.421634][T11047]  ? __pfx_compat_do_replace+0x10/0x10
[  290.421647][T11047]  ? __pfx_aa_get_newest_label+0x10/0x10
[  290.421659][T11047]  ? rcu_is_watching+0x12/0xc0
[  290.421675][T11047]  ? bpf_lsm_capable+0x9/0x10
[  290.421687][T11047]  ? security_capable+0x7e/0x260
[  290.421699][T11047]  do_ip6t_set_ctl+0x55d/0xa70
[  290.421712][T11047]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  290.421727][T11047]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  290.421742][T11047]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  290.421765][T11047]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  290.421778][T11047]  nf_setsockopt+0x8d/0xf0
[  290.421791][T11047]  ipv6_setsockopt+0x135/0x170
[  290.421804][T11047]  tcp_setsockopt+0xa7/0x100
[  290.421821][T11047]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  290.421834][T11047]  do_sock_setsockopt+0x221/0x470
[  290.421845][T11047]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  290.421877][T11047]  __sys_setsockopt+0x120/0x1a0
[  290.421894][T11047]  __ia32_sys_setsockopt+0xbc/0x160
[  290.421909][T11047]  ? lockdep_hardirqs_on+0x7c/0x110
[  290.421924][T11047]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  290.421940][T11047]  __do_fast_syscall_32+0x7c/0x3a0
[  290.421951][T11047]  do_fast_syscall_32+0x32/0x80
[  290.421960][T11047]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  290.421973][T11047] RIP: 0023:0xf709e579
[  290.421982][T11047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  290.421992][T11047] RSP: 002b:00000000f508e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  290.422002][T11047] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  290.422008][T11047] RDX: 0000000000000040 RSI: 0000000080000e40 RDI: 0000000000000370
[  290.422014][T11047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  290.422019][T11047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  290.422025][T11047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  290.422037][T11047]  </TASK>
[  290.862026][ T5951] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  290.864323][ T5951] ath9k_htc: Failed to initialize the device
[  290.867370][ T5990] usb 7-1: ath9k_htc: USB layer deinitialized
[  291.208862][ T7401] usb 8-1: USB disconnect, device number 21
[  291.422041][    T9] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  291.425940][    T9] ath9k_htc: Failed to initialize the device
[  291.428780][ T7401] usb 8-1: ath9k_htc: USB layer deinitialized
[  291.631329][T11066] __nla_validate_parse: 1 callbacks suppressed
[  291.631341][T11066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1409'.
[  291.771883][ T5990] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  291.939395][   T40] kauditd_printk_skb: 25199 callbacks suppressed
[  291.939407][   T40] audit: type=1326 audit(1750281789.706:31186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  291.948989][   T40] audit: type=1326 audit(1750281789.706:31187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  291.956150][   T40] audit: type=1326 audit(1750281789.706:31188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.049703][ T5990] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.051934][   T40] audit: type=1326 audit(1750281789.716:31189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.060586][   T40] audit: type=1326 audit(1750281789.716:31190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.060755][ T5990] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.070484][   T40] audit: type=1326 audit(1750281789.716:31191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.078227][   T40] audit: type=1326 audit(1750281789.716:31192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.078278][ T5990] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  292.086245][   T40] audit: type=1326 audit(1750281789.716:31193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.091572][ T5990] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  292.097203][   T40] audit: type=1326 audit(1750281789.716:31194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.099699][ T5990] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.107626][   T40] audit: type=1326 audit(1750281789.716:31195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11063 comm="syz.3.1410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  292.122167][ T5990] usb 7-1: config 0 descriptor??
[  292.193200][T11076] FAULT_INJECTION: forcing a failure.
[  292.193200][T11076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.197688][T11076] CPU: 3 UID: 0 PID: 11076 Comm: syz.1.1413 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  292.197703][T11076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.197709][T11076] Call Trace:
[  292.197713][T11076]  <TASK>
[  292.197718][T11076]  dump_stack_lvl+0x16c/0x1f0
[  292.197740][T11076]  should_fail_ex+0x512/0x640
[  292.197757][T11076]  strncpy_from_user+0x3b/0x2e0
[  292.197772][T11076]  strncpy_from_user_nofault+0x7f/0x180
[  292.197785][T11076]  bpf_bprintf_prepare+0xe6e/0x14a0
[  292.197802][T11076]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  292.197813][T11076]  ? __pfx_bstr_printf+0x10/0x10
[  292.197831][T11076]  ? bpf_trace_run2+0x3db/0x590
[  292.197844][T11076]  bpf_trace_printk+0xda/0x190
[  292.197857][T11076]  ? __pfx_bpf_trace_printk+0x10/0x10
[  292.197871][T11076]  ? bpf_trace_run2+0x3db/0x590
[  292.197889][T11076]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  292.197898][T11076]  bpf_trace_run2+0x233/0x590
[  292.197912][T11076]  ? __pfx_bpf_trace_run2+0x10/0x10
[  292.197927][T11076]  ? __bpf_prog_put_noref+0x160/0x510
[  292.197943][T11076]  kfree+0x233/0x4d0
[  292.197955][T11076]  ? rcu_is_watching+0x12/0xc0
[  292.197966][T11076]  ? ktime_get_with_offset+0x26e/0x3b0
[  292.197978][T11076]  ? bpf_prog_kallsyms_del_all+0x1f2/0x2e0
[  292.197993][T11076]  __bpf_prog_put_noref+0x160/0x510
[  292.198007][T11076]  bpf_prog_load+0x203a/0x2490
[  292.198026][T11076]  ? __pfx_bpf_prog_load+0x10/0x10
[  292.198053][T11076]  __sys_bpf+0x433c/0x4d80
[  292.198069][T11076]  ? __pfx___sys_bpf+0x10/0x10
[  292.198085][T11076]  ? ksys_write+0x190/0x250
[  292.198101][T11076]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  292.198125][T11076]  ? fput+0x70/0xf0
[  292.198134][T11076]  ? ksys_write+0x1ac/0x250
[  292.198148][T11076]  ? __pfx_ksys_write+0x10/0x10
[  292.198163][T11076]  __ia32_sys_bpf+0x76/0xe0
[  292.198174][T11076]  __do_fast_syscall_32+0x7c/0x3a0
[  292.198185][T11076]  do_fast_syscall_32+0x32/0x80
[  292.198195][T11076]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  292.198208][T11076] RIP: 0023:0xf711e579
[  292.198215][T11076] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  292.198225][T11076] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  292.198235][T11076] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000340
[  292.198241][T11076] RDX: 00000000000000e4 RSI: 0000000000000000 RDI: 0000000000000000
[  292.198247][T11076] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  292.198253][T11076] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  292.198258][T11076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  292.198271][T11076]  </TASK>
[  293.524213][T11097] FAULT_INJECTION: forcing a failure.
[  293.524213][T11097] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.529239][T11097] CPU: 0 UID: 0 PID: 11097 Comm: syz.3.1417 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  293.529262][T11097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.529273][T11097] Call Trace:
[  293.529280][T11097]  <TASK>
[  293.529288][T11097]  dump_stack_lvl+0x16c/0x1f0
[  293.529320][T11097]  should_fail_ex+0x512/0x640
[  293.529349][T11097]  _copy_to_user+0x32/0xd0
[  293.529377][T11097]  simple_read_from_buffer+0xcb/0x170
[  293.529402][T11097]  proc_fail_nth_read+0x197/0x270
[  293.529423][T11097]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.529444][T11097]  ? rw_verify_area+0xcf/0x680
[  293.529465][T11097]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  293.529485][T11097]  vfs_read+0x1e4/0xc60
[  293.529508][T11097]  ? fdget_pos+0x2a2/0x370
[  293.529535][T11097]  ? __pfx_vfs_read+0x10/0x10
[  293.529555][T11097]  ? find_held_lock+0x2b/0x80
[  293.529580][T11097]  ? __fget_files+0x20e/0x3c0
[  293.529610][T11097]  ksys_read+0x12a/0x250
[  293.529634][T11097]  ? __pfx_ksys_read+0x10/0x10
[  293.529660][T11097]  ? rcu_is_watching+0x12/0xc0
[  293.529681][T11097]  __do_fast_syscall_32+0x7c/0x3a0
[  293.529700][T11097]  do_fast_syscall_32+0x32/0x80
[  293.529716][T11097]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  293.529742][T11097] RIP: 0023:0xf7f63579
[  293.529756][T11097] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  293.529772][T11097] RSP: 002b:00000000f5086590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  293.529788][T11097] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5086620
[  293.529799][T11097] RDX: 000000000000000f RSI: 00000000f73f2ff4 RDI: 0000000000000000
[  293.529809][T11097] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  293.529819][T11097] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  293.529829][T11097] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  293.529852][T11097]  </TASK>
[  293.609060][T11101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1419'.
[  293.667605][T11105] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1421'.
[  293.725710][T11109] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  293.727826][T11109] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  293.731203][T11109] vhci_hcd vhci_hcd.0: Device attached
[  293.748280][T11112] vhci_hcd: connection closed
[  293.748563][T10035] vhci_hcd: stop threads
[  293.752732][T10035] vhci_hcd: release socket
[  293.754164][T10035] vhci_hcd: disconnect device
[  293.780023][ T5990] usbhid 7-1:0.0: can't add hid device: -71
[  293.782243][ T5990] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  293.787663][ T5990] usb 7-1: USB disconnect, device number 28
[  294.537735][T11138] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1437'.
[  294.548058][T11138] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1437'.
[  295.187947][T11150] netlink: 'syz.2.1430': attribute type 1 has an invalid length.
[  295.227607][T11150] 8021q: adding VLAN 0 to HW filter on device bond2
[  295.257970][T11150] erspan0: entered allmulticast mode
[  295.298031][T11150] bond2: (slave erspan0): making interface the new active one
[  295.302143][T11150] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  296.103545][ T5990] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  296.253936][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.255510][T11166] lo speed is unknown, defaulting to 1000
[  296.257258][ T5990] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.271880][ T5990] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  296.276407][ T5990] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  296.279184][ T5990] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.289065][ T5990] usb 5-1: config 0 descriptor??
[  296.383240][T11178] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1439'.
[  296.387193][T11178] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1439'.
[  296.414401][T11180] geneve1: entered promiscuous mode
[  296.416499][T11180] geneve1: entered allmulticast mode
[  296.869411][T11192] block device autoloading is deprecated and will be removed.
[  297.935320][T11205] mmap: syz.3.1447 (11205) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  298.231214][   T40] kauditd_printk_skb: 49 callbacks suppressed
[  298.231230][   T40] audit: type=1326 audit(1750281796.066:31245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.240804][   T40] audit: type=1326 audit(1750281796.066:31246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.248235][   T40] audit: type=1326 audit(1750281796.076:31247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.257445][   T40] audit: type=1326 audit(1750281796.076:31248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.266599][   T40] audit: type=1326 audit(1750281796.076:31249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.284807][   T40] audit: type=1326 audit(1750281796.076:31250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.297858][ T5990] usbhid 5-1:0.0: can't add hid device: -71
[  298.299871][ T5990] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  298.304412][   T40] audit: type=1326 audit(1750281796.076:31251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.311525][   T40] audit: type=1326 audit(1750281796.076:31252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.319122][ T5990] usb 5-1: USB disconnect, device number 28
[  298.324511][   T40] audit: type=1326 audit(1750281796.076:31253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.348103][   T40] audit: type=1326 audit(1750281796.076:31254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11209 comm="syz.1.1449" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000
[  298.550778][T11223] netlink: 'syz.3.1453': attribute type 14 has an invalid length.
[  298.559976][T11223] FAULT_INJECTION: forcing a failure.
[  298.559976][T11223] name failslab, interval 1, probability 0, space 0, times 0
[  298.564729][T11223] CPU: 1 UID: 0 PID: 11223 Comm: syz.3.1453 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  298.564744][T11223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.564751][T11223] Call Trace:
[  298.564755][T11223]  <TASK>
[  298.564759][T11223]  dump_stack_lvl+0x16c/0x1f0
[  298.564779][T11223]  should_fail_ex+0x512/0x640
[  298.564795][T11223]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  298.564813][T11223]  should_failslab+0xc2/0x120
[  298.564823][T11223]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  298.564838][T11223]  ? __pfx_fput_close+0x10/0x10
[  298.564848][T11223]  ? alloc_empty_file+0x55/0x1e0
[  298.564859][T11223]  alloc_empty_file+0x55/0x1e0
[  298.564870][T11223]  path_openat+0xda/0x2cb0
[  298.564887][T11223]  ? stack_trace_save+0x8e/0xc0
[  298.564898][T11223]  ? __pfx_stack_trace_save+0x10/0x10
[  298.564909][T11223]  ? __pfx_path_openat+0x10/0x10
[  298.564927][T11223]  do_filp_open+0x3c6/0x470
[  298.564941][T11223]  ? __pfx_do_filp_open+0x10/0x10
[  298.564954][T11223]  ? do_fast_syscall_32+0x32/0x80
[  298.564963][T11223]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.564986][T11223]  ? alloc_fd+0x471/0x7d0
[  298.565003][T11223]  io_openat2+0x206/0x850
[  298.565019][T11223]  ? __pfx_io_openat2+0x10/0x10
[  298.565035][T11223]  ? strncpy_from_user+0x203/0x2e0
[  298.565050][T11223]  __io_issue_sqe+0xe5/0x7c0
[  298.565069][T11223]  io_issue_sqe+0x86/0xe50
[  298.565079][T11223]  ? __io_openat_prep+0x31c/0x420
[  298.565094][T11223]  io_submit_sqes+0x92d/0x2580
[  298.565114][T11223]  __do_sys_io_uring_enter+0xd6a/0x1630
[  298.565129][T11223]  ? __fget_files+0x20e/0x3c0
[  298.565142][T11223]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  298.565157][T11223]  ? fput+0x70/0xf0
[  298.565166][T11223]  ? ksys_write+0x1ac/0x250
[  298.565179][T11223]  ? __pfx_ksys_write+0x10/0x10
[  298.565194][T11223]  ? rcu_is_watching+0x12/0xc0
[  298.565207][T11223]  __do_fast_syscall_32+0x7c/0x3a0
[  298.565218][T11223]  do_fast_syscall_32+0x32/0x80
[  298.565227][T11223]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.565250][T11223] RIP: 0023:0xf7f63579
[  298.565261][T11223] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  298.565271][T11223] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  298.565280][T11223] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000003516
[  298.565287][T11223] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  298.565292][T11223] RBP: 00000000fffffdcf R08: 0000000000000000 R09: 0000000000000000
[  298.565298][T11223] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  298.565304][T11223] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  298.565317][T11223]  </TASK>
[  298.622017][T10929] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  298.627772][T11226] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1453'.
[  298.766051][T11233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1456'.
[  298.770134][T11233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1456'.
[  298.785336][T10929] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  298.788168][T10929] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.790700][T10929] usb 7-1: Product: syz
[  298.792261][T10929] usb 7-1: Manufacturer: syz
[  298.793717][T10929] usb 7-1: SerialNumber: syz
[  298.799439][T10929] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  298.813298][  T839] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  299.208439][T11253] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1461'.
[  299.212336][T11253] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1461'.
[  299.244089][ T6251] usb 7-1: USB disconnect, device number 29
[  299.261980][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  299.779903][T11266] vlan4: entered promiscuous mode
[  299.784785][T11266] bond0: (slave vlan4): Opening slave failed
[  299.801400][T11264] block device autoloading is deprecated and will be removed.
[  299.821896][  T839] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  299.824175][  T839] ath9k_htc: Failed to initialize the device
[  299.826452][ T6251] usb 7-1: ath9k_htc: USB layer deinitialized
[  299.896607][T11272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1467'.
[  299.901947][T11272] netlink: 'syz.3.1467': attribute type 7 has an invalid length.
[  299.904446][T11272] netlink: 'syz.3.1467': attribute type 8 has an invalid length.
[  299.906886][T11272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1467'.
[  299.912629][T11272] dummy0: entered promiscuous mode
[  299.916540][T11272] dummy0: left promiscuous mode
[  300.153159][T11278] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1470'.
[  300.156563][T11278] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1470'.
[  300.216784][T11280] kvm: Disabled LAPIC found during irq injection
[  300.220951][T11280] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1471'.
[  300.227324][T11280] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  300.625697][T11285] 9pnet: Unknown protocol version 9p2000.
[  301.869414][T11330] FAULT_INJECTION: forcing a failure.
[  301.869414][T11330] name failslab, interval 1, probability 0, space 0, times 0
[  301.875563][T11330] CPU: 2 UID: 0 PID: 11330 Comm: syz.3.1485 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  301.875578][T11330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  301.875585][T11330] Call Trace:
[  301.875588][T11330]  <TASK>
[  301.875593][T11330]  dump_stack_lvl+0x16c/0x1f0
[  301.875613][T11330]  should_fail_ex+0x512/0x640
[  301.875631][T11330]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  301.875649][T11330]  should_failslab+0xc2/0x120
[  301.875659][T11330]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  301.875674][T11330]  ? __alloc_skb+0x2b2/0x380
[  301.875689][T11330]  ? bpf_lsm_capable+0x9/0x10
[  301.875703][T11330]  __alloc_skb+0x2b2/0x380
[  301.875718][T11330]  ? __pfx___alloc_skb+0x10/0x10
[  301.875732][T11330]  ? genl_rcv_msg+0x480/0x800
[  301.875745][T11330]  ? genl_rcv_msg+0x4bb/0x800
[  301.875760][T11330]  netlink_ack+0x15d/0xb80
[  301.875775][T11330]  netlink_rcv_skb+0x332/0x420
[  301.875786][T11330]  ? __pfx_genl_rcv_msg+0x10/0x10
[  301.875800][T11330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  301.875817][T11330]  ? netlink_deliver_tap+0x1ae/0xd30
[  301.875829][T11330]  genl_rcv+0x28/0x40
[  301.875840][T11330]  netlink_unicast+0x53d/0x7f0
[  301.875853][T11330]  ? __pfx_netlink_unicast+0x10/0x10
[  301.875868][T11330]  netlink_sendmsg+0x8d1/0xdd0
[  301.875882][T11330]  ? __pfx_netlink_sendmsg+0x10/0x10
[  301.875895][T11330]  ? __import_iovec+0x1dd/0x650
[  301.875907][T11330]  ____sys_sendmsg+0xa98/0xc70
[  301.875921][T11330]  ? __pfx_____sys_sendmsg+0x10/0x10
[  301.875932][T11330]  ? get_compat_msghdr+0x11a/0x170
[  301.875948][T11330]  ___sys_sendmsg+0x134/0x1d0
[  301.875965][T11330]  ? __pfx____sys_sendmsg+0x10/0x10
[  301.875987][T11330]  ? find_held_lock+0x2b/0x80
[  301.876006][T11330]  __sys_sendmsg+0x16d/0x220
[  301.876021][T11330]  ? __pfx___sys_sendmsg+0x10/0x10
[  301.876043][T11330]  ? rcu_is_watching+0x12/0xc0
[  301.876055][T11330]  __do_fast_syscall_32+0x7c/0x3a0
[  301.876066][T11330]  do_fast_syscall_32+0x32/0x80
[  301.876076][T11330]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  301.876089][T11330] RIP: 0023:0xf7f63579
[  301.876097][T11330] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  301.876107][T11330] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  301.876118][T11330] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  301.876124][T11330] RDX: 0000000020040004 RSI: 0000000000000000 RDI: 0000000000000000
[  301.876130][T11330] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  301.876135][T11330] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  301.876141][T11330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  301.876154][T11330]  </TASK>
[  302.145310][T11338] fuse: Unknown parameter 'group_d'
[  302.633934][T11354] netlink: 'syz.0.1492': attribute type 14 has an invalid length.
[  302.651822][ T1328] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  302.803754][ T1328] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  302.808094][ T1328] usb 7-1: config 0 has no interfaces?
[  302.810508][ T1328] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  302.814357][ T1328] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.819525][ T1328] usb 7-1: config 0 descriptor??
[  303.033866][    T9] usb 7-1: USB disconnect, device number 30
[  303.662151][    T9] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  303.802962][T11384] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  303.889952][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  303.979016][    T9] usb 7-1: config 0 has no interfaces?
[  303.981651][    T9] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  303.985270][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.017905][    T9] usb 7-1: config 0 descriptor??
[  304.622680][   T60] usb 7-1: USB disconnect, device number 31
[  306.085231][T11416] __nla_validate_parse: 10 callbacks suppressed
[  306.085242][T11416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1507'.
[  306.090705][T11416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1507'.
[  306.391534][T11423] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1509'.
[  306.397180][T11423] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1509'.
[  306.557637][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  306.557647][   T40] audit: type=1326 audit(1750281804.396:31280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.3.1508" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x0
[  307.328392][T11445] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1516'.
[  307.332224][T11445] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1516'.
[  307.611924][ T1328] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  307.806686][ T1328] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  307.809702][ T1328] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.820032][ T1328] usb 8-1: Product: syz
[  307.851503][ T1328] usb 8-1: Manufacturer: syz
[  307.882496][ T1328] usb 8-1: SerialNumber: syz
[  308.006229][ T1328] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  308.738903][   T53] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  308.827308][T11461] loop9: detected capacity change from 0 to 7
[  308.911709][T11461] Dev loop9: unable to read RDB block 7
[  308.914946][T11461]  loop9: unable to read partition table
[  308.917732][T11461] loop9: partition table beyond EOD, truncated
[  308.919774][T11461] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  309.174958][ T5990] usb 8-1: USB disconnect, device number 22
[  309.203309][T11470] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  309.205341][T11470] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  309.207806][T11470] vhci_hcd vhci_hcd.0: Device attached
[  309.213535][T11471] usbip_core: unknown command
[  309.215087][T11471] vhci_hcd: unknown pdu 0
[  309.216472][T11471] usbip_core: unknown command
[  309.221700][   T72] vhci_hcd: stop threads
[  309.223948][   T72] vhci_hcd: release socket
[  309.225585][   T72] vhci_hcd: disconnect device
[  309.252755][ T1328] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  309.255976][ T1328] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  309.314078][T11477] bond1: (slave erspan0): Releasing active interface
[  309.367215][T11477] bond2: (slave dummy0): Releasing active interface
[  309.371320][T11477] dummy0: left promiscuous mode
[  309.398609][T11477] bridge_slave_0: left allmulticast mode
[  309.400482][T11477] bridge_slave_0: left promiscuous mode
[  309.402682][T11477] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.443302][T11480] netlink: 'syz.0.1523': attribute type 10 has an invalid length.
[  309.453104][T11477] bridge_slave_1: left allmulticast mode
[  309.454891][T11477] bridge_slave_1: left promiscuous mode
[  309.456725][T11477] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.489166][T11477] bond0: (slave bond_slave_0): Releasing backup interface
[  309.526197][T11477] bond0: (slave bond_slave_1): Releasing backup interface
[  309.553614][T11477] team0: Port device team_slave_0 removed
[  309.568141][T11477] team0: Port device team_slave_1 removed
[  309.571084][T11477] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.573970][T11477] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.579559][T11477] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.582282][T11477] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.618836][  T839] lo speed is unknown, defaulting to 1000
[  309.688085][T11479] team0: Mode changed to "loadbalance"
[  309.700211][T11480] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.706789][T11480] team0: Port device bond0 added
[  309.821863][   T53] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  309.824885][   T53] ath9k_htc: Failed to initialize the device
[  309.828070][ T5990] usb 8-1: ath9k_htc: USB layer deinitialized
[  310.044057][T11484] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1525'.
[  310.047516][T11484] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1525'.
[  311.079924][T11495] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  311.082551][T11495] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  311.087433][T11495] vhci_hcd vhci_hcd.0: Device attached
[  311.093567][T11496] usbip_core: unknown command
[  311.095649][T11496] vhci_hcd: unknown pdu 0
[  311.097586][T11496] usbip_core: unknown command
[  311.099716][ T1143] vhci_hcd: stop threads
[  311.101863][ T1143] vhci_hcd: release socket
[  311.106954][ T1143] vhci_hcd: disconnect device
[  311.167136][T11498] team0: Unable to change to the same mode the team is in
[  311.171166][T11498] netlink: 'syz.1.1528': attribute type 10 has an invalid length.
[  311.176044][T11498] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.183387][T11498] team0: Port device bond0 added
[  311.188319][T11498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1528'.
[  311.479172][T11498] team0 (unregistering): Port device bond0 removed
[  313.743521][T11534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1538'.
[  313.747515][T11534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1538'.
[  313.776689][T11537] 9pnet_fd: Insufficient options for proto=fd
[  314.720451][T11562] nvme_fabrics: missing parameter 'transport=%s'
[  314.723491][T11562] nvme_fabrics: missing parameter 'nqn=%s'
[  315.026078][T11571] overlayfs: missing 'lowerdir'
[  315.046294][T11571] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1547'.
[  315.049174][T11571] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1547'.
[  315.231901][T10929] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  315.361829][T10929] usb 6-1: device descriptor read/64, error -71
[  315.621853][T10929] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  315.761807][T10929] usb 6-1: device descriptor read/64, error -71
[  315.797066][T11588] binder: 11587:11588 ioctl c0306201 80000040 returned -14
[  315.873017][T10929] usb usb6-port1: attempt power cycle
[  315.884474][T11603] lo speed is unknown, defaulting to 1000
[  316.224372][T10929] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  316.242631][T10929] usb 6-1: device descriptor read/8, error -71
[  316.266121][T11608] lo speed is unknown, defaulting to 1000
[  316.502001][T10929] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  316.525767][T10929] usb 6-1: device descriptor read/8, error -71
[  316.547981][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  316.550646][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  316.632743][T10929] usb usb6-port1: unable to enumerate USB device
[  317.381987][   T53] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  317.543754][   T53] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.548186][   T53] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.551875][   T53] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  317.556589][   T53] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  317.560452][   T53] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.566349][   T53] usb 8-1: config 0 descriptor??
[  317.756927][T11631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1563'.
[  317.760740][T11631] netlink: 50 bytes leftover after parsing attributes in process `syz.2.1563'.
[  317.764271][T11631] netlink: 50 bytes leftover after parsing attributes in process `syz.2.1563'.
[  317.920905][T11635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1565'.
[  317.955903][T11638] lo speed is unknown, defaulting to 1000
[  319.404408][T11664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  319.409906][T11664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  319.651849][T10929] usb 6-1: new full-speed USB device number 35 using dummy_hcd
[  319.801939][T10929] usb 6-1: device descriptor read/64, error -71
[  320.061871][T10929] usb 6-1: new full-speed USB device number 36 using dummy_hcd
[  320.203928][T10929] usb 6-1: device descriptor read/64, error -71
[  320.310430][   T53] usbhid 8-1:0.0: can't add hid device: -71
[  320.312159][T10929] usb usb6-port1: attempt power cycle
[  320.404756][   T53] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  320.409871][   T53] usb 8-1: USB disconnect, device number 23
[  320.662402][T10929] usb 6-1: new full-speed USB device number 37 using dummy_hcd
[  320.692839][T10929] usb 6-1: device descriptor read/8, error -71
[  320.931960][T10929] usb 6-1: new full-speed USB device number 38 using dummy_hcd
[  320.953615][T10929] usb 6-1: device descriptor read/8, error -71
[  321.066073][T10929] usb usb6-port1: unable to enumerate USB device
[  321.697183][T11710] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1586'.
[  321.802099][ T5951] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  321.965733][ T5951] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  321.969367][ T5951] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.972743][ T5951] usb 5-1: Product: syz
[  321.974695][ T5951] usb 5-1: Manufacturer: syz
[  321.976425][ T5951] usb 5-1: SerialNumber: syz
[  321.984972][ T5951] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  321.994889][ T5990] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  322.449445][ T5951] usb 5-1: USB disconnect, device number 29
[  323.022038][ T5990] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  323.024801][ T5990] ath9k_htc: Failed to initialize the device
[  323.027222][ T5951] usb 5-1: ath9k_htc: USB layer deinitialized
[  323.037819][T11737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1595'.
[  323.166331][T11747] netlink: 'syz.2.1598': attribute type 11 has an invalid length.
[  323.202872][T11749] lo speed is unknown, defaulting to 1000
[  326.800710][T11809] lo speed is unknown, defaulting to 1000
[  328.028604][T11830] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1618'.
[  328.521731][   T40] audit: type=1804 audit(1750281826.356:31281): pid=11844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1623" name="/newroot/372/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  328.533007][   T40] audit: type=1800 audit(1750281826.356:31282): pid=11844 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1623" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  329.020374][T11856] lo speed is unknown, defaulting to 1000
[  329.598244][T11870] netlink: 'syz.0.1630': attribute type 1 has an invalid length.
[  329.601194][T11870] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1630'.
[  329.604353][T11870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1630'.
[  329.661553][T11878] 9pnet_virtio: no channels available for device syz
[  329.718526][T11884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1636'.
[  329.725203][T11884] 9pnet_fd: Insufficient options for proto=fd
[  329.741406][T11886] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1637'.
[  329.854163][T11893] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  329.856269][T11893] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  329.858705][T11893] vhci_hcd vhci_hcd.0: Device attached
[  329.863529][T11894] usbip_core: unknown command
[  329.865141][T11894] vhci_hcd: unknown pdu 0
[  329.866516][T11894] usbip_core: unknown command
[  329.868313][ T1150] vhci_hcd: stop threads
[  329.870181][ T1150] vhci_hcd: release socket
[  329.874383][ T1150] vhci_hcd: disconnect device
[  330.751916][ T7401] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  330.786717][   T40] audit: type=1804 audit(1750281828.626:31283): pid=11907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1643" name="/newroot/380/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  330.794272][   T40] audit: type=1800 audit(1750281828.626:31284): pid=11907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1643" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  330.933139][ T7401] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.937493][ T7401] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.941310][ T7401] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  330.946488][ T7401] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  330.949943][ T7401] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.954398][ T7401] usb 7-1: config 0 descriptor??
[  330.977803][T11917] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1647'.
[  331.009381][   T40] audit: type=1326 audit(1750281828.846:31285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  331.018287][   T40] audit: type=1326 audit(1750281828.846:31286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  331.026793][   T40] audit: type=1326 audit(1750281828.846:31287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf709e579 code=0x7ffc0000
[  331.035710][   T40] audit: type=1326 audit(1750281828.846:31288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  331.044258][   T40] audit: type=1326 audit(1750281828.846:31289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  331.052622][   T40] audit: type=1326 audit(1750281828.846:31290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11918 comm="syz.0.1648" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf709e579 code=0x7ffc0000
[  332.234511][T11937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1654'.
[  332.290492][T11943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1656'.
[  332.375338][T11947] netlink: 'syz.3.1657': attribute type 3 has an invalid length.
[  332.418931][T11950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1659'.
[  332.541902][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  332.688560][T11955] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1660'.
[  332.692364][T11955] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1660'.
[  332.729086][T11954] bridge8: entered promiscuous mode
[  332.764138][   T53] Process accounting resumed
[  333.342707][ T7401] usbhid 7-1:0.0: can't add hid device: -71
[  333.344668][ T7401] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  333.354048][ T7401] usb 7-1: USB disconnect, device number 32
[  333.366989][T11965] vlan4: entered promiscuous mode
[  333.368684][T11965] bond0: entered promiscuous mode
[  333.369794][T11966] fuse: Unknown parameter 'ootmode'
[  333.370749][T11965] bond0: (slave vlan4): Opening slave failed
[  333.429998][T11970] lo speed is unknown, defaulting to 1000
[  333.477742][T11973] io-wq is not configured for unbound workers
[  333.644614][T11987] input: syz1 as /devices/virtual/input/input36
[  333.676153][T11987] lo speed is unknown, defaulting to 1000
[  334.142390][T12000] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  334.145386][T12000] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  334.148773][T12000] vhci_hcd vhci_hcd.0: Device attached
[  334.151391][T12001] vhci_hcd: connection closed
[  334.152572][   T12] vhci_hcd: stop threads
[  334.155479][   T12] vhci_hcd: release socket
[  334.156969][   T12] vhci_hcd: disconnect device
[  334.210526][   T40] kauditd_printk_skb: 65 callbacks suppressed
[  334.210540][   T40] audit: type=1804 audit(1750281832.049:31356): pid=12008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1676" name="/newroot/398/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  334.220413][   T40] audit: type=1800 audit(1750281832.049:31357): pid=12008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1676" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  334.323589][T12014] lo speed is unknown, defaulting to 1000
[  334.836928][T12022] block nbd3: shutting down sockets
[  335.006542][T12034] __nla_validate_parse: 9 callbacks suppressed
[  335.006561][T12034] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1684'.
[  335.019686][T12034] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1684'.
[  335.224402][T12037] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1685'.
[  335.228780][T12037] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1685'.
[  335.347555][   T40] audit: type=1326 audit(1750281833.189:31358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12038 comm="syz.1.1686" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0
[  335.514123][T12043] 9pnet_virtio: no channels available for device syz
[  335.891908][T12050] wireguard0: entered promiscuous mode
[  336.811250][T12075] netlink: 'syz.0.1697': attribute type 1 has an invalid length.
[  336.837897][T12075] bond3: entered promiscuous mode
[  336.840960][T12075] 8021q: adding VLAN 0 to HW filter on device bond3
[  336.860192][T12075] bond3: (slave dummy0): making interface the new active one
[  336.862905][T12075] dummy0: entered promiscuous mode
[  336.866096][T12075] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  336.982010][   T34] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  337.135391][   T34] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  337.139420][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.143199][   T34] usb 6-1: Product: syz
[  337.145100][   T34] usb 6-1: Manufacturer: syz
[  337.147062][   T34] usb 6-1: SerialNumber: syz
[  337.158262][   T34] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  337.470967][T10929] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  337.840710][T12087] process 'syz.3.1700' launched './file0' with NULL argv: empty string added
[  337.882134][   T34] usb 6-1: USB disconnect, device number 39
[  338.473183][T12104] netlink: 'syz.0.1705': attribute type 1 has an invalid length.
[  338.510856][T12104] 8021q: adding VLAN 0 to HW filter on device bond4
[  338.528988][T12104] bond4: (slave erspan0): making interface the new active one
[  338.532131][T12104] bond4: (slave erspan0): Enslaving as an active interface with an up link
[  338.555443][T10929] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  339.343858][T10929] ath9k_htc: Failed to initialize the device
[  339.348055][   T34] usb 6-1: ath9k_htc: USB layer deinitialized
[  339.393340][T12116] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  339.395413][T12116] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  339.398533][T12116] vhci_hcd vhci_hcd.0: Device attached
[  339.406786][T12118] usbip_core: unknown command
[  339.408680][T12118] vhci_hcd: unknown pdu 0
[  339.410817][T12118] usbip_core: unknown command
[  339.415385][   T72] vhci_hcd: stop threads
[  339.416772][   T72] vhci_hcd: release socket
[  339.418197][   T72] vhci_hcd: disconnect device
[  339.515441][T12123] team0: No ports can be present during mode change
[  339.529645][T12123] netlink: 'syz.0.1708': attribute type 10 has an invalid length.
[  342.026053][T12151] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1717'.
[  342.791837][   T53] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  342.953374][   T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.957249][   T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.960628][   T53] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  342.966584][   T53] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  342.969957][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.975321][   T53] usb 7-1: config 0 descriptor??
[  343.011905][T10929] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  343.163106][T10929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  343.166555][T10929] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  343.170392][T10929] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  343.176342][T10929] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  343.180041][T10929] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.189166][T10929] usb 8-1: config 0 descriptor??
[  345.159886][   T53] usbhid 7-1:0.0: can't add hid device: -71
[  345.163203][   T53] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  345.166983][   T53] usb 7-1: USB disconnect, device number 33
[  345.377607][   T40] audit: type=1326 audit(1750281843.219:31359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12194 comm="syz.1.1728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7fc00000
[  345.545525][T10929] usbhid 8-1:0.0: can't add hid device: -71
[  345.547561][T10929] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  346.731240][T10929] usb 8-1: USB disconnect, device number 24
[  347.827643][T12259] block device autoloading is deprecated and will be removed.
[  347.881848][    T9] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  348.044858][    T9] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  348.047711][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.050179][    T9] usb 7-1: Product: syz
[  348.051548][    T9] usb 7-1: Manufacturer: syz
[  348.053430][    T9] usb 7-1: SerialNumber: syz
[  348.074706][    T9] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  348.123663][    T9] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  348.226703][T12260] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  349.202036][ T6060] usb 7-1: USB disconnect, device number 34
[  349.205825][    T9] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  349.208026][    T9] ath9k_htc: Failed to initialize the device
[  349.211959][ T6060] usb 7-1: ath9k_htc: USB layer deinitialized
[  349.789331][T12308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1747'.
[  349.792169][T12308] netlink: 'syz.0.1747': attribute type 5 has an invalid length.
[  349.794588][T12308] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1747'.
[  349.807818][T12308] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  349.810554][T12308] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  349.813383][T12308] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  349.816066][T12308] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  349.819012][T12308] geneve2: entered promiscuous mode
[  349.820807][T12308] geneve2: entered allmulticast mode
[  351.682782][    T9] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  351.835947][    T9] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  351.839801][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.843365][    T9] usb 7-1: Product: syz
[  351.845137][    T9] usb 7-1: Manufacturer: syz
[  351.847117][    T9] usb 7-1: SerialNumber: syz
[  351.853947][    T9] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  351.879114][    T9] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  352.100053][T12346] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  352.145825][T12348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1759'.
[  352.196820][T12350] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1760'.
[  352.238835][T12354] kAFS: unable to lookup cell 'Þ({^ú@'
[  352.307946][ T6060] usb 7-1: USB disconnect, device number 35
[  352.342094][T12362] tmpfs: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  352.444409][T12365] trusted_key: encrypted_key: insufficient parameters specified
[  352.905343][T12375] block device autoloading is deprecated and will be removed.
[  352.941865][    T9] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  352.948423][    T9] ath9k_htc: Failed to initialize the device
[  352.953159][ T6060] usb 7-1: ath9k_htc: USB layer deinitialized
[  353.507478][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.511013][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.558377][   T29] Process accounting resumed
[  353.571651][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.576602][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.616349][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.619313][T12381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1767'.
[  353.994991][T12406] netlink: 'syz.2.1776': attribute type 14 has an invalid length.
[  353.999373][T12406] FAULT_INJECTION: forcing a failure.
[  353.999373][T12406] name failslab, interval 1, probability 0, space 0, times 0
[  354.003606][T12406] CPU: 3 UID: 0 PID: 12406 Comm: syz.2.1776 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  354.003621][T12406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  354.003637][T12406] Call Trace:
[  354.003643][T12406]  <TASK>
[  354.003647][T12406]  dump_stack_lvl+0x16c/0x1f0
[  354.003691][T12406]  should_fail_ex+0x512/0x640
[  354.003712][T12406]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  354.003729][T12406]  should_failslab+0xc2/0x120
[  354.003739][T12406]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  354.003754][T12406]  ? security_file_alloc+0x34/0x2b0
[  354.003770][T12406]  security_file_alloc+0x34/0x2b0
[  354.003782][T12406]  init_file+0x93/0x4c0
[  354.003793][T12406]  alloc_empty_file+0x73/0x1e0
[  354.003804][T12406]  path_openat+0xda/0x2cb0
[  354.003821][T12406]  ? stack_trace_save+0x8e/0xc0
[  354.003832][T12406]  ? __pfx_stack_trace_save+0x10/0x10
[  354.003843][T12406]  ? __pfx_path_openat+0x10/0x10
[  354.003861][T12406]  do_filp_open+0x3c6/0x470
[  354.003875][T12406]  ? __pfx_do_filp_open+0x10/0x10
[  354.003888][T12406]  ? do_fast_syscall_32+0x32/0x80
[  354.003897][T12406]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  354.003921][T12406]  ? alloc_fd+0x471/0x7d0
[  354.003938][T12406]  io_openat2+0x206/0x850
[  354.003954][T12406]  ? __pfx_io_openat2+0x10/0x10
[  354.003970][T12406]  ? strncpy_from_user+0x203/0x2e0
[  354.003985][T12406]  __io_issue_sqe+0xe5/0x7c0
[  354.004003][T12406]  io_issue_sqe+0x86/0xe50
[  354.004015][T12406]  ? __io_openat_prep+0x31c/0x420
[  354.004029][T12406]  io_submit_sqes+0x92d/0x2580
[  354.004050][T12406]  __do_sys_io_uring_enter+0xd6a/0x1630
[  354.004065][T12406]  ? __fget_files+0x20e/0x3c0
[  354.004077][T12406]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  354.004092][T12406]  ? fput+0x70/0xf0
[  354.004101][T12406]  ? ksys_write+0x1ac/0x250
[  354.004115][T12406]  ? __pfx_ksys_write+0x10/0x10
[  354.004129][T12406]  ? rcu_is_watching+0x12/0xc0
[  354.004142][T12406]  __do_fast_syscall_32+0x7c/0x3a0
[  354.004152][T12406]  do_fast_syscall_32+0x32/0x80
[  354.004166][T12406]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  354.004179][T12406] RIP: 0023:0xf7f27579
[  354.004187][T12406] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  354.004197][T12406] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  354.004207][T12406] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000003516
[  354.004213][T12406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  354.004219][T12406] RBP: 00000000fffffdcf R08: 0000000000000000 R09: 0000000000000000
[  354.004224][T12406] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  354.004230][T12406] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  354.004243][T12406]  </TASK>
[  354.140908][T12394] 9pnet: Unknown protocol version 9p2000.
[  354.482982][T12431] vlan4: entered promiscuous mode
[  354.484558][T12431] bond0: entered promiscuous mode
[  354.486595][T12431] bond0: (slave vlan4): Opening slave failed
[  354.685288][T12426] random: crng reseeded on system resumption
[  355.530764][T12447] FAULT_INJECTION: forcing a failure.
[  355.530764][T12447] name failslab, interval 1, probability 0, space 0, times 0
[  355.536679][T12447] CPU: 2 UID: 0 PID: 12447 Comm: syz.2.1787 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  355.536695][T12447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.536701][T12447] Call Trace:
[  355.536705][T12447]  <TASK>
[  355.536709][T12447]  dump_stack_lvl+0x16c/0x1f0
[  355.536729][T12447]  should_fail_ex+0x512/0x640
[  355.536744][T12447]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  355.536761][T12447]  should_failslab+0xc2/0x120
[  355.536771][T12447]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  355.536786][T12447]  ? __alloc_skb+0x2b2/0x380
[  355.536804][T12447]  __alloc_skb+0x2b2/0x380
[  355.536818][T12447]  ? __pfx___alloc_skb+0x10/0x10
[  355.536831][T12447]  ? netlink_sendmsg+0x8d1/0xdd0
[  355.536842][T12447]  ? ____sys_sendmsg+0xa98/0xc70
[  355.536856][T12447]  ? __nla_parse+0x40/0x60
[  355.536868][T12447]  inet_rtm_getroute+0x90c/0x26a0
[  355.536888][T12447]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  355.536929][T12447]  ? find_held_lock+0x2b/0x80
[  355.536940][T12447]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  355.536954][T12447]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  355.536968][T12447]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  355.536979][T12447]  ? __pfx_inet_rtm_getroute+0x10/0x10
[  355.536994][T12447]  rtnetlink_rcv_msg+0x95e/0xe90
[  355.537005][T12447]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.537019][T12447]  ? ref_tracker_free+0x37c/0x830
[  355.537036][T12447]  netlink_rcv_skb+0x155/0x420
[  355.537047][T12447]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.537057][T12447]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  355.537074][T12447]  ? netlink_deliver_tap+0x1ae/0xd30
[  355.537087][T12447]  netlink_unicast+0x53d/0x7f0
[  355.537100][T12447]  ? __pfx_netlink_unicast+0x10/0x10
[  355.537115][T12447]  netlink_sendmsg+0x8d1/0xdd0
[  355.537128][T12447]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.537140][T12447]  ? __import_iovec+0x1dd/0x650
[  355.537153][T12447]  ____sys_sendmsg+0xa98/0xc70
[  355.537166][T12447]  ? __pfx_____sys_sendmsg+0x10/0x10
[  355.537177][T12447]  ? get_compat_msghdr+0x11a/0x170
[  355.537193][T12447]  ___sys_sendmsg+0x134/0x1d0
[  355.537209][T12447]  ? __pfx____sys_sendmsg+0x10/0x10
[  355.537231][T12447]  ? find_held_lock+0x2b/0x80
[  355.537249][T12447]  __sys_sendmsg+0x16d/0x220
[  355.537265][T12447]  ? __pfx___sys_sendmsg+0x10/0x10
[  355.537286][T12447]  ? rcu_is_watching+0x12/0xc0
[  355.537298][T12447]  __do_fast_syscall_32+0x7c/0x3a0
[  355.537309][T12447]  do_fast_syscall_32+0x32/0x80
[  355.537319][T12447]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  355.537332][T12447] RIP: 0023:0xf7f27579
[  355.537340][T12447] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  355.537350][T12447] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  355.537360][T12447] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240
[  355.537366][T12447] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  355.537372][T12447] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  355.537378][T12447] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  355.537383][T12447] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  355.537395][T12447]  </TASK>
[  355.641322][    C2] hpet: Lost 5 RTC interrupts
[  355.677148][T12449] kvm: Disabled LAPIC found during irq injection
[  355.680660][T12449] __nla_validate_parse: 3 callbacks suppressed
[  355.680669][T12449] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1788'.
[  355.687411][T12449] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  356.930247][T12491] netlink: 'syz.2.1801': attribute type 14 has an invalid length.
[  356.962431][ T5990] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  356.999650][T12494] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1801'.
[  357.091910][ T5990] usb 8-1: device descriptor read/64, error -71
[  357.332100][ T5990] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  357.463638][ T5990] usb 8-1: device descriptor read/64, error -71
[  357.572422][ T5990] usb usb8-port1: attempt power cycle
[  357.921953][ T5990] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  357.943863][ T5990] usb 8-1: device descriptor read/8, error -71
[  358.021350][T12518] overlayfs: failed to resolve './file0': -2
[  358.176865][T12522] FAULT_INJECTION: forcing a failure.
[  358.176865][T12522] name failslab, interval 1, probability 0, space 0, times 0
[  358.181872][T12522] CPU: 1 UID: 0 PID: 12522 Comm: syz.1.1810 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  358.181896][T12522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.181906][T12522] Call Trace:
[  358.181920][T12522]  <TASK>
[  358.181933][T12522]  dump_stack_lvl+0x16c/0x1f0
[  358.181976][T12522]  should_fail_ex+0x512/0x640
[  358.182005][T12522]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  358.182032][T12522]  should_failslab+0xc2/0x120
[  358.182049][T12522]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  358.182073][T12522]  ? __alloc_skb+0x2b2/0x380
[  358.182103][T12522]  __alloc_skb+0x2b2/0x380
[  358.182125][T12522]  ? __pfx___alloc_skb+0x10/0x10
[  358.182153][T12522]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  358.182177][T12522]  netlink_alloc_large_skb+0x69/0x130
[  358.182196][T12522]  netlink_sendmsg+0x6a1/0xdd0
[  358.182217][T12522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.182236][T12522]  ? __import_iovec+0x1dd/0x650
[  358.182255][T12522]  ____sys_sendmsg+0xa98/0xc70
[  358.182277][T12522]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.182295][T12522]  ? get_compat_msghdr+0x11a/0x170
[  358.182322][T12522]  ___sys_sendmsg+0x134/0x1d0
[  358.182349][T12522]  ? __pfx____sys_sendmsg+0x10/0x10
[  358.182383][T12522]  ? find_held_lock+0x2b/0x80
[  358.182415][T12522]  __sys_sendmsg+0x16d/0x220
[  358.182442][T12522]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.182473][T12522]  ? rcu_is_watching+0x12/0xc0
[  358.182495][T12522]  __do_fast_syscall_32+0x7c/0x3a0
[  358.182513][T12522]  do_fast_syscall_32+0x32/0x80
[  358.182529][T12522]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.182548][T12522] RIP: 0023:0xf711e579
[  358.182561][T12522] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.182577][T12522] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  358.182593][T12522] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  358.182604][T12522] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  358.182614][T12522] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.182623][T12522] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.182633][T12522] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.182680][T12522]  </TASK>
[  358.194091][ T5990] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  358.294798][T12527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1812'.
[  358.312397][ T5990] usb 8-1: device descriptor read/8, error -71
[  358.422115][ T5990] usb usb8-port1: unable to enumerate USB device
[  358.639682][T12538] loop9: detected capacity change from 0 to 7
[  359.022786][T12538] Dev loop9: unable to read RDB block 7
[  359.024838][T12538]  loop9: unable to read partition table
[  359.027246][T12538] loop9: partition table beyond EOD, truncated
[  359.029229][T12538] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  359.425379][T12553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1821'.
[  359.794119][T12563] "syz.1.1825" (12563) uses obsolete ecb(arc4) skcipher
[  359.894954][T12581] qnx6: unable to set blocksize
[  360.841899][   T29] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  361.006796][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.010217][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.016414][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  361.020327][   T29] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  361.036730][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.040355][   T29] usb 5-1: config 0 descriptor??
[  361.151882][ T5990] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  361.303057][ T5990] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.306828][ T5990] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.309734][ T5990] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  361.313799][ T5990] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  361.316570][ T5990] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.320721][ T5990] usb 8-1: config 0 descriptor??
[  362.364258][T12634] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1842'.
[  362.516055][T12637] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1843'.
[  362.687588][T12639] nvme_fabrics: missing parameter 'transport=%s'
[  362.689606][T12639] nvme_fabrics: missing parameter 'nqn=%s'
[  363.198950][   T29] usbhid 5-1:0.0: can't add hid device: -71
[  363.200913][   T29] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  363.204743][   T29] usb 5-1: USB disconnect, device number 30
[  363.424041][ T5990] usbhid 8-1:0.0: can't add hid device: -71
[  363.425912][ T5990] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  363.430161][ T5990] usb 8-1: USB disconnect, device number 29
[  364.104506][T12680] FAULT_INJECTION: forcing a failure.
[  364.104506][T12680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.108578][T12680] CPU: 3 UID: 0 PID: 12680 Comm: syz.1.1854 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  364.108593][T12680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  364.108600][T12680] Call Trace:
[  364.108611][T12680]  <TASK>
[  364.108615][T12680]  dump_stack_lvl+0x16c/0x1f0
[  364.108647][T12680]  should_fail_ex+0x512/0x640
[  364.108669][T12680]  _copy_from_user+0x2e/0xd0
[  364.108686][T12680]  get_compat_msghdr+0xa7/0x170
[  364.108697][T12680]  ? __pfx_get_compat_msghdr+0x10/0x10
[  364.108708][T12680]  ? __pfx__kstrtoull+0x10/0x10
[  364.108722][T12680]  ___sys_sendmsg+0x1ae/0x1d0
[  364.108739][T12680]  ? __pfx____sys_sendmsg+0x10/0x10
[  364.108753][T12680]  ? __lock_acquire+0x622/0x1c90
[  364.108784][T12680]  __sys_sendmmsg+0x2f9/0x420
[  364.108801][T12680]  ? __pfx___sys_sendmmsg+0x10/0x10
[  364.108825][T12680]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  364.108846][T12680]  ? fput+0x70/0xf0
[  364.108856][T12680]  ? ksys_write+0x1ac/0x250
[  364.108870][T12680]  ? __pfx_ksys_write+0x10/0x10
[  364.108886][T12680]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  364.108897][T12680]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  364.108913][T12680]  __do_fast_syscall_32+0x7c/0x3a0
[  364.108924][T12680]  do_fast_syscall_32+0x32/0x80
[  364.108933][T12680]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  364.108946][T12680] RIP: 0023:0xf711e579
[  364.108955][T12680] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  364.108965][T12680] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  364.108974][T12680] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  364.108981][T12680] RDX: 0000000004924b68 RSI: 0000000000000000 RDI: 0000000000000000
[  364.108986][T12680] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  364.108992][T12680] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  364.108998][T12680] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  364.109011][T12680]  </TASK>
[  364.950384][   T40] audit: type=1326 audit(1750281862.789:31360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12689 comm="syz.0.1858" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x0
[  365.009317][T12691] netlink: 11 bytes leftover after parsing attributes in process `syz.0.1858'.
[  365.403659][T12708] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  365.405672][T12708] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  365.421902][T12708] vhci_hcd vhci_hcd.0: Device attached
[  365.431841][T12709] usbip_core: unknown command
[  365.433419][T12709] vhci_hcd: unknown pdu 0
[  365.434863][T12709] usbip_core: unknown command
[  365.436489][  T224] vhci_hcd: stop threads
[  365.438147][  T224] vhci_hcd: release socket
[  365.439858][  T224] vhci_hcd: disconnect device
[  365.585870][T12712] team0: No ports can be present during mode change
[  365.597114][T12712] netlink: 'syz.2.1864': attribute type 10 has an invalid length.
[  365.603738][T12712] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1864'.
[  366.036511][T12712] team0 (unregistering): Port device bond0 removed
[  366.855247][T12732] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  367.553625][T12764] support for the xor transformation has been removed.
[  368.597167][T12782] hub 9-0:1.0: USB hub found
[  368.599324][T12782] hub 9-0:1.0: 1 port detected
[  368.996532][ T5948] block nbd3: Receive control failed (result -32)
[  368.996783][T12774] block nbd3: shutting down sockets
[  369.305666][T12805] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  369.307811][T12805] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  369.310429][T12805] vhci_hcd vhci_hcd.0: Device attached
[  369.315427][T12806] usbip_core: unknown command
[  369.317488][T12806] vhci_hcd: unknown pdu 0
[  369.319347][T12806] usbip_core: unknown command
[  369.323562][ T1143] vhci_hcd: stop threads
[  369.324997][ T1143] vhci_hcd: release socket
[  369.326487][ T1143] vhci_hcd: disconnect device
[  369.645252][T12808] netlink: 'syz.3.1891': attribute type 10 has an invalid length.
[  371.424943][T12842] x_tables: duplicate underflow at hook 1
[  371.824636][T12858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1905'.
[  372.491872][ T5951] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  372.645126][ T5951] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  372.648977][ T5951] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.652493][ T5951] usb 8-1: Product: syz
[  372.653890][ T5951] usb 8-1: Manufacturer: syz
[  372.655488][ T5951] usb 8-1: SerialNumber: syz
[  372.665627][ T5951] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  372.684889][ T5951] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  372.794475][   T40] audit: type=1804 audit(1750281870.639:31361): pid=12878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1909" name="/newroot/489/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  372.921256][   T40] audit: type=1804 audit(1750281870.759:31362): pid=12880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1910" name="/newroot/490/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  372.930816][   T40] audit: type=1800 audit(1750281870.769:31363): pid=12880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1910" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  372.934318][T12882] 9pnet_virtio: no channels available for device syz
[  373.103555][    T9] usb 8-1: USB disconnect, device number 30
[  373.667658][T12911] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1918'.
[  373.747421][ T5951] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  373.761467][ T5951] ath9k_htc: Failed to initialize the device
[  373.776483][    T9] usb 8-1: ath9k_htc: USB layer deinitialized
[  375.015852][ T6060] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  375.187702][ T6060] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  375.191414][ T6060] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.201823][ T6060] usb 8-1: Product: syz
[  375.203190][ T6060] usb 8-1: Manufacturer: syz
[  375.204845][ T6060] usb 8-1: SerialNumber: syz
[  375.211381][ T6060] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  375.226989][    T9] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  375.675028][   T60] usb 8-1: USB disconnect, device number 31
[  375.679633][    C0] dummy_hcd dummy_hcd.3: timer fired with no URBs pending?
[  376.257297][T12964] lo speed is unknown, defaulting to 1000
[  376.302341][    T9] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  376.307896][    T9] ath9k_htc: Failed to initialize the device
[  376.312411][   T60] usb 8-1: ath9k_htc: USB layer deinitialized
[  376.621908][   T60] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  376.774605][   T60] usb 8-1: config 0 has no interfaces?
[  376.778783][   T60] usb 8-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  376.783710][   T60] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.787329][   T60] usb 8-1: Product: syz
[  376.789723][   T60] usb 8-1: Manufacturer: syz
[  376.795717][   T60] usb 8-1: SerialNumber: syz
[  376.810319][   T60] usb 8-1: config 0 descriptor??
[  377.051713][T12964] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  377.054835][T12964] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  377.112003][T12964] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  377.116801][T10929] usb 8-1: USB disconnect, device number 32
[  377.265559][T12982] lo speed is unknown, defaulting to 1000
[  377.985556][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  377.988026][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  378.242075][   T53] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  378.380085][T13018] netlink: 'syz.1.1948': attribute type 10 has an invalid length.
[  378.414676][   T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.418274][   T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.432868][   T53] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  378.440413][   T53] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  378.449034][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.490138][   T53] usb 5-1: config 0 descriptor??
[  378.682026][   T40] audit: type=1326 audit(1750281876.499:31364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13028 comm="syz.1.1951" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0
[  378.719250][T13031] lo speed is unknown, defaulting to 1000
[  379.248243][T13038] ip6tnl1: entered promiscuous mode
[  379.250225][T13038] ip6tnl1: entered allmulticast mode
[  379.888906][   T40] audit: type=1804 audit(1750281877.729:31365): pid=13054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1958" name="/newroot/473/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  379.896167][   T40] audit: type=1800 audit(1750281877.729:31366): pid=13054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1958" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  379.952325][T13060] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  380.277305][T13065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1963'.
[  380.321811][   T29] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  380.492714][T13072] FAULT_INJECTION: forcing a failure.
[  380.492714][T13072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.496007][   T29] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  380.496876][T13072] CPU: 0 UID: 0 PID: 13072 Comm: syz.3.1965 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  380.496891][T13072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  380.496898][T13072] Call Trace:
[  380.496902][T13072]  <TASK>
[  380.496907][T13072]  dump_stack_lvl+0x16c/0x1f0
[  380.496940][T13072]  should_fail_ex+0x512/0x640
[  380.496961][T13072]  strncpy_from_user+0x3b/0x2e0
[  380.496978][T13072]  getname_flags.part.0+0x8f/0x550
[  380.496993][T13072]  getname_flags+0x93/0xf0
[  380.497006][T13072]  do_sys_openat2+0xb8/0x1d0
[  380.497017][T13072]  ? __pfx_do_sys_openat2+0x10/0x10
[  380.497030][T13072]  ? __fget_files+0x20e/0x3c0
[  380.497042][T13072]  ? handle_mm_fault+0x210/0xd10
[  380.497058][T13072]  __ia32_compat_sys_open+0x146/0x1e0
[  380.497070][T13072]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  380.497085][T13072]  ? rcu_is_watching+0x12/0xc0
[  380.497095][T13072]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  380.497114][T13072]  __do_fast_syscall_32+0x7c/0x3a0
[  380.497124][T13072]  do_fast_syscall_32+0x32/0x80
[  380.497134][T13072]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  380.497147][T13072] RIP: 0023:0xf7f63579
[  380.497156][T13072] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  380.497166][T13072] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  380.497176][T13072] RAX: ffffffffffffffda RBX: 0000000080000140 RCX: 000000000000033f
[  380.497182][T13072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  380.497187][T13072] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  380.497193][T13072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  380.497199][T13072] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  380.497211][T13072]  </TASK>
[  380.560690][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.563455][   T29] usb 6-1: Product: syz
[  380.564856][   T29] usb 6-1: Manufacturer: syz
[  380.566410][   T29] usb 6-1: SerialNumber: syz
[  380.574675][   T29] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  380.579522][T13079] fuse: Bad value for 'fd'
[  380.585790][ T1328] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  380.712466][   T53] usbhid 5-1:0.0: can't add hid device: -71
[  380.715762][   T53] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  380.719923][   T53] usb 5-1: USB disconnect, device number 31
[  380.754340][T13087] fuse: Bad value for 'fd'
[  381.004932][   T60] usb 6-1: USB disconnect, device number 40
[  381.661895][ T1328] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  381.664263][ T1328] ath9k_htc: Failed to initialize the device
[  381.666730][   T60] usb 6-1: ath9k_htc: USB layer deinitialized
[  381.775093][T13103] loop6: detected capacity change from 0 to 524287999
[  382.263684][T13110] wireguard0: entered promiscuous mode
[  382.273800][T13110] wireguard0: entered allmulticast mode
[  382.298124][T13117] vlan4: entered promiscuous mode
[  382.300342][T13117] bond0: (slave vlan4): Opening slave failed
[  382.543709][T13123] gfs2: not a GFS2 filesystem
[  382.559936][T13123] bridge0: entered allmulticast mode
[  382.579761][T13123] pim6reg: entered allmulticast mode
[  382.587730][T13123] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1979'.
[  382.631122][T13123] bridge0 (unregistering): left allmulticast mode
[  382.881847][T10929] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  383.001830][   T40] audit: type=1804 audit(1750281880.789:31367): pid=13131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1982" name="/newroot/512/file0/file0" dev="9p" ino=35913918 res=1 errno=0
[  383.008809][   T40] audit: type=1800 audit(1750281880.789:31368): pid=13131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1982" name="file0" dev="9p" ino=35913918 res=0 errno=0
[  383.053378][T10929] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.057132][T10929] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.060333][T10929] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  383.071879][T10929] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  383.075804][T10929] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.086383][T10929] usb 5-1: config 0 descriptor??
[  383.126452][T13136] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  385.446659][T10929] usbhid 5-1:0.0: can't add hid device: -71
[  385.448984][T10929] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  385.455576][T10929] usb 5-1: USB disconnect, device number 32
[  385.606659][T13191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1997'.
[  385.644418][T13191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1997'.
[  387.270310][T13228] fuse: Bad value for 'fd'
[  387.509800][T13241] netlink: 'syz.3.2014': attribute type 1 has an invalid length.
[  387.533140][T13241] 8021q: adding VLAN 0 to HW filter on device bond2
[  387.548966][T13241] bond2: (slave erspan0): making interface the new active one
[  387.571048][T13241] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  387.862031][T13254] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2016'.
[  387.864928][T13254] netlink: 'syz.0.2016': attribute type 5 has an invalid length.
[  387.867432][T13254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2016'.
[  388.413552][T13266] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  388.415678][T13266] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  388.419142][T13266] vhci_hcd vhci_hcd.0: Device attached
[  388.912765][T13267] vhci_hcd: connection closed
[  388.913072][  T224] vhci_hcd: stop threads
[  388.916554][  T224] vhci_hcd: release socket
[  388.918823][  T224] vhci_hcd: disconnect device
[  388.921872][    T9] usb 43-1: new high-speed USB device number 3 using vhci_hcd
[  388.924451][    T9] usb 43-1: enqueue for inactive port 0
[  388.991836][    T9] vhci_hcd: vhci_device speed not set
[  389.404111][T13296] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  390.380799][T13327] lo speed is unknown, defaulting to 1000
[  390.746440][T13335] kvm: apic: phys broadcast and lowest prio
[  391.272993][T13352] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  391.275688][T13352] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  391.278450][T13352] vhci_hcd vhci_hcd.0: Device attached
[  391.287392][T13352] netdevsim netdevsim2: Direct firmware load for @ failed with error -2
[  391.290197][T13352] netdevsim netdevsim2: Falling back to sysfs fallback for: @
[  391.362598][T13355] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(12)
[  391.364854][T13355] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  391.367670][T13355] vhci_hcd vhci_hcd.0: Device attached
[  391.551848][   T29] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  391.719294][T13359] erspan0: left allmulticast mode
[  391.817005][T13356] vhci_hcd: connection closed
[  391.817177][   T61] vhci_hcd: stop threads
[  391.821296][   T61] vhci_hcd: release socket
[  391.824247][   T61] vhci_hcd: disconnect device
[  391.827099][T13353] vhci_hcd: connection reset by peer
[  391.829008][   T61] vhci_hcd: stop threads
[  391.830428][   T61] vhci_hcd: release socket
[  391.833221][   T61] vhci_hcd: disconnect device
[  392.048826][T13359] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.053262][T13359] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.057500][T13359] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  392.061505][T13359] geneve1: left promiscuous mode
[  392.064024][T13359] geneve1: left allmulticast mode
[  392.103565][T13359] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  392.106622][T13359] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  392.109681][T13359] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  392.113364][T13359] geneve2: left promiscuous mode
[  392.115017][T13359] geneve2: left allmulticast mode
[  392.130303][T13359] vlan3: left promiscuous mode
[  392.133704][T13359] vlan3: left allmulticast mode
[  392.135612][T13359] hsr_slave_1: left allmulticast mode
[  392.140518][T13359] bridge5: left promiscuous mode
[  392.177092][T13359] ip6tnl1: left allmulticast mode
[  392.184903][T13359] wireguard0: left promiscuous mode
[  392.281931][    T9] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  392.438500][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.443819][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  392.446630][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  392.450497][    T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  392.455561][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.469013][    T9] usb 5-1: config 0 descriptor??
[  392.734703][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.737624][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.769002][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.772843][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.794299][ T1328] Process accounting resumed
[  392.833991][   T40] audit: type=1326 audit(1750281890.669:31369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.841364][   T40] audit: type=1326 audit(1750281890.669:31370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.843148][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.848211][   T40] audit: type=1326 audit(1750281890.669:31371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.851028][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2047'.
[  392.859482][   T40] audit: type=1326 audit(1750281890.669:31372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.871014][   T40] audit: type=1326 audit(1750281890.669:31373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.878711][   T40] audit: type=1326 audit(1750281890.679:31374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.886022][   T40] audit: type=1326 audit(1750281890.679:31375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.893859][   T40] audit: type=1326 audit(1750281890.679:31376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.900912][   T40] audit: type=1326 audit(1750281890.679:31377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  392.909296][   T40] audit: type=1326 audit(1750281890.679:31378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz.3.2048" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ffc0000
[  394.161839][T10929] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[  394.316318][T10929] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  394.323142][T10929] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.327751][T10929] usb 8-1: Product: syz
[  394.329453][T10929] usb 8-1: Manufacturer: syz
[  394.332605][T10929] usb 8-1: SerialNumber: syz
[  394.342177][T10929] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  394.367525][T10929] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  394.790827][   T53] usb 8-1: USB disconnect, device number 33
[  394.838966][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  394.841335][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  394.852525][    T9] usb 5-1: USB disconnect, device number 33
[  395.067291][T13412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2059'.
[  395.240904][T13425] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  395.431860][T10929] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  395.436346][T10929] ath9k_htc: Failed to initialize the device
[  395.477216][   T53] usb 8-1: ath9k_htc: USB layer deinitialized
[  396.312051][    T9] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[  396.396665][T13456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2071'.
[  396.565260][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.633565][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.638807][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  396.671870][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  396.681884][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.739963][   T29] vhci_hcd: vhci_device speed not set
[  396.765752][    T9] usb 8-1: config 0 descriptor??
[  397.039080][T13470] geneve4: entered promiscuous mode
[  397.040673][T13470] geneve4: entered allmulticast mode
[  398.660718][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  398.667080][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  398.677689][    T9] usb 8-1: USB disconnect, device number 34
[  398.781129][T10929] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  398.788461][T13507] xt_SECMARK: invalid mode: 0
[  398.935110][T10929] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  398.938104][T10929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.940588][T10929] usb 6-1: Product: syz
[  398.942487][T10929] usb 6-1: Manufacturer: syz
[  398.944472][T10929] usb 6-1: SerialNumber: syz
[  398.952643][T10929] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  398.967451][   T34] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  399.181670][T13514] random: crng reseeded on system resumption
[  399.407681][ T5951] usb 6-1: USB disconnect, device number 41
[  399.982522][   T34] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  400.003713][   T34] ath9k_htc: Failed to initialize the device
[  400.018794][ T5951] usb 6-1: ath9k_htc: USB layer deinitialized
[  400.316811][T13537] lo speed is unknown, defaulting to 1000
[  400.403977][T13540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2097'.
[  400.411869][ T5951] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  400.578469][ T5951] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  400.581375][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.586286][ T5951] usb 6-1: Product: syz
[  400.587809][ T5951] usb 6-1: Manufacturer: syz
[  400.589334][ T5951] usb 6-1: SerialNumber: syz
[  400.603178][ T5951] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  400.620296][ T5990] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  401.315261][   T29] usb 6-1: USB disconnect, device number 42
[  401.662167][ T5990] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  401.699157][ T5990] ath9k_htc: Failed to initialize the device
[  401.708362][   T29] usb 6-1: ath9k_htc: USB layer deinitialized
[  402.199964][T13560] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2101'.
[  402.218107][T13560] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2101'.
[  402.261891][T13560] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2101'.
[  402.883801][T13573] 9pnet: Unknown protocol version 9p2000.
[  402.897630][T13573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2104'.
[  402.914146][T13573] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2104'.
[  404.382468][T13604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2115'.
[  404.385134][T13604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2115'.
[  404.388929][T13604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2115'.
[  404.392354][T13604] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2115'.
[  405.241319][T13626] batadv1: entered allmulticast mode
[  405.262885][T13628] nvme_fabrics: missing parameter 'transport=%s'
[  405.265011][T13628] nvme_fabrics: missing parameter 'nqn=%s'
[  405.309808][T13630] input: syz1 as /devices/virtual/input/input39
[  405.387050][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  405.387063][   T40] audit: type=1326 audit(1750281903.229:31404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.398872][   T40] audit: type=1326 audit(1750281903.229:31405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.408266][   T40] audit: type=1326 audit(1750281903.229:31406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.417899][   T40] audit: type=1326 audit(1750281903.229:31407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.427727][   T40] audit: type=1326 audit(1750281903.229:31408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.437136][   T40] audit: type=1326 audit(1750281903.229:31409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.445534][   T40] audit: type=1326 audit(1750281903.229:31410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.452862][   T40] audit: type=1326 audit(1750281903.229:31411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.464489][   T40] audit: type=1326 audit(1750281903.229:31412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  405.471497][   T40] audit: type=1326 audit(1750281903.229:31413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13631 comm="syz.3.2122" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f63579 code=0x7ff00000
[  406.311835][   T29] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  406.477023][   T29] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  406.479813][   T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.482940][   T29] usb 5-1: Product: syz
[  406.484353][   T29] usb 5-1: Manufacturer: syz
[  406.485990][   T29] usb 5-1: SerialNumber: syz
[  406.498656][   T29] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  406.612925][   T53] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  407.039554][ T1328] usb 5-1: USB disconnect, device number 34
[  407.046627][T13648] FAULT_INJECTION: forcing a failure.
[  407.046627][T13648] name failslab, interval 1, probability 0, space 0, times 0
[  407.050532][T13648] CPU: 1 UID: 0 PID: 13648 Comm: syz.1.2126 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  407.050547][T13648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.050554][T13648] Call Trace:
[  407.050558][T13648]  <TASK>
[  407.050563][T13648]  dump_stack_lvl+0x16c/0x1f0
[  407.050582][T13648]  should_fail_ex+0x512/0x640
[  407.050597][T13648]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  407.050614][T13648]  should_failslab+0xc2/0x120
[  407.050625][T13648]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  407.050640][T13648]  ? __alloc_skb+0x2b2/0x380
[  407.050657][T13648]  __alloc_skb+0x2b2/0x380
[  407.050673][T13648]  ? __pfx___alloc_skb+0x10/0x10
[  407.050689][T13648]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  407.050704][T13648]  netlink_alloc_large_skb+0x69/0x130
[  407.050716][T13648]  netlink_sendmsg+0x6a1/0xdd0
[  407.050729][T13648]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.050742][T13648]  ? __import_iovec+0x1dd/0x650
[  407.050754][T13648]  ____sys_sendmsg+0xa98/0xc70
[  407.050768][T13648]  ? __pfx_____sys_sendmsg+0x10/0x10
[  407.050779][T13648]  ? get_compat_msghdr+0x11a/0x170
[  407.050791][T13648]  ? __pfx__kstrtoull+0x10/0x10
[  407.050805][T13648]  ___sys_sendmsg+0x134/0x1d0
[  407.050822][T13648]  ? __pfx____sys_sendmsg+0x10/0x10
[  407.050836][T13648]  ? __lock_acquire+0x622/0x1c90
[  407.050865][T13648]  __sys_sendmmsg+0x2f9/0x420
[  407.050882][T13648]  ? __pfx___sys_sendmmsg+0x10/0x10
[  407.050902][T13648]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  407.050924][T13648]  ? fput+0x70/0xf0
[  407.050933][T13648]  ? ksys_write+0x1ac/0x250
[  407.050947][T13648]  ? __pfx_ksys_write+0x10/0x10
[  407.050963][T13648]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  407.050974][T13648]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  407.050990][T13648]  __do_fast_syscall_32+0x7c/0x3a0
[  407.051001][T13648]  do_fast_syscall_32+0x32/0x80
[  407.051010][T13648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.051023][T13648] RIP: 0023:0xf711e579
[  407.051031][T13648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.051042][T13648] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  407.051051][T13648] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  407.051058][T13648] RDX: 0000000004924b68 RSI: 0000000000000000 RDI: 0000000000000000
[  407.051064][T13648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.051069][T13648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  407.051075][T13648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.051087][T13648]  </TASK>
[  407.187597][T13652] 9pnet: Unknown protocol version 9p2000.
[  407.239593][    C2] Unknown status report in ack skb
[  407.671864][   T53] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  407.676005][   T53] ath9k_htc: Failed to initialize the device
[  407.678782][ T1328] usb 5-1: ath9k_htc: USB layer deinitialized
[  407.884070][T13683] loop9: detected capacity change from 0 to 7
[  408.253369][T13683] Dev loop9: unable to read RDB block 7
[  408.255217][T13683]  loop9: unable to read partition table
[  408.259352][T13683] loop9: partition table beyond EOD, truncated
[  408.261561][T13683] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  409.162557][T13707] netlink: 'syz.2.2146': attribute type 10 has an invalid length.
[  409.196733][T13708] bridge10: entered promiscuous mode
[  409.231910][T10929] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  409.393053][T10929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  409.396522][T10929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.399806][T10929] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  409.405588][T10929] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  409.408438][T10929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.414707][T10929] usb 6-1: config 0 descriptor??
[  409.915201][T13719] lo speed is unknown, defaulting to 1000
[  409.931825][   T53] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  410.094923][   T53] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  410.097738][   T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.100217][   T53] usb 8-1: Product: syz
[  410.101542][   T53] usb 8-1: Manufacturer: syz
[  410.109766][   T53] usb 8-1: SerialNumber: syz
[  410.114959][   T53] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  410.127287][   T29] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  410.549834][   T34] usb 8-1: USB disconnect, device number 35
[  411.176116][T13733] __nla_validate_parse: 1 callbacks suppressed
[  411.176127][T13733] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2153'.
[  411.181266][T13733] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2153'.
[  411.181852][   T29] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  411.187163][   T29] ath9k_htc: Failed to initialize the device
[  411.190465][   T34] usb 8-1: ath9k_htc: USB layer deinitialized
[  411.831454][T10929] usbhid 6-1:0.0: can't add hid device: -71
[  411.833603][T10929] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  411.837848][T10929] usb 6-1: USB disconnect, device number 43
[  412.315361][T13756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2160'.
[  412.415480][    C0] Unknown status report in ack skb
[  412.838556][T13772] random: crng reseeded on system resumption
[  413.903196][T13785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2168'.
[  413.936043][T13789] trusted_key: encrypted_key: master key parameter '' is invalid
[  414.574943][T13811] capability: warning: `syz.2.2176' uses deprecated v2 capabilities in a way that may be insecure
[  414.943378][T13820] bond2: (slave erspan0): Releasing active interface
[  415.073621][T13830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2182'.
[  415.395165][T13839] loop6: detected capacity change from 0 to 524287999
[  415.992993][T13847] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  416.067357][T13849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2188'.
[  416.105179][T13849] 9pnet_fd: Insufficient options for proto=fd
[  416.134377][T13851] random: crng reseeded on system resumption
[  416.140218][T13853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2190'.
[  416.242730][T13857] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  416.370949][T13868] FAULT_INJECTION: forcing a failure.
[  416.370949][T13868] name failslab, interval 1, probability 0, space 0, times 0
[  416.382415][T13868] CPU: 1 UID: 0 PID: 13868 Comm: syz.2.2194 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  416.382441][T13868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.382452][T13868] Call Trace:
[  416.382458][T13868]  <TASK>
[  416.382465][T13868]  dump_stack_lvl+0x16c/0x1f0
[  416.382515][T13868]  should_fail_ex+0x512/0x640
[  416.382544][T13868]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  416.382574][T13868]  should_failslab+0xc2/0x120
[  416.382590][T13868]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  416.382615][T13868]  ? alloc_empty_file+0x55/0x1e0
[  416.382636][T13868]  alloc_empty_file+0x55/0x1e0
[  416.382655][T13868]  path_openat+0xda/0x2cb0
[  416.382678][T13868]  ? do_fast_syscall_32+0x32/0x80
[  416.382692][T13868]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.382725][T13868]  ? __pfx_path_openat+0x10/0x10
[  416.382750][T13868]  ? __lock_acquire+0xb8a/0x1c90
[  416.382777][T13868]  do_filp_open+0x20b/0x470
[  416.382801][T13868]  ? __pfx_do_filp_open+0x10/0x10
[  416.382848][T13868]  ? alloc_fd+0x471/0x7d0
[  416.382879][T13868]  do_sys_openat2+0x11b/0x1d0
[  416.382898][T13868]  ? __pfx_do_sys_openat2+0x10/0x10
[  416.382919][T13868]  ? __fget_files+0x20e/0x3c0
[  416.382939][T13868]  ? handle_mm_fault+0x210/0xd10
[  416.382967][T13868]  __ia32_compat_sys_open+0x146/0x1e0
[  416.382987][T13868]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  416.383013][T13868]  ? rcu_is_watching+0x12/0xc0
[  416.383029][T13868]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  416.383058][T13868]  __do_fast_syscall_32+0x7c/0x3a0
[  416.383077][T13868]  do_fast_syscall_32+0x32/0x80
[  416.383092][T13868]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.383112][T13868] RIP: 0023:0xf7f27579
[  416.383126][T13868] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  416.383141][T13868] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  416.383156][T13868] RAX: ffffffffffffffda RBX: 0000000080000140 RCX: 000000000000033f
[  416.383167][T13868] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  416.383177][T13868] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.383186][T13868] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  416.383196][T13868] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.383217][T13868]  </TASK>
[  416.871395][T13879] bridge10: entered promiscuous mode
[  417.226492][T13889] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.2200'.
[  417.362778][T13896] lo speed is unknown, defaulting to 1000
[  417.481958][    T9] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  417.777745][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.784657][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.787777][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  417.801920][    T9] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  417.804883][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.827954][    T9] usb 7-1: config 0 descriptor??
[  418.146331][T13912] xt_CT: You must specify a L4 protocol and not use inversions on it
[  418.440160][T13922] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  419.056893][T13939] netlink: 'syz.3.2214': attribute type 4 has an invalid length.
[  419.069503][T13939] netlink: 'syz.3.2214': attribute type 4 has an invalid length.
[  420.204270][    C0] ------------[ cut here ]------------
[  420.206121][    C0] WARNING: CPU: 0 PID: 0 at net/mac80211/tx.c:5024 __ieee80211_beacon_get+0x14f4/0x1720
[  420.209161][    C0] Modules linked in:
[  420.210766][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  420.215932][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  420.219340][    C0] RIP: 0010:__ieee80211_beacon_get+0x14f4/0x1720
[  420.221340][    C0] Code: 24 89 df 89 ee e8 cc 1b c0 f6 40 38 eb 72 a2 e8 a2 21 c0 f6 4c 89 e7 e8 aa fa 1a f7 45 31 e4 e9 9b fe ff ff e8 8d 21 c0 f6 90 <0f> 0b 90 e9 3e f6 ff ff 48 89 c6 48 c7 c7 a0 22 75 90 48 89 44 24
[  420.227505][    C0] RSP: 0018:ffffc90000007b70 EFLAGS: 00010246
[  420.229428][    C0] RAX: 0000000000000000 RBX: ffff88806e4ba9d0 RCX: ffffffff8afb5d01
[  420.231964][    C0] RDX: ffffffff8e297780 RSI: ffffffff8afb66c3 RDI: 0000000000000001
[  420.234485][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  420.237405][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90000007c28
[  420.240573][    C0] R13: ffff888025addc00 R14: 0000000000000041 R15: ffff88806e4ba500
[  420.243796][    C0] FS:  0000000000000000(0000) GS:ffff888097561000(0000) knlGS:0000000000000000
[  420.247287][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  420.249923][    C0] CR2: 0000000000000000 CR3: 00000000668b4000 CR4: 0000000000352ef0
[  420.253148][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  420.256245][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  420.259431][    C0] Call Trace:
[  420.260765][    C0]  <IRQ>
[  420.261992][    C0]  ? __lock_acquire+0xb8a/0x1c90
[  420.264012][    C0]  ieee80211_beacon_get_tim+0xa6/0x280
[  420.266195][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  420.268652][    C0]  mac80211_hwsim_beacon_tx+0x4d9/0xa40
[  420.270927][    C0]  __iterate_interfaces+0x2e5/0x650
[  420.273058][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  420.275493][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  420.277905][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  420.280245][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  420.283258][    C0]  mac80211_hwsim_beacon+0x105/0x200
[  420.285759][    C0]  __hrtimer_run_queues+0x202/0xad0
[  420.288197][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  420.290686][    C0]  ? read_tsc+0x9/0x20
[  420.292740][    C0]  hrtimer_run_softirq+0x17d/0x350
[  420.295100][    C0]  handle_softirqs+0x216/0x8e0
[  420.297187][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  420.299457][    C0]  __irq_exit_rcu+0x109/0x170
[  420.301567][    C0]  irq_exit_rcu+0x9/0x30
[  420.303219][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  420.305186][    C0]  </IRQ>
[  420.306285][    C0]  <TASK>
[  420.307488][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  420.309696][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  420.311793][    C0] Code: ab 75 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 33 bf 2d 00 fb f4 <e9> 0c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  420.318509][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000282
[  420.320909][    C0] RAX: 0000000000a926e1 RBX: 0000000000000000 RCX: ffffffff8b7c4be9
[  420.323534][    C0] RDX: 0000000000000000 RSI: ffffffff8de13aed RDI: ffffffff8c1563e0
[  420.326150][    C0] RBP: fffffbfff1c52ef0 R08: 0000000000000001 R09: ffffed1005646645
[  420.328692][    C0] R10: ffff88802b23322b R11: 0000000000000001 R12: 0000000000000000
[  420.331397][    C0] R13: ffffffff8e297780 R14: ffffffff90a83050 R15: 0000000000000000
[  420.334022][    C0]  ? ct_kernel_exit+0x139/0x190
[  420.335720][    C0]  default_idle+0x13/0x20
[  420.337206][    C0]  default_idle_call+0x6d/0xb0
[  420.338833][    C0]  do_idle+0x391/0x510
[  420.340230][    C0]  ? __pfx_do_idle+0x10/0x10
[  420.341915][    C0]  ? trace_sched_exit_tp+0x31/0x130
[  420.343584][    C0]  cpu_startup_entry+0x4f/0x60
[  420.345063][    C0]  rest_init+0x16b/0x2b0
[  420.346404][    C0]  ? acpi_subsystem_init+0x133/0x180
[  420.348089][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  420.349896][    C0]  start_kernel+0x3ee/0x4d0
[  420.351434][    C0]  x86_64_start_reservations+0x18/0x30
[  420.353610][    C0]  x86_64_start_kernel+0x130/0x190
[  420.355437][    C0]  common_startup_64+0x13e/0x148
[  420.357188][    C0]  </TASK>
[  420.358246][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  420.360560][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full) 
[  420.364185][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  420.367586][    C0] Call Trace:
[  420.368664][    C0]  <IRQ>
[  420.369596][    C0]  dump_stack_lvl+0x3d/0x1f0
[  420.371089][    C0]  panic+0x71c/0x800
[  420.372356][    C0]  ? __pfx_panic+0x10/0x10
[  420.373798][    C0]  ? show_trace_log_lvl+0x29b/0x3e0
[  420.375468][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  420.377100][    C0]  ? __ieee80211_beacon_get+0x14f4/0x1720
[  420.378916][    C0]  check_panic_on_warn+0xab/0xb0
[  420.380467][    C0]  __warn+0xf6/0x3c0
[  420.381716][    C0]  ? __ieee80211_beacon_get+0x14f4/0x1720
[  420.383578][    C0]  report_bug+0x3c3/0x580
[  420.384968][    C0]  ? __ieee80211_beacon_get+0x14f4/0x1720
[  420.386782][    C0]  handle_bug+0x184/0x210
[  420.388159][    C0]  exc_invalid_op+0x17/0x50
[  420.389610][    C0]  asm_exc_invalid_op+0x1a/0x20
[  420.391169][    C0] RIP: 0010:__ieee80211_beacon_get+0x14f4/0x1720
[  420.393161][    C0] Code: 24 89 df 89 ee e8 cc 1b c0 f6 40 38 eb 72 a2 e8 a2 21 c0 f6 4c 89 e7 e8 aa fa 1a f7 45 31 e4 e9 9b fe ff ff e8 8d 21 c0 f6 90 <0f> 0b 90 e9 3e f6 ff ff 48 89 c6 48 c7 c7 a0 22 75 90 48 89 44 24
[  420.399253][    C0] RSP: 0018:ffffc90000007b70 EFLAGS: 00010246
[  420.401177][    C0] RAX: 0000000000000000 RBX: ffff88806e4ba9d0 RCX: ffffffff8afb5d01
[  420.403701][    C0] RDX: ffffffff8e297780 RSI: ffffffff8afb66c3 RDI: 0000000000000001
[  420.406195][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  420.408678][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90000007c28
[  420.411174][    C0] R13: ffff888025addc00 R14: 0000000000000041 R15: ffff88806e4ba500
[  420.413669][    C0]  ? __ieee80211_beacon_get+0xb31/0x1720
[  420.415458][    C0]  ? __ieee80211_beacon_get+0x14f3/0x1720
[  420.417267][    C0]  ? __lock_acquire+0xb8a/0x1c90
[  420.418851][    C0]  ieee80211_beacon_get_tim+0xa6/0x280
[  420.420596][    C0]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  420.422537][    C0]  mac80211_hwsim_beacon_tx+0x4d9/0xa40
[  420.424321][    C0]  __iterate_interfaces+0x2e5/0x650
[  420.425976][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  420.427916][    C0]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  420.429910][    C0]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  420.431781][    C0]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  420.434011][    C0]  mac80211_hwsim_beacon+0x105/0x200
[  420.435707][    C0]  __hrtimer_run_queues+0x202/0xad0
[  420.437372][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  420.439195][    C0]  ? read_tsc+0x9/0x20
[  420.440507][    C0]  hrtimer_run_softirq+0x17d/0x350
[  420.442147][    C0]  handle_softirqs+0x216/0x8e0
[  420.443691][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  420.445543][    C0]  __irq_exit_rcu+0x109/0x170
[  420.447065][    C0]  irq_exit_rcu+0x9/0x30
[  420.448608][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  420.450373][    C0]  </IRQ>
[  420.451319][    C0]  <TASK>
[  420.452338][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  420.454280][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  420.456057][    C0] Code: ab 75 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 33 bf 2d 00 fb f4 <e9> 0c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  420.462109][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000282
[  420.464036][    C0] RAX: 0000000000a926e1 RBX: 0000000000000000 RCX: ffffffff8b7c4be9
[  420.466534][    C0] RDX: 0000000000000000 RSI: ffffffff8de13aed RDI: ffffffff8c1563e0
[  420.469024][    C0] RBP: fffffbfff1c52ef0 R08: 0000000000000001 R09: ffffed1005646645
[  420.471522][    C0] R10: ffff88802b23322b R11: 0000000000000001 R12: 0000000000000000
[  420.473999][    C0] R13: ffffffff8e297780 R14: ffffffff90a83050 R15: 0000000000000000
[  420.476531][    C0]  ? ct_kernel_exit+0x139/0x190
[  420.478104][    C0]  default_idle+0x13/0x20
[  420.479500][    C0]  default_idle_call+0x6d/0xb0
[  420.481024][    C0]  do_idle+0x391/0x510
[  420.482349][    C0]  ? __pfx_do_idle+0x10/0x10
[  420.483838][    C0]  ? trace_sched_exit_tp+0x31/0x130
[  420.485492][    C0]  cpu_startup_entry+0x4f/0x60
[  420.487034][    C0]  rest_init+0x16b/0x2b0
[  420.488394][    C0]  ? acpi_subsystem_init+0x133/0x180
[  420.490065][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  420.491877][    C0]  start_kernel+0x3ee/0x4d0
[  420.493347][    C0]  x86_64_start_reservations+0x18/0x30
[  420.495390][    C0]  x86_64_start_kernel+0x130/0x190
[  420.497102][    C0]  common_startup_64+0x13e/0x148
[  420.498837][    C0]  </TASK>
[  420.500617][    C0] Kernel Offset: disabled
[  420.502133][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:25:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85582055 RDI=ffffffff9b06da40 RBP=ffffffff9b06da00 RSP=ffffc900000074e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b06da00 R15=ffffffff85581ff0
RIP=ffffffff8558207f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c01300
GS =0000 ffff888097561000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000668b4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffff8880243c8af0 RCX=0000000000000000 RDX=0000000000000001
RSI=ffff88802b23bdd8 RDI=ffff8880243c8af0 RBP=ffff88802b23bdd8 RSP=ffffc9000651f470
R8 =0000000000000000 R9 =ffffed1003b59400 R10=ffff88801daca007 R11=ffff88802b33c0c0
R12=ffff8880243c8000 R13=ffff8880243c8af0 R14=0000000000000000 R15=0000000000000046
RIP=ffffffff81978e7d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097661000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008003a000 CR3=00000000236ff000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000008fbe95 RBX=0000000000000002 RCX=ffffffff8b7c4be9 RDX=0000000000000000
RSI=ffffffff8de13aed RDI=ffffffff8c1563e0 RBP=ffffed1003bdb910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed1005686645 R10=ffff88802b43322b R11=0000000000000001
R12=0000000000000002 R13=ffff88801dedc880 R14=ffffffff90a83050 R15=0000000000000000
RIP=ffffffff8b7c374f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c01300
GS =0000 ffff888097761000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5356e24 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73e2ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff88802b33bdc0 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8ddee670 RDI=ffffffff8c1563e0 RBP=ffff88801deda440 RSP=ffffc9000653f640
R8 =0000000000000000 R9 =ffffed1003bdb488 R10=ffff88801deda447 R11=0000000000000001
R12=ffffffff8df0fda0 R13=ffff88802b33c8c8 R14=ffffffff8df0fbd0 R15=ffff88802b33bdc0
RIP=ffffffff8189d37e RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c01300
GS =0063 ffff888097861000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f2d4ffc CR3=00000000236ff000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000