last executing test programs:

53.355041725s ago: executing program 2 (id=202):
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(r4, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)}], 0x1}}], 0x1, 0x9200000000000000)
r5 = openat$autofs(0xffffff9c, &(0x7f0000000240), 0x208400, 0x0)
close(r5)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f0000000000)={0xa0000001})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x0, 0xfffffffffffffffe}}]}}}]}, 0x40}}, 0x0)

51.790283615s ago: executing program 2 (id=207):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000000140)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xcb}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1e00000000000000040000000200000000000000", @ANYBLOB="679a25dd1d00d99373eab75e06a6d401e9f907bf56901ec0df7114cc36833ddd01515d5e2eae56", @ANYBLOB="0000000000000100000000000000b60000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000e500000000000000006600"/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x20)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480)="627807434619734911420e123cb6f44fb54d82f86f3720b1d5ecd9651a9fcb2a1c358b9cd99a9da0b00953486764e0c7d13faa0d43ad3164e14aa9d4eafc2ae39ce2be18d63433b7dfc78608200e69639ab1530087488555d6d92591d54b3a4b2d398d9c826367e94ff87e48b5c8", 0x6e, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
dup(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
socket$isdn(0x22, 0x3, 0x22)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001bc0), 0x0, 0x0)
ioctl$TCSBRK(r4, 0x5409, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x2, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000280), 0x208e24b)

50.740152327s ago: executing program 2 (id=213):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6766}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000001440)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$dlm_plock(0xffffff9c, &(0x7f0000000040), 0x402, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r3, 0x8947, &(0x7f0000000000))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10)
chdir(&(0x7f00000000c0)='./file0\x00')
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x900, 0x12)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000001c0)={'ip_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x10, 0x7800, 0x0, 0xba, {{0x1b, 0x4, 0x2, 0x20, 0x6c, 0x65, 0x0, 0x0, 0x29, 0x0, @local, @empty, {[@generic={0x83, 0x4, "95dd"}, @generic={0x7, 0x10, "b350a8d4368021067e28a5c872d1"}, @generic={0xcc, 0x4, "efa2"}, @timestamp={0x44, 0xc, 0xf2, 0x0, 0xd, [0x0, 0x7]}, @timestamp={0x44, 0x8, 0x2a, 0x0, 0x5, [0xf331]}, @timestamp_prespec={0x44, 0x24, 0xc5, 0x3, 0x8, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7fffffff}, {@broadcast, 0x5}, {@private=0xa010102}, {@broadcast}]}, @generic={0x83, 0x5, "8ab543"}, @end]}}}}})
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f0000000000)="580000001400adfd8a987e40da2e6a262b", 0x11}], 0x1)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r8, 0x8, &(0x7f0000000240)=0x2)
capset(&(0x7f0000000000)={0x20080522, r8}, &(0x7f0000000180)={0xb, 0x0, 0x0, 0x0, 0xf71})
r9 = openat$pmem0(0xffffff9c, &(0x7f0000002440), 0x40440, 0x0)
ioctl$IOC_PR_RELEASE(r9, 0x401070ca, 0x0)
socket$inet6(0xa, 0x1, 0x100)
close(r7)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000280)='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
socket$netlink(0x10, 0x3, 0x4)

50.461437312s ago: executing program 2 (id=216):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000000)={0x2a, 0x3}, 0xc)
bind$qrtr(r0, &(0x7f00000000c0)={0x2a, 0x1, 0x3f000000}, 0xc)

50.399695833s ago: executing program 2 (id=218):
sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000012d80)={0x0, 0x0, &(0x7f0000012d40)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00', @ANYBLOB="4017245aaf6667bfbdbfb97c7d932092764b7db8cc7ec5b290ed22271270545dcfc7d42bd3f2c818d1a4184765c2d55dc433dee3f0f9a7a3f24d84af768aaba1504e"], 0x28}, 0x1, 0x0, 0x0, 0x2400c810}, 0x20004004)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040))
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000026a0e2d2d24a54b5bbf500"], 0x20}}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYRES16=0x0, @ANYBLOB="000826bd700009000000eb00000008000300", @ANYRES16=r3, @ANYBLOB="0800063500", @ANYRES32=r3, @ANYBLOB="05002e000100000008002b000d00000008003b00060000000600280001000000"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x20048010)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000740)="d8000000180081054e81f782db4cb904021d08040603d70d0000000000002f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e0065cdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a94100"/216, 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
r8 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f00000000c0)=0xc)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7472616e733dbd213766642c726664", @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',access=', @ANYRESDEC=r9, @ANYBLOB=',\x00'])
quotactl$Q_GETQUOTA(0xffffffff80000702, &(0x7f0000000400)=@loop={'/dev/loop', 0x0}, r9, &(0x7f0000000440))
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r10, &(0x7f0000000000)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast]}, 0x48)
connect$netrom(r10, &(0x7f0000000080)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x2}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x8, 0x0}, @default, @bcast]}, 0x10)
read$snapshot(r0, &(0x7f0000000380)=""/120, 0x78)
r11 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r11, &(0x7f0000000080)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)

50.0486726s ago: executing program 2 (id=219):
r0 = openat$binderfs(0xffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1, 0x1})
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x80, &(0x7f0000000080)=0x5, 0x0, 0x4)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x10000000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SYMLINKAT={0x26, 0x48, 0x0, r3, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x1})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000001c0)={{0x2, 0x3, 0x3, 0x3, 0x9d08}})
openat$sndseq(0xffffff9c, &(0x7f0000000200), 0x400000)
r4 = syz_io_uring_complete(r1)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x100)
openat$adsp1(0xffffff9c, &(0x7f0000000280), 0x10901, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth0_to_team\x00'})
getsockopt$bt_hci(r4, 0x0, 0x3, &(0x7f0000000300)=""/241, &(0x7f0000000400)=0xf1)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x5b4, 0xffffffff, 0x374, 0x0, 0x374, 0xffffffff, 0xffffffff, 0x4ec, 0x4ec, 0x4ec, 0xffffffff, 0x4, &(0x7f00000004c0), {[{{@uncond, 0x0, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x73, 0x8, 0x9, 0x6, 0x4, @loopback, @private0, @mcast2, [0xffffff00, 0xffffffff, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff000000], [0xff000000, 0xffffffff, 0x0, 0xff000000], 0x411, 0x2120}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@loopback, @remote, [0x0, 0x0, 0x0, 0xff], [0xffffff00, 0xff000000, 0xffffffff], 'dvmrp1\x00', 'veth1_macvtap\x00', {}, {}, 0x16, 0x2, 0x0, 0x2}, 0x0, 0xf8, 0x220, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0x81], 0x6, 0x8, 0x2}}, @common=@ipv6header={{0x24}, {0x30, 0x2, 0x1}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x6, 'system_u:object_r:syslog_conf_t:s0\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, [0x0, 0xff, 0xff000000, 0xffffffff], [0xff000000, 0xffffffff, 0xffffff00], 'veth0_virt_wifi\x00', '\x00', {0xff}, {}, 0x67, 0x39, 0x1, 0x10}, 0x0, 0x154, 0x178, 0x0, {}, [@common=@srh1={{0x8c}, {0x1d, 0x2, 0x6, 0x40, 0x9d04, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, @empty, [0x0, 0x0, 0xff000000, 0xff000000], [0xffffff00, 0xff000000, 0xffffff00, 0xffffffff], [0xff, 0xff000000, 0xffffff00, 0xffffffff], 0x350a, 0x800}}, @common=@inet=@socket3={{0x24}, 0x4}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x7}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x610)
connect$netrom(r4, &(0x7f0000000b40)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @null]}, 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}]}, @NFT_MSG_NEWSETELEM={0x34, 0xc, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSETELEM={0x24, 0xe, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd8}, 0x1, 0x0, 0x0, 0xc004}, 0x800)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000d80)={<r7=>0x0, @in6={{0xa, 0x4e23, 0x10001, @loopback, 0x8}}, 0x1, 0x47}, &(0x7f0000000e40)=0x88)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000e80)={r7, 0x7, 0x4, 0x81, 0x336b, 0x7}, 0x14)
read(r6, &(0x7f0000000ec0)=""/227, 0xe3)
write$binfmt_register(r0, &(0x7f0000000fc0)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x81, 0x3a, 'srh\x00', 0x3a, 'frag\x00', 0x3a, './file0', 0x3a, [0x46, 0x50, 0x46, 0x9, 0x46, 0x46, 0x46, 0x4f, 0x43]}, 0x39)
ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000001000)={0x0, 0x2, 0x1000, 0x4})
connect$inet(r3, &(0x7f0000001040)={0x2, 0x4e20, @loopback}, 0x10)
madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xc)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x9)
ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000001080))
setsockopt$inet_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000010c0), 0x4)
recvfrom$inet_nvme(r4, &(0x7f0000001100)=""/147, 0x93, 0x40000021, &(0x7f0000001200)=@nfc={0x27, 0x0, 0x1, 0x1}, 0x80)

34.802159865s ago: executing program 32 (id=219):
r0 = openat$binderfs(0xffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1, 0x1})
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x810, 0xffffffffffffffff, 0x8000000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x80, &(0x7f0000000080)=0x5, 0x0, 0x4)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x12, 0xffffffffffffffff, 0x10000000)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SYMLINKAT={0x26, 0x48, 0x0, r3, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x1})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000001c0)={{0x2, 0x3, 0x3, 0x3, 0x9d08}})
openat$sndseq(0xffffff9c, &(0x7f0000000200), 0x400000)
r4 = syz_io_uring_complete(r1)
r5 = openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x100)
openat$adsp1(0xffffff9c, &(0x7f0000000280), 0x10901, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth0_to_team\x00'})
getsockopt$bt_hci(r4, 0x0, 0x3, &(0x7f0000000300)=""/241, &(0x7f0000000400)=0xf1)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000500)=@filter={'filter\x00', 0xe, 0x4, 0x5b4, 0xffffffff, 0x374, 0x0, 0x374, 0xffffffff, 0xffffffff, 0x4ec, 0x4ec, 0x4ec, 0xffffffff, 0x4, &(0x7f00000004c0), {[{{@uncond, 0x0, 0x130, 0x154, 0x0, {}, [@common=@srh1={{0x8c}, {0x73, 0x8, 0x9, 0x6, 0x4, @loopback, @private0, @mcast2, [0xffffff00, 0xffffffff, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff000000], [0xff000000, 0xffffffff, 0x0, 0xff000000], 0x411, 0x2120}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@loopback, @remote, [0x0, 0x0, 0x0, 0xff], [0xffffff00, 0xff000000, 0xffffffff], 'dvmrp1\x00', 'veth1_macvtap\x00', {}, {}, 0x16, 0x2, 0x0, 0x2}, 0x0, 0xf8, 0x220, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0x81], 0x6, 0x8, 0x2}}, @common=@ipv6header={{0x24}, {0x30, 0x2, 0x1}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x6, 'system_u:object_r:syslog_conf_t:s0\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, [0x0, 0xff, 0xff000000, 0xffffffff], [0xff000000, 0xffffffff, 0xffffff00], 'veth0_virt_wifi\x00', '\x00', {0xff}, {}, 0x67, 0x39, 0x1, 0x10}, 0x0, 0x154, 0x178, 0x0, {}, [@common=@srh1={{0x8c}, {0x1d, 0x2, 0x6, 0x40, 0x9d04, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, @empty, [0x0, 0x0, 0xff000000, 0xff000000], [0xffffff00, 0xff000000, 0xffffff00, 0xffffffff], [0xff, 0xff000000, 0xffffff00, 0xffffffff], 0x350a, 0x800}}, @common=@inet=@socket3={{0x24}, 0x4}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x7}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x610)
connect$netrom(r4, &(0x7f0000000b40)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @null]}, 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}]}, @NFT_MSG_NEWSETELEM={0x34, 0xc, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSETELEM={0x24, 0xe, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xd8}, 0x1, 0x0, 0x0, 0xc004}, 0x800)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000d80)={<r7=>0x0, @in6={{0xa, 0x4e23, 0x10001, @loopback, 0x8}}, 0x1, 0x47}, &(0x7f0000000e40)=0x88)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000e80)={r7, 0x7, 0x4, 0x81, 0x336b, 0x7}, 0x14)
read(r6, &(0x7f0000000ec0)=""/227, 0xe3)
write$binfmt_register(r0, &(0x7f0000000fc0)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x81, 0x3a, 'srh\x00', 0x3a, 'frag\x00', 0x3a, './file0', 0x3a, [0x46, 0x50, 0x46, 0x9, 0x46, 0x46, 0x46, 0x4f, 0x43]}, 0x39)
ioctl$FS_IOC_RESVSP(r5, 0x402c5828, &(0x7f0000001000)={0x0, 0x2, 0x1000, 0x4})
connect$inet(r3, &(0x7f0000001040)={0x2, 0x4e20, @loopback}, 0x10)
madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xc)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x9)
ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000001080))
setsockopt$inet_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000010c0), 0x4)
recvfrom$inet_nvme(r4, &(0x7f0000001100)=""/147, 0x93, 0x40000021, &(0x7f0000001200)=@nfc={0x27, 0x0, 0x1, 0x1}, 0x80)

8.029577845s ago: executing program 1 (id=439):
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x7f, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffff00230000000086dd60f2a40000492f00fe880000000000000000000000000001fe8000000000000000000000000000aa3420"], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
mount$pvfs2(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r4, 0x0)
accept4$rose(r4, 0x0, 0x0, 0x0)
io_uring_setup(0x6cfb, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xfffffffc})

7.217019053s ago: executing program 1 (id=442):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000040)={0x2c, r1, 0xb97534d5fe9700cf, 0x4, 0x1, {{0x12}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x45}, 0x0) (fail_nth: 1)

6.908740937s ago: executing program 1 (id=446):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000180)={0x538, "59e9e43494250afc9241cdb61da8e10e3353f50689fac5d57e2989761489db20"})
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0xc)
r5 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0xfff)

6.428383779s ago: executing program 1 (id=452):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x12, &(0x7f0000000080), 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc02000000000000000000000000000004001200050008004b00000008000100", @ANYRES32=0x0, @ANYBLOB="0800040000000200080015"], 0x8c}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$igmp6(0xa, 0x3, 0x2)
r6 = socket$kcm(0x2, 0xa, 0x2)
openat$vnet(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}, 0x47})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="000091000000000000001f000000000088a8000081"], 0x56)
r7 = openat$full(0xffffff9c, &(0x7f0000000080), 0x800, 0x0)
r8 = openat$cgroup_root(0xffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x0, <r9=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=r9, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000140)={r7, r8, 0x1a, 0x0, @val=@target_btf_id=r9}, 0x14)
r10 = openat$sr(0xffffff9c, &(0x7f00000001c0), 0x40000, 0x0)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r3)
move_mount(r10, &(0x7f0000000440)='./file0\x00', r10, &(0x7f0000000480)='./file0\x00', 0x20)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r10, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x50, r11, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x11}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010102}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x18}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xfe}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x4041844)

6.225421814s ago: executing program 1 (id=453):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000000c0)={0x1, 0xaa4, 0x0, &(0x7f0000000100)})
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r3, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x5)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0x300, 0x4, 0x0, {0x60, 0x0, 0x0, r4, {}, {0x7, 0xa}, {0x0, 0x3}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}}, 0x4000)
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100))
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r5, 0x6f000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0x541b, &(0x7f0000000200)={<r7=>r0, 0x4000000000000, 0x3, 0x2})
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
setrlimit(0x2, &(0x7f00000000c0)={0x2, 0x2400000})
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000001000/0x1000)=nil)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="0010"])
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(0x0, 0x0, 0x1, 0x0)
syz_open_dev$midi(&(0x7f0000000100), 0x3ff, 0x10000)
socket(0x1, 0x803, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

4.339608509s ago: executing program 1 (id=469):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'pim6reg1\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$I2C(&(0x7f0000000080), 0x0, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, 0x0, 0x2000085c)
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = fsopen(&(0x7f0000000000)='udf\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001480)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4], 0x18}, 0x1, 0xf000000}, 0x0)

4.062409348s ago: executing program 0 (id=471):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
write(r0, 0x0, 0x0) (fail_nth: 1)

3.877725482s ago: executing program 0 (id=472):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x12, &(0x7f0000000080), 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc02000000000000000000000000000004001200050008004b00000008000100", @ANYRES32=0x0, @ANYBLOB="0800040000000200080015"], 0x8c}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = socket$igmp6(0xa, 0x3, 0x2)
r6 = socket$kcm(0x2, 0xa, 0x2)
openat$vnet(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}, 0x47})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="000091000000000000001f000000000088a8000081"], 0x56)
openat$full(0xffffff9c, &(0x7f0000000080), 0x800, 0x0)
openat$cgroup_root(0xffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x0, <r7=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=r7, 0x48)

3.447852759s ago: executing program 0 (id=475):
syz_emit_ethernet(0x2e, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaa090000000000000800460000200000000100029078ac1414bb640101000000000000803b7800000000"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x15, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x7}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, 0x0)
syz_io_uring_setup(0x239, 0x0, &(0x7f0000000000), 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000005f80)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}]}]}, 0x58}}, 0x0)
recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x19)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0)
read$msr(r3, &(0x7f0000000300)=""/102400, 0x19000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0xb, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_ZONE={0x6, 0x8, 0x2000}, @TCA_CT_LABELS={0x14, 0x7, "4614c334e344ae535af2f0a70ddeb37f"}, @TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0x0, 0x8}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x401, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r6, 0xa, 0x21)
fcntl$setlease(r6, 0x400, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

3.305364452s ago: executing program 4 (id=478):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

3.249768613s ago: executing program 4 (id=479):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="141c0000d937b74c2b7b3a5eeb05f0bd90975691e48c672c0b5c69a78afcf4d8284e4c51b7699361c115bda056e5ffa9c56b3eeeaf084778c64436d64db938ab8bf8aade40309c74065072d7d926a7fca94030ae960b0e140eecaaf797b702e571463f0cdf721f8ac160b6e11ec967470c84ecf3951f1610f44b91a8bfbc279d169fe3a1f10ca90ab7f22eb580d6a6e5a54132557868534def3f716494f6d94aeee0ac", @ANYRES16=r1, @ANYBLOB="0100000000000000000006000000"], 0x14}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b57"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6c6f616420616372797074667320757365723a747275737465643a20303030303030303030303030303030303030360e3900"], 0x32, 0xfffffffffffffffc)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
add_key$user(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000280)="9934481c262fc4bc49e98a08188e9a56cb690b41c3cfdb8e3b0c4aad36a251e4a4ff0c139b673ac0b619cc74bfa2b822edbf20078a79f82b225e5071814984b915d25025ee23daa2deaf360076b20988608e12611f3bedd6d4114d2672e8a2e224f393c867ea7ac8c5cc6cfabdee921f39cd4777510da3d3ca899dd2b4085da03f", 0x81, r4)
r6 = open(&(0x7f00000003c0)='.\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$notify(r6, 0x402, 0x8000003d)
fcntl$setsig(r6, 0xa, 0x21)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4000, 0x0)
r7 = openat(r6, &(0x7f00000001c0)='./bus\x00', 0x6b942, 0x1d0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r8])

3.029901338s ago: executing program 4 (id=480):
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
recvmmsg$unix(r4, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r5 = openat$autofs(0xffffff9c, &(0x7f0000000240), 0x208400, 0x0)
close(r5)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f0000000000)={0xa0000001})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)

2.288626441s ago: executing program 0 (id=481):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x2f, 0x10, 0x9, 0xb7b, 0x34, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x8, 0x8, 0x4, 0x4}})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x64010101}, 0x10)
r2 = socket$l2tp(0x2, 0x2, 0x73)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x90)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = syz_io_uring_setup(0x1918, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x2200}, &(0x7f0000000580)=<r5=>0x0, &(0x7f0000000400)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0xc0045543, &(0x7f0000000080))
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
preadv2(r3, &(0x7f0000000240)=[{&(0x7f0000000300)=""/97, 0x61}], 0x1, 0x0, 0x0, 0x0)
sendto$l2tp(r2, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000880), 0x0, 0x2)
read(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)

1.907302363s ago: executing program 3 (id=482):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/arp\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYRES8=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000500)={<r3=>0x0, 0x34, "013c1665254940c71e37dea8dfb8557d2bf5d8464066ed7f93cbd8100f0f62e4ff947e1447332fa6248eb50d6c2c258c6687aeeb"}, &(0x7f0000000540)=0x3c) (async)
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000580)={r3}, 0x8) (async)
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="60100000", @ANYRES16=r2, @ANYBLOB="00032dbd7000fcdbdf250900000004000b0024006e800400020004000200040001000400020004000100040001000400010004000200040028000a000600080211000000000005000800030000000c006e800400010004000100"], 0x60}}, 0x8005)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000005c0)={<r6=>r3, 0x72}, &(0x7f00000006c0)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000700)={r6, 0xc125}, &(0x7f0000000740)=0x8)
write(r5, &(0x7f0000000040)="14000000140005b7ffccca38b9000000010860eb", 0x14)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="5000488a", @ANYRES16=r2, @ANYBLOB="00022bbd7000fddbdf250600000008000300", @ANYRES32=r7, @ANYBLOB="0c009900080000001e000000050053000100000008000500030000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x844}, 0x80)
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000180)=""/113, 0x71}], 0x1, 0xe, 0x0)

1.883466252s ago: executing program 4 (id=483):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0xffd8)

1.883190804s ago: executing program 3 (id=484):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=r0, 0x48)

1.803540495s ago: executing program 3 (id=485):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/wireless\x00')
r2 = socket$inet6(0xa, 0x5, 0x0)
io_uring_setup(0x36ba, &(0x7f00000000c0)={0x0, 0xf2, 0x800, 0x0, 0x3e8})
setsockopt$sock_int(r2, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0x2)
listen(r2, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f0000000180))
sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="20040000", @ANYRES16=r3, @ANYBLOB="01000000000000000000080000000c0099000100000000000000"], 0x20}}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80146, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000240)={0xf0003, 0x0, [0x680, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2b]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000001c0)={0x1, 0x2000}, 0x4)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r7=>r1}, './file0\x00'})
write$P9_RRENAMEAT(r7, &(0x7f0000000080)={0x7, 0x4b, 0x2}, 0x7)

1.309838664s ago: executing program 3 (id=486):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/wireless\x00')
r1 = socket$inet6(0xa, 0x5, 0x0)
io_uring_setup(0x36ba, &(0x7f00000000c0)={0x0, 0xf2, 0x800, 0x0, 0x3e8})
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(0xffffffffffffffff, 0x2)
listen(r1, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000180))
sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)=ANY=[@ANYBLOB="20040000", @ANYRES16=r2, @ANYBLOB="01000000000000000000080000000c0099000100000000000000"], 0x20}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80146, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000240)={0xf0003, 0x0, [0x680, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2b]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x1, 0x2000}, 0x4)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r6=>r0}, './file0\x00'})
write$P9_RRENAMEAT(r6, &(0x7f0000000080)={0x7, 0x4b, 0x2}, 0x7)

985.057618ms ago: executing program 4 (id=487):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x3, 0xffffffffffffff34}}, 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b", 0xa}], 0x1}, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x401)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, 0x0, 0x0)
sendmmsg$inet6(r7, &(0x7f0000004900)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000480)}}], 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e) (fail_nth: 1)

844.226695ms ago: executing program 3 (id=488):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000180)={0x538, "59e9e43494250afc9241cdb61da8e10e3353f50689fac5d57e2989761489db20"})
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0xc)
r5 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0xfff)

594.716098ms ago: executing program 0 (id=489):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat$autofs(0xffffff9c, &(0x7f0000000240), 0x80, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./file1\x00', 0x0)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./bus\x00')

479.810545ms ago: executing program 0 (id=490):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x20000363, &(0x7f0000000240)=ANY=[@ANYRES16=r4, @ANYRES32=r2, @ANYRES32=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf5933db71f3b0223, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x201}, 0x18)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @local}, 0x1c)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x611c00, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x6)
ioctl$TCFLSH(r8, 0x400455c8, 0x4)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f00000002c0)=0x30)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3cdf397d590700000000000000a53cac001000010400"/33, @ANYRES32=0x0, @ANYBLOB="2b030000000000001c0012800b00010067656e65766500000c000280060005004e200000"], 0x3c}}, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
accept4(r9, 0x0, 0x0, 0x0)

135.613821ms ago: executing program 3 (id=491):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = dup(0xffffffffffffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="01000000000000554a000040"])
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_netprio_ifpriomap(r7, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r8, &(0x7f0000000280)=ANY=[@ANYRESHEX=r6, @ANYRESOCT=r5, @ANYBLOB="b6eb5eff23b6b880654412ad8af604363e879f27ad8c3c2d2dd9136b80e357b5cee0eb52fa12fbd6110a0fddf316b4e0008e5fc8f9fe61bb92c3908870c9bd7ef61733793504911b5d9b0f320a3ceee7dbee7f3ea113b8e64b164f0e90ffa9e9ba88504a5ecf62e0c6f67134ad69d78db99ce9", @ANYRES16=r5, @ANYRES32=r5, @ANYBLOB="49ce2a5b45ef6b53a62cd3036dba0b2ed5b1"], 0x12)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r9, 0x80045530, &(0x7f0000000100)=""/29)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x100001, &(0x7f00000000c0))
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x110)
write(r10, &(0x7f0000004200)='t', 0x1)
sendfile(r10, r9, 0x0, 0x3ffff)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000140)={0x1, 0x0, {0x8006, 0x0, 0x0, 0x18, 0xb, 0x81, 0x0, 0x152, 0x1}})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r11, &(0x7f0000000340)={@val={0x0, 0x800}, @val={0x1}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0xfffe, 0x0, 0x0, 0x2, 0x0, @empty, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote}}}}, 0x3e)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x17)
r12 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r12, 0x4004ae8b, &(0x7f0000000080)={0x5d, "8117d73f3a4aa5558a70ecd67e2f6e47387a687acb73042ee939ef25415fd3e93ef08419187a81d9b6328f4dfa66c45357967eef6edafcd1268c4db943d325eae521c6716e0c83b555580f980918dad0524fbd7b2aa2a697cc8e792316"})

0s ago: executing program 4 (id=492):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}}, 0x0)
r1 = dup(0xffffffffffffffff)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0xaa0d, 0x4, 0x0, 0x0, 0x0, r1}, 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {0x7ff, 0x5, 0x8000, 0x2}, 0x41, [0x3, 0xfff, 0x6, 0xffffffff, 0x4, 0x7f7, 0x3, 0x7, 0xffffffff, 0x7, 0x6, 0x8, 0x5, 0x8, 0xffff, 0xb, 0xb, 0x80000000, 0x2, 0x7, 0x4, 0x10, 0x2, 0xa08b, 0x1, 0x8, 0x5, 0x9, 0x0, 0xf5, 0x7f, 0x5, 0x2134, 0x8000000, 0x5, 0x9, 0x3, 0x5, 0x9fb8, 0x10, 0x7, 0x7, 0x2, 0x80000001, 0xff, 0x0, 0x8, 0x10, 0x800, 0x8, 0xf, 0x4, 0x4, 0x0, 0x6, 0x1, 0x7ff, 0xf1, 0x54, 0x9944, 0x101, 0x200, 0x6, 0x7], [0x2, 0x2, 0x5, 0x0, 0x3, 0xf84c, 0x7f, 0x7, 0x7fff, 0x5, 0x21400000, 0x1, 0x6, 0x3ff, 0x3f4, 0xf16, 0x2, 0x10001, 0x5, 0x0, 0x7, 0xd, 0x3, 0x3, 0x2, 0x7244, 0x80000000, 0xfff, 0x9, 0xb, 0xffffffff, 0x1c, 0x10000, 0x2, 0x5, 0xf2c, 0xf312, 0x5, 0xaf, 0x0, 0x7, 0x730f, 0xc4, 0xe87d, 0x42, 0x2, 0x4, 0xf, 0x2, 0xfffffffc, 0x0, 0x6, 0x2, 0x55d6562d, 0x100, 0x8, 0x1, 0xfffffff9, 0x68f8, 0xe57, 0x0, 0x0, 0x1, 0x1], [0x1ff, 0x2, 0x10000, 0x9, 0x8, 0x8, 0x5, 0x200, 0x49a, 0x8, 0xfff, 0x400, 0x1, 0x5, 0x72b, 0x401, 0xde, 0x9, 0x3, 0x904, 0x3, 0x3, 0x0, 0x6, 0x7fffffff, 0x4, 0x200, 0x4, 0x7, 0x6, 0x6ffe, 0x9, 0x1, 0x2, 0x7, 0x6, 0x3, 0x7f, 0x2, 0x200, 0x10001, 0x8, 0x7, 0x1, 0xfffffffe, 0xfffff800, 0x3, 0x9, 0x8, 0x80000000, 0x0, 0x8, 0x5, 0x7f, 0xda26, 0x1000, 0x355, 0x100, 0x80000000, 0xa, 0x2a, 0x9, 0x5d27, 0x2], [0x7, 0xc, 0x8, 0x3ff, 0x400, 0x7, 0x0, 0x0, 0x6, 0x5, 0x7, 0x81, 0x2, 0x8, 0x9, 0x5, 0x5, 0x7, 0xc, 0x9, 0xff185019, 0x4, 0x1400, 0x8, 0x81, 0x3ff, 0x6, 0x3, 0x1, 0x8, 0xc, 0x2d6e, 0xa624, 0xbc1, 0x9, 0xfffffff9, 0x8, 0x8, 0x6, 0x1, 0xffff, 0x7, 0x7, 0x3359, 0x93, 0x0, 0x0, 0x5, 0x8, 0x2, 0x40, 0x2, 0x6, 0x8, 0x9, 0x23f8, 0x4, 0x55df, 0x3, 0x6, 0x4, 0x12fc, 0x8, 0x80000001]}, 0x45c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRESOCT, @ANYRES32=r0, @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10) (fail_nth: 1)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x3, 0x12)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x13, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
eventfd(0xa514)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1}, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={0x0, 0x0, 0x4018, r3}, 0x14)
migrate_pages(r2, 0x7, &(0x7f0000000000)=0x6, &(0x7f0000000040)=0x100000001)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:36035' (ED25519) to the list of known hosts.
[   41.725722][ T5937] cgroup: Unknown subsys name 'net'
[   41.848499][ T5937] cgroup: Unknown subsys name 'cpuset'
[   41.851593][ T5937] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.827863][ T5937] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.303249][ T5953] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.308777][ T5956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.312291][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.315023][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.317739][ T5957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.320382][ T5957] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.323565][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.325843][ T5957] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.329901][ T5957] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.333884][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.336946][ T5965] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.339635][ T5964] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   45.341856][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.348388][ T5963] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.348520][ T5962] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.351867][ T5964] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.354137][ T5963] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.355346][ T5964] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   45.358813][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.359142][ T5963] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   45.359518][ T5964] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.359579][ T5963] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.362138][ T5957] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   45.371418][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.565368][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   45.609150][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   45.663811][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   45.697734][ T5960] chnl_net:caif_netlink_parms(): no params data found
[   45.743709][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.745940][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.748312][ T5954] bridge_slave_0: entered allmulticast mode
[   45.750481][ T5954] bridge_slave_0: entered promiscuous mode
[   45.760815][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.763173][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.766345][ T5955] bridge_slave_0: entered allmulticast mode
[   45.768494][ T5955] bridge_slave_0: entered promiscuous mode
[   45.771497][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.773367][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.775257][ T5954] bridge_slave_1: entered allmulticast mode
[   45.777321][ T5954] bridge_slave_1: entered promiscuous mode
[   45.803178][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.805042][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.807039][ T5955] bridge_slave_1: entered allmulticast mode
[   45.809173][ T5955] bridge_slave_1: entered promiscuous mode
[   45.827732][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.850421][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.855551][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.920608][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.962322][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.964271][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.966741][ T5960] bridge_slave_0: entered allmulticast mode
[   45.969292][ T5960] bridge_slave_0: entered promiscuous mode
[   45.973371][ T5954] team0: Port device team_slave_0 added
[   45.982585][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.984453][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.986546][ T5950] bridge_slave_0: entered allmulticast mode
[   45.988498][ T5950] bridge_slave_0: entered promiscuous mode
[   45.990949][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.992842][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.994814][ T5950] bridge_slave_1: entered allmulticast mode
[   45.997767][ T5950] bridge_slave_1: entered promiscuous mode
[   45.999976][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.001837][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.003731][ T5960] bridge_slave_1: entered allmulticast mode
[   46.005681][ T5960] bridge_slave_1: entered promiscuous mode
[   46.009669][ T5954] team0: Port device team_slave_1 added
[   46.013049][ T5955] team0: Port device team_slave_0 added
[   46.055459][ T5955] team0: Port device team_slave_1 added
[   46.059115][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.104017][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.107949][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.111342][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.113753][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.122758][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.143870][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.147084][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.149462][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.158779][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.163217][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.165104][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.172218][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.203931][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.206591][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.214189][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.219929][ T5950] team0: Port device team_slave_0 added
[   46.223575][ T5950] team0: Port device team_slave_1 added
[   46.277610][ T5960] team0: Port device team_slave_0 added
[   46.280445][ T5960] team0: Port device team_slave_1 added
[   46.294708][ T5954] hsr_slave_0: entered promiscuous mode
[   46.297981][ T5954] hsr_slave_1: entered promiscuous mode
[   46.301084][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.303257][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.311097][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.315721][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.317900][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.325501][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.386178][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.388237][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.394592][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.400497][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.402343][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.409002][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.413390][ T5955] hsr_slave_0: entered promiscuous mode
[   46.415414][ T5955] hsr_slave_1: entered promiscuous mode
[   46.418915][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.421429][ T5955] Cannot create hsr debugfs directory
[   46.473075][ T5950] hsr_slave_0: entered promiscuous mode
[   46.475652][ T5950] hsr_slave_1: entered promiscuous mode
[   46.478022][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.480410][ T5950] Cannot create hsr debugfs directory
[   46.536885][ T5960] hsr_slave_0: entered promiscuous mode
[   46.538986][ T5960] hsr_slave_1: entered promiscuous mode
[   46.540789][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.542816][ T5960] Cannot create hsr debugfs directory
[   46.710397][ T5954] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.721190][ T5954] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.726811][ T5954] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.733796][ T5954] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   46.753609][ T5950] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   46.758411][ T5950] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   46.764210][ T5950] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   46.776838][ T5950] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   46.788761][ T5955] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   46.793749][ T5955] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   46.798964][ T5955] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   46.801994][ T5955] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   46.837412][ T5960] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   46.844755][ T5960] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   46.849802][ T5960] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   46.854104][ T5960] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   46.879532][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.902248][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   46.916120][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.919382][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.921403][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.929900][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.931780][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.951940][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   46.960257][   T70] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.962095][   T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.967527][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.979681][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.981758][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.000609][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   47.011521][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.013701][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.019987][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.032005][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.034191][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.055192][ T5960] 8021q: adding VLAN 0 to HW filter on device team0
[   47.062886][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.064739][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.068643][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.071227][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.102999][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.125491][ T5954] veth0_vlan: entered promiscuous mode
[   47.131764][ T5954] veth1_vlan: entered promiscuous mode
[   47.143171][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.157807][ T5954] veth0_macvtap: entered promiscuous mode
[   47.162277][ T5954] veth1_macvtap: entered promiscuous mode
[   47.170428][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.177096][ T5950] veth0_vlan: entered promiscuous mode
[   47.182147][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.188300][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.191856][ T5954] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.194240][ T5954] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.197465][ T5954] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.199608][ T5954] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.209397][ T5950] veth1_vlan: entered promiscuous mode
[   47.232564][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.246096][ T5950] veth0_macvtap: entered promiscuous mode
[   47.248822][ T5955] veth0_vlan: entered promiscuous mode
[   47.255373][ T5950] veth1_macvtap: entered promiscuous mode
[   47.261988][ T5955] veth1_vlan: entered promiscuous mode
[   47.267714][  T162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.270594][  T162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.285149][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.289083][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.292032][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.298352][  T162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.300872][  T162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.301870][ T5955] veth0_macvtap: entered promiscuous mode
[   47.307953][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.310671][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.313650][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.317320][ T5955] veth1_macvtap: entered promiscuous mode
[   47.334006][ T5950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.336634][ T5950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.338852][ T5950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.341062][ T5950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.345702][ T5960] veth0_vlan: entered promiscuous mode
[   47.347634][ T5954] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   47.348203][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.355459][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.358038][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.360476][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.363393][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.369456][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.372148][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.374666][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.379198][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.382866][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.393900][ T5955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.396632][ T5955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.398956][ T5955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.401264][ T5955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.405402][ T5960] veth1_vlan: entered promiscuous mode
[   47.416269][ T5957] Bluetooth: hci0: command tx timeout
[   47.426393][ T5956] Bluetooth: hci3: command tx timeout
[   47.427176][ T5298] Bluetooth: hci2: command tx timeout
[   47.428145][ T5957] Bluetooth: hci1: command tx timeout
[   47.454157][ T5960] veth0_macvtap: entered promiscuous mode
[   47.474383][ T5960] veth1_macvtap: entered promiscuous mode
[   47.482800][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.486327][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.495028][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.498045][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.500624][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.503349][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.506182][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.508921][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.512015][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.519245][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.522090][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.524632][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.527936][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.530527][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.533236][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.536441][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.545652][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.556205][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.565141][ T5960] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.568169][ T5960] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.571231][ T5960] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.574232][ T5960] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.581087][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.583176][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.588871][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.591717][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.646579][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.649381][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.670384][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.675898][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.371690][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.815929][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.819365][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.821996][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.157999][ T6039] Zero length message leads to an empty skb
[   49.166260][ T6011] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   49.236620][ T6040] Bluetooth: MGMT ver 1.23
[   49.331841][ T6011] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.336632][ T6011] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   49.340100][ T6011] usb 5-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[   49.343266][ T6011] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   49.359676][ T6011] usb 5-1: config 0 descriptor??
[   49.496004][ T5298] Bluetooth: hci2: command tx timeout
[   49.496309][ T5956] Bluetooth: hci1: command tx timeout
[   49.497410][   T65] Bluetooth: hci3: command tx timeout
[   49.497454][   T65] Bluetooth: hci0: command tx timeout
[   49.536423][ T6042] warning: `syz.3.8' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   49.695862][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   49.698146][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   50.143063][ T6042] mmap: syz.3.8 (6042) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   50.468718][ T6011] usbhid 5-1:0.0: can't add hid device: -71
[   50.471006][ T6011] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   50.486089][ T6011] usb 5-1: USB disconnect, device number 2
[   50.965975][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.255946][ T5957] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   51.516262][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.576395][ T5957] Bluetooth: hci1: command tx timeout
[   51.585871][ T5957] Bluetooth: hci2: command tx timeout
[   51.587436][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[   51.589117][ T5956] Bluetooth: hci3: command tx timeout
[   52.234540][ T6078] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.772780][ T6087] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[   52.820879][ T6087] netlink: 'syz.3.17': attribute type 10 has an invalid length.
[   52.823165][ T6087] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[   52.828243][ T6087] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   52.972883][ T6097] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21'.
[   52.978336][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.026919][ T6097] bridge_slave_1 (unregistering): left allmulticast mode
[   53.028777][ T6097] bridge_slave_1 (unregistering): left promiscuous mode
[   53.030783][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.415909][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   53.655951][ T5957] Bluetooth: hci2: command tx timeout
[   53.665901][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[   53.666067][ T5956] Bluetooth: hci3: command tx timeout
[   53.667753][ T5957] Bluetooth: hci1: command tx timeout
[   53.918816][ T6116] 9pnet_fd: Insufficient options for proto=fd
[   53.988328][ T6118] =======================================================
[   53.988328][ T6118] WARNING: The mand mount option has been deprecated and
[   53.988328][ T6118]          and is ignored by this kernel. Remove the mand
[   53.988328][ T6118]          option from the mount to silence this warning.
[   53.988328][ T6118] =======================================================
[   54.034399][ T6118] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   54.173086][ T6126] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[   55.076184][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   55.735856][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[   55.890216][ T6152] 9pnet_fd: Insufficient options for proto=fd
[   57.428012][ T6172] 9pnet_fd: Insufficient options for proto=fd
[   58.200385][ T6183] 9pnet_fd: Insufficient options for proto=fd
[   60.067036][ T6212] netlink: 4 bytes leftover after parsing attributes in process `syz.3.51'.
[   60.189373][ T6220] 9pnet_fd: Insufficient options for proto=fd
[   60.655860][ T5964] Bluetooth: hci3: command 0x0405 tx timeout
[   61.587890][ T6236] netlink: 24 bytes leftover after parsing attributes in process `syz.0.56'.
[   62.585215][ T6252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.60'.
[   62.592853][ T6252] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.621486][ T6252] bridge_slave_1 (unregistering): left allmulticast mode
[   62.623842][ T6252] bridge_slave_1 (unregistering): left promiscuous mode
[   62.625948][ T6252] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.875501][ T6260] 9pnet_fd: Insufficient options for proto=fd
[   63.269578][ T6269] netlink: 'syz.0.65': attribute type 10 has an invalid length.
[   63.272346][ T6269] netlink: 55 bytes leftover after parsing attributes in process `syz.0.65'.
[   63.289064][ T6269] team0: Port device virt_wifi0 added
[   63.522713][ T6274] veth1_macvtap: left promiscuous mode
[   63.524178][ T6274] macsec0: entered promiscuous mode
[   63.525557][ T6274] macsec0: entered allmulticast mode
[   64.116399][ T6277] netlink: 'syz.0.67': attribute type 10 has an invalid length.
[   64.121311][ T6277] netlink: 55 bytes leftover after parsing attributes in process `syz.0.67'.
[   64.157058][ T6281] process 'syz.2.68' launched './file1' with NULL argv: empty string added
[   64.190560][ T6286] netlink: 'syz.1.71': attribute type 10 has an invalid length.
[   64.192801][ T6286] netlink: 55 bytes leftover after parsing attributes in process `syz.1.71'.
[   64.206910][ T6286] team0: Port device virt_wifi0 added
[   64.303108][ T6292] 9pnet_fd: Insufficient options for proto=fd
[   64.796537][ T6301] syz.2.75: attempt to access beyond end of device
[   64.796537][ T6301] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[   64.800059][ T6301] FAT-fs (nbd2): unable to read boot sector
[   65.315694][ T6311] FAULT_INJECTION: forcing a failure.
[   65.315694][ T6311] name failslab, interval 1, probability 0, space 0, times 0
[   65.319732][ T6311] CPU: 2 UID: 0 PID: 6311 Comm: syz.3.77 Not tainted 6.13.0-rc2-syzkaller #0
[   65.322138][ T6311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.324956][ T6311] Call Trace:
[   65.325829][ T6311]  <TASK>
[   65.326629][ T6311]  dump_stack_lvl+0x16c/0x1f0
[   65.328036][ T6311]  should_fail_ex+0x497/0x5b0
[   65.329661][ T6311]  ? fs_reclaim_acquire+0xae/0x150
[   65.331020][ T6311]  should_failslab+0xc2/0x120
[   65.332264][ T6311]  __kmalloc_noprof+0xce/0x4f0
[   65.333552][ T6311]  ? __pfx_d_absolute_path+0x10/0x10
[   65.334947][ T6311]  ? tomoyo_encode2+0x100/0x3e0
[   65.336221][ T6311]  tomoyo_encode2+0x100/0x3e0
[   65.337451][ T6311]  tomoyo_realpath_from_path+0x1a7/0x710
[   65.338931][ T6311]  tomoyo_mount_acl+0x1af/0x880
[   65.340204][ T6311]  ? hlock_class+0x4e/0x130
[   65.341421][ T6311]  ? __lock_acquire+0x15a9/0x3c40
[   65.342768][ T6311]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[   65.344468][ T6311]  ? __pfx___lock_acquire+0x10/0x10
[   65.346266][ T6311]  ? stack_trace_save+0x95/0xd0
[   65.348020][ T6311]  ? __pfx_lock_release+0x10/0x10
[   65.349839][ T6311]  ? trace_lock_acquire+0x14e/0x1f0
[   65.351709][ T6311]  ? tomoyo_mount_permission+0x149/0x420
[   65.353702][ T6311]  ? lock_acquire+0x2f/0xb0
[   65.355303][ T6311]  ? tomoyo_mount_permission+0x149/0x420
[   65.357039][ T6311]  tomoyo_mount_permission+0x16e/0x420
[   65.358506][ T6311]  ? tomoyo_mount_permission+0x149/0x420
[   65.359969][ T6311]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[   65.361533][ T6311]  ? get_current_fs_domain+0x184/0x1f0
[   65.362979][ T6311]  security_sb_mount+0x9b/0x260
[   65.364295][ T6311]  path_mount+0x129/0x1f10
[   65.365501][ T6311]  ? kmem_cache_free+0x152/0x4c0
[   65.366828][ T6311]  ? __pfx_path_mount+0x10/0x10
[   65.368112][ T6311]  ? putname+0x13c/0x180
[   65.369227][ T6311]  __ia32_sys_mount+0x292/0x310
[   65.370532][ T6311]  ? __pfx___ia32_sys_mount+0x10/0x10
[   65.372060][ T6311]  __do_fast_syscall_32+0x73/0x120
[   65.373475][ T6311]  do_fast_syscall_32+0x32/0x80
[   65.374938][ T6311]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   65.376599][ T6311] RIP: 0023:0xf7f54579
[   65.377669][ T6311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   65.383412][ T6311] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000015
[   65.385649][ T6311] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 00000000200000c0
[   65.387791][ T6311] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000020000140
[   65.389914][ T6311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   65.391993][ T6311] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   65.394091][ T6311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   65.396142][ T6311]  </TASK>
[   65.415975][ T6311] ERROR: Out of memory at tomoyo_realpath_from_path.
[   66.144096][ T6336] netlink: 4 bytes leftover after parsing attributes in process `syz.0.83'.
[   66.612308][ T6343] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   66.619102][ T6343] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   67.020363][ T6356] netlink: 'syz.2.89': attribute type 1 has an invalid length.
[   67.023109][ T6356] netlink: 224 bytes leftover after parsing attributes in process `syz.2.89'.
[   67.484106][ T6369] fuse: Unknown parameter '0x0000000000000004'
[   67.753673][   T39] audit: type=1326 audit(1733757026.831:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6349 comm="syz.1.87" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7fc00000
[   67.811224][ T6379] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'.
[   68.050400][ T6387] netlink: 'syz.1.99': attribute type 10 has an invalid length.
[   68.061260][ T6387] batman_adv: batadv0: Adding interface: team0
[   68.062934][ T6387] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.069629][ T6387] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   68.086916][ T6387] netlink: 'syz.1.99': attribute type 10 has an invalid length.
[   68.089641][ T6387] netlink: 2 bytes leftover after parsing attributes in process `syz.1.99'.
[   68.092943][ T6387] team0: entered promiscuous mode
[   68.094675][ T6387] team_slave_0: entered promiscuous mode
[   68.098616][ T6387] team_slave_1: entered promiscuous mode
[   68.100896][ T6387] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[   68.107407][ T6387] 8021q: adding VLAN 0 to HW filter on device team0
[   68.110056][ T6387] batman_adv: batadv0: Interface activated: team0
[   68.112322][ T6387] batman_adv: batadv0: Interface deactivated: team0
[   68.114597][ T6387] batman_adv: batadv0: Removing interface: team0
[   68.121286][ T6387] bridge0: port 2(team0) entered blocking state
[   68.123716][ T6387] bridge0: port 2(team0) entered disabled state
[   68.126266][ T6387] team0: entered allmulticast mode
[   68.128026][ T6387] team_slave_0: entered allmulticast mode
[   68.129955][ T6387] team_slave_1: entered allmulticast mode
[   68.131920][ T6387] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[   68.136641][ T6387] bridge0: port 2(team0) entered blocking state
[   68.138825][ T6387] bridge0: port 2(team0) entered forwarding state
[   68.722926][ T6400] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   68.732449][ T6402] Driver unsupported XDP return value 0 on prog  (id 20) dev N/A, expect packet loss!
[   68.801107][ T6395] netlink: 20 bytes leftover after parsing attributes in process `syz.0.100'.
[   68.987316][ T6407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.104'.
[   69.063125][ T6413] usb 2-1: USB disconnect, device number 2
[   69.115668][ T6414] hub 2-0:1.0: USB hub found
[   69.118343][ T6414] hub 2-0:1.0: 6 ports detected
[   69.305861][   T35] usb 2-1: new high-speed USB device number 3 using ehci-pci
[   69.501271][   T35] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[   69.504587][   T35] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[   69.510552][   T35] usb 2-1: Product: QEMU USB Tablet
[   69.511932][   T35] usb 2-1: Manufacturer: QEMU
[   69.513346][   T35] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[   69.537450][   T35] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0002/input/input5
[   69.601997][   T35] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[   70.482389][ T6440] syz.1.113[6440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.482442][ T6440] syz.1.113[6440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.485401][ T6440] syz.1.113[6440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   70.707827][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[   70.712491][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[   70.929702][ T6453] infiniband syz0: set active
[   70.932011][ T6453] infiniband syz0: added bond0
[   70.943142][ T6453] RDS/IB: syz0: added
[   70.945588][ T6453] smc: adding ib device syz0 with port count 1
[   70.947717][ T6453] smc:    ib device syz0 port 1 has pnetid 
[   72.525561][ T6488] syzkaller0: entered promiscuous mode
[   72.527674][ T6488] syzkaller0: entered allmulticast mode
[   72.534899][ T6488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.542392][ T6488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.564733][ T6478] fuse: Unknown parameter 'grou00000000000000000000'
[   72.909431][ T6498] netlink: 'syz.0.128': attribute type 1 has an invalid length.
[   73.692069][ T6516] 9pnet_fd: Insufficient options for proto=fd
[   74.064010][ T6521] syz.1.135 uses obsolete (PF_INET,SOCK_PACKET)
[   74.087345][ T6521] random: crng reseeded on system resumption
[   74.432737][ T6535] FAULT_INJECTION: forcing a failure.
[   74.432737][ T6535] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   74.436176][ T6535] CPU: 1 UID: 0 PID: 6535 Comm: syz.2.141 Not tainted 6.13.0-rc2-syzkaller #0
[   74.438454][ T6535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.441250][ T6535] Call Trace:
[   74.442150][ T6535]  <TASK>
[   74.442942][ T6535]  dump_stack_lvl+0x16c/0x1f0
[   74.444181][ T6535]  should_fail_ex+0x497/0x5b0
[   74.445429][ T6535]  _copy_from_user+0x2e/0xd0
[   74.446871][ T6535]  get_compat_msghdr+0xa8/0x170
[   74.448174][ T6535]  ? __pfx_get_compat_msghdr+0x10/0x10
[   74.449628][ T6535]  ___sys_recvmsg+0x193/0x1a0
[   74.450893][ T6535]  ? __pfx____sys_recvmsg+0x10/0x10
[   74.452229][ T6535]  ? __fget_files+0x206/0x3a0
[   74.453481][ T6535]  ? __pfx___might_resched+0x10/0x10
[   74.454893][ T6535]  do_recvmmsg+0x55d/0x740
[   74.456094][ T6535]  ? __pfx_do_recvmmsg+0x10/0x10
[   74.457406][ T6535]  ? __pfx___schedule+0x10/0x10
[   74.458706][ T6535]  ? __fget_files+0x206/0x3a0
[   74.459961][ T6535]  __sys_recvmmsg+0x21e/0x280
[   74.461217][ T6535]  ? __pfx___sys_recvmmsg+0x10/0x10
[   74.462593][ T6535]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[   74.464252][ T6535]  ? lockdep_hardirqs_on+0x7c/0x110
[   74.465658][ T6535]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   74.467440][ T6535]  __do_fast_syscall_32+0x73/0x120
[   74.468775][ T6535]  do_fast_syscall_32+0x32/0x80
[   74.470066][ T6535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.471732][ T6535] RIP: 0023:0xf740e579
[   74.472823][ T6535] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.477824][ T6535] RSP: 002b:00000000f50f657c EFLAGS: 00000292 ORIG_RAX: 0000000000000151
[   74.480011][ T6535] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020002440
[   74.482212][ T6535] RDX: 00000000ffffff67 RSI: 0000000000000000 RDI: 0000000000000000
[   74.484284][ T6535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.486352][ T6535] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.488543][ T6535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.490600][ T6535]  </TASK>
[   74.491460][    C1] vkms_vblank_simulate: vblank timer overrun
[   74.594196][ T6553] capability: warning: `syz.2.146' uses deprecated v2 capabilities in a way that may be insecure
[   74.627063][ T6558] netlink: 8 bytes leftover after parsing attributes in process `syz.3.148'.
[   74.808607][ T6565] fuse: Unknown parameter 'group_i00000000000000000000'
[   74.953373][ T6566] mkiss: ax0: crc mode is auto.
[   75.057831][ T6539] orangefs_mount: mount request failed with -4
[   75.389334][ T6575] afs: Unknown parameter 'fnock'
[   75.822187][   T63] cfg80211: failed to load regulatory.db
[   75.952207][ T6592] overlayfs: missing 'workdir'
[   76.874356][ T6604] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   77.226941][ T6627] netlink: 60 bytes leftover after parsing attributes in process `syz.2.162'.
[   77.229590][ T6626] netlink: 60 bytes leftover after parsing attributes in process `syz.2.162'.
[   77.758931][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[   77.936287][ T6650] FAULT_INJECTION: forcing a failure.
[   77.936287][ T6650] name failslab, interval 1, probability 0, space 0, times 0
[   77.940801][ T6650] CPU: 3 UID: 0 PID: 6650 Comm: syz.1.167 Not tainted 6.13.0-rc2-syzkaller #0
[   77.943950][ T6650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.947528][ T6650] Call Trace:
[   77.948765][ T6650]  <TASK>
[   77.949847][ T6650]  dump_stack_lvl+0x16c/0x1f0
[   77.951311][ T6650]  should_fail_ex+0x497/0x5b0
[   77.952757][ T6650]  ? fs_reclaim_acquire+0xae/0x150
[   77.954544][ T6650]  should_failslab+0xc2/0x120
[   77.956184][ T6650]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   77.957797][ T6650]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   77.959335][ T6650]  ? ptlock_alloc+0x1f/0x70
[   77.960593][ T6650]  ptlock_alloc+0x1f/0x70
[   77.962097][ T6650]  pte_alloc_one+0x74/0x390
[   77.963460][ T6650]  __pte_alloc+0x6e/0x3b0
[   77.964617][ T6650]  ? __pfx___pte_alloc+0x10/0x10
[   77.965955][ T6650]  walk_pgd_range+0xbfd/0x1a70
[   77.967322][ T6650]  ? __pfx_guard_install_set_pte+0x10/0x10
[   77.969275][ T6650]  ? __pfx_guard_install_pte_entry+0x10/0x10
[   77.970891][ T6650]  ? mt_find+0x4c8/0xa20
[   77.972216][ T6650]  ? __pfx_guard_install_set_pte+0x10/0x10
[   77.974371][ T6650]  ? __pfx_walk_pgd_range+0x10/0x10
[   77.976287][ T6650]  __walk_page_range+0x161/0x820
[   77.978048][ T6650]  ? find_vma+0xc0/0x140
[   77.979414][ T6650]  ? __pfx_find_vma+0x10/0x10
[   77.980810][ T6650]  ? walk_page_test+0x9b/0x180
[   77.982398][ T6650]  walk_page_range_mm+0x55a/0x940
[   77.984248][ T6650]  ? __pfx_walk_page_range_mm+0x10/0x10
[   77.986295][ T6650]  ? __anon_vma_prepare+0x2e2/0x5e0
[   77.987661][ T6650]  madvise_vma_behavior+0xcac/0x1da0
[   77.989456][ T6650]  ? __pfx_madvise_vma_behavior+0x10/0x10
[   77.991560][ T6650]  ? find_vma_prev+0xdb/0x160
[   77.993307][ T6650]  ? __pfx_find_vma_prev+0x10/0x10
[   77.995191][ T6650]  ? __pfx_rwsem_read_trylock+0x10/0x10
[   77.997152][ T6650]  ? do_madvise+0x25b/0x770
[   77.999011][ T6650]  ? __pfx_madvise_vma_behavior+0x10/0x10
[   78.001110][ T6650]  madvise_walk_vmas+0x1cf/0x2c0
[   78.002939][ T6650]  ? __pfx_madvise_walk_vmas+0x10/0x10
[   78.004955][ T6650]  do_madvise+0x30e/0x770
[   78.006570][ T6650]  ? __pfx_do_madvise+0x10/0x10
[   78.008325][ T6650]  ? ksys_write+0x1ba/0x250
[   78.009991][ T6650]  ? __pfx_ksys_write+0x10/0x10
[   78.011782][ T6650]  __ia32_sys_madvise+0xa7/0x110
[   78.013614][ T6650]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   78.016013][ T6650]  __do_fast_syscall_32+0x73/0x120
[   78.017884][ T6650]  do_fast_syscall_32+0x32/0x80
[   78.019681][ T6650]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.021952][ T6650] RIP: 0023:0xf745e579
[   78.023259][ T6650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.029946][ T6650] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 00000000000000db
[   78.032949][ T6650] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000600003
[   78.035518][ T6650] RDX: 0000000000000066 RSI: 0000000000000000 RDI: 0000000000000000
[   78.037838][ T6650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.040688][ T6650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   78.042891][ T6650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.044960][ T6650]  </TASK>
[   78.193328][ T6657] FAULT_INJECTION: forcing a failure.
[   78.193328][ T6657] name failslab, interval 1, probability 0, space 0, times 0
[   78.198411][ T6657] CPU: 2 UID: 0 PID: 6657 Comm: syz.3.170 Not tainted 6.13.0-rc2-syzkaller #0
[   78.201301][ T6657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.204863][ T6657] Call Trace:
[   78.206001][ T6657]  <TASK>
[   78.207007][ T6657]  dump_stack_lvl+0x16c/0x1f0
[   78.208594][ T6657]  should_fail_ex+0x497/0x5b0
[   78.210184][ T6657]  ? fs_reclaim_acquire+0xae/0x150
[   78.211909][ T6657]  should_failslab+0xc2/0x120
[   78.213519][ T6657]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   78.215325][ T6657]  ? alloc_empty_file+0x73/0x1e0
[   78.217006][ T6657]  alloc_empty_file+0x73/0x1e0
[   78.218643][ T6657]  alloc_file_pseudo+0x13d/0x200
[   78.220322][ T6657]  ? __pfx_alloc_file_pseudo+0x10/0x10
[   78.222168][ T6657]  __anon_inode_getfile+0x136/0x3c0
[   78.223922][ T6657]  ? __pfx___anon_inode_getfile+0x10/0x10
[   78.225819][ T6657]  kvm_gmem_create+0x121/0x750
[   78.227442][ T6657]  kvm_vm_ioctl+0x503/0x3df0
[   78.229007][ T6657]  ? stack_trace_save+0x95/0xd0
[   78.230593][ T6657]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   78.232190][ T6657]  ? __pfx_mark_lock+0x10/0x10
[   78.233819][ T6657]  ? stack_depot_save_flags+0x28/0x9e0
[   78.235670][ T6657]  ? kasan_save_stack+0x42/0x60
[   78.237301][ T6657]  ? kasan_save_stack+0x33/0x60
[   78.238958][ T6657]  ? kasan_save_track+0x14/0x30
[   78.240597][ T6657]  ? kasan_save_free_info+0x3b/0x60
[   78.242351][ T6657]  ? __kasan_slab_free+0x51/0x70
[   78.244028][ T6657]  ? kfree+0x14f/0x4b0
[   78.245392][ T6657]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   78.247291][ T6657]  ? security_file_ioctl_compat+0x9b/0x240
[   78.249245][ T6657]  ? __do_compat_sys_ioctl+0x4e/0x2c0
[   78.251067][ T6657]  ? __do_fast_syscall_32+0x73/0x120
[   78.252855][ T6657]  ? do_fast_syscall_32+0x32/0x80
[   78.254508][ T6657]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.256667][ T6657]  ? kvm_arch_vm_compat_ioctl+0x2d1/0x480
[   78.258447][ T6657]  ? hlock_class+0x4e/0x130
[   78.259864][ T6657]  ? mark_lock+0xb5/0xc60
[   78.261240][ T6657]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[   78.263155][ T6657]  ? __pfx_mark_lock+0x10/0x10
[   78.264873][ T6657]  ? find_held_lock+0x2d/0x110
[   78.266437][ T6657]  ? tomoyo_path_number_perm+0x298/0x5b0
[   78.268246][ T6657]  ? __pfx_lock_release+0x10/0x10
[   78.269863][ T6657]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   78.271632][ T6657]  ? tomoyo_path_number_perm+0x190/0x5b0
[   78.273396][ T6657]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   78.275420][ T6657]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   78.277201][ T6657]  ? do_vfs_ioctl+0x513/0x1950
[   78.278463][ T6657]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   78.279788][ T6657]  kvm_vm_compat_ioctl+0x399/0x440
[   78.281116][ T6657]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   78.282586][ T6657]  ? __pfx_lock_release+0x10/0x10
[   78.283904][ T6657]  ? trace_lock_acquire+0x14e/0x1f0
[   78.285254][ T6657]  ? __fget_files+0x206/0x3a0
[   78.286492][ T6657]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   78.287939][ T6657]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   78.289307][ T6657]  __do_fast_syscall_32+0x73/0x120
[   78.290654][ T6657]  do_fast_syscall_32+0x32/0x80
[   78.291914][ T6657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.293566][ T6657] RIP: 0023:0xf7f54579
[   78.294636][ T6657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.299550][ T6657] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[   78.301690][ T6657] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c040aed4
[   78.303724][ T6657] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[   78.305745][ T6657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.307778][ T6657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   78.309799][ T6657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.311856][ T6657]  </TASK>
[   78.635901][  T835] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   78.785845][  T835] usb 8-1: Using ep0 maxpacket: 8
[   78.790441][  T835] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[   78.793323][  T835] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   78.798251][  T835] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   78.801942][  T835] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   78.804972][  T835] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   78.808954][  T835] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   78.811404][  T835] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.019418][  T835] usb 8-1: usb_control_msg returned -32
[   79.020343][ T6664] FAULT_INJECTION: forcing a failure.
[   79.020343][ T6664] name failslab, interval 1, probability 0, space 0, times 0
[   79.025124][  T835] usbtmc 8-1:16.0: can't read capabilities
[   79.032606][ T6664] CPU: 3 UID: 0 PID: 6664 Comm: syz.3.171 Not tainted 6.13.0-rc2-syzkaller #0
[   79.035044][ T6664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.037826][ T6664] Call Trace:
[   79.038720][ T6664]  <TASK>
[   79.039507][ T6664]  dump_stack_lvl+0x16c/0x1f0
[   79.040433][ T6681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.177'.
[   79.040713][ T6664]  should_fail_ex+0x497/0x5b0
[   79.044874][ T6664]  ? fs_reclaim_acquire+0xae/0x150
[   79.046223][ T6664]  should_failslab+0xc2/0x120
[   79.047453][ T6664]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   79.048852][ T6664]  ? io_submit_one+0x123/0x1da0
[   79.050135][ T6664]  io_submit_one+0x123/0x1da0
[   79.051369][ T6664]  ? __pfx_io_submit_one+0x10/0x10
[   79.052698][ T6664]  ? __might_fault+0x13b/0x190
[   79.053965][ T6664]  ? lock_acquire+0x2f/0xb0
[   79.055153][ T6664]  ? __might_fault+0xe3/0x190
[   79.056405][ T6664]  ? __ia32_compat_sys_io_submit+0x1ba/0x3a0
[   79.058080][ T6664]  __ia32_compat_sys_io_submit+0x1ba/0x3a0
[   79.059592][ T6664]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[   79.061231][ T6664]  __do_fast_syscall_32+0x73/0x120
[   79.062597][ T6664]  do_fast_syscall_32+0x32/0x80
[   79.063887][ T6664]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.065523][ T6664] RIP: 0023:0xf7f54579
[   79.066608][ T6664] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.071542][ T6664] RSP: 002b:00000000f50d657c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8
[   79.073700][ T6664] RAX: ffffffffffffffda RBX: 00000000f7f4f000 RCX: 0000000000000001
[   79.075726][ T6664] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[   79.077972][ T6664] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.080004][ T6664] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.082044][ T6664] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.084075][ T6664]  </TASK>
[   79.089981][ T5832] usb 8-1: USB disconnect, device number 2
[   79.289443][ T6699] 9pnet_fd: Insufficient options for proto=fd
[   79.600145][ T6707] netlink: 24 bytes leftover after parsing attributes in process `syz.0.185'.
[   79.647817][ T6707] QAT: failed to copy from user cfg_data.
[   79.649824][ T6707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.185'.
[   79.980559][ T6722] fuse: Unknown parameter 'group_id00000000000000000000'
[   79.991041][ T6725] netlink: 28 bytes leftover after parsing attributes in process `syz.1.192'.
[   79.993354][ T6725] netlink: 8 bytes leftover after parsing attributes in process `syz.1.192'.
[   81.021448][ T6750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.199'.
[   82.567699][ T6778] fuse: Unknown parameter 'group_id00000000000000000000'
[   82.605088][ T6784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.208'.
[   83.675278][ T6804] block device autoloading is deprecated and will be removed.
[   83.678461][ T6804] syz.2.213: attempt to access beyond end of device
[   83.678461][ T6804] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   83.979343][ T6815] netlink: 188 bytes leftover after parsing attributes in process `syz.2.218'.
[   84.000018][ T6815] 9pnet: Could not find request transport: ½!7fd
[   84.884600][ T6829] fuse: Unknown parameter 'group_id00000000000000000000'
[   86.367218][ T6855] rtc_cmos 00:05: Alarms can be up to one day in the future
[   86.669494][ T6860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   86.925986][   T63] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   87.165987][   T63] usb 5-1: Using ep0 maxpacket: 8
[   87.175480][   T63] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   87.178894][   T63] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[   87.182534][   T63] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[   87.186122][   T63] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[   87.190806][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[   87.195073][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[   87.199785][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   87.212341][   T63] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   87.216550][   T63] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[   87.219527][   T63] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[   87.224739][   T63] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[   87.229206][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[   87.234027][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[   87.239078][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   87.247604][   T63] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[   87.251365][   T63] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[   87.254558][   T63] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[   87.259485][   T63] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[   87.263892][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[   87.268612][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[   87.273019][   T63] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   87.284949][   T63] usb 5-1: string descriptor 0 read error: -22
[   87.287091][   T63] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   87.289591][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.379368][   T63] adutux 5-1:246.0: ADU100  now attached to /dev/usb/adutux0
[   87.678320][ T6866] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   87.981999][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.231'.
[   89.588761][    T9] usb 5-1: USB disconnect, device number 3
[   90.550137][ T6903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.240'.
[   90.563565][ T6904] loop6: detected capacity change from 0 to 524287999
[   90.576123][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.579277][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.584680][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.587752][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.591523][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.594535][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.597731][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.600708][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.605796][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.608903][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.612889][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.615931][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.619369][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.622375][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.625585][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.628665][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.631383][ T6904] ldm_validate_partition_table(): Disk read failed.
[   90.634519][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.637570][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   90.698132][ T6905] loop6: detected capacity change from 524287999 to 524287952
[   90.702570][ T6904]  loop6: unable to read partition table
[   90.704525][ T6904] loop_reread_partitions: partition scan of loop6 (Í¢†¨ÙÇ´8ÝCP'OÈQž=}m”=@4r„(Uk+Z—Ö 4—Ö>˜ìF¼1ã“›ÍÀù‚àÔ™Û1Œ°) failed (rc=-5)
[   90.741301][ T6907] netlink: 64 bytes leftover after parsing attributes in process `syz.0.242'.
[   93.884531][ T5964] Bluetooth: hci1: ACL packet too small
[   94.402875][ T6963] syz.0.257 (6963): /proc/6962/oom_adj is deprecated, please use /proc/6962/oom_score_adj instead.
[   95.323275][ T6979] netlink: 187320 bytes leftover after parsing attributes in process `syz.0.262'.
[   95.327035][ T6979] netlink: zone id is out of range
[   95.329043][ T6979] netlink: zone id is out of range
[   95.332742][ T6979] netlink: zone id is out of range
[   96.125427][ T6986] FAULT_INJECTION: forcing a failure.
[   96.125427][ T6986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.128980][ T6986] CPU: 1 UID: 0 PID: 6986 Comm: syz.3.264 Not tainted 6.13.0-rc2-syzkaller #0
[   96.131285][ T6986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.134065][ T6986] Call Trace:
[   96.134949][ T6986]  <TASK>
[   96.135859][ T6986]  dump_stack_lvl+0x16c/0x1f0
[   96.137094][ T6986]  should_fail_ex+0x497/0x5b0
[   96.138351][ T6986]  _copy_from_user+0x2e/0xd0
[   96.139565][ T6986]  __sys_bpf+0x215/0x57a0
[   96.140699][ T6986]  ? finish_task_switch.isra.0+0x217/0xcc0
[   96.142231][ T6986]  ? __pfx___sys_bpf+0x10/0x10
[   96.143485][ T6986]  ? __schedule+0xe60/0x5ad0
[   96.144706][ T6986]  ? fput+0x67/0x440
[   96.145729][ T6986]  ? ksys_write+0x1ba/0x250
[   96.147046][ T6986]  __ia32_sys_bpf+0x76/0xe0
[   96.148241][ T6986]  __do_fast_syscall_32+0x73/0x120
[   96.149582][ T6986]  do_fast_syscall_32+0x32/0x80
[   96.150875][ T6986]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   96.152557][ T6986] RIP: 0023:0xf7f54579
[   96.153629][ T6986] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   96.158665][ T6986] RSP: 002b:00000000f509457c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[   96.160835][ T6986] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000300
[   96.162919][ T6986] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   96.164988][ T6986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   96.167089][ T6986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   96.169250][ T6986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   96.171378][ T6986]  </TASK>
[   97.024145][ T7001] FAULT_INJECTION: forcing a failure.
[   97.024145][ T7001] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.027926][ T7001] CPU: 1 UID: 0 PID: 7001 Comm: syz.1.267 Not tainted 6.13.0-rc2-syzkaller #0
[   97.030223][ T7001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.033005][ T7001] Call Trace:
[   97.033896][ T7001]  <TASK>
[   97.034682][ T7001]  dump_stack_lvl+0x16c/0x1f0
[   97.035930][ T7001]  should_fail_ex+0x497/0x5b0
[   97.037189][ T7001]  _copy_from_iter+0x29b/0x1400
[   97.038468][ T7001]  ? trace_lock_acquire+0x14e/0x1f0
[   97.039830][ T7001]  ? __pfx__copy_from_iter+0x10/0x10
[   97.041228][ T7001]  ? __virt_addr_valid+0x1a4/0x590
[   97.042609][ T7001]  ? __virt_addr_valid+0x5e/0x590
[   97.043934][ T7001]  ? __phys_addr+0xc6/0x150
[   97.045118][ T7001]  ? __phys_addr_symbol+0x30/0x80
[   97.046462][ T7001]  ? __check_object_size+0x488/0x710
[   97.047846][ T7001]  kcm_sendmsg+0xede/0x2be0
[   97.049038][ T7001]  ? __pfx_kcm_sendmsg+0x10/0x10
[   97.050337][ T7001]  ? kasan_save_stack+0x42/0x60
[   97.051628][ T7001]  sock_sendmsg+0x369/0x410
[   97.052824][ T7001]  ? __pfx_sock_sendmsg+0x10/0x10
[   97.054143][ T7001]  ? find_held_lock+0x2d/0x110
[   97.055418][ T7001]  io_send+0x515/0x1c20
[   97.056512][ T7001]  ? __pfx_io_send+0x10/0x10
[   97.057724][ T7001]  ? __fget_files+0x206/0x3a0
[   97.058967][ T7001]  ? rcu_is_watching+0x12/0xc0
[   97.060191][ T7001]  io_issue_sqe+0x175/0x1360
[   97.061410][ T7001]  io_submit_sqes+0x951/0x25f0
[   97.062670][ T7001]  __do_sys_io_uring_enter+0xd43/0x1620
[   97.064100][ T7001]  ? __fget_files+0x206/0x3a0
[   97.065341][ T7001]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   97.066908][ T7001]  ? fput+0x67/0x440
[   97.067945][ T7001]  ? ksys_write+0x1ba/0x250
[   97.069143][ T7001]  ? __pfx_ksys_write+0x10/0x10
[   97.070427][ T7001]  __do_fast_syscall_32+0x73/0x120
[   97.071764][ T7001]  do_fast_syscall_32+0x32/0x80
[   97.073039][ T7001]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.074699][ T7001] RIP: 0023:0xf745e579
[   97.075770][ T7001] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.080725][ T7001] RSP: 002b:00000000f510457c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[   97.082887][ T7001] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000000003516
[   97.084938][ T7001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   97.086987][ T7001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.089055][ T7001] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.091124][ T7001] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.093196][ T7001]  </TASK>
[   97.382525][ T7005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'.
[   99.291964][ T7032] fuse: Bad value for 'fd'
[   99.742734][ T5957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   99.758472][ T5957] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   99.766173][ T5957] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   99.768598][ T5957] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   99.771631][ T5957] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   99.773661][ T5957] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   99.916262][ T1176] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.928868][ T7035] chnl_net:caif_netlink_parms(): no params data found
[   99.996038][   T39] audit: type=1800 audit(1733757059.071:3): pid=7044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.278" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  100.038133][ T1176] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.119838][ T7035] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.122281][ T7035] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.124663][ T7035] bridge_slave_0: entered allmulticast mode
[  100.128759][ T7035] bridge_slave_0: entered promiscuous mode
[  100.143480][ T1176] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.149301][ T7035] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.151190][ T7035] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.153183][ T7035] bridge_slave_1: entered allmulticast mode
[  100.155179][ T7035] bridge_slave_1: entered promiscuous mode
[  100.330158][ T7052] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  100.378003][ T1176] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.386142][ T7035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.391392][ T7035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.435286][ T7035] team0: Port device team_slave_0 added
[  100.438526][ T7035] team0: Port device team_slave_1 added
[  100.462058][ T7035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.463935][ T7035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.471796][ T7035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.475445][ T7035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.477508][ T7035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.494367][ T7035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.551260][ T7035] hsr_slave_0: entered promiscuous mode
[  100.554067][ T7035] hsr_slave_1: entered promiscuous mode
[  100.557240][ T7035] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  100.559784][ T7035] Cannot create hsr debugfs directory
[  100.588252][ T1176] bridge_slave_1: left allmulticast mode
[  100.590623][ T1176] bridge_slave_1: left promiscuous mode
[  100.594186][ T1176] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.607171][ T1176] bridge_slave_0: left allmulticast mode
[  100.609223][ T1176] bridge_slave_0: left promiscuous mode
[  100.612371][ T1176] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.277852][ T1176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.294728][ T1176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.306508][ T1176] bond0 (unregistering): Released all slaves
[  101.513079][ T7049] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  101.515559][ T7049] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  101.521862][ T7049] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  101.542350][ T7049] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  101.607050][ T7049] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  101.641890][ T7049] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  101.650229][ T7049] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  101.661261][ T7049] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  101.683399][ T7049] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  101.685384][ T7049] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  101.693607][ T7049] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  101.823196][ T7035] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  101.918790][ T7035] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  101.936217][ T7035] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  101.942106][ T7035] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  102.005316][ T7083] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  102.052512][ T7035] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.063948][ T7035] 8021q: adding VLAN 0 to HW filter on device team0
[  102.072612][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.074528][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.080861][ T1187] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.083303][ T1187] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.107650][ T7035] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  102.133093][ T1176] hsr_slave_0: left promiscuous mode
[  102.135073][ T1176] hsr_slave_1: left promiscuous mode
[  102.139601][ T1176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.142210][ T1176] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.148020][ T1176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.150542][ T1176] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.180287][ T1176] veth0_macvtap: left promiscuous mode
[  102.182536][ T1176] veth1_vlan: left promiscuous mode
[  102.184699][ T1176] veth0_vlan: left promiscuous mode
[  102.225912][ T5964] Bluetooth: hci0: command 0x040f tx timeout
[  102.230065][ T7049] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  102.257673][ T7122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.286'.
[  102.889476][ T1176] team0 (unregistering): Port device team_slave_1 removed
[  102.949404][ T1176] team0 (unregistering): Port device team_slave_0 removed
[  103.395225][ T7125] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.435517][ T7035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.478165][ T7147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.291'.
[  103.585872][ T5964] Bluetooth: hci1: command 0x0c1a tx timeout
[  103.666452][ T5957] Bluetooth: hci3: command 0x0405 tx timeout
[  103.683254][ T7035] veth0_vlan: entered promiscuous mode
[  103.693739][ T7035] veth1_vlan: entered promiscuous mode
[  103.725177][ T7035] veth0_macvtap: entered promiscuous mode
[  103.731243][ T7035] veth1_macvtap: entered promiscuous mode
[  103.760138][ T7164] fuse: Bad value for 'user_id'
[  103.761567][ T7164] fuse: Bad value for 'user_id'
[  103.765873][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  103.793140][ T7168] bridge0: port 3(hsr_slave_1) entered blocking state
[  103.795192][ T7168] bridge0: port 3(hsr_slave_1) entered disabled state
[  103.797804][ T7168] hsr_slave_1: entered allmulticast mode
[  103.802608][ T7168] hsr_slave_1: left allmulticast mode
[  103.826454][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.836424][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.839516][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.843023][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.897348][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.907225][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.946799][ T7035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.961925][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.965726][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.970282][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.973602][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.983521][ T7035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.988688][ T7035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.992692][ T7035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.998084][ T7035] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.000897][ T7035] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.003776][ T7035] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.008392][ T7035] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.053018][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.057493][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.068031][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.070102][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.115381][ T7179] netlink: 8 bytes leftover after parsing attributes in process `syz.4.276'.
[  104.123194][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.4.276'.
[  104.296120][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[  105.665899][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout
[  105.735906][ T5957] Bluetooth: hci3: command 0x0405 tx timeout
[  105.815859][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  105.889643][ T7251] can0: slcan on ptm0.
[  105.953156][ T7254] fuse: Bad value for 'fd'
[  105.966601][ T7251] batman_adv: batadv0: Adding interface: dummy0
[  105.968839][ T7251] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.976536][ T7251] batman_adv: batadv0: Interface activated: dummy0
[  105.983835][ T7256] batadv0: mtu less than device minimum
[  105.986235][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.989926][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.993367][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.996844][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.000958][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.005155][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.009482][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.013842][ T7256] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.366184][ T7250] can0 (unregistered): slcan off ptm0.
[  106.375960][ T5957] Bluetooth: hci0: command 0x040f tx timeout
[  106.981439][ T7287] block device autoloading is deprecated and will be removed.
[  107.775855][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout
[  107.816207][ T5957] Bluetooth: hci3: command 0x0405 tx timeout
[  107.895912][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  108.016035][ T6014] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  108.182173][ T6014] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  108.185015][ T6014] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  108.189128][ T6014] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  108.191793][ T6014] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.202953][ T7321] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  108.215633][ T6014] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  108.311101][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.4.324'.
[  108.315694][ T7330] netlink: 36 bytes leftover after parsing attributes in process `syz.4.324'.
[  108.319608][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.4.324'.
[  108.330340][ T7330] netlink: 8 bytes leftover after parsing attributes in process `syz.4.324'.
[  108.330643][ T7329] bridge_slave_1: left allmulticast mode
[  108.332630][ T7330] netlink: 36 bytes leftover after parsing attributes in process `syz.4.324'.
[  108.336919][ T7329] bridge_slave_1: left promiscuous mode
[  108.338567][ T7329] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.341728][ T7329] bridge_slave_0: left allmulticast mode
[  108.343232][ T7329] bridge_slave_0: left promiscuous mode
[  108.344785][ T7329] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.416086][    T9] usb 5-1: USB disconnect, device number 4
[  108.518244][ T7337] netlink: 28 bytes leftover after parsing attributes in process `syz.4.325'.
[  108.825925][  T144] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  108.997354][  T144] usb 9-1: config 0 has an invalid interface number: 120 but max is 0
[  109.003693][  T144] usb 9-1: config 0 has no interface number 0
[  109.008736][  T144] usb 9-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 4
[  109.012713][  T144] usb 9-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  109.017414][  T144] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.020942][  T144] usb 9-1: config 0 descriptor??
[  109.025047][  T144] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.120/input/input7
[  109.892962][ T7339] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  109.975867][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  110.272290][   T74] IPVS: starting estimator thread 0...
[  110.274414][ T7384] tipc: Started in network mode
[  110.275867][ T7384] tipc: Node identity ac1414aa, cluster identity 4711
[  110.278067][ T7384] net_ratelimit: 11 callbacks suppressed
[  110.278075][ T7384] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  110.281887][ T7384] tipc: Enabled bearer <udp:s>, priority 10
[  110.367579][ T7385] IPVS: using max 38 ests per chain, 91200 per kthread
[  110.416868][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  110.555840][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  110.696502][    C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  110.825100][ T7391] netlink: 'syz.1.335': attribute type 3 has an invalid length.
[  110.835925][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  110.963344][ T7391] overlayfs: failed to resolve './file1': -2
[  110.975898][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  111.040917][ T7396] netlink: 24 bytes leftover after parsing attributes in process `syz.0.336'.
[  111.041846][ T7397] fuse: Unknown parameter '&tQ‹É›�ÕÙ¼;RwsS5çZh
[  111.041846][ T7397] �|ËMTDYÂbyΔ}Ä'
[  111.047336][ T7396] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  111.115823][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  111.265955][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  111.407826][   T25] tipc: Node number set to 2886997162
[  111.545875][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  111.603229][ T6014] usb 9-1: USB disconnect, device number 2
[  111.815840][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  112.055893][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  112.275959][   T25] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  112.425853][   T25] usb 6-1: Using ep0 maxpacket: 8
[  112.429485][   T25] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  112.432618][   T25] usb 6-1: config 0 has no interface number 0
[  112.435356][   T25] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  112.439082][   T25] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  112.442446][   T25] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  112.446114][   T25] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  112.451156][   T25] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  112.456132][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.464023][   T25] usb 6-1: config 0 descriptor??
[  112.473150][   T25] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  113.258839][ T7442] overlay: Unknown parameter '/'
[  113.543938][   T25] usb 6-1: USB disconnect, device number 2
[  113.547287][   T25] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  114.135893][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  115.498231][ T7471] ALSA: mixer_oss: invalid OSS volume 'u'
[  115.505916][    C2] net_ratelimit: 3 callbacks suppressed
[  115.505927][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  115.608358][ T7483] mkiss: ax0: crc mode is auto.
[  115.704076][ T7489] afs: Unknown parameter '00000000000000000005'
[  115.867244][ T7501] overlayfs: maximum fs stacking depth exceeded
[  116.008976][ T7512] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  116.206725][ T5957] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  116.215974][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  116.284718][ T7526] binder: 7516:7526 ioctl 4018620d 0 returned -22
[  116.288193][ T5957] Bluetooth: hci3: unexpected event for opcode 0x0419
[  116.535846][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  116.919836][ T7531] netlink: 52 bytes leftover after parsing attributes in process `syz.3.367'.
[  117.287521][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.0.372'.
[  117.575841][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  117.985977][   T74] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  118.135950][   T74] usb 5-1: Using ep0 maxpacket: 16
[  118.138624][   T74] usb 5-1: config 0 has no interfaces?
[  118.141907][   T74] usb 5-1: New USB device found, idVendor=0b05, idProduct=1807, bcdDevice= 0.40
[  118.144808][   T74] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.147928][   T74] usb 5-1: Product: syz
[  118.149338][   T74] usb 5-1: Manufacturer: syz
[  118.150612][   T74] usb 5-1: SerialNumber: syz
[  118.153120][   T74] usb 5-1: config 0 descriptor??
[  118.297507][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  118.363769][   T62] usb 5-1: USB disconnect, device number 5
[  118.615836][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  118.843586][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.387'.
[  119.655863][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  119.877714][ T7603] FAULT_INJECTION: forcing a failure.
[  119.877714][ T7603] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.882162][ T7603] CPU: 0 UID: 0 PID: 7603 Comm: syz.4.396 Not tainted 6.13.0-rc2-syzkaller #0
[  119.884503][ T7603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.887209][ T7603] Call Trace:
[  119.888087][ T7603]  <TASK>
[  119.888892][ T7603]  dump_stack_lvl+0x16c/0x1f0
[  119.890149][ T7603]  should_fail_ex+0x497/0x5b0
[  119.891693][ T7603]  _copy_from_user+0x2e/0xd0
[  119.893326][ T7603]  tipc_setsockopt+0x362/0xe80
[  119.894627][ T7603]  ? __pfx_tipc_setsockopt+0x10/0x10
[  119.895996][ T7603]  ? ksys_write+0x191/0x250
[  119.897328][ T7603]  ? find_held_lock+0x2d/0x110
[  119.898716][ T7603]  ? __pfx_tipc_setsockopt+0x10/0x10
[  119.900085][ T7603]  do_sock_setsockopt+0x222/0x480
[  119.901424][ T7603]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  119.902872][ T7603]  ? lock_acquire+0x2f/0xb0
[  119.904265][ T7603]  __sys_setsockopt+0x1a0/0x230
[  119.905868][ T7603]  __ia32_sys_setsockopt+0xbc/0x160
[  119.907670][ T7603]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.909338][ T7603]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  119.911210][ T7603]  __do_fast_syscall_32+0x73/0x120
[  119.912936][ T7603]  do_fast_syscall_32+0x32/0x80
[  119.914429][ T7603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.916149][ T7603] RIP: 0023:0xf7f01579
[  119.917355][ T7603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.922634][ T7603] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  119.925141][ T7603] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000010f
[  119.927574][ T7603] RDX: 000000000000008a RSI: 0000000020000040 RDI: 0000000000000004
[  119.930449][ T7603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.933264][ T7603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.936129][ T7603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.939060][ T7603]  </TASK>
[  120.014741][ T7607] FAULT_INJECTION: forcing a failure.
[  120.014741][ T7607] name failslab, interval 1, probability 0, space 0, times 0
[  120.018131][ T7607] CPU: 2 UID: 0 PID: 7607 Comm: syz.4.398 Not tainted 6.13.0-rc2-syzkaller #0
[  120.020407][ T7607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.023186][ T7607] Call Trace:
[  120.024058][ T7607]  <TASK>
[  120.024842][ T7607]  dump_stack_lvl+0x16c/0x1f0
[  120.026100][ T7607]  should_fail_ex+0x497/0x5b0
[  120.027349][ T7607]  ? fs_reclaim_acquire+0xae/0x150
[  120.028678][ T7607]  should_failslab+0xc2/0x120
[  120.029948][ T7607]  __kmalloc_noprof+0xce/0x4f0
[  120.031206][ T7607]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  120.032675][ T7607]  ? tomoyo_realpath_from_path+0xbf/0x710
[  120.034164][ T7607]  tomoyo_realpath_from_path+0xbf/0x710
[  120.035995][ T7607]  ? tomoyo_path_number_perm+0x235/0x5b0
[  120.037740][ T7607]  tomoyo_path_number_perm+0x248/0x5b0
[  120.039158][ T7607]  ? tomoyo_path_number_perm+0x235/0x5b0
[  120.040623][ T7607]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  120.042207][ T7607]  ? __pfx_lock_release+0x10/0x10
[  120.043503][ T7607]  ? trace_lock_acquire+0x14e/0x1f0
[  120.044847][ T7607]  ? lock_acquire+0x2f/0xb0
[  120.046061][ T7607]  ? __fget_files+0x40/0x3a0
[  120.047324][ T7607]  ? __fget_files+0x206/0x3a0
[  120.048590][ T7607]  security_file_ioctl_compat+0x9b/0x240
[  120.050065][ T7607]  __do_compat_sys_ioctl+0x4e/0x2c0
[  120.051412][ T7607]  __do_fast_syscall_32+0x73/0x120
[  120.052714][ T7607]  do_fast_syscall_32+0x32/0x80
[  120.053842][ T7607]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  120.055371][ T7607] RIP: 0023:0xf7f01579
[  120.056417][ T7607] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  120.061387][ T7607] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  120.063527][ T7607] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040045108
[  120.065540][ T7607] RDX: 0000000020001b80 RSI: 0000000000000000 RDI: 0000000000000000
[  120.067620][ T7607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  120.069655][ T7607] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  120.071704][ T7607] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  120.073855][ T7607]  </TASK>
[  120.075127][ T7607] ERROR: Out of memory at tomoyo_realpath_from_path.
[  120.101810][ T7609] FAULT_INJECTION: forcing a failure.
[  120.101810][ T7609] name failslab, interval 1, probability 0, space 0, times 0
[  120.111422][ T7609] CPU: 0 UID: 0 PID: 7609 Comm: syz.4.399 Not tainted 6.13.0-rc2-syzkaller #0
[  120.114121][ T7609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.117170][ T7609] Call Trace:
[  120.118380][ T7609]  <TASK>
[  120.119177][ T7609]  dump_stack_lvl+0x16c/0x1f0
[  120.120454][ T7609]  should_fail_ex+0x497/0x5b0
[  120.121646][ T7609]  ? fs_reclaim_acquire+0xae/0x150
[  120.123008][ T7609]  should_failslab+0xc2/0x120
[  120.124243][ T7609]  __kmalloc_noprof+0xce/0x4f0
[  120.125494][ T7609]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  120.127071][ T7609]  ? tomoyo_realpath_from_path+0xbf/0x710
[  120.129011][ T7609]  tomoyo_realpath_from_path+0xbf/0x710
[  120.130543][ T7609]  ? tomoyo_path_number_perm+0x235/0x5b0
[  120.132085][ T7609]  tomoyo_path_number_perm+0x248/0x5b0
[  120.133535][ T7609]  ? tomoyo_path_number_perm+0x235/0x5b0
[  120.135117][ T7609]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  120.136768][ T7609]  ? __pfx_lock_release+0x10/0x10
[  120.138288][ T7609]  ? trace_lock_acquire+0x14e/0x1f0
[  120.139655][ T7609]  ? lock_acquire+0x2f/0xb0
[  120.140917][ T7609]  ? __fget_files+0x40/0x3a0
[  120.142157][ T7609]  ? __fget_files+0x206/0x3a0
[  120.143494][ T7609]  security_file_ioctl_compat+0x9b/0x240
[  120.144952][ T7609]  __do_compat_sys_ioctl+0x4e/0x2c0
[  120.146544][ T7609]  __do_fast_syscall_32+0x73/0x120
[  120.148121][ T7609]  do_fast_syscall_32+0x32/0x80
[  120.149692][ T7609]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  120.151657][ T7609] RIP: 0023:0xf7f01579
[  120.152947][ T7609] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  120.158991][ T7609] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  120.161542][ T7609] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b66
[  120.163943][ T7609] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  120.166375][ T7609] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  120.168871][ T7609] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  120.171273][ T7609] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  120.173696][ T7609]  </TASK>
[  120.177050][ T7609] ERROR: Out of memory at tomoyo_realpath_from_path.
[  120.219726][ T7611] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  120.339754][ T7614] input: syz0 as /devices/virtual/input/input8
[  120.695943][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  121.660529][   T39] audit: type=1326 audit(1733757080.741:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.4.412" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x0
[  121.735832][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  122.366961][ T7673] syzkaller1: entered promiscuous mode
[  122.369091][ T7673] syzkaller1: entered allmulticast mode
[  122.372269][ T7675] syzkaller1: entered promiscuous mode
[  122.372614][ T7673] FAULT_INJECTION: forcing a failure.
[  122.372614][ T7673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.374275][ T7675] syzkaller1: entered allmulticast mode
[  122.380204][ T7673] CPU: 1 UID: 0 PID: 7673 Comm: syz.0.419 Not tainted 6.13.0-rc2-syzkaller #0
[  122.383223][ T7673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.386800][ T7673] Call Trace:
[  122.387759][ T7673]  <TASK>
[  122.388532][ T7673]  dump_stack_lvl+0x16c/0x1f0
[  122.389773][ T7673]  should_fail_ex+0x497/0x5b0
[  122.391239][ T7673]  _copy_from_iter+0x29b/0x1400
[  122.392881][ T7673]  ? __pfx__copy_from_iter+0x10/0x10
[  122.394708][ T7673]  ? hlock_class+0x4e/0x130
[  122.396276][ T7673]  ? __lock_acquire+0xcc5/0x3c40
[  122.397989][ T7673]  tun_get_user+0x241/0x3e30
[  122.399533][ T7673]  ? find_held_lock+0x2d/0x110
[  122.401088][ T7673]  ? __pfx_tun_get_user+0x10/0x10
[  122.402796][ T7673]  ? find_held_lock+0x2d/0x110
[  122.404427][ T7673]  ? __pfx_lock_release+0x10/0x10
[  122.406173][ T7673]  tun_chr_write_iter+0xdc/0x210
[  122.407837][ T7673]  vfs_write+0x5ae/0x1150
[  122.409302][ T7673]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  122.411190][ T7673]  ? __pfx_vfs_write+0x10/0x10
[  122.412840][ T7673]  ? __fget_files+0x40/0x3a0
[  122.414467][ T7673]  ksys_write+0x12b/0x250
[  122.415937][ T7673]  ? __pfx_ksys_write+0x10/0x10
[  122.417600][ T7673]  __do_fast_syscall_32+0x73/0x120
[  122.419342][ T7673]  do_fast_syscall_32+0x32/0x80
[  122.420992][ T7673]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.423129][ T7673] RIP: 0023:0xf743e579
[  122.424510][ T7673] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.430914][ T7673] RSP: 002b:00000000f512657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  122.433723][ T7673] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  122.436894][ T7673] RDX: 000000000000007a RSI: 0000000000000000 RDI: 0000000000000000
[  122.439685][ T7673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  122.441991][ T7679] trusted_key: encrypted_key: master key parameter 'acryptfs' is invalid
[  122.442465][ T7673] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.442480][ T7673] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.450091][ T7673]  </TASK>
[  122.733569][ T5957] Bluetooth: hci0: unexpected event for opcode 0x0405
[  122.785890][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  123.331610][ T7679] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  123.339996][ T7679] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  123.344356][ T7679] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  123.348396][ T7679] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  123.364980][ T7679] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  123.825885][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  123.958991][ T7695] random: crng reseeded on system resumption
[  124.007754][ T7695] 9pnet_fd: Insufficient options for proto=fd
[  124.229592][ T7708] netlink: 4 bytes leftover after parsing attributes in process `syz.0.431'.
[  124.625903][   T74] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  124.805874][   T74] usb 5-1: Invalid ep0 maxpacket: 16
[  124.855974][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  124.935852][   T74] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  125.095974][   T74] usb 5-1: Invalid ep0 maxpacket: 16
[  125.098100][   T74] usb usb5-port1: attempt power cycle
[  125.426045][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout
[  125.427147][ T5964] Bluetooth: hci2: command 0x041b tx timeout
[  125.427164][ T5956] Bluetooth: hci3: command 0x0405 tx timeout
[  125.895877][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  125.938516][   T74] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[  125.957969][   T74] usb 5-1: Invalid ep0 maxpacket: 16
[  126.105997][   T74] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  126.126443][   T74] usb 5-1: Invalid ep0 maxpacket: 16
[  126.128585][   T74] usb usb5-port1: unable to enumerate USB device
[  126.499699][ T7757] 9pnet_fd: Insufficient options for proto=fd
[  126.816161][ T5964] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  126.819193][ T5964] Bluetooth: hci0: Injecting HCI hardware error event
[  126.823834][ T5964] Bluetooth: hci0: hardware error 0x00
[  126.935862][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  127.210699][ T7761] FAULT_INJECTION: forcing a failure.
[  127.210699][ T7761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.215311][ T7761] CPU: 1 UID: 0 PID: 7761 Comm: syz.1.442 Not tainted 6.13.0-rc2-syzkaller #0
[  127.218466][ T7761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.222232][ T7761] Call Trace:
[  127.223447][ T7761]  <TASK>
[  127.224494][ T7761]  dump_stack_lvl+0x16c/0x1f0
[  127.226447][ T7761]  should_fail_ex+0x497/0x5b0
[  127.228062][ T7761]  _copy_from_user+0x2e/0xd0
[  127.229751][ T7761]  get_compat_msghdr+0xa8/0x170
[  127.231456][ T7761]  ? __pfx_get_compat_msghdr+0x10/0x10
[  127.233387][ T7761]  ___sys_sendmsg+0x1b0/0x1e0
[  127.235089][ T7761]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.236952][ T7761]  ? __pfx_lock_release+0x10/0x10
[  127.238613][ T7761]  ? trace_lock_acquire+0x14e/0x1f0
[  127.240547][ T7761]  ? __fget_files+0x206/0x3a0
[  127.242309][ T7761]  __sys_sendmsg+0x16e/0x220
[  127.244063][ T7761]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.245976][ T7761]  __do_fast_syscall_32+0x73/0x120
[  127.247907][ T7761]  do_fast_syscall_32+0x32/0x80
[  127.249349][ T7761]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  127.251579][ T7761] RIP: 0023:0xf745e579
[  127.253068][ T7761] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  127.260063][ T7761] RSP: 002b:00000000f514657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  127.262833][ T7761] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001080
[  127.265272][ T7761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.267894][ T7761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  127.270152][ T7761] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  127.272252][ T7761] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  127.274900][ T7761]  </TASK>
[  127.710701][ T7784] netlink: 'syz.0.449': attribute type 1 has an invalid length.
[  127.975797][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  127.986199][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.1.452'.
[  128.383340][   T39] audit: type=1326 audit(1733757087.461:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.391849][   T39] audit: type=1326 audit(1733757087.461:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.399355][   T39] audit: type=1326 audit(1733757087.461:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.406692][  T144] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  128.410448][   T39] audit: type=1326 audit(1733757087.461:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.418122][   T39] audit: type=1326 audit(1733757087.461:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.425345][   T39] audit: type=1326 audit(1733757087.461:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.432897][   T39] audit: type=1326 audit(1733757087.461:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.440382][   T39] audit: type=1326 audit(1733757087.461:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.448054][   T39] audit: type=1326 audit(1733757087.461:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.455568][   T39] audit: type=1326 audit(1733757087.461:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7779 comm="syz.3.447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7fc00000
[  128.543079][ T7809] overlayfs: failed to resolve './file0': -2
[  128.570421][ T7809] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  128.582184][  T144] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  128.587025][  T144] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  128.591754][  T144] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  128.594769][  T144] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.602880][ T7801] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  128.608163][  T144] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  128.675349][ T7787] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.807598][ T7801] mmap: syz.1.453 (7801): VmData 37376000 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data.
[  128.812082][ T7801] program syz.1.453 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  128.816489][ T6014] usb 6-1: USB disconnect, device number 3
[  128.855900][ T5964] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  129.025853][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  129.377357][ T7812] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  129.379644][ T7812] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  129.381772][ T7812] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  129.527188][ T7841] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  129.677880][ T7847] FAULT_INJECTION: forcing a failure.
[  129.677880][ T7847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.682025][ T7847] CPU: 0 UID: 0 PID: 7847 Comm: syz.4.465 Not tainted 6.13.0-rc2-syzkaller #0
[  129.684639][ T7847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.687412][ T7847] Call Trace:
[  129.688285][ T7847]  <TASK>
[  129.689068][ T7847]  dump_stack_lvl+0x16c/0x1f0
[  129.690319][ T7847]  should_fail_ex+0x497/0x5b0
[  129.691547][ T7847]  _copy_from_iter+0x29b/0x1400
[  129.692856][ T7847]  ? __pfx__copy_from_iter+0x10/0x10
[  129.694305][ T7847]  ? hlock_class+0x4e/0x130
[  129.695544][ T7847]  ? __lock_acquire+0xcc5/0x3c40
[  129.696834][ T7847]  tun_get_user+0x241/0x3e30
[  129.698056][ T7847]  ? find_held_lock+0x2d/0x110
[  129.699333][ T7847]  ? __pfx_tun_get_user+0x10/0x10
[  129.700935][ T7847]  ? find_held_lock+0x2d/0x110
[  129.702210][ T7847]  ? __pfx_lock_release+0x10/0x10
[  129.703555][ T7847]  tun_chr_write_iter+0xdc/0x210
[  129.705057][ T7847]  vfs_write+0x5ae/0x1150
[  129.706202][ T7847]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  129.707653][ T7847]  ? __pfx_vfs_write+0x10/0x10
[  129.709062][ T7847]  ? __fget_files+0x40/0x3a0
[  129.710132][ T7847]  ksys_write+0x12b/0x250
[  129.711233][ T7847]  ? __pfx_ksys_write+0x10/0x10
[  129.712521][ T7847]  __do_fast_syscall_32+0x73/0x120
[  129.713937][ T7847]  do_fast_syscall_32+0x32/0x80
[  129.715355][ T7847]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  129.716982][ T7847] RIP: 0023:0xf7f01579
[  129.718112][ T7847] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  129.723042][ T7847] RSP: 002b:00000000f508657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  129.725166][ T7847] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240
[  129.727778][ T7847] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  129.729874][ T7847] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  129.731937][ T7847] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  129.734118][ T7847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  129.736872][ T7847]  </TASK>
[  130.065831][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  130.339882][ T7864] FAULT_INJECTION: forcing a failure.
[  130.339882][ T7864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.345579][ T7864] CPU: 3 UID: 0 PID: 7864 Comm: syz.0.471 Not tainted 6.13.0-rc2-syzkaller #0
[  130.348476][ T7864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.351964][ T7864] Call Trace:
[  130.353057][ T7864]  <TASK>
[  130.354007][ T7864]  dump_stack_lvl+0x16c/0x1f0
[  130.355531][ T7864]  should_fail_ex+0x497/0x5b0
[  130.357049][ T7864]  _copy_to_user+0x32/0xd0
[  130.358497][ T7864]  simple_read_from_buffer+0xd0/0x160
[  130.360251][ T7864]  proc_fail_nth_read+0x198/0x270
[  130.361931][ T7864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.363775][ T7864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.365615][ T7864]  vfs_read+0x1df/0xbe0
[  130.366998][ T7864]  ? __fget_files+0x1fc/0x3a0
[  130.368542][ T7864]  ? __pfx___mutex_lock+0x10/0x10
[  130.370203][ T7864]  ? __pfx_vfs_read+0x10/0x10
[  130.371745][ T7864]  ? __fget_files+0x206/0x3a0
[  130.373329][ T7864]  ksys_read+0x12b/0x250
[  130.374692][ T7864]  ? __pfx_ksys_read+0x10/0x10
[  130.376261][ T7864]  __do_fast_syscall_32+0x73/0x120
[  130.377960][ T7864]  do_fast_syscall_32+0x32/0x80
[  130.379578][ T7864]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.381674][ T7864] RIP: 0023:0xf743e579
[  130.383028][ T7864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.389262][ T7864] RSP: 002b:00000000f51265b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  130.392008][ T7864] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5126620
[  130.394516][ T7864] RDX: 000000000000000f RSI: 00000000f7430ff4 RDI: 0000000000000000
[  130.397075][ T7864] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  130.399611][ T7864] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  130.402209][ T7864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.404812][ T7864]  </TASK>
[  130.786596][ T5957] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.843845][ T5957] Bluetooth: hci1: unexpected event for opcode 0x080b
[  131.092004][ T7882] trusted_key: encrypted_key: master key parameter 'acryptfs' is invalid
[  131.095971][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  131.218570][ T7882] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  131.220383][ T7882] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  131.223461][ T7882] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  132.136069][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  132.149033][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  132.151474][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  133.003781][ T7892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  133.175849][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  133.256047][ T5957] Bluetooth: hci2: command 0x041b tx timeout
[  133.258180][ T5957] Bluetooth: hci3: command 0x0405 tx timeout
[  133.258809][ T5964] Bluetooth: hci1: command 0x0c1a tx timeout
[  133.658957][ T7932] FAULT_INJECTION: forcing a failure.
[  133.658957][ T7932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.662527][ T7932] CPU: 1 UID: 0 PID: 7932 Comm: syz.4.487 Not tainted 6.13.0-rc2-syzkaller #0
[  133.664872][ T7932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.667663][ T7932] Call Trace:
[  133.668548][ T7932]  <TASK>
[  133.669357][ T7932]  dump_stack_lvl+0x16c/0x1f0
[  133.670628][ T7932]  should_fail_ex+0x497/0x5b0
[  133.672094][ T7932]  _copy_from_user+0x2e/0xd0
[  133.673559][ T7932]  move_addr_to_kernel+0x68/0x160
[  133.674896][ T7932]  __sys_connect+0xb0/0x170
[  133.676084][ T7932]  ? __pfx___sys_connect+0x10/0x10
[  133.677422][ T7932]  ? __pfx_ksys_write+0x10/0x10
[  133.678715][ T7932]  __ia32_sys_connect+0x71/0xb0
[  133.679987][ T7932]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  133.681672][ T7932]  __do_fast_syscall_32+0x73/0x120
[  133.683322][ T7932]  do_fast_syscall_32+0x32/0x80
[  133.684722][ T7932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  133.686381][ T7932] RIP: 0023:0xf7f01579
[  133.687462][ T7932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  133.692278][ T7932] RSP: 002b:00000000f504457c EFLAGS: 00000292 ORIG_RAX: 000000000000016a
[  133.694469][ T7932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  133.696547][ T7932] RDX: 000000000000002e RSI: 0000000000000000 RDI: 0000000000000000
[  133.698686][ T7932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  133.700801][ T7932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  133.702856][ T7932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  133.704991][ T7932]  </TASK>
[  134.213765][ T7940] kvm: kvm [7939]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000004a) = 0x0
[  134.215909][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  134.515243][ T7947] FAULT_INJECTION: forcing a failure.
[  134.515243][ T7947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.516415][ T7947] 
[  134.516422][ T7947] ======================================================
[  134.516425][ T7947] WARNING: possible circular locking dependency detected
[  134.516428][ T7947] 6.13.0-rc2-syzkaller #0 Not tainted
[  134.516433][ T7947] ------------------------------------------------------
[  134.516435][ T7947] syz.4.492/7947 is trying to acquire lock:
[  134.516440][ T7947] ffffffff8dcc7d40 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  134.516466][ T7947] 
[  134.516466][ T7947] but task is already holding lock:
[  134.516468][ T7947] ffff88802b43ed18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  134.516505][ T7947] 
[  134.516505][ T7947] which lock already depends on the new lock.
[  134.516505][ T7947] 
[  134.516510][ T7947] 
[  134.516510][ T7947] the existing dependency chain (in reverse order) is:
[  134.516514][ T7947] 
[  134.516514][ T7947] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  134.516533][ T7947]        _raw_spin_lock_nested+0x31/0x40
[  134.516556][ T7947]        raw_spin_rq_lock_nested+0x29/0x130
[  134.516570][ T7947]        task_rq_lock+0xcf/0x3b0
[  134.516577][ T7947]        cgroup_move_task+0x82/0x250
[  134.516589][ T7947]        css_set_move_task+0x288/0x5f0
[  134.516602][ T7947]        cgroup_post_fork+0x1c6/0x910
[  134.516611][ T7947]        copy_process+0x578d/0x6f20
[  134.516621][ T7947]        kernel_clone+0xfd/0x960
[  134.516631][ T7947]        user_mode_thread+0xb4/0xf0
[  134.516640][ T7947]        rest_init+0x23/0x2b0
[  134.516652][ T7947]        start_kernel+0x3e4/0x4d0
[  134.516668][ T7947]        x86_64_start_reservations+0x18/0x30
[  134.516684][ T7947]        x86_64_start_kernel+0xb2/0xc0
[  134.516699][ T7947]        common_startup_64+0x13e/0x148
[  134.516715][ T7947] 
[  134.516715][ T7947] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  134.516729][ T7947]        _raw_spin_lock_irqsave+0x3a/0x60
[  134.516741][ T7947]        try_to_wake_up+0xb6/0x1490
[  134.516749][ T7947]        __wake_up_common+0x131/0x1e0
[  134.516761][ T7947]        __wake_up+0x31/0x60
[  134.516780][ T7947]        tty_port_default_wakeup+0x2a/0x40
[  134.516801][ T7947]        serial8250_tx_chars+0x68e/0x860
[  134.516821][ T7947]        serial8250_handle_irq+0x74d/0xc80
[  134.516836][ T7947]        serial8250_default_handle_irq+0x9a/0x210
[  134.516848][ T7947]        serial8250_interrupt+0x103/0x210
[  134.516856][ T7947]        __handle_irq_event_percpu+0x229/0x7d0
[  134.516866][ T7947]        handle_irq_event+0xab/0x1e0
[  134.516876][ T7947]        handle_edge_irq+0x263/0xd10
[  134.516885][ T7947]        __common_interrupt+0xdf/0x250
[  134.516897][ T7947]        common_interrupt+0xba/0xe0
[  134.516908][ T7947]        asm_common_interrupt+0x26/0x40
[  134.516919][ T7947]        default_idle+0xf/0x20
[  134.516928][ T7947]        default_idle_call+0x6d/0xb0
[  134.516943][ T7947]        do_idle+0x329/0x3f0
[  134.516964][ T7947]        cpu_startup_entry+0x4f/0x60
[  134.516984][ T7947]        start_secondary+0x222/0x2b0
[  134.517006][ T7947]        common_startup_64+0x13e/0x148
[  134.517015][ T7947] 
[  134.517015][ T7947] -> #2 (&tty->write_wait){-...}-{3:3}:
[  134.517027][ T7947]        _raw_spin_lock_irqsave+0x3a/0x60
[  134.517040][ T7947]        __wake_up+0x1c/0x60
[  134.517051][ T7947]        tty_port_default_wakeup+0x2a/0x40
[  134.517062][ T7947]        serial8250_tx_chars+0x68e/0x860
[  134.517073][ T7947]        __start_tx+0x3e9/0x4a0
[  134.517084][ T7947]        serial8250_start_tx+0x363/0x530
[  134.517096][ T7947]        __uart_start+0x292/0x4c0
[  134.517104][ T7947]        uart_write+0x218/0xb30
[  134.517115][ T7947]        n_tty_write+0x419/0x1140
[  134.517136][ T7947]        file_tty_write.constprop.0+0x506/0x9a0
[  134.517154][ T7947]        redirected_tty_write+0xcc/0x140
[  134.517171][ T7947]        vfs_write+0x5ae/0x1150
[  134.517187][ T7947]        ksys_write+0x12b/0x250
[  134.517195][ T7947]        do_syscall_64+0xcd/0x250
[  134.517209][ T7947]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.517219][ T7947] 
[  134.517219][ T7947] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  134.517235][ T7947]        _raw_spin_lock_irqsave+0x3a/0x60
[  134.517256][ T7947]        serial8250_console_write+0xb56/0x17c0
[  134.517278][ T7947]        console_flush_all+0x803/0xc60
[  134.517294][ T7947]        console_unlock+0xd9/0x210
[  134.517304][ T7947]        vprintk_emit+0x41b/0x6f0
[  134.517314][ T7947]        vprintk+0x7f/0xa0
[  134.517323][ T7947]        _printk+0xc8/0x100
[  134.517330][ T7947]        register_console+0xbfd/0x1170
[  134.517348][ T7947]        univ8250_console_init+0x5f/0x90
[  134.517369][ T7947]        console_init+0x154/0x690
[  134.517384][ T7947]        start_kernel+0x29a/0x4d0
[  134.517399][ T7947]        x86_64_start_reservations+0x18/0x30
[  134.517410][ T7947]        x86_64_start_kernel+0xb2/0xc0
[  134.517418][ T7947]        common_startup_64+0x13e/0x148
[  134.517459][ T7947] 
[  134.517459][ T7947] -> #0 (console_owner){-.-.}-{0:0}:
[  134.517477][ T7947]        __lock_acquire+0x249e/0x3c40
[  134.517499][ T7947]        lock_acquire.part.0+0x11b/0x380
[  134.517512][ T7947]        console_lock_spinning_enable+0xb0/0xd0
[  134.517528][ T7947]        console_flush_all+0x7ac/0xc60
[  134.517544][ T7947]        console_unlock+0xd9/0x210
[  134.517556][ T7947]        vprintk_emit+0x41b/0x6f0
[  134.517566][ T7947]        vprintk+0x7f/0xa0
[  134.517575][ T7947]        _printk+0xc8/0x100
[  134.517582][ T7947]        should_fail_ex+0x46c/0x5b0
[  134.517592][ T7947]        strncpy_from_user+0x3b/0x2d0
[  134.517601][ T7947]        strncpy_from_user_nofault+0x7f/0x180
[  134.517612][ T7947]        bpf_probe_read_user_str+0x26/0x70
[  134.517623][ T7947]        bpf_prog_b1bc9f7c1f89903c+0x41/0x43
[  134.517631][ T7947]        bpf_trace_run4+0x245/0x5a0
[  134.517651][ T7947]        __traceiter_sched_switch+0x6c/0xc0
[  134.517672][ T7947]        __schedule+0x1b71/0x5ad0
[  134.517684][ T7947]        schedule+0xe7/0x350
[  134.517696][ T7947]        syscall_exit_to_user_mode+0xf5/0x2a0
[  134.517708][ T7947]        __do_fast_syscall_32+0x80/0x120
[  134.517717][ T7947]        do_fast_syscall_32+0x32/0x80
[  134.517727][ T7947]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.517741][ T7947] 
[  134.517741][ T7947] other info that might help us debug this:
[  134.517741][ T7947] 
[  134.517745][ T7947] Chain exists of:
[  134.517745][ T7947]   console_owner --> &p->pi_lock --> &rq->__lock
[  134.517745][ T7947] 
[  134.517765][ T7947]  Possible unsafe locking scenario:
[  134.517765][ T7947] 
[  134.517769][ T7947]        CPU0                    CPU1
[  134.517773][ T7947]        ----                    ----
[  134.517777][ T7947]   lock(&rq->__lock);
[  134.517785][ T7947]                                lock(&p->pi_lock);
[  134.517795][ T7947]                                lock(&rq->__lock);
[  134.517805][ T7947]   lock(console_owner);
[  134.517812][ T7947] 
[  134.517812][ T7947]  *** DEADLOCK ***
[  134.517812][ T7947] 
[  134.517814][ T7947] 4 locks held by syz.4.492/7947:
[  134.517820][ T7947]  #0: ffff88802b43ed18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  134.517844][ T7947]  #1: ffffffff8ddba940 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1d6/0x5a0
[  134.517867][ T7947]  #2: ffffffff8dda8180 (console_lock){+.+.}-{0:0}, at: vprintk+0x7f/0xa0
[  134.517888][ T7947]  #3: ffffffff8dda81f0 (console_srcu){....}-{0:0}, at: console_flush_all+0x159/0xc60
[  134.517908][ T7947] 
[  134.517908][ T7947] stack backtrace:
[  134.517912][ T7947] CPU: 1 UID: 0 PID: 7947 Comm: syz.4.492 Not tainted 6.13.0-rc2-syzkaller #0
[  134.517922][ T7947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.517928][ T7947] Call Trace:
[  134.517931][ T7947]  <TASK>
[  134.517934][ T7947]  dump_stack_lvl+0x116/0x1f0
[  134.517945][ T7947]  print_circular_bug+0x41c/0x610
[  134.517960][ T7947]  check_noncircular+0x31a/0x400
[  134.517973][ T7947]  ? __pfx_check_noncircular+0x10/0x10
[  134.517991][ T7947]  ? lockdep_lock+0xc6/0x200
[  134.518009][ T7947]  ? __pfx_lockdep_lock+0x10/0x10
[  134.518020][ T7947]  __lock_acquire+0x249e/0x3c40
[  134.518036][ T7947]  ? __pfx___lock_acquire+0x10/0x10
[  134.518050][ T7947]  lock_acquire.part.0+0x11b/0x380
[  134.518058][ T7947]  ? console_lock_spinning_enable+0x9f/0xd0
[  134.518069][ T7947]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  134.518081][ T7947]  ? rcu_is_watching+0x12/0xc0
[  134.518099][ T7947]  ? trace_lock_acquire+0x14e/0x1f0
[  134.518117][ T7947]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  134.518126][ T7947]  ? console_lock_spinning_enable+0x9f/0xd0
[  134.518139][ T7947]  ? lock_acquire+0x2f/0xb0
[  134.518152][ T7947]  ? console_lock_spinning_enable+0x9f/0xd0
[  134.518170][ T7947]  console_lock_spinning_enable+0xb0/0xd0
[  134.518183][ T7947]  ? console_lock_spinning_enable+0x9f/0xd0
[  134.518193][ T7947]  console_flush_all+0x7ac/0xc60
[  134.518208][ T7947]  ? __pfx_console_flush_all+0x10/0x10
[  134.518220][ T7947]  ? printk_percpu_data_ready+0x9/0x20
[  134.518229][ T7947]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  134.518242][ T7947]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  134.518252][ T7947]  console_unlock+0xd9/0x210
[  134.518262][ T7947]  ? __pfx_console_unlock+0x10/0x10
[  134.518272][ T7947]  ? lock_acquire+0x2f/0xb0
[  134.518280][ T7947]  ? vprintk+0x7f/0xa0
[  134.518291][ T7947]  ? __down_trylock_console_sem+0xb0/0x140
[  134.518300][ T7947]  vprintk_emit+0x41b/0x6f0
[  134.518310][ T7947]  ? __pfx_vprintk_emit+0x10/0x10
[  134.518321][ T7947]  ? __lock_acquire+0xcc5/0x3c40
[  134.518335][ T7947]  vprintk+0x7f/0xa0
[  134.518346][ T7947]  _printk+0xc8/0x100
[  134.518353][ T7947]  ? __pfx__printk+0x10/0x10
[  134.518361][ T7947]  ? ___ratelimit+0x24c/0x570
[  134.518370][ T7947]  ? __lock_acquire+0x15a9/0x3c40
[  134.518383][ T7947]  ? __pfx____ratelimit+0x10/0x10
[  134.518393][ T7947]  should_fail_ex+0x46c/0x5b0
[  134.518404][ T7947]  strncpy_from_user+0x3b/0x2d0
[  134.518414][ T7947]  strncpy_from_user_nofault+0x7f/0x180
[  134.518426][ T7947]  bpf_probe_read_user_str+0x26/0x70
[  134.518437][ T7947]  bpf_prog_b1bc9f7c1f89903c+0x41/0x43
[  134.518444][ T7947]  bpf_trace_run4+0x245/0x5a0
[  134.518457][ T7947]  ? __pfx_bpf_trace_run4+0x10/0x10
[  134.518478][ T7947]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  134.518496][ T7947]  __traceiter_sched_switch+0x6c/0xc0
[  134.518510][ T7947]  __schedule+0x1b71/0x5ad0
[  134.518521][ T7947]  ? __pfx___schedule+0x10/0x10
[  134.518528][ T7947]  ? __fget_files+0x206/0x3a0
[  134.518540][ T7947]  ? fput+0x67/0x440
[  134.518551][ T7947]  ? ksys_write+0x1ba/0x250
[  134.518561][ T7947]  schedule+0xe7/0x350
[  134.518569][ T7947]  syscall_exit_to_user_mode+0xf5/0x2a0
[  134.518578][ T7947]  __do_fast_syscall_32+0x80/0x120
[  134.518589][ T7947]  do_fast_syscall_32+0x32/0x80
[  134.518599][ T7947]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.518611][ T7947] RIP: 0023:0xf7f01579
[  134.518618][ T7947] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.518626][ T7947] RSP: 002b:00000000f50445b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  134.518635][ T7947] RAX: 0000000000000001 RBX: 0000000000000009 RCX: 00000000f5044610
[  134.518641][ T7947] RDX: 0000000000000001 RSI: 00000000f7390ff4 RDI: 0000000000000000
[  134.518646][ T7947] RBP: 00000000f73c50a0 R08: 0000000000000000 R09: 0000000000000000
[  134.518651][ T7947] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.518657][ T7947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.518665][ T7947]  </TASK>
[  134.827866][ T7947] CPU: 1 UID: 0 PID: 7947 Comm: syz.4.492 Not tainted 6.13.0-rc2-syzkaller #0
[  134.830177][ T7947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  134.832963][ T7947] Call Trace:
[  134.833851][ T7947]  <TASK>
[  134.834637][ T7947]  dump_stack_lvl+0x116/0x1f0
[  134.835888][ T7947]  should_fail_ex+0x497/0x5b0
[  134.837130][ T7947]  strncpy_from_user+0x3b/0x2d0
[  134.838426][ T7947]  strncpy_from_user_nofault+0x7f/0x180
[  134.839887][ T7947]  bpf_probe_read_user_str+0x26/0x70
[  134.841282][ T7947]  bpf_prog_b1bc9f7c1f89903c+0x41/0x43
[  134.842720][ T7947]  bpf_trace_run4+0x245/0x5a0
[  134.843991][ T7947]  ? __pfx_bpf_trace_run4+0x10/0x10
[  134.845368][ T7947]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  134.847128][ T7947]  __traceiter_sched_switch+0x6c/0xc0
[  134.848556][ T7947]  __schedule+0x1b71/0x5ad0
[  134.849775][ T7947]  ? __pfx___schedule+0x10/0x10
[  134.851060][ T7947]  ? __fget_files+0x206/0x3a0
[  134.852318][ T7947]  ? fput+0x67/0x440
[  134.853383][ T7947]  ? ksys_write+0x1ba/0x250
[  134.854600][ T7947]  schedule+0xe7/0x350
[  134.855686][ T7947]  syscall_exit_to_user_mode+0xf5/0x2a0
[  134.857144][ T7947]  __do_fast_syscall_32+0x80/0x120
[  134.858505][ T7947]  do_fast_syscall_32+0x32/0x80
[  134.859789][ T7947]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  134.861457][ T7947] RIP: 0023:0xf7f01579
[  134.862528][ T7947] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  134.867492][ T7947] RSP: 002b:00000000f50445b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  134.869697][ T7947] RAX: 0000000000000001 RBX: 0000000000000009 RCX: 00000000f5044610
[  134.871822][ T7947] RDX: 0000000000000001 RSI: 00000000f7390ff4 RDI: 0000000000000000
[  134.873909][ T7947] RBP: 00000000f73c50a0 R08: 0000000000000000 R09: 0000000000000000
[  134.876005][ T7947] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  134.878101][ T7947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  134.880189][ T7947]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  135.255854][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  135.346963][ T1187] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.418511][ T1187] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.570305][ T1187] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.628544][ T1187] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.709297][ T1187] team0: left allmulticast mode
[  135.711083][ T1187] team_slave_0: left allmulticast mode
[  135.712961][ T1187] team_slave_1: left allmulticast mode
[  135.714846][ T1187] net veth1_virt_wifi virt_wifi0: left allmulticast mode
[  135.717472][ T1187] bridge0: port 2(team0) entered disabled state
[  135.720247][ T1187] bridge_slave_0: left allmulticast mode
[  135.722128][ T1187] bridge_slave_0: left promiscuous mode
[  135.724154][ T1187] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.220323][ T1187] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.224425][ T1187] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.228459][ T1187] bond0 (unregistering): Released all slaves
[  136.295866][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  136.531455][ T1187] hsr_slave_0: left promiscuous mode
[  136.533250][ T1187] hsr_slave_1: left promiscuous mode
[  136.535109][ T1187] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.537183][ T1187] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.539622][ T1187] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.542123][ T1187] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.545612][ T1187] veth1_macvtap: left promiscuous mode
[  136.547184][ T1187] veth0_macvtap: left promiscuous mode
[  136.548656][ T1187] veth1_vlan: left promiscuous mode
[  136.550059][ T1187] veth0_vlan: left promiscuous mode
[  136.601085][ T1187] net veth1_virt_wifi virt_wifi0 (unregistering): left promiscuous mode
[  136.604457][ T1187] team0 (unregistering): Port device virt_wifi0 removed
[  136.756239][ T1187] team_slave_1 (unregistering): left promiscuous mode
[  136.758355][ T1187] team0 (unregistering): Port device team_slave_1 removed
[  136.796166][ T1187] team_slave_0 (unregistering): left promiscuous mode
[  136.798280][ T1187] team0 (unregistering): Port device team_slave_0 removed
[  137.335841][    C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  137.485284][ T1187] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.547945][ T1187] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.618706][ T1187] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.668054][ T1187] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.732884][ T1187] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.788757][ T1187] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.879311][ T1187] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.920396][ T1187] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.990762][ T1187] bridge_slave_0: left allmulticast mode
[  137.992734][ T1187] bridge_slave_0: left promiscuous mode
[  137.994706][ T1187] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.999683][ T1187] bridge_slave_1: left allmulticast mode
[  138.001697][ T1187] bridge_slave_1: left promiscuous mode
[  138.003710][ T1187] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.007823][ T1187] bridge_slave_0: left allmulticast mode
[  138.009532][ T1187] bridge_slave_0: left promiscuous mode
[  138.011328][ T1187] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.041880][ T1187] infiniband syz0: set down
[  138.376017][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  138.609010][ T1187] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.612827][ T1187] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.616756][ T1187] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  138.621024][ T1187] bond0 (unregistering): Released all slaves
[  138.628266][ T1176] smc: removing ib device syz0
[  138.630025][ T1187] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.634473][ T1187] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.638092][ T1187] bond0 (unregistering): Released all slaves
[  138.759433][ T1187] tipc: Disabling bearer <udp:s>
[  138.760939][ T1187] tipc: Left network mode
[  138.772224][    T8] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  138.775726][    T8] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[  138.778038][    T8] CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.13.0-rc2-syzkaller #0
[  138.780267][    T8] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.783293][    T8] Workqueue: events cleanup_bearer
[  138.784703][    T8] RIP: 0010:cleanup_bearer+0x23d/0x390
[  138.786313][    T8] Code: ea 03 80 3c 02 00 0f 85 44 01 00 00 48 8b 5b 18 e8 58 18 5a 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 30 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 12 01 00 00 48 c7 c0 5c d8 1e 90 48 8b 5b 30 48
[  138.792282][    T8] RSP: 0018:ffffc900001a7c70 EFLAGS: 00010206
[  138.793865][    T8] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  138.795942][    T8] RDX: 0000000000000006 RSI: ffffffff8abfb19c RDI: 0000000000000030
[  138.798224][    T8] RBP: ffff888046b65498 R08: 0000000000000001 R09: ffffed10049fb005
[  138.801014][    T8] R10: ffff888024fd802b R11: ffffffff816b5ede R12: ffff888046b65460
[  138.803761][    T8] R13: ffff888046b65498 R14: 0000000000000001 R15: ffffc900001a7d80
[  138.806534][    T8] FS:  0000000000000000(0000) GS:ffff88802b400000(0000) knlGS:0000000000000000
[  138.809593][    T8] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  138.811832][    T8] CR2: 0000000000000000 CR3: 000000002625c000 CR4: 0000000000352ef0
[  138.814600][    T8] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  138.817307][    T8] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  138.820034][    T8] Call Trace:
[  138.821202][    T8]  <TASK>
[  138.822245][    T8]  ? die_addr+0x3b/0xa0
[  138.823689][    T8]  ? exc_general_protection+0x155/0x230
[  138.825603][    T8]  ? asm_exc_general_protection+0x26/0x30
[  138.827554][    T8]  ? select_task_rq_fair+0x36e/0x44e0
[  138.829411][    T8]  ? cleanup_bearer+0x1dc/0x390
[  138.831105][    T8]  ? cleanup_bearer+0x23d/0x390
[  138.832790][    T8]  process_one_work+0x958/0x1b30
[  138.834553][    T8]  ? __pfx_process_one_work+0x10/0x10
[  138.836553][    T8]  ? rcu_is_watching+0x12/0xc0
[  138.838274][    T8]  ? assign_work+0x1a0/0x250
[  138.839936][    T8]  worker_thread+0x6c8/0xf00
[  138.841581][    T8]  ? __pfx_worker_thread+0x10/0x10
[  138.843356][    T8]  kthread+0x2c1/0x3a0
[  138.844828][    T8]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.846650][    T8]  ? __pfx_kthread+0x10/0x10
[  138.848271][    T8]  ret_from_fork+0x45/0x80
[  138.849833][    T8]  ? __pfx_kthread+0x10/0x10
[  138.851446][    T8]  ret_from_fork_asm+0x1a/0x30
[  138.853131][    T8]  </TASK>
[  138.854214][    T8] Modules linked in:
[  138.855837][    T8] ---[ end trace 0000000000000000 ]---
[  138.863344][    T8] RIP: 0010:cleanup_bearer+0x23d/0x390
[  138.865260][    T8] Code: ea 03 80 3c 02 00 0f 85 44 01 00 00 48 8b 5b 18 e8 58 18 5a 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 30 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 12 01 00 00 48 c7 c0 5c d8 1e 90 48 8b 5b 30 48
[  138.872020][    T8] RSP: 0018:ffffc900001a7c70 EFLAGS: 00010206
[  138.874146][    T8] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  138.876991][    T8] RDX: 0000000000000006 RSI: ffffffff8abfb19c RDI: 0000000000000030
[  138.879761][    T8] RBP: ffff888046b65498 R08: 0000000000000001 R09: ffffed10049fb005
[  138.882599][    T8] R10: ffff888024fd802b R11: ffffffff816b5ede R12: ffff888046b65460
[  138.885320][    T8] R13: ffff888046b65498 R14: 0000000000000001 R15: ffffc900001a7d80
[  138.888277][    T8] FS:  0000000000000000(0000) GS:ffff88802b400000(0000) knlGS:0000000000000000
[  138.891353][    T8] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  138.893704][    T8] CR2: 0000000000000000 CR3: 000000002625c000 CR4: 0000000000352ef0
[  138.896565][    T8] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  138.899385][    T8] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  138.902117][    T8] Kernel panic - not syncing: Fatal exception
[  138.904667][    T8] Kernel Offset: disabled
[  138.906220][    T8] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:11:33  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000351165 RBX=0000000000000000 RCX=ffffffff8b19d7a9 RDX=0000000000000000
RSI=ffffffff8b4cd160 RDI=ffffffff8bb156a0 RBP=fffffbfff1b52ef8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8da977c0 R14=ffffffff901cc310 R15=0000000000000000
RIP=ffffffff8b19eb8f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000696f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000031800000000 0000000e00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff85142c95 RDI=ffffffff9a662300 RBP=ffffffff9a6622c0 RSP=ffffc900266f7650
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000000 R14=ffffffff9a662310 R15=000000000000004e
RIP=ffffffff85142cbf RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000696f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000031800000000 0000000e00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff8880277d2140 RCX=ffffffff88fa40c5 RDX=ffff888022e38000
RSI=ffffffff88fa40d3 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90026a676c0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff888067fa3aa8 R13=0000000000000000 R14=ffffc90026a67868 R15=ffffc90026a67898
RIP=ffffffff81993ef1 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000696f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000031800000000 0000000e00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000007 RBX=ffff88802b72ca00 RCX=ffffffff8176b673 RDX=0000000000000000
RSI=0000000000000004 RDI=ffff88802b72ca00 RBP=0000000000000246 RSP=ffffc9000e267b90
R8 =0000000000000000 R9 =fffffbfff2039862 R10=ffffffff901cc317 R11=0000000000000000
R12=0000000000000003 R13=ffffc9000e267d68 R14=0000000000000000 R15=ffff88802b72ca80
RIP=ffffffff81fbcd28 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000004b088000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000