last executing test programs:

3.796453154s ago: executing program 2 (id=284):
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x40084)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 4)

3.386354464s ago: executing program 2 (id=285):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001600ddc2cda886b2f929d98140eec85e99a6a54fbf7b76d022e5b72d14b1936fb64cc2e1bb09b9f4aad8cc8b68b57afd5fdcd8d8325acc7a2d1d154d96df9caa0ea3dfcf32318e91cba29f62f20a63107c1883abe9dea88c00f7113b2008f44393dd95f9a1fec2f7ae356a96ba249c0d2e9a16b0c5411d9bd2fb61da638f6f03f5825de708314f8f69e32ac638b14f7bbe", @ANYRES16=r2, @ANYBLOB="a8932bbd7000ffdbdf25190000000c009900040000005600000005001c0004000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004054}, 0x200008c4)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)

3.324600663s ago: executing program 2 (id=286):
r0 = openat$vmci(0xffffff9c, &(0x7f0000001640), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000000c0)={@hyper})
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r1 = openat$vcsa(0xffffff9c, &(0x7f00000003c0), 0x400000, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$kcm(r1, &(0x7f0000000680)={&(0x7f0000000400)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e21, @rand_addr=0x64010102}, 0x3, 0x3, 0x1, 0x3}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000480)="4242856a59fb21af47db018929cecd31fdc50673baccbd2b2df9768107272683eb966ac6f65f27610f1ee791f5a405402c2c30c6b9c4629db70618e599fa124e02", 0x41}, {&(0x7f0000000540)="ac0915ef5b8e265bf99874462b39c9461d46f5", 0x13}], 0x2, &(0x7f00000005c0)=ANY=[@ANYBLOB="a80000003a000000ffffffff644e59403947b95981f2809f552304e4ac0f50113d111963e319c6b001176f751cb1115eb453c17ed0fe950f9ce69825e9cf82a7d237f24a05942b1322204e77b00afd2faeccd45d8d5a7f5e43e12fe93ce0f269d2414de6eeb8aac7be0a6c1a777c082398a6a7911dc8a37ac25697bb1086bfdbd6963b7622c593f3dc3eaa60e12d6fe4b5fe0ba0c7e1131db9d503b39a048057af6dd42c55000000"], 0xa8}, 0x40040)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000000c0201, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000100)=0x6)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
openat$uhid(0xffffff9c, &(0x7f0000000380), 0x802, 0x0)
gettid()
getpid()
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0xa00, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0)
ioctl$VHOST_VDPA_SET_VRING_ENABLE(0xffffffffffffffff, 0x4008af75, 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
timerfd_create(0x7, 0x80800)
getpid()
socket$kcm(0x10, 0x0, 0x0)
poll(0x0, 0x0, 0x5)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b0, &(0x7f0000001100)={0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x9, 0x10, &(0x7f00000006c0)=ANY=[@ANYBLOB="18170078ca000100000000000004000818110000f4b1ccd4a9b9c94ceb8c0341a8001f82ce60b1ba02ce72128e7854fcc7bef430b8074fb567475b4eecc11dfe5b8357529077b0ed8a60ebd2b56f6f5cda384b864ab42215b55ff5b1b911e66c10db02b0011a3e7c70a3b6a6dbec95e8bfd7af7739596038b08e45a00100449494cb6604907e66ca563dcac57925ba89c9f958dfe3f49e36d1ab86fe1dac473c", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000007570fafff0ffffffbf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)

2.926355015s ago: executing program 1 (id=290):
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xa, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="ffff0800"/20, @ANYRES32=0x0, @ANYBLOB="f7e8010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x40084)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d312"], 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xe)

2.716777109s ago: executing program 1 (id=291):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x6}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x1, 0x34324152, 0x0, 0x0, [{0x5}, {}, {0x1}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xffffffff, 0x400, 0x0, 0x2000}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x28, 0x0, @fd_index=0x3})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@bridge_delneigh={0x24, 0x1e, 0x1, 0x0, 0x2, {0x1c, 0x0, 0x0, r9, 0x0, 0x2, 0x6}, [@NDA_IFINDEX={0x8, 0x8, r9}]}, 0x24}}, 0x0)
r10 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r10, 0x1, 0x2, &(0x7f0000000040), 0x4)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MTU={0x8}]}, 0x40}}, 0x0)
unshare(0x62040200)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000800000000"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

2.637893561s ago: executing program 0 (id=293):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102394, 0x18ffa}], 0x1, 0x2d0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x800, @fixed, 0x0, 0x2}, 0xe)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @none, 0x4, 0x2}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, 0x0, &(0x7f0000000100))
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14)
syz_open_pts(r0, 0x220000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1801db350a09b485afbf7e04f44be94de7d82d7f7036176774f56fb6130f760334b86837aa5f9c2e974ea68e17e54da79ea7103c9c72c67e13f099c6fd56d00d8b723803b5f4eb3164adb078f722e0ad8c98f8430a355a667d3b61dc1384000ff573cacc6cea435549e6c20cb4afb9e8cc6a66785ef13c9d0b29be673fd8e0062ca8fca965e8c7b206ad172365d89246ea7b6eb8bdba0452cb9742fd37a75278e9017c5a98e881fab81fc12f14614c1771b52d06edcd009dd1432dc0bf10779a8fcc4c00000000000000000000000011d26ee59a92965ddb59740b46ef84519007ac3ce94d2c9a311d30c587c82175e7856e50817bf5c096fed176f7bc1b662b96f2aab47b3f0f950e1628665580dbcda27b4bce03a2392b"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2b, '\x00', r2, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3, &(0x7f00000000c0)=0x200, 0x3, 0x6)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r4, 0x4b66, &(0x7f0000000100)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0})

2.631567282s ago: executing program 3 (id=294):
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000000))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000000)={0x0, 0xffff, 0x0, 0x0, 0x0, "4b17e675bb3208c27ff338260a943c6acab1a8", 0xfff, 0x1})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x12, r3, 0x0)
ioctl$FIONCLEX(r3, 0x5450)
write$UHID_INPUT(r2, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef31952015d48ed1078708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaab8d1f48c13b64df07847754b8400daa699bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e814442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c808000000d67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e0300000000000000434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ce7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf1206000000becd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_emit_ethernet(0x36, &(0x7f0000000600)={@local, @random="6a2ddcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000004)
ioctl$sock_SIOCBRDELBR(r4, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

2.364763935s ago: executing program 3 (id=295):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
statx(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0) (fail_nth: 14)

2.2131664s ago: executing program 3 (id=296):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1, 0x0, 0x1f}, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000140)=0x4, 0x4)

2.188748471s ago: executing program 0 (id=297):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='ext4_mb_release_group_pa\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x100000000)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x0, 0x2449})
socket$pppoe(0x18, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0xfffc}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}}, 0x0)

2.112275112s ago: executing program 0 (id=298):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x65, 0x8, 0x0, 0xffffffffffffffff, 0x9d, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = io_uring_setup(0x1d3, &(0x7f0000000080))
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

2.111663765s ago: executing program 0 (id=299):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000002740)='pstore\x00', 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$sndseq(r2, &(0x7f0000000080)=[{0xf, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @result={0x0, 0x20000000}}], 0x1c)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x6c, 0x30, 0x9, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x3}}, @TCA_MPLS_TC={0x5, 0x8}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x32c000, 0x1000, 0x0, 0x6}, 0x20)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = syz_io_uring_setup(0x7934, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000380), &(0x7f0000000340)=<r9=>0x0)
syz_io_uring_setup(0xa95, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000040)=<r10=>0x0, &(0x7f00000000c0))
syz_io_uring_submit(r10, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r8, 0xec4, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000280)={0x4000001})
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000008480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1869d0d4d9cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f33ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00bb02000000000000c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a03bda7b6222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f5bce1cdaa99705a8fa48f61071f548d411353965615c24c1860790dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5472d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26b741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba00"/2219], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000180)=r11)
write$cgroup_devices(r6, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c980128846360864666702c1ffe800000000000"], 0xffdd)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.025586724s ago: executing program 3 (id=300):
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x90}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
r2 = openat$btrfs_control(0xffffff9c, &(0x7f00000002c0), 0x20001, 0x0)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x2, 0x20000)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
close(r4)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f00000000c0)=0xc1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0x5421, &(0x7f0000000340)={{0xffffffff, 0x1, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
r5 = dup(r3)
read$FUSE(r5, &(0x7f00000044c0)={0x2020}, 0x2020)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r5)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, r6, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x400}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000000}, 0x20040000)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

2.004508064s ago: executing program 3 (id=301):
socket$kcm(0x10, 0x400000002, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
iopl(0x3)
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
pwritev2(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="d0600b401f39b97bf93ecf49759e94b4519a0de2f87e5c417273a5dce55efb335b22dce602ca972f116438489fdab766171401f130eb1c9e78ec70db15755f97ca197fc3da0b85ea0d2f7bdffcc1caa5810430b5448f4ae272489f5c7ac1e4660c4f7b0446d5457181924a3d4dbfdfee93a14379adfe7c1effdacb69a945", 0x7e}], 0x1, 0xa, 0x6e6f2b53, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="02090000026c03000000000000000000"], 0x10}}, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='smb3\x00', 0xa6c7bd22bedb3110, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmmsg$inet(r5, &(0x7f0000005240), 0x264e33, 0xff88)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/custom1\x00', 0x0, 0x0)

1.664491532s ago: executing program 1 (id=302):
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x40884)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='X\x00wl', @ANYRES16=r2, @ANYBLOB="200028bd7000fbdbdf25000000001400080065727370616e3000000000000000000014001f00fc02000000000000000000000000000114000800776c616e31000000000000000000000006001c000f000000"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x40)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x808)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r7 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000004f40)=[{&(0x7f0000000880)={0x10, 0x3a, 0x4, 0x70bd28, 0x25dfdbef}, 0x10}, {&(0x7f0000002280)={0x10, 0x1b, 0x4, 0x70bd2d, 0x25dfdbfe}, 0x10}], 0x2, 0x0, 0x0, 0x4008880}, 0x20044805)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r7)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r7)
write$tun(r4, &(0x7f0000000580)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv6=@icmpv6={0x0, 0x6, '\x00', 0x39, 0x3a, 0x0, @mcast2, @private1, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [{0x0, 0x2, "b0dcc4a3616748a199e53d96e28516"}]}}}}}, 0x73)
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
arch_prctl$ARCH_SET_CPUID(0x1012, 0x10201)
read$FUSE(r9, &(0x7f0000000900)={0x2020}, 0x2020)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

1.13620639s ago: executing program 2 (id=303):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x3e}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000200)=ANY=[@ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xda)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r3}, 0x10)
ioctl$KVM_HYPERV_EVENTFD(r2, 0xc048aec8, &(0x7f0000000080)={0x6})
keyctl$restrict_keyring(0xa, r0, 0x0, 0x0)
r4 = socket(0x2c, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000500)={'tunl0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000500)={'tunl0\x00', &(0x7f0000000400)={'erspan0\x00', 0x0, 0x0, 0x8ee0eb3cdda6df32, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
r5 = openat$sndseq(0xffffff9c, &(0x7f00000000c0), 0xac3)
write$sndseq(r5, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x20, 0x800, 0x30, 0x384, 0xc0000001, 0xb1, 0x1, 0x0, {0x80000000, 0x81}, {0x0, 0xb2bf, 0x1}, {0x6, 0xb}, {0x6, 0x3, 0x1}, 0x1, 0x0, 0x1, 0x6, 0x1, 0xf2ab, 0x0, 0x5, 0x1, 0x8, 0x2, 0x0, 0x0, 0x200, 0x3, 0x9})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r7, 0xc02c564a, &(0x7f0000000000)={0xffffffff, 0x3147504d, 0x1, @discrete={0xffffff9f, 0x2}})
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_triestat\x00')
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r8, 0x402c5342, &(0x7f0000000540)={0xa, 0x3, 0x0, {0x6, 0xff}, 0x1e75, 0x8})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r10 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = openat$ndctl0(0xffffff9c, &(0x7f0000000480), 0x18800, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r11, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040800}, 0x48824)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r10, 0x10001, &(0x7f0000000340)=""/229)
fsync(r8)

644.169085ms ago: executing program 0 (id=304):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3ad12fbf, @void, @value}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x40084503, &(0x7f0000001500)=""/4103)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102356, 0x18fd4)
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
utimes(&(0x7f0000000140)='./file1\x00', &(0x7f0000000300)={{}, {0x77359400}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0xfffffffc})
dup(0xffffffffffffffff)
accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad00"/12, 0xc)
sendmmsg$unix(r3, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4c001}}, {{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x29}}], 0x800000000000061, 0x2400c852)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2d, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x1000000, @my=0x1}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, 0x0, 0x0)

642.714091ms ago: executing program 1 (id=305):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x8000f28, 0x0)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x7f, 0xe)
write(r0, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
r2 = memfd_create(&(0x7f0000000540)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYRES16], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000140), 0xffffffffffffffff) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
r4 = fcntl$dupfd(r2, 0x0, r2) (async)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)) (async)
ioctl$UFFDIO_WRITEPROTECT(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async)
ioctl$BTRFS_IOC_ADD_DEV(r6, 0x5000940a, &(0x7f00000013c0)={{r2}, "8474881d21683409013f8d20ef8c244715b2c5e5be8a346ccc934da4efb05e8068c55737dfb475baf7d8d701481402f82be1a444b4ba97f415fefa2f929c314031c50cbbb23efa0c97691961e03f72bbb3491278d7e59f8fb02ba9cfa3c0f0112802d783847c284cf1d44c52cfe00a646743b70099432da2214f2fa68a2265238cfd2f86f9b7f93f4b0fb981d06a3a283fb614bbb7855d3d8d507ec9ecde8eb4e1acf363efc3512e5f866f73e5d0d1701d0528cbf5ac790ee54f7e98a035155acfd2fc13bc48fc027c04c37d5dc2b51cd19bc896dd8c40b9bca98d87d4cc348aa7d21e85c95872dcd1832b481bc08c8f4234ca4d4e32800b3de534c0454937c8025b65be112aeba7cbf3187ce0d2a5bccee1f0064657a7184d88c3994e69497c3de53542856ffb45e2f773df23bfaf3597245d8cdcc291ecbaa9917c03d4365d582d5d8762ffd8d82a96199e1a0d8fa8dfb8903596dfe99d805de499bfa332d0732f6d79517260a1acc2f8ad866a3180a81212db1b72d6b0a44655a5db71727cae9443677d69c2edfb8bdab99dbb0b32dbe71bcdacecfe68f8c2785819449639ff559118ad39b7f09d61c6c8ba8d3b971a74f62184c1862e3ce7af07ffb6e47ecd338ec4cff4affe35338e296ced0e7a4d716255b7a6248e0084fa2c9b29bfa68b3cc207bbe9dcf3d795fae2a0c646622547ecaa370768fb7f061e1dd26d1c548377fb2d6d45ab494964c7618c89af876fc23db230d331c742f02bd28912ce0a302cc8de274d24b1aae103a9cfbadb65c70b2d6020304ee230fee72313714702562880b49cce91ac9e8bf8eaa1d59dba708eecac6ca375b16e8b504d360790141c68d6b19ecbe8eadc0e7ed426e3eb478339152c0486de2c35fa66e75de5ea9945ff49f190902ccd887c489dbade6a9d5d52d9f722155ed7ecf5ba6d55cefb3cf8e7a3cd0ca7f996d2112458978cff498211cd69fd4cc8681b46306988aa9f6499f2f77a9dad0e7802883a7fe8091b4bc185332808fc96d04e64da194cd1119a777df75b0db1e66f9db905cb97d551fe5d9ff77a8d18266943565ee7c12f7b270e19aadc6d8935c782ee7903eda3de3959ac43f0d9e6539099c7fc6896a1e47e596bd5fafb2dd6adcb056e89943f2e9fa6f8c3a66a6707e15a3768d87504458338e591f6b8920d20655b4603e39f018a372176cfe61ddacf91d34c3e34d99e9f16d54dfdd7574a41a58607301fdcc45ff50d6f1c0945e335739fa8cd3d6f60282db87b9b9c00cbc124a8da89a60d1a82bda38c26b4217de77719f94b71f03bc2cbbbda3cf6faed896d0693d57be576dbf5881d39acf54479f3b6abe4fcc95c7379f08b1edc5dee752a13f3b7d3ba2b4776accd13ed735db3be582e16f15a86cae005ecb192caea915b291d77d45704ec82934aa3480b1adf3216121f102d0e5053efb8a4b44408c4ca0a1e1875fcc6959b053a2e9ef4b772af31f678bad222ab6ce87012e489e588c427f16956a41b31efbbc08da11fbbd632c63209b254e6badb69ff7e8f465bdf77551a089ebb676aca2590c9fe208e8c2684791870fff38501324ee414926723345934d8c7e3600d6253887dd0081e8d31d0599142ede7f48bbeeb966a2ef78e177749788719d528345a189ccbeae2fcbf0bccedfbee0f71ab3d5729f545ce1c7370049a210fabac51b86746df6bac5b14bd53cadc0bf99343cb39bb0495e02188728bd1c7e711dfac8e1d8fa5bb8a237090fa509cbe537047c09d5ea31a41e52f06f5e9f45bf8e31db9fc0fc6f0a2d78716967346d094fcd32561564a41a1ecf0576fa9ab0f7791622159b5f17dac230afb73a7c3156160879380d8dbad6cbafbe9b1de82d61de430a010790f7b5933ec9e413d3b673f93afe617cd3e888f598f3891c9df04524359d3e48c96b6af9f35d53ddc381ae376847402fe5234e8107b9f8767bb4e394d32452328ca672200eb31c2ca7aab61b978384e83aaa7b6ea93a059eed0708d8dec4f6455fd721052c57f4fbe7ccc9c0d0ec650d12fd80a4857050eaf8dfd784693220c3e46cf1560efbfae3974bfaec1829eb53e9d2aac51e21bee73a6a06aefa0b2e74301e8cb53c0303fc84128103f982829ba90707caecc4a1aa15db7401113d3e7517f2101b8ff285267d9301dc39ff7f5f20ab37a0fdd1aeb1158bdab8984f05f0d4c8fbb95a39c3b6b730783f081ed403513e0f3d637fdb24761ee5cd70c55a66e4c38602b1229ffa23808a0fde91d51a343f90db55c0a1616954053c127f98a5fd95967c26fa157a1f7ed55a632127898d19f7a7aa954edb3d8feaf7f7bbfa3a0f30aa6974271184139def9a635a25708b1b0f0e628dd9a186e96dd507539c5efa3667de8b0c5a90c42b62a68f7eccdf49c595187a8e088ee79e43766329e8f4ef2bd6531ccd11e7faf81837a79e10621d0adf349b92398751cd4cd11140a1c8647bcb7de223cad30608e94f6ad8c495171f976e3ca0aa9c7e217514499b1c5f5a4726c3cba9837168f6d28ec4f6bfcdc974d3d752804c3737684dc6f7b063dd55eb60f8ecd30e5c71c5251ef54beac64a32cb044082e6e035385e72f7f9f7de5f09d036367324e4f05b55ea497a9b34a888d1e8f320812f4fd31ecbdb7e52c1794e5d094cbf37d5de6293c26e78850d5a17a46581adf4b02b16e7eb7c88bc769167dc284751dfbb0c8395f3712fb977e4d60c4a181f4509a1857c22a47461c67830be4dd85691bd67fad2a8c378d07047733bf0d20428e881095f9843bdb7964aa4bf8875ce6bcc1085c5abbdb349de283dbcee0d05438dacee9ceb5bf9c0ad189f3aedf7a7bee13217d8e4649638dc72dfda64b7e7b2a7da1ed1b814512e247c3824b3c631ac826947e245f0bea83f4ceafbbc442c947c41308b4bb0e5ba943acacad2d34d73d373325455e0d3145daff0b08f2aabba38c688742f2a23c02ad4c6f7f717547f7af2c63c57f58a9590d556d4ccfad81d3ab0646c672787ffb336b8a461db7846fec241bf58bb4acd836cb0ef5aeafb704d61a92b3c11746959c645c10e9f4554bbf0a345f00a409c1da490953fa8228645d9e25116b8db96ae4b6ae8bd7cb819689a2b855ab4798e95f6090c041e79c7fb016d26f5186c2ede05edff52faf78e48576653c2c96b3744a0325c6a1dc4a9995bfb8dcd57a7ed590ec29731152e99672b8c890035817a4bb8179dad6bc15945daafece04800f52302dabe6571028886d34cc56126e13067ea01509f41deb08420acbe557fe9a3975b234e088966149f74697822d9d147d79f1a0f66751cd4d590b01365a6829b88d97b7ea2a2e58ec041afc7ef07eeb8e74a6c3524a7b1e0fd9c77da85f311d9ffe80c2aa0767e59763192f3215dd755b9281a9ff6f227af8e670018a7192f28137eddb9dc2de947f21286b81087fc4ab39c815a0181862599e45f164df9f21eeb1784d6cbb2cd0776a12fdc9a9154003f272d53dbddfdd7594ba8f760c9173b07e4531258c3465f966da52f956d9d6978e5ba437100efb7b96f4f51c05b85e1d8ac8c6aa3cbed7fa61cf1ef0eed112fc23f0b1caf405a383aec97bf2d749747e28c765565f40d7eb130bd48a06918714ca64edb807999fb198032e5192eee777b1ca989d66dad9ad119f6487c08c9b7cbc508115b1dcce3b17e0144c42caa8e5066c9f7f70e33fe16ed79a4780bdf6f0e68a3d0368a659d58ef2367ec302603252f6f200b5644344a358ebddb349b4116ead3b86edd0afa9ab6bcdeb407187b8083f2fd634475fb22c0bb66098a2d8cd8142f5cd487e8220e7a86b5d24448171f8a848861560101285010a71bc89f92e441fc51d1a3c007c7db0d870412810746f7db8f2f5424fca9ab0af1a2bb969aa7c8c3adfd443383b13f88d13119d6f73fceb6b8e2b655aba85ca54f5c10e793967941bc02c6423349987e08a7ea83bf6b3d17c8995759c2c26661f26397033d4dfb988a63efbc08701e67a2610c87f6772a9591d677f7e2527fe3f5be84662327bd6903a79b0746f6dca7b39023f622c69e5c392679a7241f4e07017a55a6f64677f46763b86779c8b6da69ec78f10271e91719513912ec70a5b4949ecd709ded26700e61da16d854e6f3d43db4e8329c4a28ec31c4e1aa7f042eefb8955ee00aaa83597270294b9be2d4211c9c25b6564392c20fca06b873ae4265bdb0fd3f517bbfa9201346fead903aa69a2da29f7af07c9cc85ffd46495ade3ed4eb784a3f5187c2814703a353a9c3a20ac1d3ba197572afdbe69c259647f7a9693d548a83c118c83a78ebff800772f3395e3fc2bb2b501d6edfddc8d4797508aa0bfac2e68880e3a6873eb30e7b5dd2bb8ad20b11910de14daa3f4266254dfd1ffe7600ec316e16a2b62fb14191c1a44134664edfa4180cdf951abd53e8cbb690b153c851d1bb0b8980b1e200a6fd348611ad9972bccd6a6b613718ba75ff7ad304fa4db8b0b49782fb242c6ca38acdb37d44fbaa86b0466c1f64e7f24b2f6fed077ca407a45b73f9feb8a3287048f31c5313af46d4a27a67a67e302915875c2cfc0b241f0a23c95c65575fa797062ea5e3c4225ec0abbaff645781342c5e05db356ec97a5ea8db69d34a97fd06398245fd56f8ce325efb06f74226741f1fcd3c384eabce38d24727c4089aa02cfdc9eda154640518498a2e4b7a144fa0ae8ecbd8f12414b77d21b13ed795a3e1f0792b2b0331bab217b047cb73d85e197cf08e422579d3e54f0b35813de081fef68f16f6f5a5df92ea50ccf861d80df6e12dc528d80cb811602ad321c86445c1f163912460bf05699a4462e3438458729960cb895eeb850b37314a2769b737122850875afb71685e528b1f7add869c40a9395229906ca9139a57e163565bb499fecf93e32a434263ed71fda122c7e12f81c348b3495a173b4c0632cf2036e6f37f73d52e0e7d1d261375026f41d7f55c3ba4ec2671b158decf1d85064cbc7828009bcab3780b03a33aeaa05b7db99c2be5e21794dd61a3518bc16b2032ee0948303c5951ee94ef610ad2112e8c8c48e292ab8aeae0b5efc4b1799d653a17b48a4748bc6e686c1481544571ae7520f07210d564936542934274a9074b7ed78211cb87c261fc3eff46852ae1c1b6d43879a85fcc6b717976e86b24c9b8f7e1df80fa2a8bf4fb9328082edefab0eaacddcada9b6f8be75747865d40cb919651ffa65554ebad94708c92fc84eb8979dfdc851f485f0d6be7a2d664f5414f2c2f186df4ea7dc8687010c12079fcfc10ba4470509f70e7ab7c14fd6f6702af83337eee5417d4e64cbc16e4a5b76779e7eabce67e5278cf6bb73dd1cd9660368bbe7b8029ff1221122c3809253b3cf9fe3ef79787fd9337677faf5f1734d968fe9639d52ef2353b44144645dbf377d9506c0390a45d285485fd9f133a5747688e24135f11488f5f1d3f869b7fb0ddf4f66e440280128e1b27e2babd6cce18cc46722729f466c2bb9c3374e23d8b905961e2e6a1def7b0010dca67c19dbcfefa5c57012643960110df8691b062896033dd37828e0fb5f37d29005aa539e00dd2568e8ece4405b672bd92096f46950c4f79e46b7ca6d3a701176855db9e22061979fbcec314363f54b33b8a8d2731fdb3273a26098bca1345c5208170fc039bb550668c35d3e1c3e196a0e5bf31c24a4623dba6184f2f9133d1d1c75e15ffded1212f0cd54705bd7430d405906ced114dbd280f14b97c18b29dcb3fd26106ae8355a2d8f6671bd0cd7aa9d39cd114d60"})
mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0) (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000d00)=@filter={'filter\x00', 0x4, 0x4, 0x644, 0xffffffff, 0x100, 0x3f8, 0x0, 0xfeffffff, 0xffffffff, 0x57c, 0x57c, 0x57c, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xdc, 0x100, 0x0, {}, [@common=@unspec=@time={{0x38}}]}, @REJECT={0x24}}, {{@ipv6={@private2, @empty, [], [], 'pimreg\x00', 'batadv_slave_1\x00'}, 0x0, 0x2d4, 0x2f8, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x1000}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x160, 0x184, 0x0, {}, [@common=@frag={{0x30}}, @common=@srh1={{0x8c}, {0x0, 0x0, 0x0, 0x0, 0x0, @remote, @dev, @private1}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x6a0) (async)
mmap(&(0x7f0000f8e000/0x2000)=nil, 0x2000, 0x1000005, 0x4000010, r4, 0xffffb000) (async)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)

556.277481ms ago: executing program 0 (id=306):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='ext4_mb_release_group_pa\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x100000000)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x0, 0x2449})
socket$pppoe(0x18, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0xfffc}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}}, 0x0)

296.087804ms ago: executing program 1 (id=307):
renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x40084)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x20)

75.02474ms ago: executing program 2 (id=308):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x65, 0x8, 0x0, 0xffffffffffffffff, 0x9d, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = io_uring_setup(0x1d3, &(0x7f0000000080))
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

73.658743ms ago: executing program 1 (id=309):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x53427c8788169adc, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x2, 0x1, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@CTA_FILTER={0x4}, @CTA_TUPLE_ORIG={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x800)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x80111500, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9)
r3 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SNDCTL_DSP_GETTRIGGER(r3, 0x80045010, &(0x7f0000000040))
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r4, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000200)={0x60, 0x2, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0})
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xb0, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x23], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xfffd}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x1}, @TCA_TAPRIO_ATTR_SCHED_BASE_TIME={0xc, 0x3, 0x280000000000000}]}}]}, 0xb0}}, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r11 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r11, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r11, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
writev(r10, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x40084, &(0x7f00000008c0)=ANY=[@ANYBLOB="6d706f6c3d6c6f63616c3d72656c3ea5959b70807946e3885e0900ecd3611b08f80cdb94cb8fe84eecdc4c31757053c955611e77217f6e8735384972c5adba223914b3545c3ac8584fd46f61bf5c784e610000000000000000b8432b759d27830e88b997ab5bd0276457864980ef391f212bb38bb301658a559dc7bb7cba6805ed8df14be6c2f1cbe962e1ad9c1ba0b7a144a5b9ea202585ca9dabaa929a6b582788df9406e3b19f99f69611b519bfa6b851fa0c7802a29dab3e86c6e8775bb3d9d092c0e316289e928d1cd5b3fac701b1f3bfb509a3ffda0190faf9abc8fdb424c8b89e51434936e77278186f0c9c14c154e6017f1da535674b78e4c03e0a126005bdd5f8683908000000c0d386fef3d767bd58d0a52e5c9620e325662da3898410b913ec8c31bfa35a6f5a21188f50117fb3fb9781d6d27cf16c406431c6144a79ae5017bd2050ffef6ccd2283b8131015d5281d9087fa0282a165c8c9a41e2044c2b64fdf3fb7f700ed000770fccc6a974f8c9af55041243627270475fc7933ae575e05e1656263812cc31cdc36628ce22edb65745ab29bdce36a599d50235c8e"])

73.262657ms ago: executing program 3 (id=310):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r4}, 0x10)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_emit_vhci(&(0x7f0000000680)=ANY=[@ANYBLOB="043e320d021b"], 0x35)
socket$l2tp(0x2, 0x2, 0x73)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
brk(0xffffff92)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x62)
listen(r5, 0x0)
accept4(r5, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x2, 0x10, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000400000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="00020062ca2edcbcb144d7000200000085000000a51d00009500000000000000fd1923cc5eab9d81fa9fd09b3c3aeb86f6547ac20de8953bcc7f71b97549fc175cb6ff0b8bcfc09465e03583b880d9e8b830c7a6449b7e8f6df3a9ff6fc6cfa5e753ccb1a80183e289ea92cdbbb4a7830e9cb2c72e37e1d2134d42f55a8037b84da21d0f67090e35a3237fe1288e3f987d4839549d84352d1754445c9b682a1e45b28a9290a3ae2ddf12cc31f695d30b204944c74ec5728fbec8b66238b0c84bb557b2a4e4e8af0ce11fef27560ab60bfc68a6561829b29e7cea8ebf1f87aaff4e4fc9165308705ac2ac3082da6f6fbcf80bae12e64c33ad50bdc993a939657bb67b97c07f029797046919eacf7b09cfdd0f966a6dc2a18e1a2461b6c3ac91f811cb975dcf7b4180"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x80010, r1, 0x0)
r6 = getpid()
r7 = syz_pidfd_open(r6, 0x0)
process_madvise(r7, &(0x7f00000000c0)=[{&(0x7f0000000000)='O', 0x1}], 0x1, 0x19, 0x0)
r8 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000300)={'team0\x00', <r9=>0x0})
syz_open_procfs$userns(r6, &(0x7f0000000100))
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x24, r9})

0s ago: executing program 2 (id=311):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3ad12fbf, @void, @value}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x40084503, &(0x7f0000001500)=""/4103)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102356, 0x18fd4)
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
utimes(&(0x7f0000000140)='./file1\x00', &(0x7f0000000300)={{}, {0x77359400}})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0xfffffffc})
dup(0xffffffffffffffff)
accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad00"/12, 0xc)
sendmmsg$unix(r3, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4c001}}, {{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x29}}], 0x800000000000061, 0x2400c852)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2d, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x1000000, @my=0x1}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:10409' (ED25519) to the list of known hosts.
[   34.180260][ T5270] cgroup: Unknown subsys name 'net'
[   34.342159][ T5270] cgroup: Unknown subsys name 'cpuset'
[   34.347993][ T5270] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   35.484960][ T5270] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   38.719876][ T5344] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   38.722438][ T5344] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   38.726178][ T5344] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   38.729700][ T5344] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   38.732132][ T5344] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   38.734725][ T5344] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   38.736775][ T5344] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   38.739060][ T5344] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   38.741681][ T5344] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   38.743556][ T5344] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   38.744923][ T5355] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   38.745564][ T5344] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   38.749329][ T5355] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   38.750371][ T5357] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   38.752372][ T5355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   38.754155][ T5357] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   38.757640][ T5355] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   38.761310][ T5355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   38.764038][ T5355] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   38.767538][ T5348] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   38.768929][ T5344] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   38.770516][ T5348] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   38.778937][   T64] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   38.782626][ T5348] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   39.009952][ T5349] chnl_net:caif_netlink_parms(): no params data found
[   39.013578][ T5342] chnl_net:caif_netlink_parms(): no params data found
[   39.052718][ T5347] chnl_net:caif_netlink_parms(): no params data found
[   39.088884][ T5340] chnl_net:caif_netlink_parms(): no params data found
[   39.258992][ T5349] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.260880][ T5349] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.262919][ T5349] bridge_slave_0: entered allmulticast mode
[   39.264993][ T5349] bridge_slave_0: entered promiscuous mode
[   39.269148][ T5342] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.270971][ T5342] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.273060][ T5342] bridge_slave_0: entered allmulticast mode
[   39.275086][ T5342] bridge_slave_0: entered promiscuous mode
[   39.277468][ T5342] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.280068][ T5342] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.282270][ T5342] bridge_slave_1: entered allmulticast mode
[   39.284130][ T5342] bridge_slave_1: entered promiscuous mode
[   39.302088][ T5349] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.303968][ T5349] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.305900][ T5349] bridge_slave_1: entered allmulticast mode
[   39.308216][ T5349] bridge_slave_1: entered promiscuous mode
[   39.340142][ T5347] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.342450][ T5347] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.344766][ T5347] bridge_slave_0: entered allmulticast mode
[   39.347417][ T5347] bridge_slave_0: entered promiscuous mode
[   39.371607][ T5342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.374160][ T5347] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.376306][ T5347] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.379199][ T5347] bridge_slave_1: entered allmulticast mode
[   39.381261][ T5347] bridge_slave_1: entered promiscuous mode
[   39.396443][ T5349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.401001][ T5342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.449535][ T5340] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.452060][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.454563][ T5340] bridge_slave_0: entered allmulticast mode
[   39.457326][ T5340] bridge_slave_0: entered promiscuous mode
[   39.463121][ T5349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.477307][ T5347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.480283][ T5340] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.482802][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.485176][ T5340] bridge_slave_1: entered allmulticast mode
[   39.488624][ T5340] bridge_slave_1: entered promiscuous mode
[   39.510129][ T5342] team0: Port device team_slave_0 added
[   39.512792][ T5347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.539867][ T5349] team0: Port device team_slave_0 added
[   39.543463][ T5342] team0: Port device team_slave_1 added
[   39.581181][ T5349] team0: Port device team_slave_1 added
[   39.606154][ T5347] team0: Port device team_slave_0 added
[   39.609513][ T5340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.618977][ T5342] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.621274][ T5342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.629055][ T5342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.633158][ T5347] team0: Port device team_slave_1 added
[   39.635557][ T5340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.638165][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.639828][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.645832][ T5349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.649793][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.651586][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.658006][ T5349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.661204][ T5342] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.663029][ T5342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.670190][ T5342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.715138][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.716893][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.723188][ T5347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.737591][ T5340] team0: Port device team_slave_0 added
[   39.740828][ T5340] team0: Port device team_slave_1 added
[   39.742579][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.744314][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.750606][ T5347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.817293][ T5349] hsr_slave_0: entered promiscuous mode
[   39.819404][ T5349] hsr_slave_1: entered promiscuous mode
[   39.833758][ T5342] hsr_slave_0: entered promiscuous mode
[   39.835807][ T5342] hsr_slave_1: entered promiscuous mode
[   39.837539][ T5342] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.840560][ T5342] Cannot create hsr debugfs directory
[   39.867469][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.870088][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.878657][ T5340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.909927][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.912297][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.921443][ T5340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.933441][ T5347] hsr_slave_0: entered promiscuous mode
[   39.935799][ T5347] hsr_slave_1: entered promiscuous mode
[   39.939768][ T5347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.942503][ T5347] Cannot create hsr debugfs directory
[   39.984948][ T5340] hsr_slave_0: entered promiscuous mode
[   39.987882][ T5340] hsr_slave_1: entered promiscuous mode
[   39.989743][ T5340] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.992378][ T5340] Cannot create hsr debugfs directory
[   40.226700][ T5349] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   40.231134][ T5349] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   40.243537][ T5349] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   40.260478][ T5349] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   40.299828][ T5342] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   40.303758][ T5342] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   40.319085][ T5342] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   40.326572][ T5342] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   40.350013][ T5340] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   40.354959][ T5340] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   40.366361][ T5349] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.374962][ T5340] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   40.378467][ T5340] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   40.395371][ T5349] 8021q: adding VLAN 0 to HW filter on device team0
[   40.399856][ T5347] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   40.405174][ T5347] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   40.408541][ T5347] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   40.413357][ T5347] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   40.422391][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.424372][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.433370][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.435230][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.457413][ T5342] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.481801][ T5342] 8021q: adding VLAN 0 to HW filter on device team0
[   40.503407][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.505317][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.510123][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.512015][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.520000][ T5340] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.549823][ T5340] 8021q: adding VLAN 0 to HW filter on device team0
[   40.554322][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.556261][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.561008][ T5347] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.565865][ T5342] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.576886][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.579051][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.595482][ T5347] 8021q: adding VLAN 0 to HW filter on device team0
[   40.606267][ T5349] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.627195][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.629217][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.631973][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.633883][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.653297][ T5347] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   40.655992][ T5347] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.663966][ T5349] veth0_vlan: entered promiscuous mode
[   40.676398][ T5349] veth1_vlan: entered promiscuous mode
[   40.706784][ T5349] veth0_macvtap: entered promiscuous mode
[   40.713237][ T5342] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.726224][ T5349] veth1_macvtap: entered promiscuous mode
[   40.734352][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.751494][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.761680][ T5349] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.764036][ T5349] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.766275][ T5349] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.769524][ T5349] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.773233][ T5342] veth0_vlan: entered promiscuous mode
[   40.783845][ T5342] veth1_vlan: entered promiscuous mode
[   40.818998][ T1206] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.819697][   T64] Bluetooth: hci3: command tx timeout
[   40.821153][ T5348] Bluetooth: hci1: command tx timeout
[   40.824547][ T1206] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.828453][ T5348] Bluetooth: hci2: command tx timeout
[   40.829289][   T64] Bluetooth: hci0: command tx timeout
[   40.836941][ T1206] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.839128][ T5347] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.841222][ T1206] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.842033][ T5342] veth0_macvtap: entered promiscuous mode
[   40.851930][ T5342] veth1_macvtap: entered promiscuous mode
[   40.866940][ T5340] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.873019][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.874249][ T5349] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   40.876025][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.883466][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.887663][ T5342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.892829][ T5342] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.896093][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.928973][ T5342] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.931360][ T5342] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.933656][ T5342] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.935900][ T5342] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.940341][ T5405] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.942197][ T5347] veth0_vlan: entered promiscuous mode
[   40.946599][ T5340] veth0_vlan: entered promiscuous mode
[   40.955442][ T5340] veth1_vlan: entered promiscuous mode
[   40.965477][ T5340] veth0_macvtap: entered promiscuous mode
[   40.968921][ T5347] veth1_vlan: entered promiscuous mode
[   40.974492][ T5340] veth1_macvtap: entered promiscuous mode
[   40.999228][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.001304][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.068379][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.071094][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.074002][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.076717][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.080837][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.093549][ T5347] veth0_macvtap: entered promiscuous mode
[   41.096776][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.099675][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.102212][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.104926][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.108561][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.122354][ T5347] veth1_macvtap: entered promiscuous mode
[   41.129678][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.132340][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.134868][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.137554][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.141463][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.144190][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.147455][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.152967][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.155758][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.158406][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.161126][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.163691][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.166393][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.169963][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.175002][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.175229][ T5340] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.177098][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.181345][ T5340] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.183709][ T5340] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.186013][ T5340] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.195449][ T5347] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.197966][ T5347] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.200291][ T5347] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.202542][ T5347] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.264395][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.266453][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.290802][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.292552][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.293682][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.300528][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.327227][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.337590][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.371599][ T5414] syzkaller0: entered promiscuous mode
[   41.373131][ T5414] syzkaller0: entered allmulticast mode
[   41.676862][ T5418] binder: 5416:5418 ioctl c0306201 20000680 returned -14
[   42.773341][ T5427] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1'.
[   42.899369][   T64] Bluetooth: hci0: command tx timeout
[   42.899638][ T5354] Bluetooth: hci2: command tx timeout
[   42.899648][ T5358] Bluetooth: hci1: command tx timeout
[   42.904045][ T5348] Bluetooth: hci3: command tx timeout
[   43.208364][ T5354] Bluetooth: hci4: sending frame failed (-49)
[   43.210836][ T5348] Bluetooth: hci4: Opcode 0x1003 failed: -49
[   43.528575][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   43.533832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   43.536066][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   43.539420][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   43.544539][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   43.554559][ T5441] process 'syz.2.11' launched './file1' with NULL argv: empty string added
[   43.638252][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   43.639066][ T5441] bpf: Bad value for 'gid'
[   43.711308][ T5445] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[   43.875678][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   43.982769][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   44.048159][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   44.471202][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   44.628993][ T5454] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14'.
[   44.747651][   T39] audit: type=1326 audit(1728078489.946:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.758400][   T39] audit: type=1326 audit(1728078489.946:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.764204][   T39] audit: type=1326 audit(1728078489.956:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.773385][   T39] audit: type=1326 audit(1728078489.956:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.779092][   T39] audit: type=1326 audit(1728078489.956:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.784872][   T39] audit: type=1326 audit(1728078489.956:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.792877][   T39] audit: type=1326 audit(1728078489.956:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=144 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.799013][   T39] audit: type=1326 audit(1728078489.956:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.804500][   T39] audit: type=1326 audit(1728078489.956:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.811549][   T39] audit: type=1326 audit(1728078489.956:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5455 comm="syz.1.15" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[   44.920278][   T35] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   44.979731][ T5348] Bluetooth: hci0: command tx timeout
[   44.988978][ T5354] Bluetooth: hci1: command tx timeout
[   44.989922][   T64] Bluetooth: hci2: command tx timeout
[   44.990454][ T5348] Bluetooth: hci3: command tx timeout
[   45.087878][   T35] usb 5-1: Using ep0 maxpacket: 32
[   45.091708][   T35] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[   45.093891][   T35] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   45.097493][   T35] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   45.100648][   T35] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   45.104414][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   45.109039][   T35] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   45.111395][   T35] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   45.113568][   T35] usb 5-1: Product: syz
[   45.114705][   T35] usb 5-1: Manufacturer: syz
[   45.115949][   T35] usb 5-1: SerialNumber: syz
[   45.124329][   T35] usb 5-1: config 0 descriptor??
[   45.130606][   T35] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   45.142741][   T35] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   45.168503][ T5462] netlink: 96 bytes leftover after parsing attributes in process `syz.1.18'.
[   45.253778][ T5462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18'.
[   45.256239][ T5462] netlink: 'syz.1.18': attribute type 7 has an invalid length.
[   45.261851][ T5462] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   45.264277][ T5462] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   45.266570][ T5462] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   45.268930][ T5462] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   45.272347][ T5462] vxlan0: entered promiscuous mode
[   45.781837][   T35] usb 5-1: USB disconnect, device number 2
[   45.785883][   T35] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[   46.239551][ T5479] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23'.
[   46.292718][ T5481] netlink: 'syz.3.24': attribute type 1 has an invalid length.
[   46.337495][ T5487] netlink: 'syz.0.26': attribute type 1 has an invalid length.
[   47.057851][ T5348] Bluetooth: hci3: command tx timeout
[   47.057977][   T64] Bluetooth: hci1: command tx timeout
[   47.058259][ T5358] Bluetooth: hci0: command tx timeout
[   47.058294][ T5354] Bluetooth: hci2: command tx timeout
[   47.323699][ T5499] binder: 5497:5499 ioctl c0306201 20000680 returned -14
[   47.463711][ T5508] loop7: detected capacity change from 0 to 16384
[   47.569123][ T5511] Invalid logical block size (1)
[   48.663889][ T5522] binder: 5517:5522 ioctl c0306201 20000680 returned -14
[   49.226532][ T5526] netlink: 20 bytes leftover after parsing attributes in process `syz.1.35'.
[   49.403356][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.406686][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.420068][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.422150][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.424086][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.426013][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.431050][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.432997][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.434935][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1
[   49.436842][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.439523][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.441753][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.443681][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.445579][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.447511][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.450002][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.452066][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.453995][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.455924][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.461362][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.463376][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.465289][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.467266][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.470226][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.472183][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.474219][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.476149][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.478477][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.480578][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.482609][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.484603][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.486611][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.494694][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.499036][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.500970][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.502869][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.504660][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.517906][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.520974][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.524185][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.527320][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.531665][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.535683][ T5384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.551627][ T5384] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   49.681275][ T5542] binder: 5537:5542 ioctl c0306201 20000680 returned -14
[   49.738060][ T5543] binder: 5539:5543 ioctl c0306201 20000680 returned -14
[   50.307414][    C2] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies.
[   51.099534][ T5560] warning: `syz.1.44' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   52.507640][ T5581] syz.3.49 uses obsolete (PF_INET,SOCK_PACKET)
[   53.917253][ T5603] binder: 5601:5603 ioctl c0306201 20000680 returned -14
[   55.182171][ T5616] capability: warning: `syz.0.59' uses 32-bit capabilities (legacy support in use)
[   55.326219][ T5622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.61'.
[   55.329153][ T5622] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.331796][ T5622] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.337553][ T5622] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.340072][ T5622] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.657830][ T5632] binder: 5630:5632 ioctl c0306201 20000680 returned -14
[   55.959488][   T56] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   56.124072][   T56] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   56.126973][   T56] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   56.130748][   T56] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   56.133993][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   56.140271][   T56] usb 6-1: New USB device found, idVendor=7d25, idProduct=ac15, bcdDevice=fa.79
[   56.142485][   T56] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   56.145104][   T56] usb 6-1: Product: syz
[   56.146220][   T56] usb 6-1: Manufacturer: syz
[   56.155817][   T56] cdc_wdm 6-1:1.0: invalid descriptor buffer length
[   56.160355][   T56] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   56.162574][   T56] cdc_wdm 6-1:1.0: Unknown control protocol
[   56.176681][ T5637] binder: 5635:5637 ioctl c0306201 20000680 returned -14
[   56.365008][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.367080][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.369254][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.371515][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.373809][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.376056][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.378359][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.380598][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.382818][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.385020][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.387121][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.388912][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.390701][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.392431][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.394206][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.395977][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.397792][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.399566][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.401785][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   56.404038][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   56.410782][ T5634] ubi0: attaching mtd0
[   56.414427][ T5634] ubi0: scanning is finished
[   56.415779][ T5634] ubi0: empty MTD device detected
[   56.474659][  T830] usb 6-1: USB disconnect, device number 2
[   56.474702][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   56.889639][ T5634] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   56.891881][ T5634] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   56.893745][ T5634] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   56.896018][ T5634] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   56.899383][ T5634] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   56.901257][ T5634] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   56.903328][ T5634] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 898320190
[   56.905860][ T5634] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   56.910003][ T5643] ubi0: background thread "ubi_bgt0d" started, PID 5643
[   57.564823][ T5664] netlink: 'syz.1.72': attribute type 1 has an invalid length.
[   57.567288][ T5664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.72'.
[   58.486391][ T5675] mmap: syz.3.76 (5675) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   58.500900][ T5675] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.886888][ T5683] netlink: 'syz.0.78': attribute type 10 has an invalid length.
[   58.894550][ T5683] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.78'.
[   58.900695][ T5683] openvswitch: netlink: Key type 29 is not supported
[   63.978154][ T5762] netlink: 'syz.2.96': attribute type 3 has an invalid length.
[   63.980096][ T5762] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.96'.
[   64.528063][ T5778] capability: warning: `syz.2.100' uses deprecated v2 capabilities in a way that may be insecure
[   64.950000][ T5787] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.793983][ T5796] netlink: 100 bytes leftover after parsing attributes in process `syz.2.104'.
[   65.798558][ T5796] netlink: 100 bytes leftover after parsing attributes in process `syz.2.104'.
[   65.854558][ T5802] autofs: Bad value for 'fd'
[   65.893767][ T5803] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.104'.
[   66.301794][ T5808] binder: 5806:5808 ioctl c0306201 20000680 returned -14
[   66.874494][ T5811] netlink: 12 bytes leftover after parsing attributes in process `syz.0.109'.
[   67.158468][ T5816] binder: 5814:5816 ioctl c0306201 20000680 returned -14
[   69.173723][ T5840] FAULT_INJECTION: forcing a failure.
[   69.173723][ T5840] name failslab, interval 1, probability 0, space 0, times 1
[   69.177573][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz.1.117 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   69.180241][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.183197][ T5840] Call Trace:
[   69.184306][ T5840]  <TASK>
[   69.185070][ T5840]  dump_stack_lvl+0x16c/0x1f0
[   69.186348][ T5840]  should_fail_ex+0x497/0x5b0
[   69.187598][ T5840]  ? fs_reclaim_acquire+0xae/0x160
[   69.189068][ T5840]  should_failslab+0xc2/0x120
[   69.190302][ T5840]  __kmalloc_cache_noprof+0x6b/0x310
[   69.191722][ T5840]  ? tty_alloc_file+0x3f/0xa0
[   69.193208][ T5840]  ? __pfx_ptmx_open+0x10/0x10
[   69.195013][ T5840]  tty_alloc_file+0x3f/0xa0
[   69.196527][ T5840]  ptmx_open+0x58/0x350
[   69.197715][ T5840]  ? __pfx_ptmx_open+0x10/0x10
[   69.199006][ T5840]  chrdev_open+0x237/0x6a0
[   69.200167][ T5840]  ? __pfx_chrdev_open+0x10/0x10
[   69.201419][ T5840]  ? security_file_open+0x62a/0x9d0
[   69.202851][ T5840]  do_dentry_open+0x6ca/0x1530
[   69.204393][ T5840]  ? __pfx_chrdev_open+0x10/0x10
[   69.205650][ T5840]  ? inode_permission+0xdd/0x5f0
[   69.206871][ T5840]  vfs_open+0x82/0x3f0
[   69.208054][ T5840]  ? may_open+0x1f2/0x400
[   69.209588][ T5840]  path_openat+0x1e6a/0x2d60
[   69.211275][ T5840]  ? __pfx_path_openat+0x10/0x10
[   69.212993][ T5840]  ? __pfx___lock_acquire+0x10/0x10
[   69.214850][ T5840]  do_filp_open+0x1dc/0x430
[   69.216469][ T5840]  ? __pfx_do_filp_open+0x10/0x10
[   69.218282][ T5840]  ? find_held_lock+0x2d/0x110
[   69.219943][ T5840]  ? _raw_spin_unlock+0x28/0x50
[   69.221717][ T5840]  ? alloc_fd+0x2d7/0x6c0
[   69.223339][ T5840]  do_sys_openat2+0x17a/0x1e0
[   69.224999][ T5840]  ? __pfx_do_sys_openat2+0x10/0x10
[   69.226865][ T5840]  ? __fget_files+0x244/0x3f0
[   69.228564][ T5840]  __ia32_compat_sys_openat+0x16e/0x210
[   69.230538][ T5840]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[   69.232665][ T5840]  ? ksys_write+0x1ad/0x260
[   69.234290][ T5840]  __do_fast_syscall_32+0x73/0x120
[   69.236112][ T5840]  do_fast_syscall_32+0x32/0x80
[   69.237830][ T5840]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.240065][ T5840] RIP: 0023:0xf741e579
[   69.241491][ T5840] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.248159][ T5840] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[   69.251113][ T5840] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000100
[   69.253866][ T5840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.256590][ T5840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.259371][ T5840] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.262079][ T5840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.264886][ T5840]  </TASK>
[   69.758629][ T5854] binder: 5851:5854 ioctl c0306201 20000680 returned -14
[   70.019272][ T5866] sctp: [Deprecated]: syz.0.125 (pid 5866) Use of struct sctp_assoc_value in delayed_ack socket option.
[   70.019272][ T5866] Use struct sctp_sack_info instead
[   70.741399][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[   70.743658][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[   70.904126][ T5887] Zero length message leads to an empty skb
[   70.933917][ T5889] dlm: no local IP address has been set
[   70.936192][ T5889] dlm: cannot start dlm midcomms -107
[   71.401731][ T5904] FAULT_INJECTION: forcing a failure.
[   71.401731][ T5904] name failslab, interval 1, probability 0, space 0, times 0
[   71.405166][ T5904] CPU: 3 UID: 0 PID: 5904 Comm: syz.1.141 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   71.407909][ T5904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.410785][ T5904] Call Trace:
[   71.411725][ T5904]  <TASK>
[   71.412510][ T5904]  dump_stack_lvl+0x16c/0x1f0
[   71.413756][ T5904]  should_fail_ex+0x497/0x5b0
[   71.415001][ T5904]  ? fs_reclaim_acquire+0xae/0x160
[   71.416655][ T5904]  should_failslab+0xc2/0x120
[   71.418248][ T5904]  __kmalloc_cache_noprof+0x6b/0x310
[   71.419903][ T5904]  ? snd_pcm_oss_change_params_locked+0x242/0x3a50
[   71.421846][ T5904]  snd_pcm_oss_change_params_locked+0x242/0x3a50
[   71.423848][ T5904]  ? __pfx___mutex_trylock_common+0x10/0x10
[   71.425506][ T5904]  ? rcu_is_watching+0x12/0xc0
[   71.426843][ T5904]  ? trace_contention_end+0xea/0x140
[   71.428342][ T5904]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[   71.430539][ T5904]  ? __mutex_lock+0x1a6/0x9c0
[   71.431983][ T5904]  ? snd_pcm_oss_sync+0x306/0x7f0
[   71.433450][ T5904]  ? __pfx___mutex_lock+0x10/0x10
[   71.435210][ T5904]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[   71.437097][ T5904]  snd_pcm_oss_sync+0x326/0x7f0
[   71.438667][ T5904]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[   71.440330][ T5904]  snd_pcm_oss_release+0x28b/0x310
[   71.441760][ T5904]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[   71.443369][ T5904]  __fput+0x3f6/0xb60
[   71.444456][ T5904]  task_work_run+0x14e/0x250
[   71.445715][ T5904]  ? __pfx_task_work_run+0x10/0x10
[   71.447189][ T5904]  ? __pfx___close_range+0x10/0x10
[   71.448707][ T5904]  syscall_exit_to_user_mode+0x27b/0x2a0
[   71.450608][ T5904]  __do_fast_syscall_32+0x80/0x120
[   71.452332][ T5904]  do_fast_syscall_32+0x32/0x80
[   71.453958][ T5904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   71.456056][ T5904] RIP: 0023:0xf741e579
[   71.457450][ T5904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   71.463804][ T5904] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 00000000000001b4
[   71.466595][ T5904] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000b
[   71.469226][ T5904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   71.471874][ T5904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   71.474512][ T5904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   71.477086][ T5904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   71.479733][ T5904]  </TASK>
[   71.553061][    C3] Unknown status report in ack skb
[   71.787291][ T5925] netlink: 256 bytes leftover after parsing attributes in process `syz.0.146'.
[   71.800407][ T5925] FAULT_INJECTION: forcing a failure.
[   71.800407][ T5925] name failslab, interval 1, probability 0, space 0, times 0
[   71.804414][ T5925] CPU: 0 UID: 0 PID: 5925 Comm: syz.0.146 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   71.807880][ T5925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.811333][ T5925] Call Trace:
[   71.812385][ T5925]  <TASK>
[   71.813418][ T5925]  dump_stack_lvl+0x16c/0x1f0
[   71.814845][ T5925]  should_fail_ex+0x497/0x5b0
[   71.816129][ T5925]  ? fs_reclaim_acquire+0xae/0x160
[   71.817729][ T5925]  should_failslab+0xc2/0x120
[   71.819342][ T5925]  __kmalloc_node_noprof+0xd1/0x440
[   71.820743][ T5925]  ? crypto_alloc_tfmmem.isra.0+0x38/0x110
[   71.822323][ T5925]  ? __pfx_crypto_alg_extsize+0x10/0x10
[   71.823818][ T5925]  crypto_alloc_tfmmem.isra.0+0x38/0x110
[   71.825523][ T5925]  crypto_create_tfm_node+0x83/0x320
[   71.827027][ T5925]  crypto_alloc_tfm_node+0x102/0x260
[   71.828485][ T5925]  __keyctl_dh_compute+0x2b5/0xf50
[   71.829879][ T5925]  ? __pfx___lock_acquire+0x10/0x10
[   71.831347][ T5925]  ? __pfx_lock_release+0x10/0x10
[   71.832743][ T5925]  ? trace_lock_acquire+0x14a/0x1d0
[   71.834193][ T5925]  ? __pfx___keyctl_dh_compute+0x10/0x10
[   71.835761][ T5925]  ? __pfx_lock_release+0x10/0x10
[   71.837160][ T5925]  ? trace_lock_acquire+0x14a/0x1d0
[   71.838597][ T5925]  compat_keyctl_dh_compute+0x161/0x1d0
[   71.840124][ T5925]  ? __pfx_compat_keyctl_dh_compute+0x10/0x10
[   71.841786][ T5925]  ? ksys_write+0x1ad/0x260
[   71.843060][ T5925]  ? __pfx_ksys_write+0x10/0x10
[   71.844638][ T5925]  __do_compat_sys_keyctl+0x27b/0x440
[   71.846177][ T5925]  __do_fast_syscall_32+0x73/0x120
[   71.847607][ T5925]  do_fast_syscall_32+0x32/0x80
[   71.848938][ T5925]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   71.850625][ T5925] RIP: 0023:0xf7fb4579
[   71.851758][ T5925] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   71.857483][ T5925] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000120
[   71.859819][ T5925] RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000020000080
[   71.861986][ T5925] RDX: 00000000200000c0 RSI: 000000000000001c RDI: 00000000200001c0
[   71.864192][ T5925] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   71.866611][ T5925] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   71.868754][ T5925] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   71.870935][ T5925]  </TASK>
[   71.874877][ T5925] could not allocate digest TFM handle poly1305
[   72.882609][ T5947] 9pnet_fd: Insufficient options for proto=fd
[   74.578694][ T1423] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   74.738543][ T1423] usb 6-1: too many configurations: 9, using maximum allowed: 8
[   74.741341][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.743654][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.746387][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.749657][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.752099][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.755374][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.761877][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.764311][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.767096][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.770071][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.772406][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.775266][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.777866][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.783051][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.785951][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.788754][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.791466][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.795228][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.809517][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.813841][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.819966][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.823790][ T1423] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   74.826821][ T1423] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   74.832128][ T1423] usb 6-1: config 0 interface 0 has no altsetting 0
[   74.836598][ T1423] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   74.841450][ T1423] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   74.845161][ T1423] usb 6-1: Product: syz
[   74.846755][ T1423] usb 6-1: Manufacturer: syz
[   74.849275][ T1423] usb 6-1: SerialNumber: syz
[   74.855737][ T1423] usb 6-1: config 0 descriptor??
[   74.864303][ T1423] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[   75.068806][ T1423] usb 6-1: USB disconnect, device number 3
[   75.073704][ T1423] yurex 6-1:0.0: USB YUREX #0 now disconnected
[   75.750226][ T6017] netlink: 28 bytes leftover after parsing attributes in process `syz.1.178'.
[   75.760532][ T6017] =======================================================
[   75.760532][ T6017] WARNING: The mand mount option has been deprecated and
[   75.760532][ T6017]          and is ignored by this kernel. Remove the mand
[   75.760532][ T6017]          option from the mount to silence this warning.
[   75.760532][ T6017] =======================================================
[   75.825809][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.177'.
[   75.858435][ T6015] xt_CT: You must specify a L4 protocol and not use inversions on it
[   75.869953][ T1702] cfg80211: failed to load regulatory.db
[   76.075331][ T1100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   76.078651][ T1100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.108886][   T30] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   76.158314][ T1100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   76.160985][ T1100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.195332][ T5348] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.198058][ T5348] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.200410][ T5348] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.204513][ T5348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.207462][ T5348] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   76.210971][ T5348] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.222448][ T1100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   76.225801][ T1100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.267988][   T30] usb 8-1: Using ep0 maxpacket: 16
[   76.271281][   T30] usb 8-1: config 7 has an invalid interface number: 128 but max is 0
[   76.273735][   T30] usb 8-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[   76.276038][   T30] usb 8-1: config 7 has no interface number 0
[   76.278552][   T30] usb 8-1: config 7 interface 128 altsetting 0 endpoint 0xB has invalid maxpacket 2047, setting to 1024
[   76.281703][   T30] usb 8-1: config 7 interface 128 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   76.284505][   T30] usb 8-1: config 7 interface 128 altsetting 0 endpoint 0x8C has invalid maxpacket 3289, setting to 64
[   76.287340][   T30] usb 8-1: config 7 interface 128 altsetting 0 has 6 endpoint descriptors, different from the interface descriptor's value: 5
[   76.288812][ T6027] chnl_net:caif_netlink_parms(): no params data found
[   76.291126][   T30] usb 8-1: New USB device found, idVendor=0bda, idProduct=d723, bcdDevice=e9.5b
[   76.295394][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.303004][ T6015] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   76.335577][ T1100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   76.338677][ T1100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.373211][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.375138][ T6027] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.377044][ T6027] bridge_slave_0: entered allmulticast mode
[   76.379460][ T6027] bridge_slave_0: entered promiscuous mode
[   76.384927][ T6027] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.387084][ T6027] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.389241][ T6027] bridge_slave_1: entered allmulticast mode
[   76.391294][ T6027] bridge_slave_1: entered promiscuous mode
[   76.412776][ T6027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.416537][ T6027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.474152][ T6027] team0: Port device team_slave_0 added
[   76.476609][ T1100] bridge_slave_1: left allmulticast mode
[   76.482176][ T1100] bridge_slave_1: left promiscuous mode
[   76.485117][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.493512][ T1100] bridge_slave_0: left allmulticast mode
[   76.497271][ T1100] bridge_slave_0: left promiscuous mode
[   76.509014][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.566429][ T6020] netlink: 'syz.3.177': attribute type 1 has an invalid length.
[   76.632406][ T6037] overlayfs: workdir and upperdir must be separate subtrees
[   76.816186][ T5389] libceph: connect (1)[c::]:6789 error -101
[   76.824823][ T5389] libceph: mon0 (1)[c::]:6789 connect error
[   76.827937][ T5389] libceph: connect (1)[c::]:6789 error -101
[   76.829591][ T5389] libceph: mon0 (1)[c::]:6789 connect error
[   76.880322][ T6041] ceph: No mds server is up or the cluster is laggy
[   76.882473][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.896477][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   76.902807][ T1100] bond0 (unregistering): Released all slaves
[   76.925717][ T6027] team0: Port device team_slave_1 added
[   76.941868][ T6037] netlink: 12 bytes leftover after parsing attributes in process `syz.3.177'.
[   76.947897][   T30] usb 8-1: string descriptor 0 read error: -71
[   76.951617][   T30] usb 8-1: USB disconnect, device number 2
[   77.029261][ T6050] bridge0: entered allmulticast mode
[   77.031744][ T6027] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.033806][ T6027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.041665][ T6027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.046900][ T6050] pimreg: entered allmulticast mode
[   77.048941][ T6027] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.051269][ T6027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.060923][ T6027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.069919][ T6050] pimreg: left allmulticast mode
[   77.071703][ T6050] bridge0: left allmulticast mode
[   77.132311][ T6027] hsr_slave_0: entered promiscuous mode
[   77.135074][ T6027] hsr_slave_1: entered promiscuous mode
[   77.137070][ T6027] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.140935][ T6027] Cannot create hsr debugfs directory
[   77.188853][ T1100] hsr_slave_0: left promiscuous mode
[   77.196684][ T1100] hsr_slave_1: left promiscuous mode
[   77.215041][ T1100] veth1_macvtap: left promiscuous mode
[   77.217100][ T1100] veth0_macvtap: left promiscuous mode
[   77.219668][ T1100] veth1_vlan: left promiscuous mode
[   77.221577][ T1100] veth0_vlan: left promiscuous mode
[   77.810542][ T1100] team0 (unregistering): Port device team_slave_1 removed
[   77.895294][ T1100] team0 (unregistering): Port device team_slave_0 removed
[   78.259054][ T5348] Bluetooth: hci1: command tx timeout
[   78.409635][ T6051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.186'.
[   78.551491][ T6070] binder: 6067:6070 ioctl c0306201 20000680 returned -14
[   79.136483][ T6027] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.159134][ T6027] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.171655][ T6027] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.179364][ T6027] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.263097][ T6027] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.287003][ T6027] 8021q: adding VLAN 0 to HW filter on device team0
[   79.306695][ T1206] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.308588][ T1206] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.334796][ T1206] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.337364][ T1206] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.629678][ T6027] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.659798][ T6027] veth0_vlan: entered promiscuous mode
[   79.670722][ T6027] veth1_vlan: entered promiscuous mode
[   79.695541][ T6027] veth0_macvtap: entered promiscuous mode
[   79.702715][ T6027] veth1_macvtap: entered promiscuous mode
[   79.716673][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.720976][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.723638][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.726514][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.730066][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.733033][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.739531][ T6027] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.753097][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.755969][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.761010][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.764640][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.768478][ T6027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   79.774108][ T6027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.778038][ T6027] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.822118][ T6027] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.827356][ T6027] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.838438][ T6027] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.841571][ T6027] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.941957][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.944702][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.973533][  T207] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.975754][  T207] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.347942][ T5348] Bluetooth: hci1: command tx timeout
[   80.406634][ T6124] netdevsim netdevsim1: Direct firmware load for .Þ failed with error -2
[   80.414559][ T6124] netdevsim netdevsim1: Falling back to sysfs fallback for: .Þ
[   80.522224][   T39] kauditd_printk_skb: 12 callbacks suppressed
[   80.522236][   T39] audit: type=1400 audit(1728078525.726:24): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=6129 comm="syz.2.201"
[   80.664610][ T6140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.204'.
[   80.672459][ T6140] tipc: Started in network mode
[   80.673626][ T6140] tipc: Node identity ac1414aa, cluster identity 4711
[   80.676224][ T6140] tipc: Enabled bearer <udp:s>, priority 10
[   81.118166][ T6153] syzkaller1: entered promiscuous mode
[   81.119655][ T6153] syzkaller1: entered allmulticast mode
[   81.669446][    T8] tipc: Node number set to 2886997162
[   82.110650][ T6179] FAULT_INJECTION: forcing a failure.
[   82.110650][ T6179] name failslab, interval 1, probability 0, space 0, times 0
[   82.115543][ T6179] CPU: 2 UID: 0 PID: 6179 Comm: syz.3.214 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   82.119379][ T6179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.123201][ T6179] Call Trace:
[   82.124436][ T6179]  <TASK>
[   82.125535][ T6179]  dump_stack_lvl+0x16c/0x1f0
[   82.126929][ T6179]  should_fail_ex+0x497/0x5b0
[   82.128170][ T6179]  ? fs_reclaim_acquire+0xae/0x160
[   82.129840][ T6179]  should_failslab+0xc2/0x120
[   82.131433][ T6179]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   82.133250][ T6179]  ? __anon_vma_prepare+0xae/0x5e0
[   82.135077][ T6179]  __anon_vma_prepare+0xae/0x5e0
[   82.136878][ T6179]  ? __pfx___pte_alloc+0x10/0x10
[   82.138688][ T6179]  __vmf_anon_prepare+0x11c/0x240
[   82.140367][ T6179]  do_pte_missing+0x100b/0x3e50
[   82.142146][ T6179]  ? _raw_spin_unlock+0x28/0x50
[   82.143916][ T6179]  ? __pmd_alloc+0x359/0x810
[   82.145623][ T6179]  __handle_mm_fault+0x100a/0x2a10
[   82.147408][ T6179]  ? __pfx_mt_find+0x10/0x10
[   82.149047][ T6179]  ? __pfx___handle_mm_fault+0x10/0x10
[   82.150958][ T6179]  handle_mm_fault+0x3fa/0xaa0
[   82.152639][ T6179]  __get_user_pages+0x90f/0x3b90
[   82.154402][ T6179]  ? __pfx___get_user_pages+0x10/0x10
[   82.156266][ T6179]  get_user_pages_remote+0x25e/0xb30
[   82.158058][ T6179]  ? lock_acquire+0x2f/0xb0
[   82.159718][ T6179]  ? __pfx_get_user_pages_remote+0x10/0x10
[   82.161778][ T6179]  ? down_read+0xc9/0x330
[   82.163284][ T6179]  ? __might_fault+0x13b/0x190
[   82.164862][ T6179]  get_arg_page+0x13e/0x640
[   82.166463][ T6179]  ? __pfx_get_arg_page+0x10/0x10
[   82.168279][ T6179]  ? __might_fault+0xe3/0x190
[   82.169993][ T6179]  ? __might_fault+0xe3/0x190
[   82.171735][ T6179]  copy_string_kernel+0x165/0x210
[   82.173576][ T6179]  ? count.constprop.0.isra.0+0xf4/0x170
[   82.175741][ T6179]  do_execveat_common.isra.0+0x34e/0x630
[   82.177793][ T6179]  __ia32_compat_sys_execve+0x90/0xc0
[   82.179415][ T6179]  __do_fast_syscall_32+0x73/0x120
[   82.180851][ T6179]  do_fast_syscall_32+0x32/0x80
[   82.182142][ T6179]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   82.183834][ T6179] RIP: 0023:0xf7fe4579
[   82.184917][ T6179] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   82.189954][ T6179] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 000000000000000b
[   82.192709][ T6179] RAX: ffffffffffffffda RBX: 0000000020000300 RCX: 00000000200032c0
[   82.195376][ T6179] RDX: 0000000020001100 RSI: 0000000000000000 RDI: 0000000000000000
[   82.198054][ T6179] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   82.200709][ T6179] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   82.203370][ T6179] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   82.206091][ T6179]  </TASK>
[   82.418426][ T5348] Bluetooth: hci1: command tx timeout
[   82.433769][ T6195] Driver unsupported XDP return value 0 on prog  (id 90) dev N/A, expect packet loss!
[   82.698473][ T6203] binder: 6199:6203 ioctl c0306201 20000680 returned -14
[   83.326243][ T6209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.223'.
[   83.332622][ T6210] batman_adv: batadv1: Adding interface: netdevsim0
[   83.335083][ T6210] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.344779][ T6210] batman_adv: batadv1: Interface activated: netdevsim0
[   83.442727][ T6216] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[   83.448351][ T6216] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.451454][ T6216] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.456201][ T6216] bridge0: entered allmulticast mode
[   83.892224][   T56] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   84.052112][   T56] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   84.055181][   T56] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.067892][   T56] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   84.070241][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.079164][   T56] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   84.082390][   T56] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   84.085178][   T56] usb 6-1: Product: syz
[   84.086674][   T56] usb 6-1: Manufacturer: syz
[   84.091481][   T56] cdc_wdm 6-1:1.0: skipping garbage
[   84.093117][   T56] cdc_wdm 6-1:1.0: skipping garbage
[   84.100225][   T56] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   84.102363][   T56] cdc_wdm 6-1:1.0: Unknown control protocol
[   84.303484][    C1] wdm_int_callback: 383 callbacks suppressed
[   84.303498][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.306972][    C1] wdm_int_callback: 383 callbacks suppressed
[   84.306982][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.310420][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.312137][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.313887][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.315603][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.317361][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.319124][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.320903][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.322628][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.324367][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.326078][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.327840][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.329538][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.331278][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.332982][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.334736][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.336449][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.338222][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   84.339948][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   84.345744][    T8] usb 6-1: USB disconnect, device number 4
[   84.345884][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   84.418108][ T6191] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   84.498170][ T5348] Bluetooth: hci1: command tx timeout
[   85.102675][ T6241] netlink: 156 bytes leftover after parsing attributes in process `syz.3.232'.
[   85.102707][ T6241] netlink: 'syz.3.232': attribute type 2 has an invalid length.
[   85.102714][ T6241] netlink: 60 bytes leftover after parsing attributes in process `syz.3.232'.
[   85.461191][ T6256] netlink: 'syz.2.237': attribute type 4 has an invalid length.
[   85.464271][ T6256] netlink: 17 bytes leftover after parsing attributes in process `syz.2.237'.
[   86.086866][ T6276] ptrace attach of "/syz-executor exec"[6027] was attempted by "/syz-executor exec"[6276]
[   86.154258][ T6285] netlink: 'syz.3.247': attribute type 11 has an invalid length.
[   86.156838][ T6285] netlink: 224 bytes leftover after parsing attributes in process `syz.3.247'.
[   86.357908][ T5389] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   86.519220][ T5389] usb 6-1: config 0 has no interfaces?
[   86.522025][ T5389] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   86.525160][ T5389] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   86.537864][ T5389] usb 6-1: SerialNumber: syz
[   86.540111][ T5389] usb 6-1: config 0 descriptor??
[   86.750711][ T5389] usb 6-1: USB disconnect, device number 5
[   87.049799][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.252'.
[   87.052238][ T6298] netlink: 16 bytes leftover after parsing attributes in process `syz.3.252'.
[   87.056316][ T6298] gtp0: entered promiscuous mode
[   87.057583][ T6298] gtp0: entered allmulticast mode
[   87.069561][ T6300] binder: 6299:6300 unknown command 1074553621
[   87.071354][ T6300] binder: 6299:6300 ioctl c0306201 20000180 returned -22
[   87.361547][ T6317] loop0: detected capacity change from 0 to 7
[   87.370818][ T6317] Dev loop0: unable to read RDB block 7
[   87.372513][ T6317]  loop0: AHDI p3
[   87.373500][ T6317] loop0: partition table partially beyond EOD, truncated
[   87.440909][ T6321] netlink: 'syz.1.261': attribute type 4 has an invalid length.
[   87.449386][ T6321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.261'.
[   87.592905][ T6327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.263'.
[   87.596512][ T6327] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.600551][ T6327] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.604463][ T6327] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.607454][ T6327] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.651137][ T6329] vxcan2: entered allmulticast mode
[   87.829943][ T4839] Dev loop0: unable to read RDB block 7
[   87.831874][ T4839]  loop0: AHDI p3
[   87.833121][ T4839] loop0: partition table partially beyond EOD, truncated
[   87.883405][ T6332] netlink: 56 bytes leftover after parsing attributes in process `syz.0.264'.
[   88.099174][ T4839] Dev loop0: unable to read RDB block 7
[   88.100685][ T4839]  loop0: AHDI p3
[   88.101731][ T4839] loop0: partition table partially beyond EOD, truncated
[   89.355999][   T39] audit: type=1800 audit(1728078534.556:25): pid=6361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.271" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[   89.492358][ T6366] sp0: Synchronizing with TNC
[   89.501451][ T6365] [U] è
[   89.517811][ T6375] netlink: 104 bytes leftover after parsing attributes in process `syz.2.276'.
[   89.520190][ T6375] netlink: 104 bytes leftover after parsing attributes in process `syz.2.276'.
[   89.528556][ T6374] binder: 6369:6374 ioctl c0306201 20000680 returned -14
[   89.608526][ T6378] fuse: Bad value for 'user_id'
[   89.613216][ T6378] fuse: Bad value for 'user_id'
[   90.401435][ T6400] can: request_module (can-proto-0) failed.
[   90.524633][ T6403] FAULT_INJECTION: forcing a failure.
[   90.524633][ T6403] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   90.531900][ T6403] CPU: 0 UID: 0 PID: 6403 Comm: syz.2.284 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   90.534758][ T6403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.537632][ T6403] Call Trace:
[   90.538589][ T6403]  <TASK>
[   90.539403][ T6403]  dump_stack_lvl+0x16c/0x1f0
[   90.540717][ T6403]  should_fail_ex+0x497/0x5b0
[   90.542012][ T6403]  ? fs_reclaim_acquire+0xae/0x160
[   90.543416][ T6403]  should_fail_alloc_page+0xe7/0x130
[   90.544845][ T6403]  prepare_alloc_pages.constprop.0+0x16f/0x560
[   90.546512][ T6403]  ? mark_lock+0xb5/0xc60
[   90.547697][ T6403]  __alloc_pages_noprof+0x190/0x25c0
[   90.549130][ T6403]  ? __pfx_mark_lock+0x10/0x10
[   90.550465][ T6403]  ? hlock_class+0x4e/0x130
[   90.551703][ T6403]  ? __lock_acquire+0xbdd/0x3ce0
[   90.553055][ T6403]  ? __pfx___alloc_pages_noprof+0x10/0x10
[   90.554863][ T6403]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.556928][ T6403]  ? policy_nodemask+0xea/0x4e0
[   90.558612][ T6403]  alloc_pages_mpol_noprof+0x2c9/0x610
[   90.560054][ T6403]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[   90.561665][ T6403]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   90.563192][ T6403]  folio_alloc_mpol_noprof+0x36/0xd0
[   90.564608][ T6403]  vma_alloc_folio_noprof+0xee/0x1b0
[   90.566028][ T6403]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[   90.567635][ T6403]  ? find_held_lock+0x2d/0x110
[   90.568930][ T6403]  do_pte_missing+0x2010/0x3e50
[   90.570288][ T6403]  ? rcu_is_watching+0x12/0xc0
[   90.571556][ T6403]  __handle_mm_fault+0x100a/0x2a10
[   90.572891][ T6403]  ? __pfx___handle_mm_fault+0x10/0x10
[   90.574366][ T6403]  ? __pfx_lock_release+0x10/0x10
[   90.575680][ T6403]  ? follow_page_pte+0x50d/0x1eb0
[   90.577033][ T6403]  handle_mm_fault+0x3fa/0xaa0
[   90.578347][ T6403]  __get_user_pages+0x90f/0x3b90
[   90.579690][ T6403]  ? __pfx___get_user_pages+0x10/0x10
[   90.581130][ T6403]  ? down_read_killable+0xcc/0x380
[   90.582519][ T6403]  ? __pfx_down_read_killable+0x10/0x10
[   90.584006][ T6403]  get_user_pages_unlocked+0x1c2/0x780
[   90.585480][ T6403]  ? __pfx_get_user_pages_unlocked+0x10/0x10
[   90.587116][ T6403]  ? __pfx_get_user_pages_fast_only+0x10/0x10
[   90.588848][ T6403]  ? __pfx___might_resched+0x10/0x10
[   90.590280][ T6403]  ? __pfx_mark_lock+0x10/0x10
[   90.591568][ T6403]  hva_to_pfn+0x2da/0xea0
[   90.592707][ T6403]  ? __pfx_hva_to_pfn+0x10/0x10
[   90.594006][ T6403]  ? xa_load+0x14a/0x2c0
[   90.595151][ T6403]  ? __pfx_lock_release+0x10/0x10
[   90.596494][ T6403]  ? xas_load+0x49/0x5b0
[   90.597627][ T6403]  ? xa_load+0xc8/0x2c0
[   90.598737][ T6403]  ? xa_load+0x154/0x2c0
[   90.599812][ T6403]  ? __pfx_xa_load+0x10/0x10
[   90.601010][ T6403]  __gfn_to_pfn_memslot+0x23f/0x570
[   90.602358][ T6403]  kvm_faultin_pfn+0x48c/0x1db0
[   90.603654][ T6403]  ? const_folio_flags+0x71/0x1f0
[   90.604974][ T6403]  ? __pfx_kvm_faultin_pfn+0x10/0x10
[   90.606427][ T6403]  ? kvm_tdp_page_fault+0x21a/0x350
[   90.607783][ T6403]  ? __pfx_folio_mark_accessed+0x10/0x10
[   90.609498][ T6403]  ? __kvm_mmu_topup_memory_cache+0x330/0x600
[   90.611556][ T6403]  ? lock_acquire+0x2f/0xb0
[   90.613090][ T6403]  ? kvm_pfn_to_refcounted_page+0x10a/0x5e0
[   90.615169][ T6403]  kvm_tdp_page_fault+0x182/0x350
[   90.616902][ T6403]  kvm_mmu_do_page_fault+0x59f/0x6a0
[   90.618700][ T6403]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[   90.620695][ T6403]  ? hlock_class+0x4e/0x130
[   90.622281][ T6403]  kvm_mmu_page_fault+0x214/0x1b70
[   90.624049][ T6403]  ? __pfx___lock_acquire+0x10/0x10
[   90.625845][ T6403]  ? rcu_qs+0x2b/0xe0
[   90.627052][ T6403]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[   90.628561][ T6403]  ? __pfx_mark_lock+0x10/0x10
[   90.629861][ T6403]  ? clear_bhb_loop+0x35/0x90
[   90.631160][ T6403]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   90.632679][ T6403]  handle_ept_violation+0x1f0/0x510
[   90.634081][ T6403]  ? __pfx_handle_ept_violation+0x10/0x10
[   90.635641][ T6403]  vmx_handle_exit+0x733/0x1ed0
[   90.636967][ T6403]  vcpu_run+0x2aa3/0x4c90
[   90.638177][ T6403]  ? __pfx_vcpu_run+0x10/0x10
[   90.639476][ T6403]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   90.641008][ T6403]  ? rcu_watching_snap_stopped_since+0x40/0x110
[   90.642716][ T6403]  ? trace_lock_acquire+0x14a/0x1d0
[   90.644133][ T6403]  ? __local_bh_enable_ip+0xa4/0x120
[   90.645595][ T6403]  ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730
[   90.647165][ T6403]  ? lock_acquire+0x2f/0xb0
[   90.648417][ T6403]  ? kvm_arch_vcpu_ioctl_run+0x447/0x1730
[   90.649969][ T6403]  kvm_arch_vcpu_ioctl_run+0x447/0x1730
[   90.651490][ T6403]  kvm_vcpu_ioctl+0x6c7/0x1510
[   90.652804][ T6403]  ? tomoyo_path_number_perm+0x467/0x5b0
[   90.654345][ T6403]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   90.655773][ T6403]  ? tomoyo_path_number_perm+0x190/0x5b0
[   90.657316][ T6403]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   90.658971][ T6403]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.660584][ T6403]  ? do_vfs_ioctl+0x513/0x1950
[   90.661897][ T6403]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   90.663456][ T6403]  ? trace_lock_acquire+0x14a/0x1d0
[   90.664866][ T6403]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[   90.666261][ T6403]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[   90.667804][ T6403]  ? __fget_files+0x244/0x3f0
[   90.668968][ T6403]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[   90.670400][ T6403]  __do_compat_sys_ioctl+0x259/0x2b0
[   90.671833][ T6403]  __do_fast_syscall_32+0x73/0x120
[   90.673221][ T6403]  do_fast_syscall_32+0x32/0x80
[   90.674551][ T6403]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   90.676291][ T6403] RIP: 0023:0xf73ee579
[   90.677400][ T6403] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   90.682554][ T6403] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   90.684786][ T6403] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[   90.686910][ T6403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   90.688991][ T6403] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   90.691107][ T6403] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   90.693221][ T6403] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   90.695344][ T6403]  </TASK>
[   91.816565][ T6432] bridge0: port 3(syz_tun) entered blocking state
[   91.820334][ T6432] bridge0: port 3(syz_tun) entered disabled state
[   91.824709][ T6432] syz_tun: entered allmulticast mode
[   91.834864][ T6432] syz_tun: entered promiscuous mode
[   91.839684][ T6432] bridge0: port 3(syz_tun) entered blocking state
[   91.841577][ T6432] bridge0: port 3(syz_tun) entered forwarding state
[   91.978434][ T6435] FAULT_INJECTION: forcing a failure.
[   91.978434][ T6435] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   91.983235][ T6435] CPU: 1 UID: 0 PID: 6435 Comm: syz.3.295 Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   91.986848][ T6435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.990638][ T6435] Call Trace:
[   91.991809][ T6435]  <TASK>
[   91.992843][ T6435]  dump_stack_lvl+0x16c/0x1f0
[   91.994507][ T6435]  should_fail_ex+0x497/0x5b0
[   91.996155][ T6435]  _copy_from_user+0x30/0xf0
[   91.997684][ T6435]  copy_from_buffer+0x86/0xb0
[   91.999289][ T6435]  copy_uabi_to_xstate+0x26e/0x670
[   92.001068][ T6435]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[   92.002911][ T6435]  ? __pfx_lock_release+0x10/0x10
[   92.004693][ T6435]  ? trace_lock_acquire+0x14a/0x1d0
[   92.006517][ T6435]  ? __fpu_restore_sig+0xc2c/0x1430
[   92.008228][ T6435]  ? __local_bh_enable_ip+0xa4/0x120
[   92.010015][ T6435]  __fpu_restore_sig+0x1070/0x1430
[   92.011727][ T6435]  ? __pfx___fpu_restore_sig+0x10/0x10
[   92.013637][ T6435]  ? lock_acquire+0x2f/0xb0
[   92.015237][ T6435]  ? __might_fault+0xe3/0x190
[   92.016880][ T6435]  ? __might_fault+0xe3/0x190
[   92.018568][ T6435]  fpu__restore_sig+0x102/0x180
[   92.020266][ T6435]  ia32_restore_sigcontext+0x40f/0x5d0
[   92.022159][ T6435]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[   92.024255][ T6435]  ? __pfx_lock_release+0x10/0x10
[   92.026029][ T6435]  ? _raw_spin_unlock_irq+0x23/0x50
[   92.027850][ T6435]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.029761][ T6435]  __do_compat_sys_rt_sigreturn+0x116/0x1f0
[   92.031777][ T6435]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[   92.033949][ T6435]  do_int80_emulation+0x104/0x200
[   92.035647][ T6435]  asm_int80_emulation+0x1a/0x20
[   92.037366][ T6435] RIP: 0023:0xf7fe4579
[   92.038834][ T6435] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   92.045416][ T6435] RSP: 002b:00000000f576656c EFLAGS: 00000296
[   92.047510][ T6435] RAX: 00000000fffffff2 RBX: 00000000ffffffff RCX: 0000000000000000
[   92.050309][ T6435] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 0000000000000000
[   92.052942][ T6435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   92.055658][ T6435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.058307][ T6435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   92.061038][ T6435]  </TASK>
[   92.185583][ T6441] netlink: 'syz.3.296': attribute type 9 has an invalid length.
[   92.187666][ T6441] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.296'.
[   92.251808][ T6443] syzkaller0: entered promiscuous mode
[   92.253263][ T6443] syzkaller0: entered allmulticast mode
[   92.509365][ T6451] hub 2-0:1.0: USB hub found
[   92.516891][ T6451] hub 2-0:1.0: 2 ports detected
[   92.620254][ T6451] binder: 6446:6451 ioctl 4018620d 0 returned -22
Connection to localhost closed by remote host.
[   94.389898][   T47] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000084: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   94.393585][   T47] KASAN: null-ptr-deref in range [0x0000000000000420-0x0000000000000427]
[   94.396682][   T47] CPU: 0 UID: 0 PID: 47 Comm: khugepaged Not tainted 6.12.0-rc1-syzkaller-00125-g0c559323bbaa #0
[   94.400102][   T47] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.402885][   T47] RIP: 0010:khugepaged+0xae0/0x15f0
[   94.404243][   T47] Code: ed c7 04 24 01 00 00 00 45 31 ff e9 9b fd ff ff e8 15 3d 98 ff 49 8d 7f 20 48 b9 00 00 00 00 00 fc ff df 48 89 f8 48 c1 e8 03 <80> 3c 08 00 0f 85 d4 09 00 00 49 8d 7f 70 49 8b 6f 20 48 b9 00 00
[   94.409381][   T47] RSP: 0018:ffffc900006dfcd0 EFLAGS: 00010207
[   94.411007][   T47] RAX: 0000000000000084 RBX: 0000000000000000 RCX: dffffc0000000000
[   94.413075][   T47] RDX: ffff88801e62c880 RSI: ffffffff81f4718b RDI: 0000000000000426
[   94.415161][   T47] RBP: 00000000100400fb R08: 0000000000000001 R09: 0000000000000000
[   94.417333][   T47] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000200
[   94.419568][   T47] R13: 0000000000000003 R14: 1ffff920000dbfab R15: 0000000000000406
[   94.421809][   T47] FS:  0000000000000000(0000) GS:ffff88802b400000(0000) knlGS:0000000000000000
[   94.424332][   T47] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.426261][   T47] CR2: 00000000577194ac CR3: 000000005f6bc000 CR4: 0000000000352ef0
[   94.428565][   T47] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 000000000000000f
[   94.430841][   T47] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[   94.433121][   T47] Call Trace:
[   94.434000][   T47]  <TASK>
[   94.434948][   T47]  ? die_addr+0x3b/0xa0
[   94.436254][   T47]  ? exc_general_protection+0x155/0x230
[   94.438079][   T47]  ? asm_exc_general_protection+0x26/0x30
[   94.440155][   T47]  ? khugepaged+0xacb/0x15f0
[   94.441897][   T47]  ? khugepaged+0xae0/0x15f0
[   94.443681][   T47]  ? __pfx_khugepaged+0x10/0x10
[   94.445430][   T47]  ? lock_acquire.part.0+0x11b/0x380
[   94.447173][   T47]  ? __print_lock_name+0x1e1/0x260
[   94.449038][   T47]  ? __kthread_parkme+0xb7/0x220
[   94.450795][   T47]  ? __pfx_autoremove_wake_function+0x10/0x10
[   94.452445][   T47]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.454086][   T47]  ? __kthread_parkme+0x148/0x220
[   94.456004][   T47]  ? __pfx_khugepaged+0x10/0x10
[   94.457801][   T47]  kthread+0x2c1/0x3a0
[   94.459331][   T47]  ? _raw_spin_unlock_irq+0x23/0x50
[   94.461233][   T47]  ? __pfx_kthread+0x10/0x10
[   94.462884][   T47]  ret_from_fork+0x45/0x80
[   94.464065][   T47]  ? __pfx_kthread+0x10/0x10
[   94.465278][   T47]  ret_from_fork_asm+0x1a/0x30
[   94.466558][   T47]  </TASK>
[   94.467409][   T47] Modules linked in:
[   94.468749][   T47] ---[ end trace 0000000000000000 ]---
[   94.508148][   T47] RIP: 0010:khugepaged+0xae0/0x15f0
[   94.509568][   T47] Code: ed c7 04 24 01 00 00 00 45 31 ff e9 9b fd ff ff e8 15 3d 98 ff 49 8d 7f 20 48 b9 00 00 00 00 00 fc ff df 48 89 f8 48 c1 e8 03 <80> 3c 08 00 0f 85 d4 09 00 00 49 8d 7f 70 49 8b 6f 20 48 b9 00 00
[   94.514549][   T47] RSP: 0018:ffffc900006dfcd0 EFLAGS: 00010207
[   94.516142][   T47] RAX: 0000000000000084 RBX: 0000000000000000 RCX: dffffc0000000000
[   94.518592][   T47] RDX: ffff88801e62c880 RSI: ffffffff81f4718b RDI: 0000000000000426
[   94.520649][   T47] RBP: 00000000100400fb R08: 0000000000000001 R09: 0000000000000000
[   94.522818][   T47] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000200
[   94.524868][   T47] R13: 0000000000000003 R14: 1ffff920000dbfab R15: 0000000000000406
[   94.526943][   T47] FS:  0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000
[   94.529839][   T47] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.531603][   T47] CR2: 00000000f73ce1a4 CR3: 000000005f6bc000 CR4: 0000000000352ef0
[   94.533717][   T47] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   94.535797][   T47] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   94.538018][   T47] Kernel panic - not syncing: Fatal exception
[   94.540081][   T47] Kernel Offset: disabled
[   94.541203][   T47] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:48:59  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85035855 RDI=ffffffff9a63a260 RBP=ffffffff9a63a220 RSP=ffffc900006df6b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff850357f0 R15=0000000000000000
RIP=ffffffff8503587f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000577194ac CR3=000000005f6bc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=000000000000000f DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000003 RBX=fffff52000eaeda0 RCX=0000000000000000 RDX=0000000000000002
RSI=0000000000000010 RDI=ffffc90007576db0 RBP=ffff888060b2c880 RSP=ffffc90007576d00
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=dffffc0000000000
R12=ffffc90007576db0 R13=0000000000140dca R14=dffffc0000000000 R15=0000000000140dca
RIP=ffffffff817896a7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020266000 CR3=000000005ba1e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff81d51a8a RDX=fffff94000002bd9
RSI=0000000000000008 RDI=ffffea0000015ec0 RBP=800000000057b007 RSP=ffffc9000771f660
R8 =0000000000000000 R9 =fffff94000002bd8 R10=ffffea0000015ec7 R11=000000000000532f
R12=dffffc0000000000 R13=0000000000000000 R14=ffffea0000015ec0 R15=ffffea0000015ec0
RIP=ffffffff81edf148 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73ce1a4 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000e2adc RBX=0000000000000003 RCX=ffffffff8b12f6f9 RDX=ffffed10056e7026
RSI=ffffffff8bb11fa0 RDI=ffffffff8164098c RBP=ffffed100376d488 RSP=ffffc90000497e08
R8 =0000000000000000 R9 =ffffed10056e7025 R10=ffff88802b73812b R11=0000000000002f2e
R12=0000000000000003 R13=ffff88801bb6a440 R14=ffffffff901ccb08 R15=0000000000000000
RIP=ffffffff8b130adf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73a36d4 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 27ed28f845f2291b bd54bc6c2d160533
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d6de73b57b2cf46e dfe3d77fc80fb18f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 66b23647b2edc64b baf088bdd68931e4
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfeb16e3d17d603f 93a522553000fa26
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005d00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a4af100001041 e4600000cecd0000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002c003a4bba 0000001a003a4e65
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a4bb1b7160000 6f58000062ed0000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1aec00005bef0000 00000020dfd680e6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8d0ecc38d524ac73 8796119897b23bf2
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 49f608ded2b9146b 63132255a7e0c07e
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000