last executing test programs:

2m59.544470507s ago: executing program 1 (id=230):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002000)=[{{&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000100)="146c", 0x2}], 0x1}}], 0x1, 0x20004000)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'wlan0\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x50, 0x0, 0x8000000, 0x0, 0x35, 0x2}})
getsockname$packet(r1, &(0x7f0000001480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x5)
connect$caif(r2, &(0x7f0000000040)=@util={0x25, "3c951a3592ed7f57fab3760872e47ee9"}, 0x18)
r3 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
getsockname$netlink(r1, &(0x7f0000000100), &(0x7f00000003c0)=0xc)
epoll_create1(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={0xffffffffffffffff, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x8fff5], 0x0, 0x0, 0x1f, 0x1}}, 0x3c)
recvmmsg$unix(r6, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r7 = openat$autofs(0xffffff9c, &(0x7f0000000240), 0x80481, 0x0)
close(r7)
socket$inet6_sctp(0xa, 0x5, 0x84)

2m58.709022547s ago: executing program 1 (id=239):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000048000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8905, &(0x7f0000000100)={'vlan0\x00', 0x0})
fsopen(&(0x7f0000005880)='zonefs\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x8000, 0x0, @mcast2, 0x7}, 0x1c)
getsockopt$inet6_int(r3, 0x29, 0x10, 0x0, &(0x7f00000002c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

2m58.707260866s ago: executing program 1 (id=241):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0xff)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
recvmsg(r2, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407006}, 0x40000106)
connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
r3 = socket$kcm(0x2b, 0x1, 0x0)
r4 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r4, 0xc0184800, 0x0)
setsockopt$sock_attach_bpf(r3, 0x6, 0x1b, &(0x7f0000000240), 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180))
ioctl$vim2m_VIDIOC_TRY_FMT(r1, 0xc0cc5640, &(0x7f0000000340)={0x2, @win={{0xfffffff3, 0x3, 0xd4e, 0xfffffffc}, 0x8, 0x6, &(0x7f0000000140)={{0x10001, 0x401, 0xfffffff2, 0x2897}, &(0x7f0000000100)={{0x4, 0x1, 0x3, 0x8e}, &(0x7f00000000c0)={{0x7, 0x7, 0x6, 0xa}}}}, 0x401, &(0x7f0000000280)="536948fddf609642dc9e92d18c79ea8dd8ce427f0855e5d4a5e765155c2ae486bbc71efbcb44187437f6835035d95010cca7cac23b35849d213f1c7d0fdaa9a5e80f9461577c1317fcf36a0703b2afe327d466b47905b107d16fb581513f7424961c0faa532c86619cafd6b1875b447c74079a4d07c45969ad253f3fb3d13e44257742ab96f3cd3d6061f43f9822a6ae407db39275fb0aa70dc98b94ca0ec1be8e68a565e65b9d875c25a5c4d482aceffb0d19eb9388d1aed820352e", 0x80}})

2m58.533638999s ago: executing program 1 (id=244):
openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'})
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x0, @remote, 'pim6reg1\x00'}}, 0x1e)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000d00)=@urb_type_iso={0x4, {0x1, 0x1}, 0x0, 0x0, 0x0, 0xfffffffffffffe90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
sendfile(r4, r4, 0x0, 0x7f03)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m58.333749999s ago: executing program 1 (id=245):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
open_by_handle_at(r1, &(0x7f0000000240)=@isofs_parent={0x14, 0x2, {0x101, 0x1, 0xffff, 0x6, 0x6, 0x8}}, 0x2000)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x28, r4, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r5}, @val={0xc}}}}, 0x28}}, 0x0)
recvmmsg(r2, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000004700)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r8, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r9, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r10}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r11, 0x8933, &(0x7f0000000000)={'team0\x00', <r12=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x3c}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r7, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
ptrace(0x10, r0)
r13 = syz_open_procfs(r0, &(0x7f0000000040)='status\x00')
preadv(r13, &(0x7f0000000680)=[{&(0x7f0000000400)=""/121, 0x79}], 0x1, 0xffffffff, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @nested={0x4, 0x15}]}]}, 0x28}}, 0x0)

2m57.813837009s ago: executing program 1 (id=246):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x4}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$evdev(&(0x7f0000005e80), 0x4, 0x42)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r3 = io_uring_setup(0x4668, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000280)='attr\x00')
fchdir(r6)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = dup(r4)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$EVIOCGPROP(r8, 0x40047438, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x0)

2m57.761574592s ago: executing program 32 (id=246):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x4}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$evdev(&(0x7f0000005e80), 0x4, 0x42)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r3 = io_uring_setup(0x4668, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000280)='attr\x00')
fchdir(r6)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = dup(r4)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$EVIOCGPROP(r8, 0x40047438, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0}, 0x0)

1m6.917942206s ago: executing program 2 (id=1266):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x2, 0x4, 0x3ac, 0xffffffff, 0x0, 0x1f8, 0x0, 0xfeffffff, 0xffffffff, 0x2e4, 0x2e4, 0x2e4, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0x10c, 0x130, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}, @common=@inet=@length={{0x28}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0x1f8}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'netpci0\x00', 'hsr0\x00'}, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @local}, @mcast1, [], [], 'veth0_virt_wifi\x00', 'syzkaller1\x00'}, 0x0, 0xc8, 0xec, 0x0, {}, [@common=@ipv6header={{0x24}}]}, @common=@inet=@SYNPROXY={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x408)
r1 = openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
ioctl$VT_RESIZEX(r1, 0x40047101, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72edde"], 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2})
r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r6 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
keyctl$set_timeout(0xf, r6, 0x4e0)
keyctl$dh_compute(0x17, &(0x7f00000002c0)={r5, r6, r5}, &(0x7f0000000040)=""/217, 0xd9, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x19, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000019000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1m6.023228828s ago: executing program 2 (id=1275):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="b00000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000008000128009000100766c616e00000000700002800c0002001f0000001f0000000600010001000000580003800c00010004000000030000000c000100bd000000040000000c00010005000000000000000c000100090000009e0000000c000100020000000000ffff0c00010005000000080000000c000100c50000000800000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3, @ANYBLOB="4a9581128ea644b02bdc0a4979e88baadb34192b56589982a977a909876576e9e1bd5eed47644355b745ce7249f516d258003dd1e7150482521cb874ae2c3ad5f90cfd3c0abb0378547cc9f8b12c8253d123bd1aafbcb690f55682b62b7eb5259d301fcf73abdeea1a62c2762456033ca3c4b552ad42f91b3e725d612681cb5ffe85c1"], 0xb0}, 0x1, 0x0, 0x0, 0x600}, 0x0)
socket(0x3, 0x1, 0x9d)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
pread64(r5, &(0x7f0000000380)=""/232, 0xe8, 0x2)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)

1m5.881303107s ago: executing program 2 (id=1277):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000048000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000040), &(0x7f00000000c0)=0x8)
r2 = getpid()
r3 = gettid()
rt_tgsigqueueinfo(r2, r3, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x8f3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4fed0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

1m5.821957414s ago: executing program 2 (id=1279):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x30, 0x1, 0x1, "1c13ebdaf2f20d57185fd75a206d58e85b2197edb1479b0400", 0x35315258})
r4 = dup(r2)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000010000085000000060000009500"/152], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000004340), r6)
sendmsg$NFC_CMD_VENDOR(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000043c0)={&(0x7f0000000600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010027bd7000f7dbdf251d00000008000100", @ANYRES32=0x0, @ANYBLOB="08001d000500000008001e00dcffffff08000100", @ANYRES32], 0x34}}, 0x40002)
r8 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r9, 0x10, &(0x7f0000000140))
getdents64(r8, &(0x7f0000000300)=""/154, 0x9a)
socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r10, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000050}, 0x20004014)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x30, r11, 0x1, 0x10000, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0)

1m4.884681767s ago: executing program 2 (id=1289):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="20000000111401eeffffffffffffff00080003000200e3ff0700015fe4000000"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
openat$tun(0xffffff9c, &(0x7f0000000040), 0x460940, 0x0)
r3 = openat$apparmor_task_current(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$apparmor_current(r3, &(0x7f00000001c0)=@profile={'changeprofile ', '/dev/net/tun\x00'}, 0x1b)
r4 = socket(0x1e, 0x1, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x85, &(0x7f0000000000)=@req3={0xa, 0x0, 0x5, 0x0, 0x779e76b7, 0x3}, 0x1c)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x37, @tick=0x7c8, 0x0, {0x0, 0x3}})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="20000000111401eeffffffffffffff00080003000200e3ff0700015fe4000000"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) (async)
socket$kcm(0x10, 0x2, 0x0) (async)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
openat$tun(0xffffff9c, &(0x7f0000000040), 0x460940, 0x0) (async)
openat$apparmor_task_current(0xffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
write$apparmor_current(r3, &(0x7f00000001c0)=@profile={'changeprofile ', '/dev/net/tun\x00'}, 0x1b) (async)
socket(0x1e, 0x1, 0x0) (async)
setsockopt$packet_tx_ring(r4, 0x10f, 0x85, &(0x7f0000000000)=@req3={0xa, 0x0, 0x5, 0x0, 0x779e76b7, 0x3}, 0x1c) (async)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) (async)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x37, @tick=0x7c8, 0x0, {0x0, 0x3}}) (async)

1m3.868966546s ago: executing program 2 (id=1293):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x10000, 0xb5, &(0x7f0000000140)=""/181, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4)
setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x48)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = gettid()
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r4, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
write$rfkill(r4, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r5=>0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
timer_settime(r5, 0x0, &(0x7f0000000280)={{r6, r7+10000000}, {0x0, 0x3938700}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x8000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r8 = getpid()
fsopen(0x0, 0x70008dc0656b0b75)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

1m3.834407995s ago: executing program 33 (id=1293):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x10000, 0xb5, &(0x7f0000000140)=""/181, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4)
setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x48)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = gettid()
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r4, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
write$rfkill(r4, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r5=>0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r6=>0x0, <r7=>0x0})
timer_settime(r5, 0x0, &(0x7f0000000280)={{r6, r7+10000000}, {0x0, 0x3938700}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x3, 0x10)
openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x8000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r8 = getpid()
fsopen(0x0, 0x70008dc0656b0b75)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

4.182040692s ago: executing program 0 (id=1922):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
ioctl$VT_RESIZEX(r0, 0x40047101, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72edde"], 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2})
r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
r6 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
keyctl$set_timeout(0xf, r6, 0x4e0)
keyctl$dh_compute(0x17, &(0x7f00000002c0)={r5, r6, r5}, &(0x7f0000000040)=""/217, 0xd9, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x19, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000019000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.842029028s ago: executing program 3 (id=1926):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='efs\x00', 0x0, 0x0) (async)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYRES32, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r2], 0x3c}}, 0x0) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CHANNEL(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYRES64=r3, @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf25410000000c0099fb010000002800000008002201dc000000080026006c0900"], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r5=>0x0})
setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000080)={@private=0xa010100, @local, r5}, 0xc)

3.492228261s ago: executing program 3 (id=1933):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='stack\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, 0x0, 0x90)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x8, 0xffffffffffffff25, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x400008, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000100)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000240)={0x4, 0x0, 0x3, 0x0, 0xe})
connect$unix(r4, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f0000000400)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = socket(0x40000000015, 0x5, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x7, @private2}, 0x1c)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES16=r0, @ANYRES16=r0, @ANYRES32=r0, @ANYBLOB="c04a25a3233eaca2cc624ff3f58062cd3d3d7e9f990586032c5865ea9eccb3ae6db97020b1629f5428e8c8344418d01e5338d0c6995c380ff33bac3554a023258a5f67e72ce6f179ebc75ec4ef3b8fd6e6162e0d28e58c69e8da1fd939f6a328106afcee3f46cf8ece708d1a9dd6dfa2b3f7b12b5a90e81f1d69d29e2d51fd579f45179a14e4ecb240600730519f90259eabb3ba138a4cbb550d7724280ae273645c40d67ca56881a188c8f3bc8d529e01a6b4a335b0cd6323e55ba8e0a06ae1b34191b4c43faf2725f5840bcfa4016d7f1fef5260f48e15855ebf996fe6ffa6a2f4523d7eec1ac572dfb358aa11588486a832e3bb49e3997c3e2108bda2222d1d77fd261c277cb77e2120a15508042b6930b2d5061e4603fc73b24e9c5efbbee39baf290cb0504c4dd1ebc71770657dc5e4a9e8cbeeaa6c8b38a297a5be888eaae9574253ecb28b739f19578c31e2285fdce1466043839de246cc5b6763d0abade75ee651319dfa4d5019ddf6c2828b286c68bcfd333e7f7240e74d9248f665bfebcbfbdb9fd4019faeeff84d5b19c3aaa3cd64d6b88f5adea549f4c1", @ANYRES8=r6, @ANYRES32=r1, @ANYRES8=r3], 0xf)
sendto$inet6(r7, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, '\x00', 0x19}, 0xfffffffc}, 0x1c)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0xe9)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='exofs\x00', 0x2105834, &(0x7f0000000480)='usrquoTap\xfd\xb5\xc9\xb3\x87Q\xc5a\xafpX\xb2<\x8a\x8fD|g\xee\x90\x99\x94&\xa4o\x91a\x1cj\xe7j\xfc\xdf\xe2\xd3\x8f\xbf\t\xaa\x11=\xb8\xc5\x9da\xa5\xb2~\x91eecU:-Z\n\x01\xf0\xf0Px4\x82p\f\x04\x8bJEHl\xf3\'q9u\xb1aN<\xf5]\x105%\xa1j\xf4(>\x1f\x9a\xd3\xfd3\xa8&\xba\xf8e\xdc\xb9\xa5Q\xa3\xd0\xac\xb3&T\xde\xef)(\a\x97\x1d\x8ck')
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

3.296957969s ago: executing program 0 (id=1934):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000090000000000000073797a31000000000900010073797a30000000005400038050000080880003400000001344000b802c0001800a0001006c696d6974009e4bfa5d48d960cc3f30513bbae300001c0002800c00014000000000000000030c000240000000000000001014000180090001006c6173740000000004000280140000001000010000000000000000000084000a6ea7752b9f0999c1de59ac7f77a63a515ff4e7aa5b1999952bf371cbdd97846556263d10c1bfa2b81e9c3361e340d5c2ce94186b71eff6532b98fb61f6b5088fbb0340a2371329410b7f29754f3e65c1ba3c0b56cc669c966330bc2cbaf17eaad1ed4f866eb709f029c62ee999c4edcfc434249e55f3e48ca2ce2f296b7c93a3d3713a21f053dec0ff4b4a928a884c719730190978a6c84db58000f53edca7ccb745340012598ab7ac593514077377b4bbf08e0e104f08720d70ffae27c80e38ccdf15d859775c3afa12765732e0feed3295f3896b"], 0x104}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x20008800)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r8 = gettid()
kcmp$KCMP_EPOLL_TFD(r8, r8, 0x7, 0xffffffffffffffff, &(0x7f0000000080))
r9 = syz_io_uring_setup(0x7540, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000200)=<r10=>0x0)
syz_io_uring_submit(0x0, r10, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r9, 0x2003, 0x0, 0x0, 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e21, @multicast1}, 0x0, 0x3, 0x4, 0x2}}, 0x26)
openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0)

2.602047295s ago: executing program 3 (id=1937):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$audion(&(0x7f00000008c0), 0x7, 0x100)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000900)={0xe6, "01ea07aca38b5a2c76f5fee4aee37de83e47ea86640fc3a17d2e292c4777f06dc384dc68cff86fc45c6f8a23185e1cbd7de01243d96344761702f175dec6ce2949d416a4ab5c5ecde312a039516ca3e5b75fced3c267c8c90892a6f32351be5621c70047a43346fbb1bb2bb380f524f782ea264e220c9eb81d71fd8c33b1228e853318c6e63d376d547972550f7afcf91a73cea352c450f7ddb324053ae63ee63e006d5aa7aca75614aa1d836ac43d8f98b2493c50aa6ed6bafcc4d33b8cd818adcac9b74a87f8fe8b06d32df600c5accf6cb4dde1e2bc932d4429cf8021d3d9c2811ed9f81f5db45753d5318d5bf5485438a42176bfb02f53bd8479e1a40bd38e6f79bd030a1afa37ae5eac323d3eaf07eb8da37a95c42cbe616c5b6a1f0b92c783dba9c082b83523a8f9de8ef2db56ba32a85502070597117574dc012de744b9a18dd73267f203390585ff51f658aa4088a942d60bc6b7142f162f7884a19328953e1b43f93955923c2df7a1a00a0c8203c3009f205ecd363168fdbf44a4cd7a51db068e877b2299e8d975833bc6f7ee85df556da878ab5d447812e50abb08c1d388ddb741234f37c5e95581846399cbfe0c3b07b0d483a59a8ff45e6f0908c6386f6c79207358fcb187ed041a7a14c3c9405e6da7c5f3579b68c17f4e04413d027edf74325476a31a15fa455a5d69d20388dd5a49385f864c84a88746ba43"})
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_script(r2, 0x0, 0xb)
syz_usb_connect(0x5, 0x3d0, &(0x7f00000000c0)={{0x12, 0x1, 0x201, 0x85, 0x22, 0xf8, 0x40, 0x45e, 0x475, 0x2c5f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3be, 0x2, 0x5, 0x2, 0x0, 0x3b, [{{0x9, 0x4, 0x61, 0xb7, 0x5, 0x77, 0xe0, 0x9f, 0x3, [@uac_control={{0xa, 0x24, 0x1, 0xfe01, 0x2}}, @cdc_ncm={{0xa, 0x24, 0x6, 0x0, 0x1, "5f4bab967c"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x9, 0x1, 0x2}, {0x6, 0x24, 0x1a, 0xf68, 0x8}, [@acm={0x4, 0x24, 0x2, 0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0xff}]}], [{{0x9, 0x5, 0x7, 0x4, 0x200, 0x0, 0x5}}, {{0x9, 0x5, 0x2, 0x0, 0x200, 0x4, 0x8, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x7fff}]}}, {{0x9, 0x5, 0xa, 0x0, 0x8, 0x9, 0x7, 0x80}}, {{0x9, 0x5, 0xb, 0x10, 0x3ff, 0x80, 0x7, 0x7}}, {{0x9, 0x5, 0xc, 0x1, 0x40, 0x5, 0x0, 0x8d, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x3, 0xeb6}, @generic={0x15, 0xb, "8562603fe31b72edcfbdcf48e40a71b0fe020b"}]}}]}}, {{0x9, 0x4, 0x50, 0x0, 0xb, 0xb4, 0xce, 0xfc, 0x1, [@uac_control={{0xa, 0x24, 0x1, 0x1ff, 0x8}, [@output_terminal={0x9, 0x24, 0x3, 0x1, 0x303, 0x2, 0x6, 0x9}, @processing_unit={0x8, 0x24, 0x7, 0x6, 0x3, 0x80, "c2"}, @input_terminal={0xc, 0x24, 0x2, 0x3, 0x106, 0x1, 0x1, 0x4, 0x1, 0x7}, @feature_unit={0xb, 0x24, 0x6, 0x5, 0x3, 0x2, [0x6, 0x4], 0x5}, @extension_unit={0x7, 0x24, 0x8, 0x1, 0x7}]}, @cdc_ecm={{0xa, 0x24, 0x6, 0x0, 0x0, "6800d17877"}, {0x5, 0x24, 0x0, 0xf4d}, {0xd, 0x24, 0xf, 0x1, 0x80000000, 0xf, 0x9, 0x8}, [@ncm={0x6, 0x24, 0x1a, 0x8, 0x10}, @acm={0x4, 0x24, 0x2, 0x6}, @mdlm={0x15}, @obex={0x5, 0x24, 0x15, 0x58}]}], [{{0x9, 0x5, 0xf, 0x10, 0x10, 0x80, 0x2, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x183, 0xff, 0x1}]}}, {{0x9, 0x5, 0x9, 0x0, 0x40, 0x3, 0x4, 0x55}}, {{0x9, 0x5, 0xf, 0x0, 0x3ff, 0xff, 0x8, 0x67}}, {{0x9, 0x5, 0x0, 0x10, 0x20, 0xe, 0x7, 0x52, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x7, 0x2}]}}, {{0x9, 0x5, 0xe, 0x10, 0x20, 0x7, 0x3, 0x40}}, {{0x9, 0x5, 0x4, 0x10, 0x40, 0x7, 0x8, 0x3, [@generic={0xc0, 0x7, "110dbea77e02afa8ee856e7582cee548747889eb3b254a5b9beab93181666b0c2c90b9cf104b928545c01c4041268243d671991a29afdd4c18a079d659dcbddf04ab1029dda98c68f74d86b2ff2aef10591be128f9825c8f579dc1c94d9b6a22354d61e200570182fcf1c137ca2103cba07c22f98b0966e433159e36938b7849a122a9e5fd0b948d3462b86f5214f7e77f8eba0c86102315bba29665e0f8f5c4c4a9ba1b12df942bf2ffb8a207ecb9e9bda7a4663acbfc616ca7936149f2"}]}}, {{0x9, 0x5, 0xa, 0x4, 0x20, 0x3, 0xac, 0x54, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0xb, 0x9}]}}, {{0x9, 0x5, 0x3, 0x10, 0x8, 0x4, 0xf2, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x9, 0xff}]}}, {{0x9, 0x5, 0x6, 0x10, 0x0, 0x4, 0xe, 0x0, [@generic={0x66, 0x6, "f1ff53b68048285c20358d6f1d73dd8941c7d60344ddd66e4b3dd5f528eddf444b5eb7ede0d092e4ab194919233b1ba5ac2eceddf44954de6164d4b1e0584592f3bcb0198e4c9f320f681e745cc8f4578d02912c0cf962f8e9996bc3f97cf3447647d39f"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x10, 0xff, 0x3, 0x1, [@generic={0xed, 0x5, "18937211235c173395ae76c1a81c063c4b51babb16aad16fd145c89cc3f3e0759184132ae24dce90b003df2d3dd742c9f70c048a4f2890a45d93fd24e93c8f480da82c36406638c39d8a05f7c55fd2b67b534f4b4ec6a37003e208a494a0b3d9d5d1ddff38682a6dd6c9dd09505b82a9337fa2964f824af1b03deee59a57c7b1a4e45284600fad98f9143f9f92f8b574b311feb59e7cdc1a5c8cf06fc489b353583c3086496eb2d81a6a95ba53d89902144a162675a9dd0a2cf03eb3139d10899604e3a7aa2279736f41d009c8ba0722f80ecd48221f6df2d1001a6b887993ac6123d9a9c5dedba5edc7d2"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0xe, 0x1}]}}, {{0x9, 0x5, 0x80, 0x0, 0x3ff, 0x4c, 0x4, 0xf8, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x764a}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x9}]}}]}}]}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0x81, 0x1, 0xe, 0x10, 0x5}, 0x22, &(0x7f00000004c0)={0x5, 0xf, 0x22, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x4, 0xd, 0xc, 0x5}, @wireless={0xb, 0x10, 0x1, 0xc, 0x122, 0xf, 0xf, 0x92, 0x7c}, @wireless={0xb, 0x10, 0x1, 0x1, 0x40, 0x5, 0x93, 0x8, 0x46}]}, 0x7, [{0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x406}}, {0xb7, &(0x7f0000000540)=ANY=[@ANYBLOB="b7035815a44ff3a744e1c37f187b395c8b34336f0ff06dce5f28cc0c9cb797aa543eb40857a7a985c2536aaba060f7ad2642f00a36b086d3f7164831e850a36c8c10f9ce378f75e9830311a87e10aa764fd72134ffb6a4ff1fb60ba89eb04951cc12ea77540619ae57b5daa892660bed20420ca46b1b87986599f289dfdb2d9a1e49f13d20efae65e961e85487d795a889f1af98f76eaa71a88011167e1845ad8caaa215f73c713f89baa76cf914176915c80c026b7418"]}, {0xa8, &(0x7f0000000600)=@string={0xa8, 0x3, "a84b8f38f0e7d63965e2071eb4c886257f2a44251ba30e277f3f85967542e33ab843b0598324089ba863baa83e2825423d848bd78a8607d19951fde36bdad057a9205cc7c03f4cdfb8272f4fcf0d1ee2e96acf9cf0c4ff21d0ac72ecb5112ae69f856d0b5da5a0bce9a29ccef138d291ea775c85712715df4593bf391ea972812bcbb562aa64654c6e237999380c284c180551dd148827fb23adc4ee8d8fbfc3ed830ddb1791"}}, {0x21, &(0x7f00000006c0)=@string={0x21, 0x3, "325f6958464c038f3f3335f042ddde4c7037d18dc8349a50ae7db94e2ce2fb"}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x801}}, {0x4, &(0x7f0000000740)=@lang_id={0x4}}, {0xa8, &(0x7f0000000780)=@string={0xa8, 0x3, "f0df40646e83e1cb6877f60814d45fffab3ca7c13a74eff0ffa090fa400bc8b9140f13ef5fff40e736317b497c5be4c00bcdad0827dc4f85e5d6db0545ca369fbd233ccfc8e925f78a2830deed3baa1b7595b65c3dfa590f62ed5257047c9132122b965071b90fedd0d175da3b95f84106bf81511801d2f431d355b85f4d673532f6a550947d9a8f1671340a864b8931b311b51a514d907c9c7ca1a434c4502339a4946eea07"}}]})
splice(r1, 0x0, r3, 0x0, 0x80, 0x4)
close(r2)
wait4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)

2.362158095s ago: executing program 0 (id=1938):
socket$inet6(0xa, 0x6, 0x0) (async)
socket$inet6(0xa, 0x6, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000140)={'veth1_to_team\x00', @link_local})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
socket$netlink(0x10, 0x3, 0x14) (async)
socket$netlink(0x10, 0x3, 0x14)
socket$kcm(0x10, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}, 0x20)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f00000000c0)={0x0, 0x0, "a4cd91", 0x9, 0xfc})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) (async)
bind$bt_hci(r2, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
write(r2, &(0x7f0000000040)="05000000010000", 0x7)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) (async)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
eventfd(0x401) (async)
r5 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5) (async)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5}) (async)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
syz_usbip_server_init(0x3)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000640))

2.132230299s ago: executing program 5 (id=1943):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
open_by_handle_at(r1, 0x0, 0x2000)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r2, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b', @ANYRES32=0x0, @ANYBLOB='\b\x00'], 0x30}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700)={'team0\x00', <r8=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r7, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000000)={'team0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x3c}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r4, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
ptrace(0x10, r0)
r11 = syz_open_procfs(r0, &(0x7f0000000040)='status\x00')
preadv(r11, &(0x7f0000000680)=[{&(0x7f0000000400)=""/121, 0x79}], 0x1, 0xffffffff, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @nested={0x4, 0x15}]}]}, 0x28}}, 0x0)

2.071094059s ago: executing program 4 (id=1944):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x8, 0x5, 0x4f8, 0x260, 0x174, 0xffffffff, 0x174, 0x34c, 0x430, 0x430, 0xffffffff, 0x430, 0x430, 0x5, 0x0, {[{{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0xffffff00], [], 'gretap0\x00', 'wg2\x00', {}, {}, 0x2f}, 0x0, 0x12c, 0x174, 0x0, {}, [@common=@hl={{0x24}, {0x1}}, @common=@unspec=@physdev={{0x64}, {'ip6gre0\x00', {}, 'wg2\x00', {}, 0x0, 0x18}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv6=@local, @ipv4=@loopback, @icmp_id=0x67, @port=0x4e24}}}, {{@uncond, 0x0, 0xa4, 0xec}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@private, @ipv6=@dev, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'veth0_vlan\x00'}, 0x7000000, 0xa4, 0xec}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @broadcast}, @local, [], [0xff], 'vlan0\x00', 'macvtap0\x00'}, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x3b, 'LOG\x00', 0x0, {0x0, 0x0, "8100000000000000000000005b37f9ca83139d1d43f7ff00"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x554)

1.999687433s ago: executing program 4 (id=1945):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="7400000000010104000000000000000002000008240001801400018008000100e000000108000200e00000010c00028005000100000000003c00188008000340000000100800024000000005080003400000001e08000340000000030800024000000001080001", @ANYRESDEC=r0, @ANYBLOB="0f25979ee9e56fcf1092385e7fa63987f26872f9012730ba20c64eee7f6888031b8f2030e1afd6244ea81512b2a410582d01c9", @ANYRES8=r1], 0x74}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="7400000000010104000000000000000002000008240001801400018008000100e000000108000200e00000010c00028005000100000000003c00188008000340000000100800024000000005080003400000001e08000340000000030800024000000001080001", @ANYRESDEC=r0, @ANYBLOB="0f25979ee9e56fcf1092385e7fa63987f26872f9012730ba20c64eee7f6888031b8f2030e1afd6244ea81512b2a410582d01c9", @ANYRES8=r1], 0x74}}, 0x0)

1.999350603s ago: executing program 4 (id=1946):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000090000000000000073797a31000000000900010073797a30000000005400038050000080880003400000001344000b802c0001800a0001006c696d6974009e4bfa5d48d960cc3f30513bbae300001c0002800c00014000000000000000030c000240000000000000001014000180090001006c6173740000000004000280140000001000010000000000000000000084000a6ea7752b9f0999c1de59ac7f77a63a515ff4e7aa5b1999952bf371cbdd97846556263d10c1bfa2b81e9c3361e340d5c2ce94186b71eff6532b98fb61f6b5088fbb0340a2371329410b7f29754f3e65c1ba3c0b56cc669c966330bc2cbaf17eaad1ed4f866eb709f029c62ee999c4edcfc434249e55f3e48ca2ce2f296b7c93a3d3713a21f053dec0ff4b4a928a884c719730190978a6c84db58000f53edca7ccb745340012598ab7ac593514077377b4bbf08e0e104f08720d70ffae27c80e38ccdf15d859775c3afa12765732e0feed3295f3896b"], 0x104}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x20008800)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r8 = gettid()
kcmp$KCMP_EPOLL_TFD(r8, r8, 0x7, 0xffffffffffffffff, &(0x7f0000000080))
r9 = syz_io_uring_setup(0x7540, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000200)=<r10=>0x0)
syz_io_uring_submit(0x0, r10, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r9, 0x2003, 0x0, 0x0, 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e21, @multicast1}, 0x0, 0x3, 0x4, 0x2}}, 0x26)
openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0)

1.851595211s ago: executing program 3 (id=1947):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x0, r6})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000640))
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x20000)
socket(0x6, 0x2863c88e6f578b37, 0xf960)
write$eventfd(r6, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3, 0x0, 0x7fff}, 0xfffffffffffffeca)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f000063a000/0x2000)=nil, 0x2000, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$kcm(0xa, 0x1, 0x106)

1.851202425s ago: executing program 0 (id=1948):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x24000, 0x0)
close(r0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x258080, 0x0)
unshare(0x68060200)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
mlockall(0x3)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_xen(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000000), 0x824070, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mkdir(&(0x7f0000000040)='./file0\x00', 0x242)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYRES64=r2, @ANYRES16=r1, @ANYBLOB="010000000000fcdbdf251800000008000300", @ANYRES32=r3, @ANYBLOB="e800308088000180600003800800020000000000060001000300000006000300a2aa00000c0004000202aaaaaaaaaaaa06000300feff00000c00040000010000000000000c0004000201aaaaaaaaaaaa06000300a1aa0000080002000000000008000200030000001400038008000200010000000800020000000000050002000100000005000200000000005400018008000400844a00000c0005009f0000000000000005000200030000000c00050003000000000000000c000500050000000000000005000200010000000c000500010000000000000008000400030000000500020000000000f0003080ec000180080001000000000014000380080002000100000006000100000000000500020002000000050002000200000008000100000000000800010000000000600003800600010001000000080002000200000006000100ffff0000060003"], 0x1f4}}, 0x50)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000140)='bfs\x00', 0x0, 0x0)
chdir(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x182)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
lchown(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
remap_file_pages(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x107, 0x4000)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, 0x0, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0xa, &(0x7f0000000200)=0xf3, 0x4)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r6, &(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)

1.254511626s ago: executing program 5 (id=1949):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x8, 0x5, 0x4f8, 0x260, 0x174, 0xffffffff, 0x174, 0x34c, 0x430, 0x430, 0xffffffff, 0x430, 0x430, 0x5, 0x0, {[{{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0xffffff00], [], 'gretap0\x00', 'wg2\x00', {}, {}, 0x2f}, 0x0, 0x12c, 0x174, 0x0, {}, [@common=@hl={{0x24}, {0x1}}, @common=@unspec=@physdev={{0x64}, {'ip6gre0\x00', {}, 'wg2\x00', {}, 0x0, 0x18}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv6=@local, @ipv4=@loopback, @icmp_id=0x67, @port=0x4e24}}}, {{@uncond, 0x0, 0xa4, 0xec}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@private, @ipv6=@dev, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'veth0_vlan\x00'}, 0x0, 0xa4, 0xec}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @broadcast}, @local, [], [0xff], 'vlan0\x00', 'macvtap0\x00'}, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "8100000000000000000000005b37f9ca83139d1d43f7ff00"}}}], {{'\x00', 0x0, 0xa4, 0xc8, 0x700}, {0x24}}}}, 0x554)

1.253995828s ago: executing program 5 (id=1950):
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000340), 0x2, 0x1) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000a40)=@nat={'nat\x00', 0x8, 0x5, 0x4f8, 0x34c, 0x174, 0xffffffff, 0x0, 0x34c, 0x430, 0x430, 0xffffffff, 0x430, 0x430, 0x5, 0x0, {[{{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'gretap0\x00', 'wg2\x00'}, 0x0, 0x12c, 0x174, 0x0, {}, [@common=@hl={{0x24}}, @common=@unspec=@physdev={{0x64}, {'vlan1\x00', {}, 'wg2\x00', {}, 0x0, 0x18}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@private, @ipv4=@loopback}}}, {{@uncond, 0x0, 0xa4, 0xec}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@private, @ipv6=@dev, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev, [], [], 'veth1_to_hsr\x00', 'veth0_vlan\x00'}, 0x0, 0xa4, 0xec}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @local, [], [], 'vlan0\x00', 'macvtap0\x00'}, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "8100000000000000000000005b37f9ca83139d1d43f7ff00"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x554) (async, rerun: 64)
openat$ppp(0xffffff9c, &(0x7f0000000140), 0x800, 0x0) (async, rerun: 64)
r3 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5) (async, rerun: 32)
setxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x1) (rerun: 32)
ioctl$CDROMREADAUDIO(r3, 0x530e, &(0x7f00000000c0)={@lba=0x2, 0x1, 0x22, &(0x7f0000000080)=""/34})
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000000)=0x6, 0x4)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x44, r6, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xffff}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}]}, 0x44}}, 0x0) (async)
ioctl$CDROM_SET_OPTIONS(r3, 0x5320, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000040)=0x7, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x19, &(0x7f00000001c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @jmp={0x5, 0x0, 0x3, 0x5, 0x9, 0xfffffffffffffff4, 0x1}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}, @exit, @map_fd={0x18, 0x8, 0x1, 0x0, r4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x93bd}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}], &(0x7f0000000300)='syzkaller\x00', 0x400, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap$xdp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3, 0x10010, r4, 0x100000000)
sendto$inet6(r0, &(0x7f0000f6f000), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)

1.192268835s ago: executing program 5 (id=1951):
socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$inet6(r0, 0x0, 0x840)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f00000007c9c0d224d326b9a7abb3"], 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000180), 0x0, 0x80200)
ioctl$HIDIOCGUSAGE(r2, 0xc018480b, &(0x7f0000000040)={0x3, 0xffffffff, 0x0, 0x403, 0x1, 0x7bf})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
chroot(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_io_uring_setup(0x819, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0xfffffffe}, &(0x7f0000000100), &(0x7f00000004c0))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r4, &(0x7f0000000280)=ANY=[@ANYRES32=r3], 0x28)

1.12901718s ago: executing program 3 (id=1952):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @broadcast}, 0x10, 0x0}, 0x300048c1)
sched_setscheduler(0x0, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, 0x0, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2}, &(0x7f0000001fee)='R\x10rust\xe3c*s\xa8rVid:\xc4e', 0x0)
bind$l2tp6(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.062167356s ago: executing program 3 (id=1953):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x82602, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @multicast})
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r2, 0x34}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setsig(r0, 0xa, 0x2b)
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}]}, 0x38}}, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_io_uring_setup(0x117, &(0x7f0000000100), &(0x7f0000000280)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.061865721s ago: executing program 4 (id=1954):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000540)=@nat={'nat\x00', 0x8, 0x5, 0x4f8, 0x260, 0x174, 0xffffffff, 0x174, 0x34c, 0x430, 0x430, 0xffffffff, 0x430, 0x430, 0x5, 0x0, {[{{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0xffffff00], [], 'gretap0\x00', 'wg2\x00', {}, {}, 0x2f}, 0x0, 0x12c, 0x174, 0x0, {}, [@common=@hl={{0x24}, {0x1}}, @common=@unspec=@physdev={{0x64}, {'ip6gre0\x00', {}, 'wg2\x00', {}, 0x0, 0x18}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv6=@local, @ipv4=@loopback, @icmp_id=0x67, @port=0x4e24}}}, {{@uncond, 0x0, 0xa4, 0xec}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv4=@private, @ipv6=@dev, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [], [0x0, 0x0, 0xffffff00], 'veth1_to_hsr\x00', 'veth0_vlan\x00'}, 0x0, 0xa4, 0xec, 0x700}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @broadcast}, @local, [], [0xff], 'vlan0\x00', 'macvtap0\x00'}, 0x0, 0xa4, 0xe4}, @common=@inet=@LOG={0x3b, 'LOG\x00', 0x0, {0x0, 0x0, "8100000000000000000000005b37f9ca83139d1d43f7ff00"}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x554)

971.490116ms ago: executing program 4 (id=1955):
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000640)=""/4096, 0x1000, 0x2000, &(0x7f0000000380)=@generic={0x11, "d71d9c1bf36be386b8195be2f96732daece168ab8c4756fcaaaaa57ab4d9fa9c5e136c872457faea878081b25c7ac9863e328325d3608f7b92b91789fb2322981d60e78ecebc51a8a848ac66a135cbf9adb555f5fff1d2552ce4b120288f1c606bebc17e3b75c547a1c41ac89d1be3f0e179d586d665ef8397dfdbdaa865"}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
mount$pvfs2(&(0x7f00000001c0), 0x0, &(0x7f0000000300), 0x20, &(0x7f0000000340)=ANY=[@ANYBLOB='#$,rng\x00,\x00,#,/dev/vim2m\x00\b\x00\x00\x00\x00\x00\x00\x00C_KERNE:_CHE\a\x00loo'])
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40004020)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000002340)={[{@quota}, {@huge_always}]})
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r5, &(0x7f0000000300)={0x2020}, 0x2020)
bind$alg(r3, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r3, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000080)=""/101, 0x65}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x48)

551.920705ms ago: executing program 5 (id=1956):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) (async)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
capset(&(0x7f0000000000)={0x20080522}, 0x0) (async)
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) (async)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) (async)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10) (async)
bind$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000380)=@id={0x1e, 0x3, 0xdb67ddfc9b1aa79d, {0x4e20, 0x4}}, 0x10) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000340)=0x4) (async)
close_range(r0, r1, 0x0)
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x82f, {{0xa, 0x4e24, 0x80, @local, 0x7}}, {{0xa, 0x4e23, 0xe, @dev={0xfe, 0x80, '\x00', 0x27}, 0x8001}}}, 0x104)

482.114496ms ago: executing program 5 (id=1957):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
open_by_handle_at(r1, 0x0, 0x2000)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r2, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b', @ANYRES32=0x0, @ANYBLOB='\b\x00'], 0x30}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000004700)={'team0\x00', <r8=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r7, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000000)={'team0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x3c}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r4, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
ptrace(0x10, r0)
r11 = syz_open_procfs(r0, &(0x7f0000000040)='status\x00')
preadv(r11, &(0x7f0000000680)=[{&(0x7f0000000400)=""/121, 0x79}], 0x1, 0xffffffff, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @nested={0x4, 0x15}]}]}, 0x28}}, 0x0)

337.815266ms ago: executing program 0 (id=1958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r3, 0x89f8, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x7, 0x80, 0x0, 0x3, {{0xf, 0x4, 0x3, 0x2, 0x3c, 0x66, 0x0, 0x7, 0x4, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0xa, 0x3, [{0x7, 0x2}, {0x1, 0x2}]}, @generic={0x7, 0xf, "56f3a9c202ed5c6e19a4c1850c"}, @timestamp_addr={0x44, 0xc, 0xb0, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x41}, 0x9}]}]}}}}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000001ec0), r4)
sendmsg$NFC_CMD_SE_IO(r5, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000000)={0x24, r6, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044020}, 0x80)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
alarm(0x9)
ioctl$PPPIOCGCHAN(r7, 0x80047437, &(0x7f0000001f00))
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
socket(0x18, 0x0, 0x0)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000080)={0x18, 0x0, {0xd, @multicast, 'veth1_to_team\x00'}}, 0x1e)
r9 = getpid()
syz_pidfd_open(r9, 0x0)
sched_setattr(r9, &(0x7f00000001c0)={0x38, 0x0, 0x9, 0x6, 0x7, 0x4, 0x8001, 0x4, 0x7ff, 0x40}, 0x0)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a40, 0x0)
ioctl$PPPIOCATTCHAN(r10, 0x40047438, &(0x7f0000000040)=0x2)
ioctl$PPPIOCBRIDGECHAN(r10, 0x40047435, &(0x7f0000000200)=0x1)
sendmmsg(r7, &(0x7f0000001640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
sendto(r2, 0x0, 0x0, 0x4080, &(0x7f0000000080)=@caif=@dgm={0x25, 0x7}, 0x80)

337.270674ms ago: executing program 0 (id=1959):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000700)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open$dir(0x0, 0x0, 0x20) (async)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0xfffd}, 0x90) (async)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r4 = openat$dlm_control(0xffffff9c, &(0x7f0000000180), 0x115000, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000005c0)={0x9, 0x0, [{0xdddd1000, 0x1000, &(0x7f0000000740)=""/4096}, {0xeeef0000, 0x3c, &(0x7f00000001c0)=""/60}, {0xf000, 0x1000, &(0x7f0000001740)=""/4096}, {0xeeee0000, 0xb, &(0x7f0000000280)=""/11}, {0xeeee8000, 0xac, &(0x7f00000002c0)=""/172}, {0x2000, 0x74, &(0x7f00000003c0)=""/116}, {0xdddd0000, 0xbd, &(0x7f0000000440)=""/189}, {0x1, 0x16, &(0x7f0000000500)=""/22}, {0x0, 0x61, &(0x7f0000000540)=""/97}]}) (async)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180000002c000100000000000000000004"], 0x18}], 0x1}, 0x0)

0s ago: executing program 4 (id=1960):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0xffffffff}, 0x18)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000001200)={'sit0\x00', &(0x7f0000001140)={'syztnl2\x00', 0x0, 0x700, 0x10, 0x6, 0x4, {{0x5, 0x4, 0x0, 0x12, 0x14, 0x66, 0x0, 0x1, 0x2f, 0x0, @empty, @loopback}}}})
syz_open_dev$video4linux(&(0x7f00000001c0), 0x2, 0x40080)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0x5)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r3, 0x4038ae7a, &(0x7f0000000080)={0x2, 0xda0, 0x0, 0x0})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)

kernel console output (not intermixed with test programs):

/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  145.859125][   T39] audit: type=1326 audit(1738941182.627:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9581 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  145.867784][   T39] audit: type=1326 audit(1738941182.627:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9581 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  145.876275][   T39] audit: type=1326 audit(1738941182.627:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9581 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  145.884538][   T39] audit: type=1326 audit(1738941182.627:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9581 comm="syz.0.976" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf742e579 code=0x7ffc0000
[  146.031204][ T9592] bond1: entered promiscuous mode
[  146.032891][ T9592] bond1: entered allmulticast mode
[  146.037207][ T9592] 8021q: adding VLAN 0 to HW filter on device bond1
[  146.042421][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[  146.044291][ T5945] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  146.167298][ T9609] netlink: 'syz.2.983': attribute type 4 has an invalid length.
[  146.251905][   T84] wlan1: Creating new IBSS network, BSSID ee:f5:c9:97:4e:93
[  147.044746][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.048997][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.052911][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.055211][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.056362][ T9622] NILFS (nbd3): device size too small
[  147.057507][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.063744][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.066126][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.068385][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.070876][ T9631] netlink: 'syz.4.990': attribute type 5 has an invalid length.
[  147.172021][ T9643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.262806][ T9653] sctp: [Deprecated]: syz.2.996 (pid 9653) Use of int in max_burst socket option.
[  147.262806][ T9653] Use struct sctp_assoc_value instead
[  147.976049][ T9670] gtp0: entered promiscuous mode
[  147.980782][ T9670] gtp0: entered allmulticast mode
[  148.130603][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[  148.301017][ T9681] macvlan0: entered allmulticast mode
[  148.302656][ T9681] veth1_vlan: entered allmulticast mode
[  148.768160][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'.
[  148.769264][ T9719] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1012'.
[  148.931491][ T9733] team0: Unable to change to the same mode the team is in
[  148.934850][ T9733] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  148.974767][ T9732] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1013'.
[  149.276404][ T9735] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  149.314491][ T9737] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1017'.
[  149.613047][ T9752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1021'.
[  149.615485][ T9752] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1021'.
[  149.730776][ T6505] usb 9-1: new low-speed USB device number 3 using dummy_hcd
[  149.733828][ T9761] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1023'.
[  149.736745][ T9761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1023'.
[  149.881545][ T6505] usb 9-1: Invalid ep0 maxpacket: 32
[  150.031038][ T6505] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  150.093525][  T834] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  150.180875][ T6505] usb 9-1: Invalid ep0 maxpacket: 32
[  150.184456][ T6505] usb usb9-port1: attempt power cycle
[  150.200590][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.240612][  T834] usb 7-1: Using ep0 maxpacket: 8
[  150.242303][  T834] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  150.246170][  T834] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.249981][  T834] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.254022][  T834] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  150.257840][  T834] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  150.263294][  T834] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.266627][  T834] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.366365][ T9800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.370815][ T9800] team0: Port device batadv0 added
[  150.403851][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1031'.
[  150.476060][  T834] usb 7-1: usb_control_msg returned -32
[  150.477803][  T834] usbtmc 7-1:16.0: can't read capabilities
[  150.530829][ T6505] usb 9-1: new low-speed USB device number 5 using dummy_hcd
[  150.550997][ T6505] usb 9-1: Invalid ep0 maxpacket: 32
[  150.680691][ T6505] usb 9-1: new low-speed USB device number 6 using dummy_hcd
[  150.701890][ T6505] usb 9-1: Invalid ep0 maxpacket: 32
[  150.704386][ T6505] usb usb9-port1: unable to enumerate USB device
[  150.931209][ T9808] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  151.036503][ T2289] usb 7-1: USB disconnect, device number 6
[  151.480789][ T2289] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  151.614043][   T39] kauditd_printk_skb: 1983 callbacks suppressed
[  151.614054][   T39] audit: type=1326 audit(1738941188.437:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.622910][   T39] audit: type=1326 audit(1738941188.437:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.629540][   T39] audit: type=1326 audit(1738941188.437:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.636019][   T39] audit: type=1326 audit(1738941188.437:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.642128][ T2289] usb 5-1: unable to get BOS descriptor or descriptor too short
[  151.642432][   T39] audit: type=1326 audit(1738941188.437:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.646819][ T2289] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16, setting to 8
[  151.651163][   T39] audit: type=1326 audit(1738941188.437:2493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.657378][ T2289] usb 5-1: string descriptor 0 read error: -22
[  151.661693][   T39] audit: type=1326 audit(1738941188.437:2494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.663539][ T2289] usb 5-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.40
[  151.669760][   T39] audit: type=1326 audit(1738941188.437:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.669782][   T39] audit: type=1326 audit(1738941188.437:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.669798][   T39] audit: type=1326 audit(1738941188.437:2497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9822 comm="syz.2.1040" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  151.690934][ T2289] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.694487][ T9821] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  151.697921][ T2289] usbhid 5-1:1.0: can't add hid device: -22
[  151.699709][ T2289] usbhid 5-1:1.0: probe with driver usbhid failed with error -22
[  151.828735][ T9827] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1041'.
[  151.899858][    T8] usb 5-1: USB disconnect, device number 9
[  151.950139][ T9834] ipvlan1: entered allmulticast mode
[  151.951856][ T9834] veth0_vlan: entered allmulticast mode
[  152.729499][ T9848] team0: Unable to change to the same mode the team is in
[  152.730594][ T1336] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  152.734875][ T9848] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  152.887135][ T9853] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  152.911942][ T1336] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  152.915328][ T1336] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  152.918566][ T1336] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  152.922344][ T1336] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  152.925065][ T1336] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.929239][ T1336] usb 5-1: config 0 descriptor??
[  152.931219][ T9838] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  152.953038][ T9855] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1051'.
[  153.067677][ T9859] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1051'.
[  153.336935][ T1336] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd
[  153.343165][ T1336] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  153.349885][ T1336] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  153.628832][    T8] usb 5-1: USB disconnect, device number 10
[  154.393294][ T9882] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  154.821371][ T9890] vlan0: left promiscuous mode
[  155.237300][ T9904] overlay: Unknown parameter 'seclabel'
[  155.333385][ T9909] __nla_validate_parse: 1 callbacks suppressed
[  155.333396][ T9909] netlink: 16098 bytes leftover after parsing attributes in process `syz.3.1068'.
[  155.999447][ T9928] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1073'.
[  156.156946][ T9935] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1076'.
[  156.411442][ T9933] siw: device registration error -23
[  156.894705][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  156.899972][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  156.904773][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  156.907530][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  156.910471][ T5947] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  156.911323][ T9927] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  156.912885][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  157.049625][ T9953] chnl_net:caif_netlink_parms(): no params data found
[  157.112770][ T9953] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.114908][ T9953] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.117144][ T9953] bridge_slave_0: entered allmulticast mode
[  157.119372][ T9953] bridge_slave_0: entered promiscuous mode
[  157.122375][ T9953] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.124585][ T9953] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.126746][ T9953] bridge_slave_1: entered allmulticast mode
[  157.129013][ T9953] bridge_slave_1: entered promiscuous mode
[  157.134106][ T9965] qrtr: Invalid version 20
[  157.135755][ T9965] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1084'.
[  157.150276][ T9965] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1084'.
[  157.164633][ T9953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.169605][ T9953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.195688][ T9966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.198401][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.212945][ T9953] team0: Port device team_slave_0 added
[  157.216880][ T9953] team0: Port device team_slave_1 added
[  157.237741][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.239809][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.247831][ T9953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.251745][ T9953] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.253796][ T9953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.261313][ T9953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.296594][ T9953] hsr_slave_0: entered promiscuous mode
[  157.301394][ T9953] hsr_slave_1: entered promiscuous mode
[  157.598529][ T9977] team0: Port device batadv0 removed
[  157.607248][ T9977] team0: Port device vlan0 removed
[  157.611044][ T9977] batman_adv: batadv0: Removing interface: ip6gretap1
[  157.628290][   T64] tipc: Resetting bearer <eth:team0>
[  157.630120][ T9977] team0: Unable to change to the same mode the team is in
[  157.655762][ T9977] team0: Port device vlan0 added
[  157.658215][ T9977] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  157.676796][ T9980] overlay: ./file0 is not a directory
[  157.800734][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.803871][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.807167][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.810276][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.813899][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.817341][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.825686][ T9953] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  157.828993][ T9953] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  157.832491][ T9953] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  157.835686][ T9953] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  157.872193][ T9953] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.879386][ T9953] 8021q: adding VLAN 0 to HW filter on device team0
[  157.883524][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.886355][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.896239][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.899131][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.915358][ T9983] tmpfs: Bad value for 'mpol'
[  157.985134][ T9953] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.016485][ T9953] veth0_vlan: entered promiscuous mode
[  158.020742][ T9953] veth1_vlan: entered promiscuous mode
[  158.023285][ T9993] validate_nla: 61 callbacks suppressed
[  158.023293][ T9993] netlink: 'syz.2.1092': attribute type 1 has an invalid length.
[  158.033015][ T9953] veth0_macvtap: entered promiscuous mode
[  158.036243][ T9953] veth1_macvtap: entered promiscuous mode
[  158.044574][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.049447][ T9953] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.053411][ T9953] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.055904][ T9953] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.058456][ T9953] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.060983][ T9953] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.091407][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.095960][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.106164][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  158.108927][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.291871][ T5986] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  158.383045][T10005] overlayfs: failed to resolve './file1': -2
[  158.465512][ T5986] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 49268, setting to 64
[  158.468612][ T5986] usb 7-1: config 0 interface 0 has no altsetting 0
[  158.474923][ T5986] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  158.478388][ T5986] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.481630][ T5986] usb 7-1: Product: syz
[  158.483133][ T5986] usb 7-1: Manufacturer: syz
[  158.484755][ T5986] usb 7-1: SerialNumber: syz
[  158.487855][ T5986] usb 7-1: config 0 descriptor??
[  158.491991][ T5986] usb 7-1: selecting invalid altsetting 0
[  158.636539][   T12] batman_adv: batadv0: Removing interface: gretap1
[  158.698021][ T5986] usb 7-1: USB disconnect, device number 7
[  158.969757][   T12] bond0 (unregistering): Released all slaves
[  159.020587][ T5945] Bluetooth: hci3: command tx timeout
[  159.128626][   T12] bond1 (unregistering): Released all slaves
[  159.223030][   T12] tipc: Disabling bearer <eth:team0>
[  159.244239][   T12] tipc: Disabling bearer <udp:syz2>
[  159.252979][   T12] tipc: Left network mode
[  159.254444][T10016] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1099'.
[  159.258392][T10018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1098'.
[  159.578174][T10040] fuse: Bad value for 'rootmode'
[  159.642975][   T12] hsr_slave_0: left promiscuous mode
[  159.645263][   T12] hsr_slave_1: left promiscuous mode
[  159.674320][T10042] fuse: Bad value for 'group_id'
[  159.675867][T10042] fuse: Bad value for 'group_id'
[  160.593995][T10029] dccp_close: ABORT with 29 bytes unread
[  160.649635][T10048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1107'.
[  160.857533][T10064] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1111'.
[  161.080829][ T5945] Bluetooth: hci3: command tx timeout
[  161.206977][T10080] efs: device does not support 512 byte blocks
[  161.208929][T10080] device does not support 512 byte blocks
[  161.208929][T10080] 
[  161.252278][T10080] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  161.318745][T10083] kvm: kvm [10082]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000002e)
[  161.524822][ T5945] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  161.818853][T10092] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1118'.
[  161.998670][T10071] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  162.113375][T10096] input: syz1 as /devices/virtual/input/input15
[  162.350046][T10097] 9pnet_virtio: no channels available for device syz
[  162.379771][   T12] IPVS: stop unused estimator thread 0...
[  162.847857][   T39] kauditd_printk_skb: 36 callbacks suppressed
[  162.847867][   T39] audit: type=1326 audit(1738941199.667:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10114 comm="syz.0.1125" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7fc00000
[  163.160696][ T5945] Bluetooth: hci3: command tx timeout
[  163.291913][T10128] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  163.313901][T10129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.316827][T10129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.319332][T10129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.323360][T10129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.325948][T10129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.660382][T10141] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  164.185976][T10162] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  164.187949][T10162] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  164.193131][T10162] vhci_hcd vhci_hcd.0: Device attached
[  164.197891][T10162] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5)
[  164.199815][T10162] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  164.203811][T10162] vhci_hcd vhci_hcd.0: Device attached
[  164.370678][    T8] vhci_hcd: vhci_device speed not set
[  164.433142][    T8] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  165.021354][T10165] vhci_hcd: connection closed
[  165.021562][T10163] vhci_hcd: connection reset by peer
[  165.021614][  T193] vhci_hcd: stop threads
[  165.026053][  T193] vhci_hcd: release socket
[  165.027416][  T193] vhci_hcd: disconnect device
[  165.029009][  T193] vhci_hcd: stop threads
[  165.030314][  T193] vhci_hcd: release socket
[  165.033614][  T193] vhci_hcd: disconnect device
[  165.222896][T10195] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.226460][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.240704][ T5945] Bluetooth: hci3: command tx timeout
[  165.296852][T10202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1149'.
[  165.322112][T10206] netlink: 'syz.2.1150': attribute type 11 has an invalid length.
[  165.324649][T10206] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1150'.
[  165.327359][T10206] netlink: 'syz.2.1150': attribute type 11 has an invalid length.
[  165.329683][T10206] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1150'.
[  165.356840][T10202] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1149'.
[  165.362023][T10202] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1149'.
[  165.365487][T10202] netlink: 'syz.3.1149': attribute type 6 has an invalid length.
[  165.368435][T10202] netlink: 'syz.3.1149': attribute type 5 has an invalid length.
[  165.371284][T10202] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1149'.
[  166.067664][T10256] raw_sendmsg: syz.4.1155 forgot to set AF_INET. Fix it!
[  166.337806][T10266] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1158'.
[  166.423203][T10250] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  166.426451][T10250] batman_adv: batadv0: Adding interface: gretap1
[  166.428319][T10250] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  166.434093][T10250] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  166.589030][T10278] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.592278][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.608047][   T39] audit: type=1326 audit(1738941203.427:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.614458][   T39] audit: type=1326 audit(1738941203.427:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.622480][   T39] audit: type=1326 audit(1738941203.427:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.628669][   T39] audit: type=1326 audit(1738941203.427:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.636601][   T39] audit: type=1326 audit(1738941203.427:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.643025][   T39] audit: type=1326 audit(1738941203.427:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.651997][   T39] audit: type=1326 audit(1738941203.427:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.660057][   T39] audit: type=1326 audit(1738941203.427:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.666343][   T39] audit: type=1326 audit(1738941203.427:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10279 comm="syz.0.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  166.758177][T10288] netlink: 'syz.0.1164': attribute type 2 has an invalid length.
[  167.187134][T10305] sit0: entered promiscuous mode
[  167.193115][T10305] netlink: 'syz.0.1170': attribute type 1 has an invalid length.
[  167.195460][T10305] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1170'.
[  167.310410][T10313] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  167.554341][T10323] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.578000][T10350] kAFS: unable to lookup cell 'sy>7 †ŸO-z1'
[  168.832418][T10357] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  168.840655][ T1336] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  169.000625][ T1336] usb 5-1: Using ep0 maxpacket: 16
[  169.004390][ T1336] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  169.008191][ T1336] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  169.011102][ T1336] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.015417][ T1336] usb 5-1: config 0 descriptor??
[  169.022882][ T1336] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input16
[  169.540697][ T6505] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  169.550671][    T8] vhci_hcd: vhci_device speed not set
[  169.692561][ T6505] usb 9-1: Using ep0 maxpacket: 16
[  169.696734][ T6505] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.700588][ T6505] usb 9-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  169.703474][ T6505] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.707058][ T6505] usb 9-1: config 0 descriptor??
[  169.873929][   T39] kauditd_printk_skb: 65 callbacks suppressed
[  169.873939][   T39] audit: type=1326 audit(1738941206.697:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.882322][   T39] audit: type=1326 audit(1738941206.697:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.888753][   T39] audit: type=1326 audit(1738941206.717:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.895272][   T39] audit: type=1326 audit(1738941206.717:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.902111][   T39] audit: type=1326 audit(1738941206.717:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.908529][   T39] audit: type=1326 audit(1738941206.717:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.915699][   T39] audit: type=1326 audit(1738941206.717:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.921984][   T39] audit: type=1326 audit(1738941206.717:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.928271][   T39] audit: type=1326 audit(1738941206.727:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  169.935297][   T39] audit: type=1326 audit(1738941206.727:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10368 comm="syz.2.1190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000
[  170.135818][ T6505] hid (null): unknown global tag 0xc
[  170.137447][ T6505] hid (null): global environment stack underflow
[  170.144449][ T6505] hid (null): unknown global tag 0xd
[  170.146782][ T6505] kye 0003:0458:5016.0005: control desc unexpectedly large
[  170.151555][ T6505] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:0458:5016.0005/input/input17
[  170.227973][T10419] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  170.334692][T10364] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1188'.
[  171.335155][T10434] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1198'.
[  171.344953][T10434] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1198'.
[  171.348673][T10435] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1198'.
[  171.353305][T10433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.380563][ T5343] bcm5974 5-1:0.0: could not read from device
[  171.386258][ T1336] bcm5974 5-1:0.0: could not read from device
[  171.390941][ T5343] bcm5974 5-1:0.0: could not read from device
[  171.420747][ T1336] input: failed to attach handler mousedev to device input16, error: -5
[  171.427159][ T5343] bcm5974 5-1:0.0: could not read from device
[  171.428113][ T1336] usb 5-1: USB disconnect, device number 11
[  171.434749][ T6505] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:0458:5016.0005/input/input18
[  171.501492][ T6505] kye 0003:0458:5016.0005: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.4-1/input0
[  171.508862][ T6505] usb 9-1: USB disconnect, device number 7
[  172.051077][ T6505] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  172.093604][T10461] team0: Port device vlan0 removed
[  172.097455][T10461] batman_adv: batadv0: Removing interface: gretap1
[  172.099963][   T11] tipc: Resetting bearer <eth:team0>
[  172.106171][T10461] team0: Unable to change to the same mode the team is in
[  172.112937][T10461] team0: Port device vlan0 added
[  172.115480][T10461] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  172.332325][T10466] /dev/sr0: Can't open blockdev
[  173.156749][T10491] team0: Port device vlan0 removed
[  173.175448][ T1135] tipc: Resetting bearer <eth:team0>
[  173.179581][T10491] team0: Unable to change to the same mode the team is in
[  173.187730][T10491] team0: Port device vlan0 added
[  173.197497][T10491] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  173.338522][ T6505] kernel write not supported for file bpf-map (pid: 6505 comm: kworker/2:4)
[  173.427808][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.430149][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.433298][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.435808][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.438028][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.441163][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.444208][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.447071][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.449901][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.454036][T10512] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.590675][ T6505] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  173.746388][ T6505] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  173.749052][ T6505] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.752312][ T6505] usb 7-1: Product: syz
[  173.753823][ T6505] usb 7-1: Manufacturer: syz
[  173.755240][ T6505] usb 7-1: SerialNumber: syz
[  173.759654][ T6505] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  173.794521][  T834] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  173.797825][T10527] syz.4.1223: attempt to access beyond end of device
[  173.797825][T10527] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  173.807952][T10527] XFS (nbd4): SB validate failed with error -5.
[  174.285272][ T6505] usb 7-1: USB disconnect, device number 8
[  174.437817][T10537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1225'.
[  174.528527][T10541] team0: Port device vlan0 removed
[  174.534528][   T11] tipc: Resetting bearer <eth:team0>
[  174.544456][T10541] team0: Unable to change to the same mode the team is in
[  174.547807][T10541] team0: Port device vlan0 added
[  174.551034][T10541] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  174.840714][  T834] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  174.843489][  T834] ath9k_htc: Failed to initialize the device
[  174.849225][ T6505] usb 7-1: ath9k_htc: USB layer deinitialized
[  175.003075][T10557] input: syz0 as /devices/virtual/input/input19
[  175.004979][T10557] input: failed to attach handler leds to device input19, error: -6
[  175.213934][T10562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1233'.
[  175.484051][T10574] netlink: 'syz.4.1237': attribute type 1 has an invalid length.
[  175.492639][T10574] 8021q: adding VLAN 0 to HW filter on device bond3
[  175.508674][T10574] bond3: (slave bridge1): making interface the new active one
[  175.513310][T10574] bond3: (slave bridge1): Enslaving as an active interface with an up link
[  175.530113][T10574] bond3: (slave bridge2): Enslaving as an active interface with a down link
[  175.770636][    T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  175.967120][T10598] could not allocate digest TFM handle sha224-ce
[  175.981997][    T9] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  175.986239][    T9] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  175.989190][    T9] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  175.994031][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.999252][T10579] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  176.004179][    T9] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  176.208320][T10611] team0: No ports can be present during mode change
[  176.216681][ T1135] tipc: Resetting bearer <eth:team0>
[  176.348609][ T1135] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  176.359266][T10579] Invalid source name
[  176.360612][T10579] UBIFS error (pid: 10579): cannot open "./file0", error -22
[  176.362889][  T834] usb 8-1: USB disconnect, device number 10
[  176.727349][T10625] team0: Unable to change to the same mode the team is in
[  176.731651][T10625] vlan0: entered promiscuous mode
[  177.486129][T10639] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  178.086873][T10649] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1256'.
[  178.551217][T10657] 9pnet_fd: Insufficient options for proto=fd
[  179.093018][T10664] team0: No ports can be present during mode change
[  179.096604][T10664] vlan0: entered promiscuous mode
[  179.109574][T10664] team0: Port device vlan0 added
[  179.935251][T10669] 9pnet_virtio: no channels available for device syz
[  181.326559][   T39] kauditd_printk_skb: 122 callbacks suppressed
[  181.326574][   T39] audit: type=1326 audit(1738941218.147:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.338477][   T39] audit: type=1326 audit(1738941218.167:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.348597][   T39] audit: type=1326 audit(1738941218.167:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.350458][T10704] fuse: Bad value for 'fd'
[  181.357429][   T39] audit: type=1326 audit(1738941218.167:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.364096][   T39] audit: type=1326 audit(1738941218.167:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.375694][   T39] audit: type=1326 audit(1738941218.177:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.382198][   T39] audit: type=1326 audit(1738941218.177:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.389401][   T39] audit: type=1326 audit(1738941218.177:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.395989][   T39] audit: type=1326 audit(1738941218.177:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.406320][   T39] audit: type=1326 audit(1738941218.177:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10699 comm="syz.4.1270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  181.428506][T10707] FAULT_INJECTION: forcing a failure.
[  181.428506][T10707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.434252][T10707] CPU: 3 UID: 0 PID: 10707 Comm: syz.4.1272 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  181.434267][T10707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.434274][T10707] Call Trace:
[  181.434277][T10707]  <TASK>
[  181.434281][T10707]  dump_stack_lvl+0x16c/0x1f0
[  181.434352][T10707]  should_fail_ex+0x50a/0x650
[  181.434401][T10707]  _copy_from_user+0x2e/0xd0
[  181.434421][T10707]  compat_do_replace+0x16f/0x500
[  181.434433][T10707]  ? __pfx_compat_do_replace+0x10/0x10
[  181.434443][T10707]  ? aa_get_newest_label+0x376/0x680
[  181.434458][T10707]  ? __pfx_aa_get_newest_label+0x10/0x10
[  181.434477][T10707]  ? bpf_lsm_capable+0x9/0x10
[  181.434490][T10707]  ? security_capable+0x7e/0x260
[  181.434505][T10707]  do_ip6t_set_ctl+0x686/0xc20
[  181.434516][T10707]  ? __mutex_lock+0x1cc/0xb10
[  181.434532][T10707]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  181.434542][T10707]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  181.434558][T10707]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  181.434578][T10707]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  181.434593][T10707]  nf_setsockopt+0x8a/0xf0
[  181.434607][T10707]  ipv6_setsockopt+0x135/0x170
[  181.434619][T10707]  udpv6_setsockopt+0x7d/0xd0
[  181.434631][T10707]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  181.434644][T10707]  do_sock_setsockopt+0x222/0x480
[  181.434656][T10707]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  181.434670][T10707]  ? lock_acquire+0x2f/0xb0
[  181.434696][T10707]  __sys_setsockopt+0x1a0/0x230
[  181.434714][T10707]  __ia32_sys_setsockopt+0xbc/0x160
[  181.434727][T10707]  ? lockdep_hardirqs_on+0x7c/0x110
[  181.434748][T10707]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  181.434771][T10707]  __do_fast_syscall_32+0x73/0x120
[  181.434787][T10707]  do_fast_syscall_32+0x32/0x80
[  181.434801][T10707]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.434824][T10707] RIP: 0023:0xf7fe4579
[  181.434836][T10707] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  181.434851][T10707] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  181.434867][T10707] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  181.434877][T10707] RDX: 0000000000000040 RSI: 0000000020000540 RDI: 0000000000000554
[  181.434887][T10707] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  181.434896][T10707] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  181.434905][T10707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.434927][T10707]  </TASK>
[  181.674833][T10716] vlan2: entered allmulticast mode
[  181.675510][T10716] bond0: entered allmulticast mode
[  181.682507][T10716] bond0: left allmulticast mode
[  181.792298][T10722] Bluetooth: hci0: service_discovery: too big uuid_count value 65535
[  181.950985][T10729] GUP no longer grows the stack in syz.0.1280 (10729): 20004000-2000a000 (20002000)
[  181.954994][T10729] CPU: 3 UID: 0 PID: 10729 Comm: syz.0.1280 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  181.955012][T10729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  181.955018][T10729] Call Trace:
[  181.955022][T10729]  <TASK>
[  181.955027][T10729]  dump_stack_lvl+0x16c/0x1f0
[  181.955046][T10729]  gup_vma_lookup+0x1d2/0x220
[  181.955063][T10729]  __get_user_pages+0x236/0x36f0
[  181.955076][T10729]  ? find_held_lock+0x2d/0x110
[  181.955092][T10729]  ? mtree_load+0x30a/0xa40
[  181.955106][T10729]  ? __pfx_lock_release+0x10/0x10
[  181.955120][T10729]  ? __pfx___get_user_pages+0x10/0x10
[  181.955135][T10729]  get_user_pages_remote+0x25e/0xb30
[  181.955148][T10729]  ? __pfx_get_user_pages_remote+0x10/0x10
[  181.955163][T10729]  __access_remote_vm+0x3a5/0x7b0
[  181.955180][T10729]  ? __pfx___access_remote_vm+0x10/0x10
[  181.955197][T10729]  proc_pid_cmdline_read+0x4f4/0x8d0
[  181.955212][T10729]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  181.955226][T10729]  ? rw_verify_area+0xcf/0x680
[  181.955240][T10729]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  181.955254][T10729]  vfs_readv+0x6c2/0x8a0
[  181.955266][T10729]  ? __pfx___lock_acquire+0x10/0x10
[  181.955280][T10729]  ? __pfx_vfs_readv+0x10/0x10
[  181.955309][T10729]  ? __fget_files+0x1fc/0x3a0
[  181.955321][T10729]  ? __pfx_lock_release+0x10/0x10
[  181.955337][T10729]  ? __fget_files+0x206/0x3a0
[  181.955349][T10729]  ? do_preadv+0x1b1/0x270
[  181.955363][T10729]  do_preadv+0x1b1/0x270
[  181.955384][T10729]  ? __pfx_do_preadv+0x10/0x10
[  181.955402][T10729]  __do_fast_syscall_32+0x73/0x120
[  181.955412][T10729]  do_fast_syscall_32+0x32/0x80
[  181.955422][T10729]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  181.955439][T10729] RIP: 0023:0xf742e579
[  181.955448][T10729] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  181.955457][T10729] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  181.955467][T10729] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000040
[  181.955472][T10729] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  181.955478][T10729] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  181.955483][T10729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  181.955488][T10729] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  181.955500][T10729]  </TASK>
[  182.069172][T10733] fuse: Bad value for 'fd'
[  182.751237][T10753] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1288'.
[  183.057230][T10756] fuse: Bad value for 'fd'
[  183.085287][T10758] sit0: left promiscuous mode
[  183.917166][ T5947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  183.920299][ T5947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  183.923331][ T5947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  183.927357][ T5947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  183.930366][ T5947] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  183.933392][ T5947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  184.031226][T10757] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  184.048208][T10766] chnl_net:caif_netlink_parms(): no params data found
[  184.105712][T10775] FAULT_INJECTION: forcing a failure.
[  184.105712][T10775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.109962][T10775] CPU: 2 UID: 0 PID: 10775 Comm: syz.0.1295 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  184.109985][T10775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.109995][T10775] Call Trace:
[  184.110001][T10775]  <TASK>
[  184.110008][T10775]  dump_stack_lvl+0x16c/0x1f0
[  184.110038][T10775]  should_fail_ex+0x50a/0x650
[  184.110062][T10775]  _copy_from_user+0x2e/0xd0
[  184.110086][T10775]  compat_do_replace+0x2a0/0x500
[  184.110108][T10775]  ? __pfx_compat_do_replace+0x10/0x10
[  184.110125][T10775]  ? aa_get_newest_label+0x376/0x680
[  184.110151][T10775]  ? __pfx_aa_get_newest_label+0x10/0x10
[  184.110187][T10775]  ? bpf_lsm_capable+0x9/0x10
[  184.110209][T10775]  ? security_capable+0x7e/0x260
[  184.110237][T10775]  do_ip6t_set_ctl+0x686/0xc20
[  184.110256][T10775]  ? __mutex_lock+0x1cc/0xb10
[  184.110284][T10775]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  184.110307][T10775]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  184.110336][T10775]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  184.110373][T10775]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  184.110400][T10775]  nf_setsockopt+0x8a/0xf0
[  184.110424][T10775]  ipv6_setsockopt+0x135/0x170
[  184.110445][T10775]  udpv6_setsockopt+0x7d/0xd0
[  184.110467][T10775]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  184.110505][T10775]  do_sock_setsockopt+0x222/0x480
[  184.110526][T10775]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  184.110547][T10775]  ? lock_acquire+0x2f/0xb0
[  184.110579][T10775]  __sys_setsockopt+0x1a0/0x230
[  184.110600][T10775]  __ia32_sys_setsockopt+0xbc/0x160
[  184.110615][T10775]  ? lockdep_hardirqs_on+0x7c/0x110
[  184.110639][T10775]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  184.110665][T10775]  __do_fast_syscall_32+0x73/0x120
[  184.110683][T10775]  do_fast_syscall_32+0x32/0x80
[  184.110699][T10775]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  184.110725][T10775] RIP: 0023:0xf742e579
[  184.110738][T10775] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  184.110753][T10775] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  184.110770][T10775] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  184.110780][T10775] RDX: 0000000000000040 RSI: 0000000020000540 RDI: 0000000000000554
[  184.110790][T10775] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  184.110800][T10775] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  184.110810][T10775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  184.110831][T10775]  </TASK>
[  184.201523][T10766] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.203750][T10766] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.205948][T10766] bridge_slave_0: entered allmulticast mode
[  184.208152][T10766] bridge_slave_0: entered promiscuous mode
[  184.211014][T10766] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.213177][T10766] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.215304][T10766] bridge_slave_1: entered allmulticast mode
[  184.217518][T10766] bridge_slave_1: entered promiscuous mode
[  184.238971][T10766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.243042][T10766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.283919][T10766] team0: Port device team_slave_0 added
[  184.288636][T10766] team0: Port device team_slave_1 added
[  184.308986][T10766] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.311110][T10766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.320589][T10766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.325434][T10766] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.327388][T10766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.334908][T10766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.359770][T10766] hsr_slave_0: entered promiscuous mode
[  184.364230][T10766] hsr_slave_1: entered promiscuous mode
[  184.366891][T10766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  184.369952][T10766] Cannot create hsr debugfs directory
[  184.475545][T10766] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  184.481492][T10766] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  184.489701][T10766] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  184.500041][T10766] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  184.513438][T10766] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.515571][T10766] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.518488][T10766] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.520801][T10766] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.556645][T10766] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.567652][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.573171][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.587828][T10766] 8021q: adding VLAN 0 to HW filter on device team0
[  184.595644][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.597739][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.603982][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.606166][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.655518][T10785] random: crng reseeded on system resumption
[  184.705717][T10766] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.828631][T10766] veth0_vlan: entered promiscuous mode
[  184.832727][T10766] veth1_vlan: entered promiscuous mode
[  184.844506][T10766] veth0_macvtap: entered promiscuous mode
[  184.847997][T10766] veth1_macvtap: entered promiscuous mode
[  184.865881][T10766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  184.869701][T10766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.873607][T10766] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.928998][T10766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  184.934815][T10797] usb 1-1: USB disconnect, device number 2
[  184.937214][T10766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.942308][T10766] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.947260][T10766] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.952509][T10766] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.956008][T10766] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.959484][T10766] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.103234][T10401] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.107720][T10401] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.116187][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.118563][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.779845][T10823] netlink: 'syz.3.1305': attribute type 13 has an invalid length.
[  185.784945][T10823] tmpfs: Bad value for 'mpol'
[  185.822510][T10827] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1307'.
[  185.974444][ T5945] Bluetooth: hci1: command tx timeout
[  186.251826][T10846] program syz.5.1314 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  186.286254][T10848] FAULT_INJECTION: forcing a failure.
[  186.286254][T10848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.290039][T10848] CPU: 0 UID: 0 PID: 10848 Comm: syz.5.1315 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  186.290053][T10848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.290059][T10848] Call Trace:
[  186.290063][T10848]  <TASK>
[  186.290067][T10848]  dump_stack_lvl+0x16c/0x1f0
[  186.290086][T10848]  should_fail_ex+0x50a/0x650
[  186.290100][T10848]  _copy_from_user+0x2e/0xd0
[  186.290114][T10848]  compat_do_replace+0x2a0/0x500
[  186.290126][T10848]  ? __pfx_compat_do_replace+0x10/0x10
[  186.290135][T10848]  ? aa_get_newest_label+0x376/0x680
[  186.290151][T10848]  ? __pfx_aa_get_newest_label+0x10/0x10
[  186.290169][T10848]  ? bpf_lsm_capable+0x9/0x10
[  186.290182][T10848]  ? security_capable+0x7e/0x260
[  186.290198][T10848]  do_ip6t_set_ctl+0x686/0xc20
[  186.290208][T10848]  ? __mutex_lock+0x1cc/0xb10
[  186.290224][T10848]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  186.290234][T10848]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  186.290250][T10848]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  186.290270][T10848]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  186.290285][T10848]  nf_setsockopt+0x8a/0xf0
[  186.290299][T10848]  ipv6_setsockopt+0x135/0x170
[  186.290310][T10848]  udpv6_setsockopt+0x7d/0xd0
[  186.290322][T10848]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  186.290336][T10848]  do_sock_setsockopt+0x222/0x480
[  186.290347][T10848]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  186.290359][T10848]  ? lock_acquire+0x2f/0xb0
[  186.290377][T10848]  __sys_setsockopt+0x1a0/0x230
[  186.290388][T10848]  __ia32_sys_setsockopt+0xbc/0x160
[  186.290396][T10848]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.290410][T10848]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  186.290425][T10848]  __do_fast_syscall_32+0x73/0x120
[  186.290434][T10848]  do_fast_syscall_32+0x32/0x80
[  186.290443][T10848]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.290458][T10848] RIP: 0023:0xf73ae579
[  186.290466][T10848] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.290487][T10848] RSP: 002b:00000000f503655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  186.290497][T10848] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  186.290503][T10848] RDX: 0000000000000040 RSI: 0000000020000540 RDI: 0000000000000554
[  186.290508][T10848] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.290513][T10848] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  186.290518][T10848] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.290529][T10848]  </TASK>
[  186.461181][  T834] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  187.461213][T10881] fuse: Bad value for 'rootmode'
[  187.584135][T10895] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  187.587348][T10895] netlink: 'syz.0.1331': attribute type 7 has an invalid length.
[  187.638549][T10913] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1337'.
[  187.665442][T10919] FAULT_INJECTION: forcing a failure.
[  187.665442][T10919] name failslab, interval 1, probability 0, space 0, times 0
[  187.669495][T10919] CPU: 0 UID: 0 PID: 10919 Comm: syz.0.1338 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  187.669509][T10919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.669515][T10919] Call Trace:
[  187.669519][T10919]  <TASK>
[  187.669524][T10919]  dump_stack_lvl+0x16c/0x1f0
[  187.669542][T10919]  should_fail_ex+0x50a/0x650
[  187.669555][T10919]  ? fs_reclaim_acquire+0xae/0x150
[  187.669571][T10919]  should_failslab+0xc2/0x120
[  187.669584][T10919]  __kmalloc_node_noprof+0xd1/0x520
[  187.669596][T10919]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  187.669609][T10919]  __kvmalloc_node_noprof+0xad/0x1a0
[  187.669619][T10919]  xt_alloc_table_info+0x3e/0xa0
[  187.669633][T10919]  translate_compat_table+0xc06/0x18e0
[  187.669650][T10919]  ? __pfx_translate_compat_table+0x10/0x10
[  187.669661][T10919]  ? __might_fault+0x13b/0x190
[  187.669675][T10919]  ? trace_lock_acquire+0x14e/0x1f0
[  187.669691][T10919]  compat_do_replace+0x35d/0x500
[  187.669703][T10919]  ? __pfx_compat_do_replace+0x10/0x10
[  187.669713][T10919]  ? aa_get_newest_label+0x376/0x680
[  187.669728][T10919]  ? __pfx_aa_get_newest_label+0x10/0x10
[  187.669747][T10919]  ? bpf_lsm_capable+0x9/0x10
[  187.669760][T10919]  ? security_capable+0x7e/0x260
[  187.669776][T10919]  do_ip6t_set_ctl+0x686/0xc20
[  187.669790][T10919]  ? __mutex_lock+0x1cc/0xb10
[  187.669813][T10919]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  187.669827][T10919]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  187.669851][T10919]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  187.669878][T10919]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  187.669893][T10919]  nf_setsockopt+0x8a/0xf0
[  187.669907][T10919]  ipv6_setsockopt+0x135/0x170
[  187.669918][T10919]  udpv6_setsockopt+0x7d/0xd0
[  187.669931][T10919]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  187.669944][T10919]  do_sock_setsockopt+0x222/0x480
[  187.669956][T10919]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  187.669968][T10919]  ? lock_acquire+0x2f/0xb0
[  187.669986][T10919]  __sys_setsockopt+0x1a0/0x230
[  187.669997][T10919]  __ia32_sys_setsockopt+0xbc/0x160
[  187.670011][T10919]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.670025][T10919]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  187.670040][T10919]  __do_fast_syscall_32+0x73/0x120
[  187.670050][T10919]  do_fast_syscall_32+0x32/0x80
[  187.670059][T10919]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.670075][T10919] RIP: 0023:0xf742e579
[  187.670083][T10919] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.670093][T10919] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  187.670102][T10919] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[  187.670108][T10919] RDX: 0000000000000040 RSI: 0000000020000540 RDI: 0000000000000554
[  187.670113][T10919] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.670118][T10919] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.670124][T10919] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.670138][T10919]  </TASK>
[  187.765974][T10922] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1339'.
[  187.881680][  T834] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  188.043962][ T5945] Bluetooth: hci1: command tx timeout
[  188.150672][T10941] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  188.207816][T10940] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  188.213792][T10940] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  188.290637][  T834] usb 10-1: Using ep0 maxpacket: 32
[  188.294444][  T834] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[  188.296845][  T834] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  188.300090][  T834] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  188.303613][  T834] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  188.307765][  T834] usb 10-1: config 0 interface 0 has no altsetting 0
[  188.311639][  T834] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  188.314763][  T834] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  188.317219][  T834] usb 10-1: Product: syz
[  188.318480][  T834] usb 10-1: Manufacturer: syz
[  188.319878][  T834] usb 10-1: SerialNumber: syz
[  188.324932][  T834] usb 10-1: config 0 descriptor??
[  188.331945][  T834] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  188.338513][  T834] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  188.556285][T10958] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1348'.
[  188.745282][T10968] netlink: 'syz.3.1350': attribute type 1 has an invalid length.
[  188.765776][T10968] bond1: entered promiscuous mode
[  188.767377][T10968] bond1: entered allmulticast mode
[  188.778079][T10968] batadv1: entered allmulticast mode
[  188.781122][T10968] 8021q: adding VLAN 0 to HW filter on device batadv1
[  188.783896][T10968] bond1: (slave batadv1): making interface the new active one
[  188.786143][T10968] batadv1: entered promiscuous mode
[  188.788624][T10968] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  188.798336][T10968] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1350'.
[  188.803645][T10968] bond1: left promiscuous mode
[  188.805484][T10968] batadv1: left promiscuous mode
[  188.807417][T10968] bond1: left allmulticast mode
[  188.809947][T10968] 8021q: adding VLAN 0 to HW filter on device bond1
[  189.013005][    C1] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[  189.015538][ T1336] usb 10-1: USB disconnect, device number 2
[  189.032023][ T1336] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  189.505962][T10990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1356'.
[  189.513264][T10990] 8021q: adding VLAN 0 to HW filter on device bond5
[  189.525593][T10990] 8021q: adding VLAN 0 to HW filter on device bond5
[  189.527718][T10990] bond5: (slave vxcan5): The slave device specified does not support setting the MAC address
[  189.533366][T10990] bond5: (slave vxcan5): Error -95 calling set_mac_address
[  189.548913][T10993] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1357'.
[  189.750942][T11001] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1359'.
[  189.753773][T11001] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1359'.
[  189.756508][T11001] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1359'.
[  190.130565][ T5945] Bluetooth: hci1: command tx timeout
[  190.685002][   T39] kauditd_printk_skb: 35 callbacks suppressed
[  190.685017][   T39] audit: type=1326 audit(1738941227.507:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11015 comm="syz.0.1365" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[  190.837957][T11032] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[  190.846755][T11032] netlink: 'syz.5.1369': attribute type 10 has an invalid length.
[  190.849579][T11032] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.852022][T11032] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.858819][T11032] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.861251][T11032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.863578][T11032] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.865786][T11032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.874514][T11032] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  190.923404][ T1143] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex
[  190.955870][T11043] team0: No ports can be present during mode change
[  191.047700][T11032] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  191.049851][T11032] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  191.055649][T11032] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  191.058195][T11032] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  191.062736][T11032] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  191.065145][T11032] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  191.079826][T11032] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  191.083841][T11032] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  191.584608][   T39] audit: type=1326 audit(1738941228.407:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.593384][   T39] audit: type=1326 audit(1738941228.407:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.602615][   T39] audit: type=1326 audit(1738941228.407:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=304 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.611421][   T39] audit: type=1326 audit(1738941228.407:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.620301][   T39] audit: type=1326 audit(1738941228.407:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.628814][   T39] audit: type=1326 audit(1738941228.407:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.637432][   T39] audit: type=1326 audit(1738941228.407:2793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.640820][ T5986] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  191.645968][   T39] audit: type=1326 audit(1738941228.407:2794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.655121][   T39] audit: type=1326 audit(1738941228.407:2795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11062 comm="syz.0.1380" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf742e579 code=0x7ffc0000
[  191.820571][ T5986] usb 10-1: Using ep0 maxpacket: 8
[  191.823436][ T5986] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  191.826604][ T5986] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  191.829444][ T5986] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  191.832706][ T5986] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  191.835587][ T5986] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  191.839445][ T5986] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  191.842124][ T5986] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.047765][ T5986] usb 10-1: usb_control_msg returned -32
[  192.049555][ T5986] usbtmc 10-1:16.0: can't read capabilities
[  192.175153][T11093] team0: No ports can be present during mode change
[  192.237841][T11095] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  192.405065][T11101] usbtmc 10-1:16.0: usb_control_msg returned -32
[  192.406433][   T63] IPVS: starting estimator thread 0...
[  192.408235][T11059] __nla_validate_parse: 2 callbacks suppressed
[  192.408248][T11059] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1378'.
[  192.418046][T11059] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1378'.
[  192.423373][ T9994] usb 10-1: USB disconnect, device number 3
[  192.490610][T11102] IPVS: using max 21 ests per chain, 50400 per kthread
[  192.867361][T11106] team0: Device vlan0 failed to change mtu
[  193.650855][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  194.322236][T11155] team0: No ports can be present during mode change
[  194.325330][T11155] vlan0: entered promiscuous mode
[  194.332374][T11155] team0: Port device vlan0 added
[  195.314828][T11180] fuse: Bad value for 'group_id'
[  195.316865][T11180] fuse: Bad value for 'group_id'
[  195.357258][T11182] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1416'.
[  195.360923][T11182] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1416'.
[  195.364256][T11182] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1416'.
[  195.367631][T11182] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1416'.
[  195.399432][T11184] ieee802154 phy0 wpan0: encryption failed: -22
[  195.565979][T11193] team0: No ports can be present during mode change
[  195.576345][T11194] random: crng reseeded on system resumption
[  195.584563][   T64] tipc: Resetting bearer <eth:team0>
[  195.634396][T11198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1422'.
[  195.727801][T11198] hsr_slave_1 (unregistering): left promiscuous mode
[  195.817677][T11208] fuse: Bad value for 'group_id'
[  195.819429][T11208] fuse: Bad value for 'group_id'
[  195.867189][   T39] kauditd_printk_skb: 48 callbacks suppressed
[  195.867202][   T39] audit: type=1804 audit(1738941232.687:2844): pid=11211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1426" name="/newroot/32/file0/file0" dev="9p" ino=36050087 res=1 errno=0
[  195.973978][T11217] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1430'.
[  196.282856][T11235] can0: slcan on pts0.
[  196.650910][ T9994] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  196.675213][    T8] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  196.802061][ T9994] usb 5-1: config index 0 descriptor too short (expected 62501, got 96)
[  196.805112][ T9994] usb 5-1: config 96 has an invalid descriptor of length 0, skipping remainder of the config
[  196.807802][ T9994] usb 5-1: config 96 has 0 interfaces, different from the descriptor's value: 27
[  196.811867][ T9994] usb 5-1: New USB device found, idVendor=7da5, idProduct=a415, bcdDevice= 0.40
[  196.814659][ T9994] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  196.816921][ T9994] usb 5-1: Product: syz
[  196.818202][ T9994] usb 5-1: Manufacturer: syz
[  196.825393][    T8] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  196.830322][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  196.834739][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  196.838864][    T8] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  196.843952][    T8] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  196.847294][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.852489][    T8] usb 10-1: config 0 descriptor??
[  196.855148][T11244] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  197.041430][ T6505] usb 5-1: USB disconnect, device number 12
[  197.123559][T11231] can0 (unregistered): slcan off pts0.
[  197.291375][   T39] audit: type=1326 audit(1738941234.117:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.297897][   T39] audit: type=1326 audit(1738941234.117:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.304340][   T39] audit: type=1326 audit(1738941234.117:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.311002][   T39] audit: type=1326 audit(1738941234.117:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.319114][   T39] audit: type=1326 audit(1738941234.117:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.325962][   T39] audit: type=1326 audit(1738941234.117:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.333671][   T39] audit: type=1326 audit(1738941234.117:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.340734][   T39] audit: type=1326 audit(1738941234.117:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.348080][   T39] audit: type=1326 audit(1738941234.117:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11277 comm="syz.4.1442" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe4579 code=0x7ffc0000
[  197.519651][T11297] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1444'.
[  197.525366][T11297] team0: No ports can be present during mode change
[  197.795111][T11299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1445'.
[  199.099925][T11325] 9pnet_fd: Insufficient options for proto=fd
[  199.146311][T11329] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1454'.
[  199.339018][T11337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1455'.
[  199.342853][T11337] team0: No ports can be present during mode change
[  199.435238][    T8] usbhid 10-1:0.0: can't add hid device: -71
[  199.437150][    T8] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  199.442720][    T8] usb 10-1: USB disconnect, device number 4
[  199.962503][T11363] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1464'.
[  200.238368][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.241829][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.244014][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.246287][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.249208][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.253833][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.256612][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.259536][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.262584][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.265286][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.267280][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.269189][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.271204][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.273171][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.275026][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.276967][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.278951][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.280929][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.282791][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.284697][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.286631][    T8] hid-generic 0001:0000:0002.0006: unknown main item tag 0x0
[  200.293667][    T8] hid-generic 0001:0000:0002.0006: hidraw0: <UNKNOWN> HID v2.00 Device [syz0] on syz0
[  200.653725][T11406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1474'.
[  200.655751][T11409] blktrace: Concurrent blktraces are not allowed on sg0
[  200.658406][T11406] team0: No ports can be present during mode change
[  201.626772][T11424] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1477'.
[  201.685081][T11425] fuse: Bad value for 'user_id'
[  201.686747][T11425] fuse: Bad value for 'user_id'
[  201.703767][T11426] loop7: detected capacity change from 0 to 16384
[  201.921128][   T39] kauditd_printk_skb: 152 callbacks suppressed
[  201.921140][   T39] audit: type=1326 audit(1738941238.747:3006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.932642][   T39] audit: type=1326 audit(1738941238.747:3007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.939518][   T39] audit: type=1326 audit(1738941238.747:3008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.945719][   T39] audit: type=1326 audit(1738941238.747:3009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.952130][   T39] audit: type=1326 audit(1738941238.747:3010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.960805][   T39] audit: type=1326 audit(1738941238.747:3011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.969206][   T39] audit: type=1326 audit(1738941238.747:3012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.976987][   T39] audit: type=1326 audit(1738941238.747:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.986207][   T39] audit: type=1326 audit(1738941238.747:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  201.994939][   T39] audit: type=1326 audit(1738941238.747:3015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11428 comm="syz.0.1479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  202.209279][T11448] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1485'.
[  202.215141][T11448] team0: No ports can be present during mode change
[  202.537453][T11450] netlink: 'syz.4.1486': attribute type 21 has an invalid length.
[  202.539892][T11450] netlink: 'syz.4.1486': attribute type 20 has an invalid length.
[  202.542622][T11450] IPv6: NLM_F_CREATE should be specified when creating new route
[  203.002086][T11480] netlink: 4832 bytes leftover after parsing attributes in process `syz.5.1497'.
[  203.004775][T11480] net_ratelimit: 7 callbacks suppressed
[  203.004785][T11480] openvswitch: netlink: Flow key attr not present in new flow.
[  203.038248][T11481] 9pnet_fd: Insufficient options for proto=fd
[  203.041773][T11481] netlink: 'syz.4.1496': attribute type 1 has an invalid length.
[  203.051187][T11481] 8021q: adding VLAN 0 to HW filter on device bond4
[  203.062337][T11481] geneve2: entered allmulticast mode
[  203.067232][T11481] bond4: (slave geneve2): making interface the new active one
[  203.074378][T11481] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  203.204244][T11494] team0: Port device vlan0 removed
[  203.362787][T11513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1505'.
[  203.367220][T11513] team0: No ports can be present during mode change
[  203.547225][T11517] rose0: entered promiscuous mode
[  203.553264][T11517] bond0: (slave rose0): Enslaving as an active interface with an up link
[  204.156710][T11540] vlan2: entered promiscuous mode
[  204.158670][T11540] vlan2: entered allmulticast mode
[  204.165440][T11540] hsr_slave_1: entered allmulticast mode
[  204.434559][T11558] netlink: 'syz.4.1517': attribute type 27 has an invalid length.
[  204.457402][T11558] tipc: Resetting bearer <eth:team0>
[  204.519688][T11558] veth1_vlan: left allmulticast mode
[  204.581445][T11558] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.584668][T11558] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.587930][T11558] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.594035][T11558] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  204.597806][T11558] geneve2: left allmulticast mode
[  204.637063][T11559] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.639806][T11559] 8021q: adding VLAN 0 to HW filter on device team0
[  204.643415][T11559] tipc: Resetting bearer <eth:team0>
[  204.647737][T11559] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  204.699303][T11568] fuse: Unknown parameter 'grou00000000000000000000'
[  204.882016][T11580] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1526'.
[  204.901158][T11580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1526'.
[  205.150144][T11596] fuse: Bad value for 'fd'
[  205.343984][T11613] Cannot find add_set index 0 as target
[  205.346026][T11614] Cannot find add_set index 0 as target
[  205.667814][T11627] fuse: Unknown parameter 'group_i00000000000000000000'
[  205.708037][T11631] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1543'.
[  205.719217][T11631] 8021q: adding VLAN 0 to HW filter on device bond2
[  205.799274][T11644] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1547'.
[  206.000676][   T63] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  206.127496][T11656] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1550'.
[  206.200770][   T63] usb 9-1: Using ep0 maxpacket: 8
[  206.205173][   T63] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  206.207713][   T63] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  206.225197][   T63] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  206.228149][   T63] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  206.246417][   T63] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  206.250314][   T63] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  206.266867][   T63] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.501614][   T63] usb 9-1: usb_control_msg returned -32
[  206.503377][   T63] usbtmc 9-1:16.0: can't read capabilities
[  206.731141][T11643] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  207.316221][T11683] input: syz1 as /devices/virtual/input/input21
[  207.359272][T11683] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1557'.
[  207.483661][T11694] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1560'.
[  208.411543][T11693] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  208.667130][T11723] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  209.236110][T11753] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1579'.
[  209.239584][T11753] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1579'.
[  209.243444][T11753] netlink: 'syz.5.1579': attribute type 13 has an invalid length.
[  209.246498][T11753] netlink: 'syz.5.1579': attribute type 12 has an invalid length.
[  210.387104][T11796] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1592'.
[  210.476777][T11803] netlink: 'syz.0.1595': attribute type 4 has an invalid length.
[  210.484595][T11803] netlink: 'syz.0.1595': attribute type 4 has an invalid length.
[  210.545823][   T39] kauditd_printk_skb: 66 callbacks suppressed
[  210.545833][   T39] audit: type=1326 audit(1738941247.380:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.555541][   T39] audit: type=1326 audit(1738941247.390:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.562427][   T39] audit: type=1326 audit(1738941247.400:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.569675][   T39] audit: type=1326 audit(1738941247.400:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.575994][   T39] audit: type=1326 audit(1738941247.400:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.584098][   T39] audit: type=1326 audit(1738941247.400:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.591658][   T39] audit: type=1326 audit(1738941247.400:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.600041][   T39] audit: type=1326 audit(1738941247.400:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.608063][   T39] audit: type=1326 audit(1738941247.400:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.618139][   T39] audit: type=1326 audit(1738941247.400:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11810 comm="syz.0.1597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  210.773957][T11817] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  211.502827][T11834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1604'.
[  211.813973][T11854] tipc: Resetting bearer <eth:team0>
[  211.821023][T11854] team0: Port device vlan0 removed
[  211.858447][T11854] batman_adv: batadv0: Adding interface: dummy0
[  211.864844][T11854] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560.
[  211.871258][T11854] batman_adv: batadv0: Interface activated: dummy0
[  211.960600][ T5945] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  212.216359][T11857] wireguard1: entered promiscuous mode
[  212.218183][T11857] wireguard1: entered allmulticast mode
[  212.293348][T11675] usbtmc 9-1:16.0: usb_control_msg returned -110
[  212.309617][ T5986] usb 9-1: USB disconnect, device number 8
[  213.314352][T11892] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1621'.
[  213.580368][T11896] lo: entered promiscuous mode
[  213.586574][T11895] lo: left promiscuous mode
[  214.182034][T11911] netlink: 'syz.5.1624': attribute type 10 has an invalid length.
[  214.194121][T11911] bond0: (slave netdevsim0): Enslaving as an active interface with a down link
[  214.222094][T11891] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  214.404381][T11925] netlink: 'syz.4.1628': attribute type 1 has an invalid length.
[  214.407142][T11925] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1628'.
[  214.660616][   T57] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  214.696717][T11930] fuse: Bad value for 'fd'
[  214.822125][   T57] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  214.826380][   T57] usb 9-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  214.830081][   T57] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.836652][   T57] usb 9-1: config 0 descriptor??
[  214.876881][T11933] fuse: Unknown parameter '{›
ù_ÒõÒ£I™üÁ„úò Öê^·¸ß„4ûEE£êX€–XûŒ '
[  215.048397][ T5944] usb 9-1: USB disconnect, device number 9
[  215.207437][T11940] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1632'.
[  215.480103][T11957] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1637'.
[  215.485266][T11957] team0: No ports can be present during mode change
[  215.749305][T11962] netlink: 'syz.5.1639': attribute type 1 has an invalid length.
[  215.757658][T11962] bond1: entered promiscuous mode
[  215.759509][T11962] bond1: entered allmulticast mode
[  215.768495][T11962] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1639'.
[  215.774831][T11962] bond1: left promiscuous mode
[  215.776352][T11962] bond1: left allmulticast mode
[  215.778097][T11962] 8021q: adding VLAN 0 to HW filter on device bond1
[  215.807973][T11966] bridge0: port 1(syz_tun) entered blocking state
[  215.810029][T11966] bridge0: port 1(syz_tun) entered disabled state
[  215.812377][T11966] syz_tun: entered allmulticast mode
[  215.816586][T11966] syz_tun: entered promiscuous mode
[  215.819071][T11966] bridge0: port 1(syz_tun) entered blocking state
[  215.821094][T11966] bridge0: port 1(syz_tun) entered forwarding state
[  215.854060][T11970] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  216.321652][   T39] kauditd_printk_skb: 225 callbacks suppressed
[  216.321664][   T39] audit: type=1326 audit(1738941253.160:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.335425][   T39] audit: type=1326 audit(1738941253.160:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.342559][   T39] audit: type=1326 audit(1738941253.160:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.348712][   T39] audit: type=1326 audit(1738941253.160:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.361775][   T39] audit: type=1326 audit(1738941253.160:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.368047][   T39] audit: type=1326 audit(1738941253.160:3322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.375730][   T39] audit: type=1326 audit(1738941253.160:3323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.382819][   T39] audit: type=1326 audit(1738941253.160:3324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.389718][   T39] audit: type=1326 audit(1738941253.160:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.396015][   T39] audit: type=1326 audit(1738941253.160:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11983 comm="syz.3.1645" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  216.973085][T12015] overlayfs: invalid origin (0000007900c20000000000000000000000000000000000000000000000000000000000000000000000000000)
[  217.345641][T12020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1655'.
[  217.449014][T12028] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1653'.
[  217.455900][T12028] IPVS: Error joining to the multicast group
[  217.521147][  T834] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  217.673766][  T834] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  217.678530][  T834] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.683538][  T834] usb 8-1: Product: syz
[  217.685152][  T834] usb 8-1: Manufacturer: syz
[  217.686936][  T834] usb 8-1: SerialNumber: syz
[  217.690065][  T834] usb 8-1: config 0 descriptor??
[  217.756497][T12036] No control pipe specified
[  217.783468][T12038] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1660'.
[  217.795803][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1657'.
[  217.798406][T12039] IPVS: Unknown mcast interface: vcan0
[  217.902324][   T57] usb 8-1: USB disconnect, device number 11
[  218.053892][T12043] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1661'.
[  218.684272][T12037] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  219.104510][T12063] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1665'.
[  220.105262][T12084] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  220.107513][T12084] overlayfs: failed to set xattr on upper
[  220.109237][T12084] overlayfs: ...falling back to redirect_dir=nofollow.
[  220.111279][T12084] overlayfs: ...falling back to index=off.
[  221.077037][T12111] syz.3.1680: attempt to access beyond end of device
[  221.077037][T12111] nbd3: rw=0, sector=64, nr_sectors = 1 limit=0
[  221.081087][T12111] syz.3.1680: attempt to access beyond end of device
[  221.081087][T12111] nbd3: rw=0, sector=256, nr_sectors = 1 limit=0
[  221.085105][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  221.088881][T12111] syz.3.1680: attempt to access beyond end of device
[  221.088881][T12111] nbd3: rw=0, sector=512, nr_sectors = 1 limit=0
[  221.093150][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  221.096957][T12111] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  221.099664][T12111] UDF-fs: Scanning with blocksize 512 failed
[  221.105601][T12111] syz.3.1680: attempt to access beyond end of device
[  221.105601][T12111] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0
[  221.110730][T12111] syz.3.1680: attempt to access beyond end of device
[  221.110730][T12111] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0
[  221.116535][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  221.119697][T12111] syz.3.1680: attempt to access beyond end of device
[  221.119697][T12111] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0
[  221.124939][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  221.129192][T12111] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  221.132195][T12111] UDF-fs: Scanning with blocksize 1024 failed
[  221.134869][T12111] syz.3.1680: attempt to access beyond end of device
[  221.134869][T12111] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0
[  221.138644][T12111] syz.3.1680: attempt to access beyond end of device
[  221.138644][T12111] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0
[  221.142653][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  221.146322][T12111] syz.3.1680: attempt to access beyond end of device
[  221.146322][T12111] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0
[  221.151416][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  221.154274][T12111] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  221.156525][T12111] UDF-fs: Scanning with blocksize 2048 failed
[  221.158590][T12111] syz.3.1680: attempt to access beyond end of device
[  221.158590][T12111] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  221.163976][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  221.167285][T12111] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  221.170209][T12111] UDF-fs: warning (device nbd3): udf_load_vrs: No anchor found
[  221.172904][T12111] UDF-fs: Scanning with blocksize 4096 failed
[  221.175164][T12111] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  221.183480][T12111] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1680'.
[  221.186262][T12111] tipc: Started in network mode
[  221.188869][T12111] tipc: Node identity 7, cluster identity 5
[  221.190748][T12111] tipc: Node number set to 7
[  221.720408][T12121] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  221.818066][T12127] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  221.825563][T12127] CIFS mount error: No usable UNC path provided in device string!
[  221.825563][T12127] 
[  221.828638][T12127] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  222.051141][T12137] veth1_macvtap: left promiscuous mode
[  222.167643][T12127] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1685'.
[  222.174968][T12127] 9pnet_fd: Insufficient options for proto=fd
[  222.410674][ T6505] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  222.551697][T12158] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1693'.
[  222.560750][ T6505] usb 9-1: Using ep0 maxpacket: 8
[  222.573752][ T6505] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  222.580352][ T6505] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  222.584306][ T6505] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  222.588250][ T6505] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  222.593610][ T6505] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  222.597278][ T6505] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.810960][ T6505] usb 9-1: GET_CAPABILITIES returned 0
[  222.812775][ T6505] usbtmc 9-1:16.0: can't read capabilities
[  222.841251][T12165] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1695'.
[  222.855465][T12165] team0: No ports can be present during mode change
[  222.883334][T12167] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  222.885987][T12167] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  222.889093][T12167] vhci_hcd vhci_hcd.0: Device attached
[  222.893969][T12167] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(8)
[  222.896593][T12167] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  222.899695][T12167] vhci_hcd vhci_hcd.0: Device attached
[  222.903270][T12167] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(10)
[  222.906002][T12167] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  222.909173][T12167] vhci_hcd vhci_hcd.0: Device attached
[  222.924393][T12172] vhci_hcd: connection closed
[  222.925955][T12170] vhci_hcd: connection closed
[  222.926060][T12168] vhci_hcd: connection closed
[  222.929999][ T1143] vhci_hcd: stop threads
[  222.934008][ T1143] vhci_hcd: release socket
[  222.935810][ T1143] vhci_hcd: disconnect device
[  222.937917][ T1143] vhci_hcd: stop threads
[  222.939669][ T1143] vhci_hcd: release socket
[  222.941708][ T1143] vhci_hcd: disconnect device
[  222.943843][ T1143] vhci_hcd: stop threads
[  222.945602][ T1143] vhci_hcd: release socket
[  222.947430][ T1143] vhci_hcd: disconnect device
[  223.028477][T12148] usb 9-1: usbtmc_ioctl_clear_out_halt returned -32
[  223.040238][T12174] netlink: 'syz.0.1694': attribute type 2 has an invalid length.
[  223.043584][T12174] netlink: 'syz.0.1694': attribute type 8 has an invalid length.
[  223.046706][T12174] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1694'.
[  223.111502][ T9994] usb 9-1: USB disconnect, device number 10
[  223.176652][T12176] netlink: 'syz.0.1694': attribute type 1 has an invalid length.
[  223.777118][T12186] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  223.779065][T12186] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  223.781788][T12186] vhci_hcd vhci_hcd.0: Device attached
[  223.970656][    T8] vhci_hcd: vhci_device speed not set
[  224.040672][    T8] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  224.247792][T12192] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1700'.
[  224.591707][T12182] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  224.624647][T12188] vhci_hcd: connection reset by peer
[  224.626411][ T1143] vhci_hcd: stop threads
[  224.627663][ T1143] vhci_hcd: release socket
[  224.629010][ T1143] vhci_hcd: disconnect device
[  224.946326][T12221] fuse: Bad value for 'rootmode'
[  225.038578][T12231] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1713'.
[  225.597742][T12253] fuse: Unknown parameter 'use00000000000000000000'
[  225.932273][T12229] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  225.980863][T12264] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1725'.
[  225.983651][T12264] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1725'.
[  226.011884][T12270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1727'.
[  226.160173][T12278] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[  226.250620][   T39] kauditd_printk_skb: 21 callbacks suppressed
[  226.250720][   T39] audit: type=1326 audit(1738941263.080:3348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.262417][   T39] audit: type=1326 audit(1738941263.080:3349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.270021][   T39] audit: type=1326 audit(1738941263.080:3350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.277628][   T39] audit: type=1326 audit(1738941263.080:3351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.287098][   T39] audit: type=1326 audit(1738941263.080:3352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.296607][   T39] audit: type=1326 audit(1738941263.080:3353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.304380][   T39] audit: type=1326 audit(1738941263.080:3354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.304481][T12284] fuse: Unknown parameter 'use00000000000000000000'
[  226.312470][   T39] audit: type=1326 audit(1738941263.080:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.323932][   T39] audit: type=1326 audit(1738941263.080:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.330184][   T39] audit: type=1326 audit(1738941263.080:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12280 comm="syz.0.1730" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  226.556926][T12296] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1734'.
[  227.758803][T12316] fuse: Unknown parameter 'use00000000000000000000'
[  228.291930][T12334] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  229.160859][    T8] vhci_hcd: vhci_device speed not set
[  229.500272][T12395] ntfs3(nbd4): try to read out of volume at offset 0x0
[  229.735863][T12401] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  229.752783][T12388] /dev/sr0: Can't open blockdev
[  230.073572][T12431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1767'.
[  230.110319][T12436] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1768'.
[  230.552760][ T9994] libceph: connect (1)[c::]:6789 error -101
[  230.555789][ T9994] libceph: mon0 (1)[c::]:6789 connect error
[  230.561514][ T9994] libceph: connect (1)[c::]:6789 error -101
[  230.563471][ T9994] libceph: mon0 (1)[c::]:6789 connect error
[  230.641663][T12444] ceph: No mds server is up or the cluster is laggy
[  230.937500][T12473] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1771'.
[  231.332390][T12502] input: syz1 as /devices/virtual/input/input25
[  231.473663][T12507] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1780'.
[  231.728898][T12515] afs: Unknown parameter 'dyn'
[  231.729288][T12516] afs: Unknown parameter 'dyn'
[  231.732999][T12515] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1783'.
[  231.948429][   T39] kauditd_printk_skb: 101 callbacks suppressed
[  231.948444][   T39] audit: type=1326 audit(1738941268.780:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  231.958252][   T39] audit: type=1326 audit(1738941268.780:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  231.968124][   T39] audit: type=1326 audit(1738941268.780:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73be579 code=0x7ffc0000
[  231.976876][   T39] audit: type=1326 audit(1738941268.780:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  231.991724][   T39] audit: type=1326 audit(1738941268.780:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  231.998521][   T39] audit: type=1326 audit(1738941268.780:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73be579 code=0x7ffc0000
[  232.005035][   T39] audit: type=1326 audit(1738941268.780:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  232.011354][   T39] audit: type=1326 audit(1738941268.780:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  232.017438][   T39] audit: type=1326 audit(1738941268.780:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73be579 code=0x7ffc0000
[  232.023816][   T39] audit: type=1326 audit(1738941268.780:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.3.1788" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x7ffc0000
[  232.226524][T12554] random: crng reseeded on system resumption
[  232.236951][T12562] overlayfs: failed to clone upperpath
[  232.269514][T12554] netfs: Couldn't get user pages (rc=-14)
[  232.375685][T12565] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1794'.
[  232.567173][T12506] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  233.166969][T12591] 9pnet_fd: Insufficient options for proto=fd
[  233.169367][T12591] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  233.186651][T12593] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1806'.
[  233.647180][T12599] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  233.656609][T12599] netlink: 272 bytes leftover after parsing attributes in process `syz.4.1807'.
[  233.659320][T12599] netlink: 272 bytes leftover after parsing attributes in process `syz.4.1807'.
[  233.667813][T12599] ipvlan2: entered allmulticast mode
[  233.669499][T12599] mac80211_hwsim hwsim10 wlan0: entered allmulticast mode
[  233.672429][T12599] batman_adv: batadv0: Adding interface: ipvlan2
[  233.675139][T12599] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.685252][T12599] batman_adv: batadv0: Interface activated: ipvlan2
[  233.911376][T12606] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  233.959735][T12613] netlink: 'syz.4.1811': attribute type 1 has an invalid length.
[  234.001654][T12616] 9pnet_fd: Insufficient options for proto=fd
[  234.006085][T12616] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1812'.
[  234.071551][T12592] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  234.266662][T12649] IPv6: NLM_F_CREATE should be specified when creating new route
[  234.269830][T12649] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1822'.
[  234.697581][T12666] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  235.191664][T12671] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1827'.
[  235.625537][T12705] overlayfs: failed to resolve './file2': -2
[  236.629706][T12728] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1846'.
[  236.705606][T12733] x_tables: (null)_tables: DNAT target: only valid in nat table, not syz0
[  237.010947][ T6505] usb 8-1: new low-speed USB device number 12 using dummy_hcd
[  237.105753][T12751] CIFS: VFS: Malformed UNC in devname
[  237.107989][T12751] IPv6: NLM_F_CREATE should be specified when creating new route
[  237.172004][ T6505] usb 8-1: config 6 has an invalid interface number: 199 but max is 0
[  237.176159][ T6505] usb 8-1: config 6 has no interface number 0
[  237.178534][ T6505] usb 8-1: config 6 interface 199 altsetting 64 endpoint 0xA is Bulk; changing to Interrupt
[  237.181839][ T6505] usb 8-1: config 6 interface 199 has no altsetting 0
[  237.186287][ T6505] usb 8-1: string descriptor 0 read error: -22
[  237.188385][ T6505] usb 8-1: New USB device found, idVendor=045e, idProduct=043b, bcdDevice=d4.5a
[  237.191713][ T6505] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.196149][T12740] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  237.441919][ T6505] usb 8-1: USB disconnect, device number 12
[  237.602518][T12755] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1853'.
[  237.887727][T12762] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1854'.
[  237.891964][T12762] team0: Unable to change to the same mode the team is in
[  237.915328][   T39] kauditd_printk_skb: 426 callbacks suppressed
[  237.915338][   T39] audit: type=1326 audit(1738941274.750:3895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.923468][   T39] audit: type=1326 audit(1738941274.750:3896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.933161][   T39] audit: type=1326 audit(1738941274.750:3897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.942009][   T39] audit: type=1326 audit(1738941274.750:3898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.948276][   T39] audit: type=1326 audit(1738941274.750:3899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.956957][   T39] audit: type=1326 audit(1738941274.750:3900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.963347][   T39] audit: type=1326 audit(1738941274.750:3901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.969565][   T39] audit: type=1326 audit(1738941274.750:3902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.976192][   T39] audit: type=1326 audit(1738941274.750:3903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  237.982886][   T39] audit: type=1326 audit(1738941274.750:3904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12763 comm="syz.0.1856" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf742e579 code=0x7ffc0000
[  238.885065][T12787] netlink: 'syz.5.1861': attribute type 4 has an invalid length.
[  239.109625][T12799] 9pnet_fd: Insufficient options for proto=fd
[  239.113598][T12799] netlink: 'syz.5.1866': attribute type 5 has an invalid length.
[  239.192023][T12803] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1868'.
[  239.401499][T12813] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1870'.
[  239.407416][T12813] team0: Unable to change to the same mode the team is in
[  239.423654][T12813] team0: Port device vlan0 added
[  240.071233][T12802] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  240.160280][T12826] Invalid/unusable pipe
[  240.377606][T12847] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1880'.
[  240.818027][T12859] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1882'.
[  240.825297][T12859] team0: No ports can be present during mode change
[  241.150263][T12862] bio_check_eod: 2 callbacks suppressed
[  241.150277][T12862] syz.4.1884: attempt to access beyond end of device
[  241.150277][T12862] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[  241.157185][T12862] syz.4.1884: attempt to access beyond end of device
[  241.157185][T12862] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[  241.189967][T12864] nftables ruleset with unbound chain
[  241.296581][T12870] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  241.308157][T12870] netlink: 272 bytes leftover after parsing attributes in process `syz.0.1887'.
[  241.311412][T12870] netlink: 272 bytes leftover after parsing attributes in process `syz.0.1887'.
[  241.324509][T12870] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: ipvlan2
[  241.328329][T12870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.332981][T12870] ipvlan3: entered allmulticast mode
[  241.335263][T12870] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode
[  241.338992][T12870] batman_adv: batadv0: Adding interface: ipvlan3
[  241.341637][T12870] batman_adv: batadv0: Interface activated: ipvlan3
[  241.525348][T12896] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1895'.
[  241.844008][T12913] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1904'.
[  241.848998][T12913] team0: No ports can be present during mode change
[  242.415754][T12895] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  242.798006][T12957] syz.3.1913 (12957): /proc/12955/oom_adj is deprecated, please use /proc/12955/oom_score_adj instead.
[  242.804813][T12957] syz.3.1913: attempt to access beyond end of device
[  242.804813][T12957] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[  243.081690][T12951] batadv_slave_1: entered promiscuous mode
[  243.084415][T12951] batadv_slave_1: left promiscuous mode
[  243.090864][T12951] netlink: 416 bytes leftover after parsing attributes in process `syz.5.1911'.
[  243.248152][T12967] netlink: 'syz.0.1916': attribute type 10 has an invalid length.
[  243.254590][T12967] syz_tun: entered promiscuous mode
[  243.271388][T12967] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  243.281917][T12967] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1916'.
[  243.308925][   T39] kauditd_printk_skb: 243 callbacks suppressed
[  243.308939][   T39] audit: type=1326 audit(1738941280.140:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.321676][   T39] audit: type=1326 audit(1738941280.160:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.335773][   T39] audit: type=1326 audit(1738941280.160:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.344903][   T39] audit: type=1326 audit(1738941280.160:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.353515][   T39] audit: type=1326 audit(1738941280.160:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.362219][   T39] audit: type=1326 audit(1738941280.160:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.370914][   T39] audit: type=1326 audit(1738941280.160:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.379218][   T39] audit: type=1326 audit(1738941280.160:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.381616][T12979] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  243.387870][   T39] audit: type=1326 audit(1738941280.160:4156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.389597][T12979] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  243.398200][   T39] audit: type=1326 audit(1738941280.160:4157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12968 comm="syz.5.1917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  243.407781][T12979] hsr_slave_0: left promiscuous mode
[  243.601370][T12993] batman_adv: batadv0: Interface deactivated: ipvlan2
[  243.603683][T12993] batman_adv: batadv0: Removing interface: ipvlan2
[  243.789415][T12997] debugfs: Bad value for 'uid'
[  243.791912][T12997] debugfs: Bad value for 'uid'
[  244.091633][T13012] /dev/sr0: Can't open blockdev
[  244.353242][T13030] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1934'.
[  244.633586][T13037] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1936'.
[  245.260644][ T5986] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  245.521305][T13036] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  245.547670][T13068] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1943'.
[  245.551494][T13068] team0: No ports can be present during mode change
[  245.606170][T13072] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1945'.
[  245.608819][T13073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1945'.
[  245.634889][T13075] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1946'.
[  246.391856][T13090] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  246.392847][T13091] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  246.532163][T13074] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  247.205446][T13117] team0: No ports can be present during mode change
[  247.692274][T13125] 
[  247.693047][T13125] =============================
[  247.694450][T13125] WARNING: suspicious RCU usage
[  247.695871][T13125] 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0 Not tainted
[  247.699212][T13125] -----------------------------
[  247.701535][T13125] ./include/linux/kvm_host.h:1057 suspicious rcu_dereference_check() usage!
[  247.704083][T13125] 
[  247.704083][T13125] other info that might help us debug this:
[  247.704083][T13125] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  247.707025][T13125] 
[  247.707025][T13125] rcu_scheduler_active = 2, debug_locks = 1
[  247.710199][T13125] no locks held by syz.4.1960/13125.
[  247.711877][T13125] 
[  247.711877][T13125] stack backtrace:
[  247.713634][T13125] CPU: 2 UID: 0 PID: 13125 Comm: syz.4.1960 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  247.713648][T13125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.713654][T13125] Call Trace:
[  247.713658][T13125]  <TASK>
[  247.713662][T13125]  dump_stack_lvl+0x16c/0x1f0
[  247.713682][T13125]  lockdep_rcu_suspicious+0x210/0x3c0
[  247.713696][T13125]  kvm_vcpu_gfn_to_memslot+0x48c/0x590
[  247.713710][T13125]  ? __lock_acquire+0x15a9/0x3c40
[  247.713724][T13125]  kvm_vcpu_write_guest+0x68/0x130
[  247.713739][T13125]  kvm_xen_write_hypercall_page+0x4aa/0x530
[  247.713752][T13125]  ? __pfx_kvm_xen_write_hypercall_page+0x10/0x10
[  247.713770][T13125]  kvm_set_msr_common+0x160b/0x33c0
[  247.713786][T13125]  ? __pfx_kvm_set_msr_common+0x10/0x10
[  247.713801][T13125]  ? __pfx_lock_release+0x10/0x10
[  247.713812][T13125]  ? do_raw_spin_lock+0x12d/0x2c0
[  247.713826][T13125]  vmx_set_msr+0xc2b/0x3950
[  247.713839][T13125]  ? __pfx_vmx_set_msr+0x10/0x10
[  247.713850][T13125]  ? _raw_spin_unlock+0x28/0x50
[  247.713862][T13125]  ? kvm_clear_async_pf_completion_queue+0x2e1/0x480
[  247.713877][T13125]  kvm_vcpu_reset+0x933/0x1960
[  247.713891][T13125]  ? __pfx_kvm_vcpu_reset+0x10/0x10
[  247.713905][T13125]  ? kvm_set_tsc_khz+0x28b/0x520
[  247.713919][T13125]  kvm_arch_vcpu_create+0x6dc/0xab0
[  247.713932][T13125]  kvm_vm_ioctl+0xf4f/0x3d70
[  247.713945][T13125]  ? stack_trace_save+0x95/0xd0
[  247.713956][T13125]  ? stack_depot_save_flags+0x28/0x9e0
[  247.713970][T13125]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  247.713982][T13125]  ? kasan_save_stack+0x42/0x60
[  247.713992][T13125]  ? kasan_save_stack+0x33/0x60
[  247.714001][T13125]  ? kasan_save_track+0x14/0x30
[  247.714010][T13125]  ? kasan_save_free_info+0x3b/0x60
[  247.714023][T13125]  ? __kasan_slab_free+0x51/0x70
[  247.714032][T13125]  ? kfree+0x2c4/0x4d0
[  247.714040][T13125]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  247.714049][T13125]  ? security_file_ioctl_compat+0x9b/0x240
[  247.714059][T13125]  ? __do_compat_sys_ioctl+0x4e/0x2c0
[  247.714072][T13125]  ? __do_fast_syscall_32+0x73/0x120
[  247.714080][T13125]  ? do_fast_syscall_32+0x32/0x80
[  247.714088][T13125]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.714102][T13125]  ? kvm_arch_vm_compat_ioctl+0x2d1/0x480
[  247.714111][T13125]  ? hlock_class+0x4e/0x130
[  247.714124][T13125]  ? mark_lock+0xb5/0xc60
[  247.714134][T13125]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[  247.714144][T13125]  ? __pfx_mark_lock+0x10/0x10
[  247.714161][T13125]  ? find_held_lock+0x2d/0x110
[  247.714176][T13125]  ? tomoyo_path_number_perm+0x298/0x5b0
[  247.714186][T13125]  ? __pfx_lock_release+0x10/0x10
[  247.714198][T13125]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  247.714209][T13125]  ? tomoyo_path_number_perm+0x190/0x5b0
[  247.714219][T13125]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  247.714228][T13125]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  247.714241][T13125]  ? do_vfs_ioctl+0x513/0x1950
[  247.714254][T13125]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  247.714272][T13125]  kvm_vm_compat_ioctl+0x399/0x440
[  247.714286][T13125]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  247.714299][T13125]  ? __pfx_lock_release+0x10/0x10
[  247.714309][T13125]  ? trace_lock_acquire+0x14e/0x1f0
[  247.714321][T13125]  ? __fget_files+0x206/0x3a0
[  247.714333][T13125]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  247.714347][T13125]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  247.714361][T13125]  __do_fast_syscall_32+0x73/0x120
[  247.714371][T13125]  do_fast_syscall_32+0x32/0x80
[  247.714379][T13125]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.714393][T13125] RIP: 0023:0xf7fe4579
[  247.714402][T13125] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.714411][T13125] RSP: 002b:00000000f510655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  247.714420][T13125] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000ae41
[  247.714426][T13125] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  247.714431][T13125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.714436][T13125] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  247.714441][T13125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.714452][T13125]  </TASK>
[  248.066190][T13122] bond0: (slave syz_tun): Releasing backup interface
[  248.120013][T13124] bridge0: port 1(syz_tun) entered disabled state
[  248.133084][T13124] syz_tun (unregistering): left allmulticast mode
[  248.134997][T13124] syz_tun (unregistering): left promiscuous mode
[  248.136876][T13124] bridge0: port 1(syz_tun) entered disabled state
[  248.312951][T10401] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.434850][T10401] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.522791][T10401] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.604983][T10401] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.700077][T10401] bridge_slave_1: left allmulticast mode
[  248.703164][T10401] bridge_slave_1: left promiscuous mode
[  248.707049][T10401] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.711768][T10401] bridge_slave_0: left allmulticast mode
[  248.713413][T10401] bridge_slave_0: left promiscuous mode
[  248.715067][T10401] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.197575][T10401] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  249.201845][T10401] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  249.205237][T10401] bond0 (unregistering): Released all slaves
[  249.291858][T10401] bond1 (unregistering): (slave batadv1): Releasing active interface
[  249.295321][T10401] bond1 (unregistering): Released all slaves
[  249.380086][T10401] bond2 (unregistering): Released all slaves
[  249.478636][T10401] tipc: Left network mode
[  249.773254][T10401] hsr_slave_0: left promiscuous mode
[  249.775627][T10401] hsr_slave_1: left promiscuous mode
[  249.777557][T10401] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  249.781685][T10401] batman_adv: batadv0: Removing interface: batadv_slave_0
[  249.792771][T10401] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.794937][T10401] batman_adv: batadv0: Removing interface: batadv_slave_1
[  249.823983][T10401] veth0_macvtap: left promiscuous mode
[  249.827678][T10401] veth1_vlan: left promiscuous mode
[  249.829635][T10401] veth0_vlan: left promiscuous mode
[  250.049076][T10401] team0 (unregistering): Port device vlan0 removed
[  250.638359][T10401] team0 (unregistering): Port device team_slave_1 removed
[  250.724904][T10401] team0 (unregistering): Port device team_slave_0 removed
[  252.292491][T10401] bond4 (unregistering): (slave geneve2): Releasing active interface
[  252.380184][T10401] bond3 (unregistering): (slave bridge1): Releasing active interface
[  252.383586][T10401] bond3 (unregistering): (slave bridge1): the permanent HWaddr of slave - 0e:4a:55:40:a5:74 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  252.488872][T10401] bond3 (unregistering): (slave bridge2): Releasing active interface
[  252.642166][T10401] bond0 (unregistering): left promiscuous mode
[  252.644239][T10401] bond0 (unregistering): Released all slaves
[  252.724741][T10401] bond1 (unregistering): Released all slaves
[  252.730584][T10401] bond2 (unregistering): Released all slaves
[  252.822731][T10401] bond3 (unregistering): Released all slaves
[  252.901715][T10401] bond4 (unregistering): Released all slaves
[  252.906081][T10401] bond5 (unregistering): Released all slaves
[  253.006345][T10401] tipc: Disabling bearer <eth:team0>
[  253.017709][T10401] tipc: Left network mode
[  253.239095][T10401] team0: left promiscuous mode
[  253.244132][T10401] hsr_slave_0: left promiscuous mode
[  253.389306][T10401] macvlan0 (unregistering): left allmulticast mode
[  253.833056][   T11] smc: removing ib device syz2
[  254.780355][T10401] IPVS: stop unused estimator thread 0...
[  255.081717][ T1414] ieee802154 phy0 wpan0: encryption failed: -22

VM DIAGNOSIS:
14:21:24  Registers:
info registers vcpu 0

CPU#0
RAX=000000000057c563 RBX=0000000000000000 RCX=ffffffff8b468e39 RDX=0000000000000000
RSI=ffffffff8b6ce5c0 RDI=ffffffff8bd2d220 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed1005686f85 R10=ffff88802b437c2b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff905fd810 R15=0000000000000000
RIP=ffffffff8b46a21f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74735f8 CR3=0000000052bbc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000ab4f59 RBX=0000000000000001 RCX=ffffffff8b468e39 RDX=0000000000000000
RSI=ffffffff8b6ce5c0 RDI=ffffffff8bd2d220 RBP=ffffed1003ad5910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6f85 R10=ffff88802b537c2b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d6ac880 R14=ffffffff905fd810 R15=0000000000000000
RIP=ffffffff8b46a21f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032ef5ffc CR3=0000000072e06000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85386df5 RDI=ffffffff9aad2e20 RBP=ffffffff9aad2de0 RSP=ffffc9002187f010
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000004
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9aad2de0 R15=0000000000000000
RIP=ffffffff85386e1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c371c63 CR3=0000000061d3c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000007 RBX=ffffffff84c20cbf RCX=1ffffffff20c0162 RDX=dffffc0000000000
RSI=ffffffff8bd2d1a0 RDI=ffffffff8da67cf8 RBP=0000000000000000 RSP=ffffc90003a4f1d8
R8 =0000000000000000 R9 =fffffbfff20bfb02 R10=ffffffff905fd817 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff8196329d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f06e40 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f739cff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000