last executing test programs:

24.834698441s ago: executing program 1 (id=293):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x24008004)
sendmsg$IPSET_CMD_DESTROY(r3, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x200548d0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
write$binfmt_misc(r2, &(0x7f00000000c0)="87d34d64adcfba62ebda02365be94a453bb40914e7c0e48bea21", 0x1a)
close(r4)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="ff070000", @ANYRES16=r7, @ANYBLOB], 0x30}}, 0x0)
r8 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000040), 0x141000, 0x0)
ioctl$SNDCTL_DSP_NONBLOCK(r8, 0x500e, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)

23.707348548s ago: executing program 0 (id=296):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, r1, 0x2, 0xffffffffffffffff, r0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001c00)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9000000", 0x0, 0x80000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

22.85767268s ago: executing program 0 (id=297):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x183442, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0xc4030a4)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f00000002c0))
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @ssrr={0x89, 0x3, 0xd7}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
getpeername(0xffffffffffffffff, &(0x7f0000019240)=@sco, &(0x7f00000192c0)=0x80)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000019300)='net/sockstat\x00')
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000019100), r4)
sendmsg$TIPC_CMD_SET_LINK_TOL(r3, &(0x7f0000019200)={&(0x7f00000190c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000191c0)={&(0x7f0000019140)={0xffffffffffffff3b, r6, 0x300, 0x70bd2b, 0x25dfdbfc, {{}, {}, {0x4c, 0x18, {0x2, @link='syz1\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4000080}, 0xc000)
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
setgroups(0x352, &(0x7f0000000080)=[0x0, 0xee00])
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv6_newaddrlabel={0x38, 0x48, 0x3, 0x0, 0x0, {}, [@IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @loopback}]}, 0x38}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011001f"], 0x7c}}, 0x0)
read$FUSE(r4, &(0x7f0000001300)={0x2020}, 0x2020)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_open_procfs$pagemap(0x0, &(0x7f0000019080))

22.332523873s ago: executing program 0 (id=299):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
eventfd2(0xcc, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c000000100001040000", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000900000000000500200001000000050008000000000006001f00000000000800030004"], 0x7c}}, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000480), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e000000000007"], 0x0)

21.717012515s ago: executing program 1 (id=303):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bind$bt_hci(r1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0x0, &(0x7f0000000040)="da929e5a87ca02da11296bc5252e", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8}]}, 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r6, &(0x7f0000000400)={0x2020}, 0x2020)
r7 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000080), 0x80002, 0x0)
write$char_usb(r7, &(0x7f0000002140)="c3af0fc3", 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0)
write(r1, &(0x7f0000000000)="3b000200010001", 0x7)
setsockopt$inet6_buf(r0, 0x29, 0x20, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
clock_nanosleep(0x1, 0x1, &(0x7f0000000140), &(0x7f0000000300))
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400000a38000000080a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c00034000000000000000021400001100010000000000000000000000000a00"], 0x60}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xc5)

21.592993443s ago: executing program 1 (id=304):
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(0xffffffffffffffff, 0x7ac, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x8000)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x6, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000000101050a000000000000000000000000080008400000000008001540a2000000"], 0x24}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdir(0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000050000020073797a5f74756e00000000000200d000"/40], 0x34}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2c0001, 0x128)
chdir(&(0x7f0000000140)='./bus\x00')
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
syz_open_procfs(0x0, &(0x7f00000001c0)='net/softnet_stat\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
socket(0x26, 0x3, 0x3)

21.255766535s ago: executing program 1 (id=306):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r7=>0x0)
io_submit(r7, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r6, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$dir(0xffffffffffffff9c, 0x0, 0x400800, 0x100)
getdents64(r8, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r2, 0x29, 0x37, &(0x7f0000000040)=ANY=[], 0x30)
sendmmsg$inet6(r2, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40810)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)

20.447505361s ago: executing program 1 (id=308):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
eventfd2(0xcc, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000900000000000500200001000000050008000000000006001f00000000000800030004"], 0x7c}}, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000480), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e000000000007"], 0x0)

19.812933057s ago: executing program 3 (id=313):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
epoll_create1(0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000140)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$cgroup_ro(r1, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002280)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000300)={r2})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r3, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="8252", 0x2}], 0x1}}], 0x1, 0x4400c800)
sendto$inet6(r3, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$SMC_PNETID_FLUSH(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x0, 0x0, 0x0, 0x0, {}, [@SMC_PNETID_IBPORT={0x5}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'rose0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x3c}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x102, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010400000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000005c0), &(0x7f0000000680), 0x50f402f6, r6}, 0x38)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000004c0)={<r8=>0x0})
r9 = socket$key(0xf, 0x3, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r8, 0x3, r9})
syz_emit_ethernet(0x66, &(0x7f0000000340)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev, [{0x2, 0x1, "703b744dc5c6"}]}}}}}}, 0x0)

19.722851399s ago: executing program 0 (id=314):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000000}, 0x18)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x3, 0xa, [{}, {0x5}, {}, {}, {0x0, 0xfffffffe}, {0x0, 0x7ff}], 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)={0x24, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="fb64a10200000047191f2b4d927966641d", @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r0, @ANYBLOB=',group_id=', @ANYRES16, @ANYBLOB=',\x00'])

19.221612126s ago: executing program 2 (id=315):
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x200002, 0x10100, 0x0, 0x31d}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
syz_pidfd_open(0x0, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0xa)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r6, &(0x7f0000001340)=[{&(0x7f0000001380)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r6, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
syz_open_pts(r6, 0x42)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000540)=ANY=[@ANYRES8=r6, @ANYRESDEC=r0], &(0x7f0000000280)='GPL\x00', 0x23, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000500)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r8, 0x6, 0x1f, &(0x7f00000001c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r8, 0x11a, 0x1, &(0x7f0000000440)=@gcm_128={{0x304}, "e453f079dff9d540", "1ec2d524d78682576ec2d9e13dad1018", "993161e3", "be0692db0b429ee8"}, 0x28)
write$binfmt_script(r8, &(0x7f0000000300), 0x4)

18.871229862s ago: executing program 3 (id=316):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x690a, 0x0, &(0x7f0000000140), 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$inet6(r3, 0x0, 0x0, 0x4c004, &(0x7f0000002880)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x90, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x7c, 0x1, [@m_connmark={0x34, 0x2, 0x0, 0x0, {{0xd}, {0x4, 0x20}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r7 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, 0xffffffffffffffff, &(0x7f0000000700)=0x12)
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="e9070000000000000000010000001c0002800c00018008000100030000000c0001800800010001000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc)
mkdir(&(0x7f0000000300)='./file0\x00', 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x3, 0x0, @empty}}, 0xfffffffc, 0x3, 0x989, 0x0, 0x84, 0x8000}, 0x9c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000003c0)={0x2020}, 0x2020)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newsa={0x1b8, 0x1c, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@multicast1}, {@in=@empty, 0x0, 0x33}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x23}, [@algo_auth={0xc8, 0x1, {{'sha256\x00'}, 0x400, "ca8bdaf566099b58b0085179e7b91acc5981a2f76db1cb781fe7cb575f642ed9d3ee2820e6be79e042344d8e2e779c6a0b7e0987ec26fe22919789f93ba510dd3beb28e193dc2a809d980139b787088859f61e644918bfbcb15c16fdb55dead2d61b01c0f99cf65c8a02c8a9cc701a089eaa8f6b24a85c3e0a83d3ebae09e74f"}}]}, 0x1b8}}, 0x0)

18.529377585s ago: executing program 3 (id=317):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2000000, 0x0)
io_uring_setup(0xb05, &(0x7f0000000040)={0x0, 0x80ff, 0x200, 0x0, 0x1c9})
r2 = socket(0x1d, 0x3, 0x1)
getsockopt$kcm_KCM_RECV_DISABLE(r2, 0x65, 0x7, 0x0, 0x20000000)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r3, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x1b}, 0x60)
getsockopt$nfc_llcp(r3, 0x118, 0x2, &(0x7f0000000140)=""/192, 0x20000057)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001980)={0xf, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3267078b089b34083b681a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b313b0d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e924afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000100)={0x3ff})
r6 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f0000004140)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000001c0)="14", 0x1}, {&(0x7f0000000280)="3b942cdf3dbb4d708446209c8a7a9893c711167b6aee1ac4a8cc59d92a394f460b20f21b9add9e84d2dba9e6df8034c449e64138a4aea2a8df6d35031bd3263f", 0x7fffefff}], 0x2}], 0x1, 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x3fff8, 0xffffffff, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0xffffffff, 0x0, 0x0, 0xffffffff}, 0x22000, 0x0, 0xffffffff, 0x8, 0x101, 0x3, 0xfe, 0x0, 0x0, 0x0, {0x4, 0x6, 0xfffffffd}}}}]}, 0x78}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = openat$zero(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
read(r11, &(0x7f0000002340)=""/4096, 0x1002)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWSETELEM={0x44, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x24, 0x3, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x14, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @meta={{0x9}, @void}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(0xffffffffffffffff, 0x1e, &(0x7f0000000080)={r6}, 0x1)

18.343837065s ago: executing program 0 (id=318):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000000fe0000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x6}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x1, 0xc0292455bad3be63, 0x0, 0x0, [{0x3}, {}, {0x1}, {0x0, 0xfffffffd}, {0x3}, {}, {0xffffac84}], 0x1, 0x0, 0x0, 0x2}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xffffffff, 0x400, 0x0, 0x2000}, 0x0, &(0x7f0000000280))
socket$isdn(0x22, 0x2, 0x25)
socket$isdn(0x22, 0x2, 0x22)
r4 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000100)="fa00", 0x2}, {&(0x7f0000000080)="eaef7c917e", 0x5}], 0x2)
close_range(r4, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000080)={0x5}, 0x10)
write(r7, &(0x7f0000000000)="1c0000001a005f0214f9f4070d0903001f0000000000002000000000", 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r6}, 0x4b)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_XMIT_HASH_POLICY={0x5, 0xe, 0x2}]}}}]}, 0x3c}}, 0x0)

18.261885254s ago: executing program 2 (id=319):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0x0, &(0x7f0000000040)="da929e5a87ca02da11296bc5252e", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8}]}, 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r6, &(0x7f0000000400)={0x2020}, 0x2020)
r7 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000080), 0x80002, 0x0)
write$char_usb(r7, &(0x7f0000002140)="c3af0fc3", 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0)
write(r1, &(0x7f0000000000)="3b000200010001", 0x7)
setsockopt$inet6_buf(r0, 0x29, 0x20, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
clock_nanosleep(0x1, 0x1, &(0x7f0000000140), &(0x7f0000000300))
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400000a38000000080a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c00034000000000000000021400001100010000000000000000000000000a00"], 0x60}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xc5)

18.141494781s ago: executing program 3 (id=320):
prctl$PR_SET_IO_FLUSHER(0x4a, 0x200001)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_open_dev$video(0x0, 0x7, 0x40580)
ioctl$SIOCPNDELRESOURCE(r3, 0x89ef, &(0x7f00000000c0)=0x7)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000000000000000080020000000000010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1d}}, 0xd, 0x4}, 0x20)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRES64=r4, @ANYRES8=r1, @ANYRES8=r0, @ANYRES32=0x0])
r8 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r8, 0xc2c85513, &(0x7f0000000340)={{0x8, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff]})
mount(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
openat$khugepaged_scan(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@x86={0xff, 0x5, 0xff, 0x0, 0x1ff, 0xd, 0x10, 0x81, 0x7, 0x80, 0x4, 0x8, 0x0, 0x3, 0x3ff, 0x0, 0x8, 0x6, 0x6, '\x00', 0x40})

18.141078777s ago: executing program 2 (id=321):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bind$bt_hci(r1, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x1c}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0x0, &(0x7f0000000040)="da929e5a87ca02da11296bc5252e", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8}]}, 0x34}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r6, &(0x7f0000000400)={0x2020}, 0x2020)
r7 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000080), 0x80002, 0x0)
write$char_usb(r7, &(0x7f0000002140)="c3af0fc3", 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000500", 0x33fe0}], 0x1}, 0x0)
write(r1, &(0x7f0000000000)="3b000200010001", 0x7)
setsockopt$inet6_buf(r0, 0x29, 0x20, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
clock_nanosleep(0x1, 0x1, &(0x7f0000000140), &(0x7f0000000300))
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="1400000a38000000080a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c00034000000000000000021400001100010000000000000000000000000a00"], 0x60}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xc5)

18.039013165s ago: executing program 2 (id=322):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, r1, 0x2, 0xffffffffffffffff, r0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0), 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000008000000850000004900000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001c00)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9000000", 0x0, 0x80000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

17.733070563s ago: executing program 1 (id=323):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
eventfd2(0xcc, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c000000100001040000", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000900000000000500200001000000050008000000000006001f00000000000800030004"], 0x7c}}, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000480), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e000000000007"], 0x0)

17.181714453s ago: executing program 3 (id=324):
r0 = socket(0x2, 0x3, 0xa)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="020000000200000000000000", @ANYRES32, @ANYBLOB="358ace6329b755d5c5609c6aba79bf54", @ANYRES64=0x0], 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x89)
setsockopt$inet_int(r0, 0x0, 0x14, 0x0, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, 0x0, &(0x7f00000000c0))
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000240)=0x45d8, 0x4)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000180)=0x5, 0x4)
r4 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r8 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x6680, 0x400, 0x3, 0x38e}, &(0x7f0000000080), &(0x7f0000000280))
io_uring_enter(r8, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})
ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0185648, &(0x7f0000000080)={0x0, 0x81, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f905, 0x8002, '\x00', @p_u16=0x0}})
r9 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
lseek(r9, 0x6, 0x1)

16.94120204s ago: executing program 2 (id=325):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000240)='\x00', 0x1}], 0x1, 0x80, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0186405, &(0x7f0000000180)={0x100, 0x7, {0xffffffffffffffff}, {<r1=>0xffffffffffffffff}, 0x4e1, 0x2})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x8a, &(0x7f0000001640)=0x4f1d, 0x4)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000602, r1, &(0x7f0000000280)={0x4, 0xbd2, 0x0, 0x4})
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x42a400, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r5, 0x89f7, &(0x7f00000003c0)={'sit0\x00', &(0x7f0000000640)={@loopback, 0x1, 0x0, 0x30, 0x0, [{@empty}, {@empty}, {}]}})
ioctl$UI_SET_LEDBIT(r4, 0x40045569, 0x0)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x11)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
quotactl_fd$Q_SETINFO(r6, 0xffffffff80000601, 0x0, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x8})
ioctl$UI_SET_LEDBIT(r4, 0x40045569, 0x2)
preadv(r6, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/82, 0x52}, {&(0x7f00000004c0)=""/209, 0xd1}, {&(0x7f00000005c0)=""/77, 0x4d}], 0x3, 0x3, 0x3)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c00150019000100fcffffff00000000802000000011fd0600110000"], 0x1c}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20)

16.146713029s ago: executing program 3 (id=326):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x209d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
times(&(0x7f00000001c0))
r4 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1}, 0x24}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
r9 = openat$cgroup_procs(r8, &(0x7f0000000300)='tasks\x00', 0x2, 0x0)
sendfile(r9, r9, 0x0, 0x2)
close(r4)

15.942697847s ago: executing program 0 (id=327):
socket$alg(0x26, 0x5, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r4 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000080)=0x1)
close(r6)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r5, &(0x7f0000003a00)=[{{&(0x7f0000000b40)={0xa, 0x4f21, 0x900000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)="5b0e4fd25848a15907d5f8efd804500a911b13c3ea51c2e90187711191c7b8e16f98d39d54b2882fb4dfefffc3bb76cdfb678a97a22d2c8240ede942c00409f7efeb7c68299d333d93d0cd49bcd077a98c35b0fcdbf31e", 0x57}], 0x1}}], 0x1, 0x48080)
read$FUSE(r4, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
r9 = socket$can_raw(0x1d, 0x3, 0x1)
keyctl$KEYCTL_MOVE(0x1e, r7, 0xfffffffffffffffd, r7, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000300)={0x0, 'vxcan1\x00'})

15.387279346s ago: executing program 2 (id=328):
r0 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x5, 0x4, 0x4, 0x0, 0x5})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x48, &(0x7f00000001c0)=ANY=[@ANYBLOB="3c19"], 0xd0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="38d720cd9bf62e6e1092fa23af5beec3aa4eb5dab07c61f2a7fe5b865b7a30cce91b51956a66734ace0f0d842da629418b37df5ff997cbe1160e1cc90e9e"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r2 = syz_clone(0xa29c480, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r2, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x0, 0x0, @mcast2}}}, 0x48)
r5 = socket(0x1d, 0x2, 0x6)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'tunl0\x00', <r7=>0x0})
bind$can_j1939(r5, &(0x7f0000000000)={0x1d, r7, 0x2}, 0x18)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)

2.500220605s ago: executing program 32 (id=323):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, 0x0)
eventfd2(0xcc, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0, 0x10000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7c000000100001040000", @ANYRES32=r2, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000900000000000500200001000000050008000000000006001f00000000000800030004"], 0x7c}}, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000480), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000040)={'veth1_vlan\x00', &(0x7f0000000540)=@ethtool_gstrings={0x1b, 0x9}})
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
prctl$PR_SCHED_CORE(0x24, 0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e000000000007"], 0x0)

1.006159516s ago: executing program 33 (id=326):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x209d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
times(&(0x7f00000001c0))
r4 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1}, 0x24}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r7, &(0x7f0000000280), 0x12)
r9 = openat$cgroup_procs(r8, &(0x7f0000000300)='tasks\x00', 0x2, 0x0)
sendfile(r9, r9, 0x0, 0x2)
close(r4)

508.438993ms ago: executing program 34 (id=327):
socket$alg(0x26, 0x5, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r4 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000080)=0x1)
close(r6)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18)
sendmmsg$inet6(r5, &(0x7f0000003a00)=[{{&(0x7f0000000b40)={0xa, 0x4f21, 0x900000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, 0x1c, &(0x7f0000001600)=[{&(0x7f0000000280)="5b0e4fd25848a15907d5f8efd804500a911b13c3ea51c2e90187711191c7b8e16f98d39d54b2882fb4dfefffc3bb76cdfb678a97a22d2c8240ede942c00409f7efeb7c68299d333d93d0cd49bcd077a98c35b0fcdbf31e", 0x57}], 0x1}}], 0x1, 0x48080)
read$FUSE(r4, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
r9 = socket$can_raw(0x1d, 0x3, 0x1)
keyctl$KEYCTL_MOVE(0x1e, r7, 0xfffffffffffffffd, r7, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000300)={0x0, 'vxcan1\x00'})

0s ago: executing program 35 (id=328):
r0 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x5, 0x4, 0x4, 0x0, 0x5})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3)
openat$vimc1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x48, &(0x7f00000001c0)=ANY=[@ANYBLOB="3c19"], 0xd0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x18, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="38d720cd9bf62e6e1092fa23af5beec3aa4eb5dab07c61f2a7fe5b865b7a30cce91b51956a66734ace0f0d842da629418b37df5ff997cbe1160e1cc90e9e"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6)
r2 = syz_clone(0xa29c480, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r2, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000740)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x0, 0x0, @mcast2}}}, 0x48)
r5 = socket(0x1d, 0x2, 0x6)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000500)={'tunl0\x00', <r7=>0x0})
bind$can_j1939(r5, &(0x7f0000000000)={0x1d, r7, 0x2}, 0x18)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:20078' (ED25519) to the list of known hosts.
[   40.938012][ T5925] cgroup: Unknown subsys name 'net'
[   41.084126][ T5925] cgroup: Unknown subsys name 'cpuset'
[   41.089052][ T5925] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.931710][ T5925] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   44.799383][ T5953] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   44.802125][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   44.805141][ T5953] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   44.808441][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   44.811982][ T5953] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   44.814900][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   44.817187][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   44.819136][ T5953] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   44.822691][ T5954] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   44.823009][ T5953] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   44.825066][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   44.827265][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   44.829260][ T5954] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   44.832993][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   44.833612][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   44.833862][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   44.835678][ T5953] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   44.841292][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   44.843349][ T5302] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   44.843563][ T5958] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   44.844490][ T5958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   44.846525][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   44.860091][ T5302] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   44.863132][ T5302] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.026134][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   45.060846][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   45.093125][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   45.133511][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.135413][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.137529][ T5942] bridge_slave_0: entered allmulticast mode
[   45.140759][ T5942] bridge_slave_0: entered promiscuous mode
[   45.192128][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.194748][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.196739][ T5942] bridge_slave_1: entered allmulticast mode
[   45.198794][ T5942] bridge_slave_1: entered promiscuous mode
[   45.247204][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.250744][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.252991][ T5944] bridge_slave_0: entered allmulticast mode
[   45.255218][ T5944] bridge_slave_0: entered promiscuous mode
[   45.259078][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.261925][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.264848][ T5944] bridge_slave_1: entered allmulticast mode
[   45.268390][ T5944] bridge_slave_1: entered promiscuous mode
[   45.284086][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.313907][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   45.318243][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.332805][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.335013][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.337712][ T5949] bridge_slave_0: entered allmulticast mode
[   45.340056][ T5949] bridge_slave_0: entered promiscuous mode
[   45.353667][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.360777][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.380433][ T5942] team0: Port device team_slave_0 added
[   45.382364][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.384586][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.387179][ T5949] bridge_slave_1: entered allmulticast mode
[   45.390711][ T5949] bridge_slave_1: entered promiscuous mode
[   45.434292][ T5942] team0: Port device team_slave_1 added
[   45.457055][ T5944] team0: Port device team_slave_0 added
[   45.473247][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.478089][ T5944] team0: Port device team_slave_1 added
[   45.496254][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.498621][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.507375][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.523227][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.534609][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.536764][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.543953][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.573083][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.575191][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.582039][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.588388][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.591133][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.593584][ T5952] bridge_slave_0: entered allmulticast mode
[   45.596066][ T5952] bridge_slave_0: entered promiscuous mode
[   45.598949][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.601583][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.604131][ T5952] bridge_slave_1: entered allmulticast mode
[   45.606973][ T5952] bridge_slave_1: entered promiscuous mode
[   45.611818][ T5949] team0: Port device team_slave_0 added
[   45.615393][ T5949] team0: Port device team_slave_1 added
[   45.617932][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.620619][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.629532][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.697838][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.703375][ T5942] hsr_slave_0: entered promiscuous mode
[   45.705821][ T5942] hsr_slave_1: entered promiscuous mode
[   45.709415][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.711687][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.719091][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.738477][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.757242][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.759129][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.765957][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.771819][ T5944] hsr_slave_0: entered promiscuous mode
[   45.774376][ T5944] hsr_slave_1: entered promiscuous mode
[   45.776554][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.779335][ T5944] Cannot create hsr debugfs directory
[   45.806018][ T5952] team0: Port device team_slave_0 added
[   45.809405][ T5952] team0: Port device team_slave_1 added
[   45.868771][ T5949] hsr_slave_0: entered promiscuous mode
[   45.872760][ T5949] hsr_slave_1: entered promiscuous mode
[   45.875248][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.877741][ T5949] Cannot create hsr debugfs directory
[   45.881985][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.883814][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.892568][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.911166][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.913790][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.921851][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.035953][ T5952] hsr_slave_0: entered promiscuous mode
[   46.037969][ T5952] hsr_slave_1: entered promiscuous mode
[   46.041245][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.043350][ T5952] Cannot create hsr debugfs directory
[   46.149213][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   46.157481][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   46.160644][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   46.165680][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   46.188091][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.193690][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.201418][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.207200][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   46.222301][ T5944] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   46.225371][ T5944] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   46.230018][ T5944] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   46.243313][ T5944] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   46.263990][ T5952] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   46.267847][ T5952] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   46.272418][ T5952] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   46.277115][ T5952] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   46.322802][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.339353][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   46.347972][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.350482][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.354904][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.356799][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.382791][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.391445][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.405895][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   46.409610][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.411713][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.418393][ T5942] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   46.424217][ T5942] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.439533][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.444585][  T543] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.447149][  T543] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.454162][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   46.462597][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.465213][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.476950][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   46.481273][  T543] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.483443][  T543] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.488357][ T1214] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.490648][ T1214] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.506584][ T1214] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.508640][ T1214] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.543149][ T5952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.556522][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.578211][ T5942] veth0_vlan: entered promiscuous mode
[   46.584462][ T5942] veth1_vlan: entered promiscuous mode
[   46.597046][ T5942] veth0_macvtap: entered promiscuous mode
[   46.607708][ T5942] veth1_macvtap: entered promiscuous mode
[   46.623692][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.626955][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.635649][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.641269][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.646237][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.649604][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.652224][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.654474][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.665466][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.723993][ T5944] veth0_vlan: entered promiscuous mode
[   46.746587][ T5944] veth1_vlan: entered promiscuous mode
[   46.753796][ T5952] veth0_vlan: entered promiscuous mode
[   46.757004][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.759167][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.765222][ T5949] veth0_vlan: entered promiscuous mode
[   46.770766][ T5952] veth1_vlan: entered promiscuous mode
[   46.783128][  T543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.783773][ T5949] veth1_vlan: entered promiscuous mode
[   46.785708][  T543] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.790090][ T5944] veth0_macvtap: entered promiscuous mode
[   46.800033][ T5944] veth1_macvtap: entered promiscuous mode
[   46.818338][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   46.821489][ T5952] veth0_macvtap: entered promiscuous mode
[   46.827005][ T5949] veth0_macvtap: entered promiscuous mode
[   46.831226][ T5952] veth1_macvtap: entered promiscuous mode
[   46.834627][ T5949] veth1_macvtap: entered promiscuous mode
[   46.840150][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.842796][ T5950] Bluetooth: hci0: command tx timeout
[   46.844136][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.844801][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.853325][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.856423][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.860105][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.866063][ T5944] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.868689][ T5944] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.872168][ T5944] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.875194][ T5944] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.889660][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.892690][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.895207][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.897971][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.901299][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.901872][ T6007] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   46.904521][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.912537][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.915414][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.918215][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.918720][ T6007] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   46.920808][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.920819][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.921885][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.930614][ T5950] Bluetooth: hci1: command tx timeout
[   46.930688][ T5302] Bluetooth: hci3: command tx timeout
[   46.930907][ T5302] Bluetooth: hci2: command tx timeout
[   46.943666][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.947945][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.951872][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.954955][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.959308][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.962575][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.963656][ T6007] evm: overlay not supported
[   46.966098][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.966107][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.966115][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.980974][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.983815][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.988172][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.004403][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.006973][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.010819][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.014123][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.017699][ T5952] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.021265][ T5952] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.024107][ T5952] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.027922][ T5952] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.056882][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.059763][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.102154][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.105134][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.106006][  T543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.110400][  T543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.124625][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.127790][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.132988][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.135105][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.155873][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.158784][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.581130][ T6026] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.517514][ T6035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7'.
[   48.699829][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.702056][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.819977][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.919957][ T5950] Bluetooth: hci0: command tx timeout
[   49.011059][ T5950] Bluetooth: hci1: command tx timeout
[   49.013074][ T5950] Bluetooth: hci2: command tx timeout
[   49.015324][ T5950] Bluetooth: hci3: command tx timeout
[   50.230704][ T6058] netlink: 'syz.1.14': attribute type 21 has an invalid length.
[   50.372130][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.385145][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.573781][   T39] audit: type=1326 audit(1733140422.749:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.14" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   50.586779][   T39] audit: type=1326 audit(1733140422.749:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.14" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   50.599453][   T39] audit: type=1326 audit(1733140422.759:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.14" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf748e579 code=0x7ffc0000
[   50.610932][   T39] audit: type=1326 audit(1733140422.759:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.14" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   50.616807][   T39] audit: type=1326 audit(1733140422.769:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.14" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   50.647439][ T6063] netlink: 'syz.3.15': attribute type 10 has an invalid length.
[   50.649937][ T6063] netlink: 55 bytes leftover after parsing attributes in process `syz.3.15'.
[   50.663779][ T6063] team0: Port device virt_wifi0 added
[   51.000068][ T5950] Bluetooth: hci0: command tx timeout
[   51.079993][ T5950] Bluetooth: hci3: command tx timeout
[   51.081638][ T5950] Bluetooth: hci2: command tx timeout
[   51.083146][ T5950] Bluetooth: hci1: command tx timeout
[   51.279854][ T5985] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   51.435839][ T5985] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[   51.438419][ T5985] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   51.443185][ T5985] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[   51.445869][ T5985] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[   51.448187][ T5985] usb 6-1: Manufacturer: syz
[   51.451614][ T5985] usb 6-1: config 0 descriptor??
[   51.519861][ T5985] rc_core: IR keymap rc-hauppauge not found
[   51.521708][ T5985] Registered IR keymap rc-empty
[   51.525182][ T5985] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[   51.529500][ T5985] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input5
[   51.727752][ T6075] usb 2-1: USB disconnect, device number 2
[   51.802076][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   51.806349][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   51.818200][ T6076] hub 2-0:1.0: USB hub found
[   51.820255][ T6076] hub 2-0:1.0: 6 ports detected
[   51.849974][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.885183][ T6075] mkiss: ax0: crc mode is auto.
[   51.957077][ T6079] usb usb7: selecting invalid altsetting 6
[   52.000117][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   52.004571][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   52.009872][   T30] usb 2-1: new high-speed USB device number 3 using ehci-pci
[   52.222726][ T6086] pimreg: entered allmulticast mode
[   52.225894][   T30] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   52.230190][   T30] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   52.233724][   T30] usb 2-1: Product: QEMU USB Tablet
[   52.235630][   T30] usb 2-1: Manufacturer: QEMU
[   52.237439][   T30] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   52.283250][   T30] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input6
[   52.345960][   T30] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   52.379559][   T30] usb 6-1: USB disconnect, device number 2
[   52.704542][ T6093] netlink: 'syz.3.21': attribute type 1 has an invalid length.
[   52.706928][ T6093] netlink: 'syz.3.21': attribute type 3 has an invalid length.
[   52.708989][ T6093] netlink: 224 bytes leftover after parsing attributes in process `syz.3.21'.
[   53.079951][ T5302] Bluetooth: hci0: command tx timeout
[   53.130398][ T6095] netlink: 'syz.0.22': attribute type 2 has an invalid length.
[   53.133014][ T6095] netlink: 'syz.0.22': attribute type 11 has an invalid length.
[   53.135785][ T6095] netlink: 132 bytes leftover after parsing attributes in process `syz.0.22'.
[   53.179840][ T5302] Bluetooth: hci1: command tx timeout
[   53.179856][ T5958] Bluetooth: hci3: command 0x0419 tx timeout
[   53.181789][ T5950] Bluetooth: hci2: command tx timeout
[   53.651361][ T6099] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.736701][ T6100] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[   53.738603][ T6100] PKCS7: Only support pkcs7_signedData type
[   53.868531][ T6104] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   53.871819][ T6104] Bluetooth: MGMT ver 1.23
[   53.897111][ T6100] netlink: 48 bytes leftover after parsing attributes in process `syz.1.23'.
[   54.006757][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.3.24'.
[   54.893478][ T6123] usb 2-1: USB disconnect, device number 3
[   55.250001][   T66] Bluetooth: hci3: command 0x0419 tx timeout
[   55.398986][ T6130] tipc: Started in network mode
[   55.401113][ T6130] tipc: Node identity ac1414aa, cluster identity 4711
[   55.404716][ T6130] tipc: Enabled bearer <udp:s>, priority 10
[   55.500912][   T39] audit: type=1326 audit(1733140427.679:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.3.31" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0
[   55.575031][ T6113] hub 2-0:1.0: USB hub found
[   55.576659][ T6113] hub 2-0:1.0: 6 ports detected
[   55.739959][ T5985] usb 2-1: new high-speed USB device number 4 using ehci-pci
[   55.945026][ T5985] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   55.949287][ T5985] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   55.952543][ T5985] usb 2-1: Product: QEMU USB Tablet
[   55.963959][ T5985] usb 2-1: Manufacturer: QEMU
[   55.971599][ T5985] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   56.018662][ T5985] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0003/input/input7
[   56.118536][ T5985] hid-generic 0003:0627:0001.0003: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   56.410845][   T62] tipc: Node number set to 2886997162
[   56.500359][ T6143] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   56.912801][ T6156] bridge_slave_1: left allmulticast mode
[   56.914748][ T6156] bridge_slave_1: left promiscuous mode
[   56.917437][ T6156] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.980107][ T6156] bridge_slave_0: left allmulticast mode
[   56.983293][ T6156] bridge_slave_0: left promiscuous mode
[   56.985373][ T6156] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.548589][ T6186] capability: warning: `syz.2.42' uses deprecated v2 capabilities in a way that may be insecure
[   58.732981][ T6191] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   59.081142][ T6196] tipc: Started in network mode
[   59.082788][ T6196] tipc: Node identity ac1414aa, cluster identity 4711
[   59.085282][ T6196] tipc: Enabled bearer <udp:s>, priority 10
[   60.209865][ T6009] tipc: Node number set to 2886997162
[   60.367532][ T6217] usb usb7: selecting invalid altsetting 6
[   60.466165][ T6212] usb 2-1: USB disconnect, device number 4
[   60.552910][ T6228] hub 2-0:1.0: USB hub found
[   60.558376][ T6228] hub 2-0:1.0: 6 ports detected
[   60.694996][ T6231] netlink: 24 bytes leftover after parsing attributes in process `syz.0.50'.
[   60.714266][ T6231] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   60.717591][ T6231] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   60.721866][ T6231] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   60.724712][ T6231] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   60.749799][   T30] usb 2-1: new high-speed USB device number 5 using ehci-pci
[   60.942526][   T30] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   60.956463][   T30] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   60.958689][   T30] usb 2-1: Product: QEMU USB Tablet
[   60.963326][   T30] usb 2-1: Manufacturer: QEMU
[   60.964755][   T30] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   61.015766][   T30] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0004/input/input8
[   61.126276][   T30] hid-generic 0003:0627:0001.0004: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   61.903931][ T6245] tipc: Can't bind to reserved service type 0
[   61.908908][ T6245] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[   62.207646][ T6251] pimreg: entered allmulticast mode
[   62.444924][ T6254] netlink: 'syz.2.58': attribute type 21 has an invalid length.
[   62.683315][   T39] audit: type=1326 audit(1733140434.859:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.688818][   T39] audit: type=1326 audit(1733140434.859:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.703748][   T39] audit: type=1326 audit(1733140434.869:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.58" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.715925][   T39] audit: type=1326 audit(1733140434.869:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.747606][   T39] audit: type=1326 audit(1733140434.869:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6252 comm="syz.2.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   64.605024][ T6269] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[   64.606772][ T6269] PKCS7: Only support pkcs7_signedData type
[   64.662326][ T6269] netlink: 48 bytes leftover after parsing attributes in process `syz.0.62'.
[   65.202091][ T6280] netlink: 24 bytes leftover after parsing attributes in process `syz.0.72'.
[   65.539767][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   65.580067][ T6289] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   65.599581][ T6289] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   65.605470][ T6289] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   65.608344][ T6289] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   65.619778][ T6289] geneve2: entered promiscuous mode
[   65.621466][ T6289] geneve2: entered allmulticast mode
[   65.721721][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   65.728960][    T8] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   65.732087][    T8] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   65.735366][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.739369][    T8] usb 5-1: config 0 descriptor??
[   65.744748][    T8] gspca_main: spca561-2.14.0 probing abcd:cdee
[   66.281272][    T8] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[   66.284505][    T8] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[   66.286526][    T8] usb 5-1: MIDIStreaming interface descriptor not found
[   67.244357][  T834] usb 5-1: USB disconnect, device number 2
[   67.474440][ T6341] netlink: 'syz.2.71': attribute type 2 has an invalid length.
[   67.476698][ T6341] netlink: 'syz.2.71': attribute type 11 has an invalid length.
[   67.478551][ T6341] netlink: 132 bytes leftover after parsing attributes in process `syz.2.71'.
[   67.521356][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.70'.
[   67.830298][ T6343] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   67.836879][ T6345] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   68.529906][  T834] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   68.694317][  T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   68.696941][  T834] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   68.699794][  T834] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   68.702634][  T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.707061][  T834] usb 6-1: config 0 descriptor??
[   68.711067][  T834] gspca_main: spca561-2.14.0 probing abcd:cdee
[   69.241685][  T834] spca561 6-1:0.0: probe with driver spca561 failed with error -22
[   69.245007][  T834] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[   69.247936][  T834] usb 6-1: MIDIStreaming interface descriptor not found
[   70.099233][  T833] usb 6-1: USB disconnect, device number 3
[   70.863106][ T6387] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   70.907136][ T6388] netlink: 56 bytes leftover after parsing attributes in process `syz.2.81'.
[   71.002761][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[   71.005421][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[   71.598473][ T6400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.84'.
[   72.746950][ T6423] ieee802154 phy0 wpan0: encryption failed: -22
[   73.178583][   T39] audit: type=1326 audit(1733140445.349:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.289828][   T39] audit: type=1326 audit(1733140445.349:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.296119][   T39] audit: type=1326 audit(1733140445.359:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.305925][   T39] audit: type=1326 audit(1733140445.449:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.311939][   T39] audit: type=1326 audit(1733140445.449:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.318267][   T39] audit: type=1326 audit(1733140445.489:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.327897][   T39] audit: type=1326 audit(1733140445.489:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.333790][   T39] audit: type=1326 audit(1733140445.489:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.339077][   T39] audit: type=1326 audit(1733140445.489:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf748e579 code=0x7ffc0000
[   73.453807][ T6435] syz.1.90: attempt to access beyond end of device
[   73.453807][ T6435] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0
[   73.615779][ T6438] netlink: 24 bytes leftover after parsing attributes in process `syz.3.94'.
[   73.959943][ T5985] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   74.015209][   T39] audit: type=1326 audit(1733140446.189:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6424 comm="syz.1.90" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   74.148689][ T5985] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   74.151713][ T5985] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   74.154209][ T5985] usb 8-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   74.156707][ T5985] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.164216][ T5985] usb 8-1: config 0 descriptor??
[   74.167713][ T5985] gspca_main: spca561-2.14.0 probing abcd:cdee
[   74.477627][ T6452] netlink: 24 bytes leftover after parsing attributes in process `syz.1.96'.
[   74.488518][ T6452] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   74.491164][ T6452] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   74.493511][ T6452] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   74.496016][ T6452] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   74.680605][ T5985] spca561 8-1:0.0: probe with driver spca561 failed with error -22
[   74.683288][ T5985] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   74.685247][ T5985] usb 8-1: MIDIStreaming interface descriptor not found
[   75.539870][ T6470] netlink: 56 bytes leftover after parsing attributes in process `syz.1.99'.
[   75.718212][ T6442] usb 8-1: USB disconnect, device number 2
[   75.842618][ T6481] pimreg: entered allmulticast mode
[   79.019904][ T6442] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   79.179917][ T6442] usb 8-1: Using ep0 maxpacket: 32
[   79.182782][ T6442] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   79.184928][ T6442] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   79.187141][ T6442] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   79.189513][ T6442] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   79.193813][ T6442] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   79.196356][ T6442] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   79.200749][ T6442] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   79.203223][ T6442] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.206773][ T6442] usb 8-1: config 0 descriptor??
[   79.291281][ T6527] Bluetooth: hci4: Frame reassembly failed (-84)
[   79.340603][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[   79.352909][ T1142] Bluetooth: hci4: Frame reassembly failed (-84)
[   79.498647][ T6442] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   79.514488][ T6442] usb 8-1: USB disconnect, device number 3
[   79.520948][ T6442] usblp0: removed
[   79.735933][ T6532] Zero length message leads to an empty skb
[   80.163809][   T30] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   80.319900][   T30] usb 8-1: Using ep0 maxpacket: 32
[   80.323819][   T30] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   80.326247][   T30] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   80.328534][   T30] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   80.331079][   T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   80.333622][   T30] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   80.336211][   T30] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   80.340043][   T30] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   80.342607][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.345949][   T30] usb 8-1: config 0 descriptor??
[   80.554860][   T30] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   80.736848][ T6541] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[   80.738982][ T6541] PKCS7: Only support pkcs7_signedData type
[   80.750091][ T6541] netlink: 48 bytes leftover after parsing attributes in process `syz.2.117'.
[   80.972928][ T6009] usb 8-1: USB disconnect, device number 4
[   80.977031][ T6009] usblp0: removed
[   81.243668][  T832] cfg80211: failed to load regulatory.db
[   81.319981][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   81.802209][ T6557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.121'.
[   82.904075][ T6568] netlink: 8 bytes leftover after parsing attributes in process `syz.3.123'.
[   83.450450][   T39] kauditd_printk_skb: 13 callbacks suppressed
[   83.450462][   T39] audit: type=1326 audit(1733140455.619:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.459530][   T39] audit: type=1326 audit(1733140455.629:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.465801][   T39] audit: type=1326 audit(1733140455.629:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.483558][   T39] audit: type=1326 audit(1733140455.629:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.490071][   T39] audit: type=1326 audit(1733140455.629:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.500504][   T39] audit: type=1326 audit(1733140455.629:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.509929][   T39] audit: type=1326 audit(1733140455.629:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.519497][   T39] audit: type=1326 audit(1733140455.639:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.525497][   T39] audit: type=1326 audit(1733140455.649:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   83.531250][   T39] audit: type=1326 audit(1733140455.649:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6583 comm="syz.3.125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[   84.099215][ T6601] mkiss: ax0: crc mode is auto.
[   84.381071][ T6610] =======================================================
[   84.381071][ T6610] WARNING: The mand mount option has been deprecated and
[   84.381071][ T6610]          and is ignored by this kernel. Remove the mand
[   84.381071][ T6610]          option from the mount to silence this warning.
[   84.381071][ T6610] =======================================================
[   84.428123][ T6606] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   84.439142][ T6606] netlink: 'syz.0.129': attribute type 2 has an invalid length.
[   84.590716][ T6615] bridge_slave_1: left allmulticast mode
[   84.592567][ T6615] bridge_slave_1: left promiscuous mode
[   84.594188][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.612652][ T6615] bridge_slave_0: left allmulticast mode
[   84.614291][ T6615] bridge_slave_0: left promiscuous mode
[   84.616118][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.694504][ T6616] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   84.703496][ T6616] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   85.034610][ T6616] syz.0.130 (6616) used greatest stack depth: 20760 bytes left
[   85.136187][ T6624] netlink: 'syz.3.132': attribute type 21 has an invalid length.
[   86.676460][ T6653] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   86.679378][ T6653] netlink: 'syz.2.142': attribute type 2 has an invalid length.
[   86.899861][ T6442] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   87.059840][ T6442] usb 6-1: Using ep0 maxpacket: 32
[   87.154161][ T6442] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   87.158282][ T6442] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   87.161274][ T6442] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   87.163666][ T6442] usb 6-1: Product: syz
[   87.164807][ T6442] usb 6-1: Manufacturer: syz
[   87.166077][ T6442] usb 6-1: SerialNumber: syz
[   87.169215][ T6442] usb 6-1: config 0 descriptor??
[   87.172060][ T6654] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   87.542559][ T6666] netlink: 24 bytes leftover after parsing attributes in process `syz.3.144'.
[   87.553870][ T6666] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   87.556318][ T6666] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   87.558635][ T6666] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   87.562812][ T6666] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   87.620682][ T6442] usb 6-1: USB disconnect, device number 4
[   88.152057][ T6680] bridge_slave_1: left allmulticast mode
[   88.152074][ T6680] bridge_slave_1: left promiscuous mode
[   88.152163][ T6680] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.154140][ T6680] bridge_slave_0: left allmulticast mode
[   88.154158][ T6680] bridge_slave_0: left promiscuous mode
[   88.154263][ T6680] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.348792][ T6684] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   88.429684][ T6686] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   88.436430][ T6686] netlink: 'syz.1.148': attribute type 2 has an invalid length.
[   88.848649][ T6691] netlink: 24 bytes leftover after parsing attributes in process `syz.0.149'.
[   89.039289][ T6698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.151'.
[   89.617365][ T6704] team0: entered promiscuous mode
[   89.621551][ T6704] team_slave_0: entered promiscuous mode
[   89.623182][ T6704] team_slave_1: entered promiscuous mode
[   89.624714][ T6704] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[   89.627361][ T6704] team0: left promiscuous mode
[   89.628762][ T6704] team_slave_0: left promiscuous mode
[   89.630509][ T6704] team_slave_1: left promiscuous mode
[   89.632472][ T6704] net veth1_virt_wifi virt_wifi0: left promiscuous mode
[   89.685042][ T6706] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   89.696636][ T6711] netlink: 24 bytes leftover after parsing attributes in process `syz.1.156'.
[   90.188207][ T6719] binder: 6715:6719 ioctl c0046209 0 returned -22
[   90.299157][ T6722] netlink: 'syz.0.158': attribute type 21 has an invalid length.
[   90.483175][   T39] kauditd_printk_skb: 24 callbacks suppressed
[   90.483186][   T39] audit: type=1326 audit(1733140462.659:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.0.158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   90.495984][   T39] audit: type=1326 audit(1733140462.669:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.0.158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   90.502650][   T39] audit: type=1326 audit(1733140462.669:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.0.158" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   90.509371][   T39] audit: type=1326 audit(1733140462.669:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.0.158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   90.516250][   T39] audit: type=1326 audit(1733140462.669:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.0.158" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   90.995133][ T6733] netlink: 4 bytes leftover after parsing attributes in process `syz.1.159'.
[   91.602024][ T6741] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   91.656299][ T6747] netlink: 56 bytes leftover after parsing attributes in process `syz.0.161'.
[   92.741210][ T6768] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   92.774588][ T6770] netlink: 24 bytes leftover after parsing attributes in process `syz.3.168'.
[   93.729369][ T6780] netlink: 'syz.0.170': attribute type 21 has an invalid length.
[   93.925742][ T6784] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   93.980308][   T39] audit: type=1326 audit(1733140466.149:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.0.170" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   93.994470][   T39] audit: type=1326 audit(1733140466.159:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.0.170" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   94.018165][   T39] audit: type=1326 audit(1733140466.169:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.0.170" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   94.033471][   T39] audit: type=1326 audit(1733140466.179:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.0.170" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   94.048121][   T39] audit: type=1326 audit(1733140466.179:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.0.170" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff5579 code=0x7ffc0000
[   94.163569][ T6794] netlink: 5 bytes leftover after parsing attributes in process `syz.2.174'.
[   94.167724][ T6794] 0ªX¹¦D: renamed from gretap0 (while UP)
[   94.174601][ T6794] 0ªX¹¦D: entered allmulticast mode
[   94.178180][ T6794] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   94.203819][ T6794] bridge_slave_0: left allmulticast mode
[   94.206242][ T6794] bridge_slave_0: left promiscuous mode
[   94.208554][ T6794] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.215799][ T6794] bridge_slave_1: left allmulticast mode
[   94.217624][ T6794] bridge_slave_1: left promiscuous mode
[   94.224580][ T6794] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.239532][ T6794] bond0: (slave bond_slave_0): Releasing backup interface
[   94.254753][ T6794] bond0: (slave bond_slave_1): Releasing backup interface
[   94.294229][ T6794] team0: Port device team_slave_0 removed
[   94.330372][ T6794] team0: Port device team_slave_1 removed
[   94.342405][ T6794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.344342][ T6794] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.359781][ T6794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.362044][ T6794] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.455385][ T6802] netlink: 28 bytes leftover after parsing attributes in process `syz.0.175'.
[   94.457755][ T6802] netlink: 28 bytes leftover after parsing attributes in process `syz.0.175'.
[   94.499969][   T30] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   94.666911][   T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   94.669936][   T30] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   94.673207][   T30] usb 8-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   94.676663][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.738515][   T30] usb 8-1: config 0 descriptor??
[   94.751934][   T30] gspca_main: spca561-2.14.0 probing abcd:cdee
[   95.261616][   T30] spca561 8-1:0.0: probe with driver spca561 failed with error -22
[   95.264198][   T30] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   95.266077][   T30] usb 8-1: MIDIStreaming interface descriptor not found
[   95.579465][ T6821] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   95.583041][ T6821] netlink: 'syz.2.180': attribute type 2 has an invalid length.
[   95.822501][   T39] audit: type=1326 audit(1733140467.979:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.845444][   T39] audit: type=1326 audit(1733140467.979:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.851533][   T39] audit: type=1326 audit(1733140467.989:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.860216][   T39] audit: type=1326 audit(1733140467.989:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.868800][   T39] audit: type=1326 audit(1733140467.989:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.874654][   T39] audit: type=1326 audit(1733140467.989:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.880351][   T39] audit: type=1326 audit(1733140467.989:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.886108][   T39] audit: type=1326 audit(1733140467.989:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.892167][   T39] audit: type=1326 audit(1733140467.989:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=326 compat=1 ip=0xf748e579 code=0x7ffc0000
[   95.897912][   T39] audit: type=1326 audit(1733140467.989:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6818 comm="syz.1.179" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   96.101721][ T6829] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   96.208468][ T6831] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   96.211618][   T25] usb 8-1: USB disconnect, device number 5
[   96.220564][ T6831] netlink: 'syz.2.183': attribute type 2 has an invalid length.
[   96.442648][ T6837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.185'.
[   97.257500][ T6851] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   97.258172][ T6834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   97.262658][ T6851] netlink: 'syz.0.189': attribute type 2 has an invalid length.
[   97.593762][ T6857] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   97.716577][ T6862] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   97.805730][ T6867] mkiss: ax0: crc mode is auto.
[   98.080783][ T6871] mkiss: ax0: crc mode is auto.
[   98.420408][ T6881] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   98.430286][ T6881] netlink: 'syz.3.196': attribute type 2 has an invalid length.
[   98.738700][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.198'.
[   98.739196][ T6891] unsupported nlmsg_type 40
[   99.563682][ T6891] orangefs_mount: mount request failed with -4
[   99.693904][ T6905] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[   99.916194][ T6908] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  100.229466][ T6914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.205'.
[  100.446695][ T6917] Bluetooth: MGMT ver 1.23
[  100.700404][ T6921] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  100.703144][ T6921] netlink: 'syz.3.207': attribute type 2 has an invalid length.
[  100.844175][ T6914] orangefs_mount: mount request failed with -4
[  101.015360][ T6927] netlink: 24 bytes leftover after parsing attributes in process `syz.1.209'.
[  101.223445][ T6937] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  102.106191][ T6950] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  102.109614][ T6950] netlink: 'syz.3.216': attribute type 2 has an invalid length.
[  103.480137][   T63] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  103.673765][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  103.685254][   T63] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  103.690292][   T63] usb 8-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  103.694183][   T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.731584][   T63] usb 8-1: config 0 descriptor??
[  103.773786][   T63] gspca_main: spca561-2.14.0 probing abcd:cdee
[  103.963400][ T6976] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  104.312378][   T63] spca561 8-1:0.0: probe with driver spca561 failed with error -22
[  104.315604][   T63] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  104.317703][   T63] usb 8-1: MIDIStreaming interface descriptor not found
[  104.921964][ T6989] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  105.175933][ T6442] usb 8-1: USB disconnect, device number 6
[  106.360306][   T39] kauditd_printk_skb: 22 callbacks suppressed
[  106.360321][   T39] audit: type=1326 audit(1733140478.539:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.389910][   T39] audit: type=1326 audit(1733140478.539:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.437406][   T39] audit: type=1326 audit(1733140478.609:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.460793][   T39] audit: type=1326 audit(1733140478.609:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.486350][   T39] audit: type=1326 audit(1733140478.609:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.518822][   T39] audit: type=1326 audit(1733140478.609:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.542340][ T7015] netlink: 'syz.1.230': attribute type 21 has an invalid length.
[  106.545892][   T39] audit: type=1326 audit(1733140478.609:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.563639][   T39] audit: type=1326 audit(1733140478.609:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.589197][   T39] audit: type=1326 audit(1733140478.609:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.620811][   T39] audit: type=1326 audit(1733140478.629:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.229" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  106.694903][ T7020] binder: 7016:7020 ioctl 4018620d 0 returned -22
[  106.697803][ T7020] binder: 7016:7020 ioctl c0306201 20000280 returned -11
[  108.309302][ T7043] netlink: 'syz.3.237': attribute type 5 has an invalid length.
[  108.316985][ T7043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.237'.
[  108.739816][   T63] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  108.911219][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  108.914081][   T63] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  108.917631][   T63] usb 8-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  108.921412][   T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.925762][   T63] usb 8-1: config 0 descriptor??
[  108.931004][   T63] gspca_main: spca561-2.14.0 probing abcd:cdee
[  109.408526][ T7064] netlink: 'syz.0.242': attribute type 21 has an invalid length.
[  109.582600][   T63] spca561 8-1:0.0: probe with driver spca561 failed with error -22
[  109.585955][   T63] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  109.589017][   T63] usb 8-1: MIDIStreaming interface descriptor not found
[  110.300042][   T63] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  110.310678][ T7080] netlink: 88 bytes leftover after parsing attributes in process `syz.2.246'.
[  110.371294][ T7081] netlink: 'syz.2.246': attribute type 21 has an invalid length.
[  110.371333][ T6442] usb 8-1: USB disconnect, device number 7
[  110.427524][ T7083] syz.2.246 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  110.462444][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  110.466185][   T63] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  110.469041][   T63] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  110.472470][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.475676][   T63] usb 5-1: config 0 descriptor??
[  110.479628][   T63] gspca_main: spca561-2.14.0 probing abcd:cdee
[  110.991247][   T63] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  111.007618][   T63] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  111.010780][   T63] usb 5-1: MIDIStreaming interface descriptor not found
[  111.892962][ T7112] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  111.894915][ T7112] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  111.897931][ T7112] vhci_hcd vhci_hcd.0: Device attached
[  111.968229][   T62] usb 5-1: USB disconnect, device number 3
[  112.080216][    T8] vhci_hcd: vhci_device speed not set
[  112.140046][    T8] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  112.427406][   T39] kauditd_printk_skb: 24 callbacks suppressed
[  112.427509][   T39] audit: type=1326 audit(1733140484.579:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.446696][   T39] audit: type=1326 audit(1733140484.589:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.481415][   T39] audit: type=1326 audit(1733140484.589:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.496032][   T39] audit: type=1326 audit(1733140484.589:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.504367][   T39] audit: type=1326 audit(1733140484.589:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.512236][   T39] audit: type=1326 audit(1733140484.589:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.519798][   T39] audit: type=1326 audit(1733140484.589:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.527436][   T39] audit: type=1326 audit(1733140484.589:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.537844][   T39] audit: type=1326 audit(1733140484.589:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.3.252" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  112.768775][ T7126] input: syz1 as /devices/virtual/input/input9
[  113.002423][ T7127] netlink: 48 bytes leftover after parsing attributes in process `syz.2.253'.
[  113.729901][ T7113] vhci_hcd: connection reset by peer
[  113.738333][ T1214] vhci_hcd: stop threads
[  113.752514][ T1214] vhci_hcd: release socket
[  113.838810][ T1214] vhci_hcd: disconnect device
[  113.941352][ T7134] pimreg: entered allmulticast mode
[  114.229790][  T832] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  114.400006][  T832] usb 6-1: Using ep0 maxpacket: 16
[  114.413887][  T832] usb 6-1: config 0 has no interfaces?
[  114.430844][  T832] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  114.461436][  T832] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.464774][  T832] usb 6-1: Product: syz
[  114.466170][  T832] usb 6-1: Manufacturer: syz
[  114.467736][  T832] usb 6-1: SerialNumber: syz
[  114.473843][  T832] usb 6-1: config 0 descriptor??
[  115.521572][   T25] usb 6-1: USB disconnect, device number 5
[  115.735576][ T7162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[  115.775820][ T7162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[  116.060065][   T63] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  116.239936][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  116.244420][   T63] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  116.263909][   T63] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  116.269817][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.273390][ T7170] binder: BINDER_SET_CONTEXT_MGR already set
[  116.275272][ T7170] binder: 7169:7170 ioctl 4018620d 200001c0 returned -16
[  116.282101][   T63] usb 5-1: config 0 descriptor??
[  116.287686][   T63] gspca_main: spca561-2.14.0 probing abcd:cdee
[  116.844648][   T63] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  116.850582][   T63] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  116.852489][   T63] usb 5-1: MIDIStreaming interface descriptor not found
[  117.332279][    T8] vhci_hcd: vhci_device speed not set
[  117.813512][   T30] usb 5-1: USB disconnect, device number 4
[  118.426109][ T7198] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  118.525411][ T7205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.274'.
[  118.676365][ T7206] netlink: 'syz.3.273': attribute type 21 has an invalid length.
[  118.837747][ T7211] usb 2-1: USB disconnect, device number 5
[  118.962658][ T7217] hub 2-0:1.0: USB hub found
[  118.964899][ T7217] hub 2-0:1.0: 6 ports detected
[  118.994756][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.275'.
[  119.330456][ T5847] usb 2-1: new high-speed USB device number 6 using ehci-pci
[  119.356591][   T39] audit: type=1326 audit(1733140491.529:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.363067][   T39] audit: type=1326 audit(1733140491.529:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.375182][   T39] audit: type=1326 audit(1733140491.529:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.381295][   T39] audit: type=1326 audit(1733140491.529:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.387366][   T39] audit: type=1326 audit(1733140491.529:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.393331][   T39] audit: type=1326 audit(1733140491.539:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.399223][   T39] audit: type=1326 audit(1733140491.549:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.406727][   T39] audit: type=1326 audit(1733140491.549:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz.3.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  119.506162][ T5847] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  119.508926][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  119.519621][ T5847] usb 2-1: Product: QEMU USB Tablet
[  119.522817][ T5847] usb 2-1: Manufacturer: QEMU
[  119.526914][ T5847] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  119.661828][ T5847] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0005/input/input10
[  119.686535][ T5847] hid-generic 0003:0627:0001.0005: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  119.851778][ T7232] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  119.863337][ T7232] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  119.995139][ T7232] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  120.020365][ T7232] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  120.022501][ T7232] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.037143][ T7232] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  120.043094][ T7232] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  120.045104][ T7232] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  120.069872][ T7232] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  120.073621][ T7232] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  120.075220][ T7232] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  120.080120][ T7232] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  120.529952][   T25] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  120.700046][   T25] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  120.703443][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.706332][   T25] usb 5-1: Product: syz
[  120.707955][   T25] usb 5-1: Manufacturer: syz
[  120.709649][   T25] usb 5-1: SerialNumber: syz
[  120.713891][   T25] usb 5-1: config 0 descriptor??
[  120.713973][ T7246] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  121.209200][   T63] usb 5-1: USB disconnect, device number 5
[  121.889920][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  122.039820][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  122.119864][ T5950] Bluetooth: hci3: command 0x0419 tx timeout
[  122.119878][   T66] Bluetooth: hci2: command 0x0c1a tx timeout
[  122.541455][ T7264] fuse: Unknown parameter '
'
[  123.089904][    T8] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  123.469837][    T8] usb 8-1: device descriptor read/64, error -71
[  123.719857][    T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  123.850125][    T8] usb 8-1: device descriptor read/64, error -71
[  123.959884][   T66] Bluetooth: hci0: command 0x0c1a tx timeout
[  124.000377][    T8] usb usb8-port1: attempt power cycle
[  124.119895][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  124.199964][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  124.200004][ T5302] Bluetooth: hci3: command 0x0419 tx timeout
[  124.349960][    T8] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  124.372312][    T8] usb 8-1: device descriptor read/8, error -71
[  124.495976][ T7292] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  124.498918][ T7292] netlink: 'syz.0.294': attribute type 2 has an invalid length.
[  124.609861][    T8] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  124.630350][    T8] usb 8-1: device descriptor read/8, error -71
[  124.740019][    T8] usb usb8-port1: unable to enumerate USB device
[  126.042969][ T5302] Bluetooth: hci0: command 0x0c1a tx timeout
[  126.209967][ T5302] Bluetooth: hci1: command 0x0c1a tx timeout
[  126.216070][ T7308] netlink: 92 bytes leftover after parsing attributes in process `syz.0.299'.
[  126.279888][ T5302] Bluetooth: hci3: command 0x0419 tx timeout
[  126.280019][   T66] Bluetooth: hci2: command 0x0c1a tx timeout
[  126.506734][ T7315] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  126.509644][ T7315] netlink: 'syz.3.301': attribute type 2 has an invalid length.
[  126.539900][   T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  126.701066][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  126.703563][   T25] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  126.706113][   T25] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  126.708595][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.716349][   T25] usb 5-1: config 0 descriptor??
[  126.723295][   T25] gspca_main: spca561-2.14.0 probing abcd:cdee
[  126.889355][ T7325] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  126.893433][ T7325] netlink: 'syz.1.303': attribute type 2 has an invalid length.
[  127.231627][   T25] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  127.234143][   T25] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  127.239272][   T25] usb 5-1: MIDIStreaming interface descriptor not found
[  127.512287][ T7344] netlink: 'syz.2.305': attribute type 1 has an invalid length.
[  127.514440][ T7344] netlink: 224 bytes leftover after parsing attributes in process `syz.2.305'.
[  127.701448][ T7363] netlink: 24 bytes leftover after parsing attributes in process `syz.3.307'.
[  128.279912][   T66] Bluetooth: hci1: command 0x0c1a tx timeout
[  128.281091][  T834] usb 5-1: USB disconnect, device number 6
[  128.359926][   T66] Bluetooth: hci3: command 0x0419 tx timeout
[  128.489893][ T6442] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  128.527658][ T7384] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  128.530737][ T7384] netlink: 'syz.3.310': attribute type 2 has an invalid length.
[  128.597603][ T7386] sctp: [Deprecated]: syz.3.311 (pid 7386) Use of struct sctp_assoc_value in delayed_ack socket option.
[  128.597603][ T7386] Use struct sctp_sack_info instead
[  128.641244][ T6442] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  128.644572][ T6442] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  128.647839][ T6442] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  128.651718][ T6442] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.655839][ T6442] usb 6-1: config 0 descriptor??
[  128.659140][ T6442] gspca_main: spca561-2.14.0 probing abcd:cdee
[  128.679073][ T7388] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  128.682722][ T7388] netlink: 'syz.3.312': attribute type 2 has an invalid length.
[  128.830169][   T39] audit: type=1326 audit(1733140500.999:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7fc00000
[  128.846882][   T39] audit: type=1326 audit(1733140501.019:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.313" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf73ce579 code=0x7fc00000
[  128.955956][ T7394] fuse: Unknown parameter 'ûd¡'
[  129.171724][ T6442] spca561 6-1:0.0: probe with driver spca561 failed with error -22
[  129.174150][ T6442] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  129.176020][ T6442] usb 6-1: MIDIStreaming interface descriptor not found
[  129.629864][   T39] audit: type=1326 audit(1733140501.799:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7fc00000
[  129.685691][ T7391] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.832947][ T7406] netlink: 420 bytes leftover after parsing attributes in process `syz.3.316'.
[  129.836703][ T7406] netlink: 420 bytes leftover after parsing attributes in process `syz.3.316'.
[  130.059948][ T7408] mkiss: ax0: crc mode is auto.
[  130.153958][ T7408] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  130.201269][  T834] usb 6-1: USB disconnect, device number 6
[  130.322086][ T7414] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  130.325234][ T7414] netlink: 'syz.2.319': attribute type 2 has an invalid length.
[  130.444874][ T7425] nvme_fabrics: unknown parameter or missing value 'ïÃ' in ctrl creation request
[  130.447745][ T7425] netlink: 'syz.2.321': attribute type 2 has an invalid length.
[  130.599961][    T8] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  130.781411][    T8] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  130.783627][    T8] usb 5-1: config 0 has no interface number 0
[  130.785314][    T8] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  130.788205][    T8] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  130.793476][    T8] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  130.797094][    T8] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 632, setting to 64
[  130.801330][    T8] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  130.832043][    T8] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  130.834038][ T7446] netlink: 92 bytes leftover after parsing attributes in process `syz.1.323'.
[  130.845085][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.858081][    T8] usb 5-1: config 0 descriptor??
[  130.876798][ T7418] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  130.893876][    T8] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  131.159464][ T6009] usb 5-1: USB disconnect, device number 7
[  131.164208][ T6009] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  131.319822][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  131.598687][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  131.602094][    T8] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  131.605360][    T8] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  131.608264][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.617110][    T8] usb 6-1: config 0 descriptor??
[  131.623133][    T8] gspca_main: spca561-2.14.0 probing abcd:cdee
[  131.686901][ T7456] input: syz0 as /devices/virtual/input/input11
[  131.943877][ T7410] delete_channel: no stack
[  131.947980][ T7410] delete_channel: no stack
[  132.131538][    T8] spca561 6-1:0.0: probe with driver spca561 failed with error -22
[  132.135938][    T8] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  132.138123][    T8] usb 6-1: MIDIStreaming interface descriptor not found
[  132.456329][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.458878][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  132.722977][ T7465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.326'.
[  132.920926][ T6442] usb 6-1: USB disconnect, device number 7
[  148.592340][ T1412] ==================================================================
[  148.594622][ T1412] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630
SYZFAIL: failed to recv rpc
[  148.596474][ T1412] Read of size 1 at addr ffff88804b4a8490 by task aoe_tx0/1412
[  148.599863][ T1412] 
[  148.601523][ T1412] CPU: 0 UID: 0 PID: 1412 Comm: aoe_tx0 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  148.605554][ T1412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.609101][ T1412] Call Trace:
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  148.610309][ T1412]  <TASK>
[  148.611287][ T1412]  dump_stack_lvl+0x116/0x1f0
[  148.612975][ T1412]  print_report+0xc3/0x620
[  148.614758][ T1412]  ? __virt_addr_valid+0x5e/0x590
[  148.616770][ T1412]  ? __phys_addr+0xc6/0x150
[  148.618372][ T1412]  kasan_report+0xd9/0x110
[  148.620062][ T1412]  ? handle_tx+0x5dc/0x630
[  148.621813][ T1412]  ? handle_tx+0x5dc/0x630
[  148.623759][ T1412]  handle_tx+0x5dc/0x630
[  148.625632][ T1412]  dev_hard_start_xmit+0x9a/0x7b0
[  148.627645][ T1412]  __dev_queue_xmit+0x7f0/0x43e0
[  148.630156][ T1412]  ? __pfx___dev_queue_xmit+0x10/0x10
[  148.632633][ T1412]  ? __pfx___lock_acquire+0x10/0x10
[  148.634542][ T1412]  ? __pfx___lock_acquire+0x10/0x10
[  148.636048][ T1412]  ? lock_acquire.part.0+0x11b/0x380
[  148.637484][ T1412]  ? find_held_lock+0x2d/0x110
[  148.638825][ T1412]  ? find_held_lock+0x2d/0x110
[  148.640144][ T1412]  ? tx+0xa8/0x190
[  148.641173][ T1412]  ? __pfx_lock_release+0x10/0x10
[  148.642578][ T1412]  ? lock_acquire+0x2f/0xb0
[  148.643825][ T1412]  tx+0xcc/0x190
[  148.644819][ T1412]  ? __pfx_tx+0x10/0x10
[  148.645949][ T1412]  kthread+0x1e7/0x3c0
[  148.647066][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.648309][ T1412]  ? __pfx_default_wake_function+0x10/0x10
[  148.649897][ T1412]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.651727][ T1412]  ? __kthread_parkme+0x148/0x220
[  148.653355][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.654732][ T1412]  kthread+0x2c1/0x3a0
[  148.656007][ T1412]  ? _raw_spin_unlock_irq+0x23/0x50
[  148.657517][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.658865][ T1412]  ret_from_fork+0x45/0x80
[  148.660144][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.661494][ T1412]  ret_from_fork_asm+0x1a/0x30
[  148.662710][ T1412]  </TASK>
[  148.663520][ T1412] 
[  148.664613][ T1412] Allocated by task 6601:
[  148.666616][ T1412]  kasan_save_stack+0x33/0x60
[  148.668199][ T1412]  kasan_save_track+0x14/0x30
[  148.669667][ T1412]  __kasan_kmalloc+0xaa/0xb0
[  148.671220][ T1412]  alloc_tty_struct+0x98/0x8d0
[  148.672622][ T1412]  tty_init_dev.part.0+0x1e/0x660
[  148.674193][ T1412]  tty_open+0xac1/0xf80
[  148.675467][ T1412]  chrdev_open+0x237/0x6a0
[  148.676778][ T1412]  do_dentry_open+0xf59/0x1ea0
[  148.678177][ T1412]  vfs_open+0x82/0x3f0
[  148.679304][ T1412]  path_openat+0x1e6a/0x2d60
[  148.680571][ T1412]  do_filp_open+0x20c/0x470
[  148.681742][ T1412]  do_sys_openat2+0x17a/0x1e0
[  148.683006][ T1412]  __ia32_compat_sys_openat+0x16e/0x210
[  148.684815][ T1412]  __do_fast_syscall_32+0x73/0x120
[  148.686225][ T1412]  do_fast_syscall_32+0x32/0x80
[  148.687906][ T1412]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  148.690177][ T1412] 
[  148.691036][ T1412] Freed by task 6005:
[  148.692660][ T1412]  kasan_save_stack+0x33/0x60
[  148.694115][ T1412]  kasan_save_track+0x14/0x30
[  148.695358][ T1412]  kasan_save_free_info+0x3b/0x60
[  148.696684][ T1412]  __kasan_slab_free+0x51/0x70
[  148.697854][ T1412]  kfree+0x14f/0x4b0
[  148.698962][ T1412]  process_one_work+0x958/0x1b30
[  148.700345][ T1412]  worker_thread+0x6c8/0xf00
[  148.701597][ T1412]  kthread+0x2c1/0x3a0
[  148.702665][ T1412]  ret_from_fork+0x45/0x80
[  148.703869][ T1412]  ret_from_fork_asm+0x1a/0x30
[  148.705229][ T1412] 
[  148.706135][ T1412] Last potentially related work creation:
[  148.708097][ T1412]  kasan_save_stack+0x33/0x60
[  148.709679][ T1412]  __kasan_record_aux_stack+0xba/0xd0
[  148.711290][ T1412]  insert_work+0x36/0x230
[  148.712766][ T1412]  __queue_work+0x97e/0x1080
[  148.714275][ T1412]  queue_work_on+0x11a/0x140
[  148.715792][ T1412]  release_tty+0x4de/0x5d0
[  148.717291][ T1412]  tty_release_struct+0xb7/0xe0
[  148.718819][ T1412]  tty_release+0xe25/0x1410
[  148.720169][ T1412]  __fput+0x3f8/0xb60
[  148.721232][ T1412]  task_work_run+0x14e/0x250
[  148.722452][ T1412]  do_exit+0xadd/0x2d70
[  148.723755][ T1412]  do_group_exit+0xd3/0x2a0
[  148.725309][ T1412]  get_signal+0x2576/0x2610
[  148.726516][ T1412]  arch_do_signal_or_restart+0x90/0x7e0
[  148.728004][ T1412]  syscall_exit_to_user_mode+0x150/0x2a0
[  148.729513][ T1412]  ret_from_fork_asm+0x1a/0x30
[  148.730806][ T1412] 
[  148.731486][ T1412] The buggy address belongs to the object at ffff88804b4a8000
[  148.731486][ T1412]  which belongs to the cache kmalloc-cg-2k of size 2048
[  148.735357][ T1412] The buggy address is located 1168 bytes inside of
[  148.735357][ T1412]  freed 2048-byte region [ffff88804b4a8000, ffff88804b4a8800)
[  148.739068][ T1412] 
[  148.739744][ T1412] The buggy address belongs to the physical page:
[  148.741532][ T1412] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88804b4aa000 pfn:0x4b4a8
[  148.744568][ T1412] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  148.747023][ T1412] memcg:ffff888047172401
[  148.748515][ T1412] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[  148.751075][ T1412] page_type: f5(slab)
[  148.752243][ T1412] raw: 04fff00000000240 ffff88801ac50140 ffffea0001a80810 ffffea000199ce10
[  148.754630][ T1412] raw: ffff88804b4aa000 0000000000080007 00000001f5000000 ffff888047172401
[  148.757105][ T1412] head: 04fff00000000240 ffff88801ac50140 ffffea0001a80810 ffffea000199ce10
[  148.759515][ T1412] head: ffff88804b4aa000 0000000000080007 00000001f5000000 ffff888047172401
[  148.762049][ T1412] head: 04fff00000000003 ffffea00012d2a01 ffffffffffffffff 0000000000000000
[  148.764615][ T1412] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  148.767278][ T1412] page dumped because: kasan: bad access detected
[  148.769685][ T1412] page_owner tracks the page as allocated
[  148.771312][ T1412] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5949, tgid 5949 (syz-executor), ts 46184751657, free_ts 46175733618
[  148.777020][ T1412]  post_alloc_hook+0x2d1/0x350
[  148.778269][ T1412]  get_page_from_freelist+0xfce/0x2f80
[  148.779741][ T1412]  __alloc_pages_noprof+0x223/0x25b0
[  148.781290][ T1412]  alloc_pages_mpol_noprof+0x2c9/0x610
[  148.782892][ T1412]  new_slab+0x2c9/0x410
[  148.784170][ T1412]  ___slab_alloc+0xd1d/0x16e0
[  148.785622][ T1412]  __slab_alloc.constprop.0+0x56/0xb0
[  148.787167][ T1412]  __kmalloc_noprof+0x2de/0x4f0
[  148.788489][ T1412]  __register_sysctl_table+0xb4/0x18c0
[  148.789932][ T1412]  __devinet_sysctl_register+0x1b5/0x360
[  148.791403][ T1412]  devinet_sysctl_register+0x17b/0x200
[  148.792834][ T1412]  inetdev_init+0x2be/0x5a0
[  148.794017][ T1412]  inetdev_event+0xb17/0x16b0
[  148.795241][ T1412]  notifier_call_chain+0xb7/0x410
[  148.796554][ T1412]  call_netdevice_notifiers_info+0xbe/0x140
[  148.798070][ T1412]  register_netdevice+0x1728/0x1e20
[  148.799412][ T1412] page last free pid 5949 tgid 5949 stack trace:
[  148.801046][ T1412]  free_unref_page+0x661/0x1080
[  148.802278][ T1412]  __put_partials+0x14c/0x170
[  148.803714][ T1412]  qlist_free_all+0x4e/0x120
[  148.805265][ T1412]  kasan_quarantine_reduce+0x195/0x1e0
[  148.807021][ T1412]  __kasan_slab_alloc+0x69/0x90
[  148.808547][ T1412]  kmem_cache_alloc_lru_noprof+0x1c8/0x3b0
[  148.810372][ T1412]  __d_alloc+0x35/0x8c0
[  148.811839][ T1412]  d_alloc+0x4a/0x1e0
[  148.813271][ T1412]  d_alloc_parallel+0xe9/0x12b0
[  148.815150][ T1412]  __lookup_slow+0x194/0x460
[  148.816386][ T1412]  lookup_one_len+0x181/0x1b0
[  148.817675][ T1412]  start_creating.part.0+0x12f/0x3a0
[  148.819207][ T1412]  __debugfs_create_file+0xa5/0x660
[  148.820580][ T1412]  debugfs_create_bool+0x70/0xa0
[  148.821884][ T1412]  nsim_bpf_init+0x144/0x2e0
[  148.823183][ T1412]  nsim_create+0x6f1/0xb20
[  148.824399][ T1412] 
[  148.825035][ T1412] Memory state around the buggy address:
[  148.826964][ T1412]  ffff88804b4a8380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  148.829186][ T1412]  ffff88804b4a8400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  148.831255][ T1412] >ffff88804b4a8480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  148.833695][ T1412]                          ^
[  148.835073][ T1412]  ffff88804b4a8500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  148.837445][ T1412]  ffff88804b4a8580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  148.839574][ T1412] ==================================================================
[  148.841891][ T1412] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  148.844104][ T1412] CPU: 0 UID: 0 PID: 1412 Comm: aoe_tx0 Not tainted 6.13.0-rc1-syzkaller-00001-ge70140ba0d2b #0
[  148.847233][ T1412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.850528][ T1412] Call Trace:
[  148.851677][ T1412]  <TASK>
[  148.853031][ T1412]  dump_stack_lvl+0x3d/0x1f0
[  148.854828][ T1412]  panic+0x71d/0x800
[  148.856015][ T1412]  ? __pfx_panic+0x10/0x10
[  148.857199][ T1412]  ? check_panic_on_warn+0x1f/0xb0
[  148.858626][ T1412]  check_panic_on_warn+0xab/0xb0
[  148.859920][ T1412]  end_report+0x117/0x180
[  148.861097][ T1412]  kasan_report+0xe9/0x110
[  148.862291][ T1412]  ? handle_tx+0x5dc/0x630
[  148.863504][ T1412]  ? handle_tx+0x5dc/0x630
[  148.864756][ T1412]  handle_tx+0x5dc/0x630
[  148.865876][ T1412]  dev_hard_start_xmit+0x9a/0x7b0
[  148.867632][ T1412]  __dev_queue_xmit+0x7f0/0x43e0
[  148.869077][ T1412]  ? __pfx___dev_queue_xmit+0x10/0x10
[  148.870756][ T1412]  ? __pfx___lock_acquire+0x10/0x10
[  148.872248][ T1412]  ? __pfx___lock_acquire+0x10/0x10
[  148.873800][ T1412]  ? lock_acquire.part.0+0x11b/0x380
[  148.875230][ T1412]  ? find_held_lock+0x2d/0x110
[  148.876478][ T1412]  ? find_held_lock+0x2d/0x110
[  148.877717][ T1412]  ? tx+0xa8/0x190
[  148.878696][ T1412]  ? __pfx_lock_release+0x10/0x10
[  148.879998][ T1412]  ? lock_acquire+0x2f/0xb0
[  148.881180][ T1412]  tx+0xcc/0x190
[  148.882125][ T1412]  ? __pfx_tx+0x10/0x10
[  148.883201][ T1412]  kthread+0x1e7/0x3c0
[  148.884566][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.885936][ T1412]  ? __pfx_default_wake_function+0x10/0x10
[  148.887800][ T1412]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.889540][ T1412]  ? __kthread_parkme+0x148/0x220
[  148.891243][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.892462][ T1412]  kthread+0x2c1/0x3a0
[  148.893693][ T1412]  ? _raw_spin_unlock_irq+0x23/0x50
[  148.895335][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.896735][ T1412]  ret_from_fork+0x45/0x80
[  148.898020][ T1412]  ? __pfx_kthread+0x10/0x10
[  148.899363][ T1412]  ret_from_fork_asm+0x1a/0x30
[  148.900626][ T1412]  </TASK>
[  148.901894][ T1412] Kernel Offset: disabled
[  148.903037][ T1412] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:55:20  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851531d5 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc9000739f498
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000065 R14=ffffffff85153170 R15=0000000000000000
RIP=ffffffff851531ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c36e65d CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000005b3ba7 RBX=0000000000000001 RCX=ffffffff8b1ab889 RDX=0000000000000000
RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb136c0 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901cb190 R15=0000000000000000
RIP=ffffffff8b1acc6f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000056acd99c CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c78fdc8dcac913c 5c34bb70bf6b4a56
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3e5fd38951398895 44501914aecd3c10
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 32d93cfc31fc5f70 8a8f4f713aef17ba
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d97f1eb5ae260d74 32976ec106a676d3
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 efbde9f0dc6b7673 b0f70bcfc4c61457
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d76150c92c47b974 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 90dd184e565d4d92 13f45e793817423b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6a1e918b00000000 8c7d307a884e2220
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e883bbd2602678de 3f816d45b85d3898
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b97cfd7e27225f79 6ae826171983d555
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000007 RBX=1ffff92000d5bf5c RCX=ffffffff81763879 RDX=0000000000000000
RSI=ffffffff8bb13640 RDI=ffffffff8d82abf0 RBP=ffffffff901ce494 RSP=ffffc90006adfad0
R8 =0000000000000000 R9 =fffffbfff2039632 R10=ffffffff901cb197 R11=0000000000000002
R12=ffffffff8ddba940 R13=ffff88801acb0000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff817638ac RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7fb6e40 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 005858585858582e 7a7973d0000000e4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ff0f0e0d0c0b0a09
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000000 RBX=ffff8880290f72e8 RCX=ffffffff81e4894e RDX=ffff888021ea8000
RSI=00000000f6556000 RDI=ffff8880212b6b40 RBP=00000000f6556000 RSP=ffffc90003eff848
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000003
R12=ffff8880212b6b40 R13=00000000f6556000 R14=ffffc90003eff8b0 R15=8000000000000027
RIP=ffffffff81994098 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7465004 CR3=000000006e44c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000