last executing test programs:

3.439311663s ago: executing program 1 (id=532):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x881}, 0x94)
syz_io_uring_setup(0x6ce, &(0x7f0000000400)={0x0, 0x4bf2, 0x40, 0x5, 0x15}, &(0x7f00000000c0)=<r0=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
openat$tun(0xffffff9c, &(0x7f0000000040), 0x2a800, 0x0)
r1 = socket$nl_generic(0x11, 0x3, 0x10)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={0x0, @in6={{0xa, 0x3, 0x4, @mcast1, 0x3}}}, &(0x7f0000000040)=0x84)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000000)=0x2)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, 0x0)
setsockopt$sock_int(r6, 0x1, 0x31, &(0x7f0000001600), 0x4)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0xe22, 0x0, @local}, 0x1c)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x80, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [0x1, 0x8, 0x5, 0xae, 0x400, 0x8]}, &(0x7f0000000280)=0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa00080045"], 0x0)
sendmsg(r1, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

3.336798171s ago: executing program 1 (id=534):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
listen(r1, 0x100101)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f00000003c0)={0x3b}, 0x8)
accept4(r1, 0x0, 0x0, 0x0)

3.208484589s ago: executing program 1 (id=535):
socket$tipc(0x1e, 0x5, 0x0)
futex(&(0x7f0000000000)=0x2, 0x3, 0x2, &(0x7f00000000c0)={0x0, 0x3938700}, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
write$usbip_server(0xffffffffffffffff, &(0x7f0000000380)=ANY=[], 0xfffffffffffffd8e)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r0, 0x26c8, 0x0, 0x1, 0x0, 0x10) (fail_nth: 3)

2.386873527s ago: executing program 1 (id=536):
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002340), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x800, 0x2, 0xbf22, 0x21, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r4, 0x0, 0xa002a0}, 0x38)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200898, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xfecf, 0x4eb)

2.384566538s ago: executing program 3 (id=537):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x70bd26, 0x0, {0x25}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)

2.297495929s ago: executing program 3 (id=538):
ioperm(0x0, 0x6, 0x2da3b9f3)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
syz_io_uring_setup(0x1f90, &(0x7f0000000140)={0x0, 0x4162, 0x840, 0x1, 0x35b}, 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f00003fe000/0xc00000)=nil, 0xc00000, 0x1000006, 0x8010, 0xffffffffffffffff, 0x10000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = epoll_create(0x80)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000340), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000080))
epoll_wait(r3, &(0x7f0000000100), 0x0, 0xb6)
r5 = dup(r2)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x25, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @remote, 0x3}, 0x1c)
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
r6 = syz_io_uring_setup(0x507d, &(0x7f0000000480)={0x0, 0x20000000, 0x10100, 0x1, 0xffffffff}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000240)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r6, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2.297181546s ago: executing program 2 (id=539):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000000000008500004087000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000882fba7d44df1d7", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000009f80)="c674015814a875ec92e8793fce1d", 0x0, 0x130000b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x27)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x3, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x101}}]}, 0x38}}, 0x4000010)
sendmmsg$inet(r3, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
prlimit64(0xffffffffffffffff, 0xe, &(0x7f0000000040)={0x3, 0x3}, &(0x7f00000000c0))
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)={0x40, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PBSS={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x40025}, 0x0)

2.228983614s ago: executing program 2 (id=541):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='projid_map\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r1}, 0x18) (async, rerun: 64)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1}, 0x48) (rerun: 64)
pread64(r0, &(0x7f000004b680)=""/102400, 0x19000, 0x7) (async)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xd, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x38, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) (async)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000580)={'ip6_vti0\x00', <r5=>0x0, 0x4, 0x3, 0x4, 0x5, 0x40, @ipv4={'\x00', '\xff\xff', @multicast2}, @dev={0xfe, 0x80, '\x00', 0x24}, 0x40, 0x20, 0x1, 0x9}})
r6 = openat$ptmx(0xffffff9c, &(0x7f0000000400), 0x80000, 0x0)
ioctl$TIOCCONS(r6, 0x541d)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000006c0)={'ip6_vti0\x00', &(0x7f0000000640)={'syztnl2\x00', <r7=>0x0, 0x2f, 0x7, 0x2, 0x6, 0x8, @dev={0xfe, 0x80, '\x00', 0x2a}, @rand_addr=' \x01\x00', 0x80, 0x40, 0x4, 0x3}}) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000700)={<r8=>0x0, @private, @initdev}, &(0x7f0000000740)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={r2, 0x58, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10) (async)
getpeername$packet(r2, &(0x7f0000000840)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14) (async)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
getsockname$packet(r11, &(0x7f0000000140)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) (async)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r12, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r12], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000008c0)={<r14=>0x0, @remote, @empty}, &(0x7f0000000900)=0xc)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000009c0)={'syztnl1\x00', &(0x7f0000000940)={'ip6_vti0\x00', <r15=>0x0, 0x4, 0x9, 0x6, 0xffffffff, 0x0, @remote, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x7800, 0x700, 0x9, 0xfff}}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000a00)={'batadv0\x00', <r16=>0x0}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000ac0)={'gre0\x00', &(0x7f0000000a40)={'ip_vti0\x00', <r17=>0x0, 0x0, 0x8000, 0x8000, 0x8, {{0xc, 0x4, 0x2, 0x39, 0x30, 0x0, 0x0, 0xfa, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x39}, @dev={0xac, 0x14, 0x14, 0x31}, {[@ra={0x94, 0x4, 0x1}, @end, @timestamp_prespec={0x44, 0x14, 0x98, 0x3, 0x0, [{@private=0xa010100, 0x4}, {@private=0xa010100, 0x1}]}, @noop]}}}}})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000d40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000b00)={0x1e8, r3, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x88f2bde2e5a7eec5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}, @HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r17}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x44}, 0x20000804)

2.228865535s ago: executing program 3 (id=542):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000a80))
r4 = dup(r3)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_SET_SNDBIT(r5, 0x4004556a, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4})
r6 = fcntl$dupfd(r0, 0x0, r1)
r7 = eventfd2(0x8001, 0x0)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f00000000c0)={0x0, r7})

2.170039787s ago: executing program 2 (id=543):
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unlink(&(0x7f0000000000)='./file0\x00')
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r2, 0x58, &(0x7f00000003c0)}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000008c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f4, 0x0, 0x2b8, 0x0, 0x2b4, 0xff000000, 0x37c, 0x3a8, 0x3a8, 0x37c, 0x3a8, 0x3, 0x0, {[{{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'bond_slave_1\x00', 'wg2\x00'}, 0x0, 0xfc, 0x164, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_bond\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@CONNSECMARK={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x350)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r2}, 0x4)
r3 = getpid()
syz_pidfd_open(r3, 0x0)

2.169008054s ago: executing program 3 (id=544):
socket$kcm(0x29, 0x2, 0x0) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid() (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x48000009, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_QUANTUM={0x5, 0xf}]}}]}, 0x78}}, 0x0) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001600)=[{{&(0x7f00000001c0)={0xa, 0x4e21, 0x1, @loopback, 0x200}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000280)="2767fb", 0x3}, {&(0x7f0000000600)="7777bd54d746f27de23e92766f6c8fc9fed2edd7b84669882430d9c1b9b36c546e8e2534cf4bc065a3c40d0af21c5235ae978e771dfc80425d3e7439375b2a77b225edc494f2be40fda2969618c990be31aca67e11a1aa0de919d53f3a35d0c5a0ce1da8f809f59aa9ad3fa4f03f1a17901291257f735c2de879b47c4cdabf4605fd5b16c380a1bf61935c45037c19e7ddcc8d13d72f7fb4986dee2d73e2fd14b3988259e100110013b3480cd070d891e3b4aec9fe4a4962181d97bced75aa857bcdf5e864e3717a57f17e51e92fde9512676f668eab3378a4a279b82086e77fbfccb9888286145c7e1604d81f359403abf94bc4a0b005491cab73d940befb5f0a701e86771f52fce325c505fc5bd26520bbbe18aecd7574b7f7a23592d8a234930e3944752c84affff0e1ad93c775c0b7af10e2b38e31c74cc4f9d52df696db71707340d060ad2f97da79a02adc732d471277e11d71f41f8bbd033ae24e79de2b535fc970ba0bb22a6ea173544fe1e67343cbcb730953d7fd9c70bad591251626a5025637e92b65b5d64d4399af8f3b6e0cd52e7083b58d95e3c197fcd68e6e740aa47fc71ff54cb41ce245b4b2821b5df16b5e82420826203e28ee156e77f0340e5a8277b03d3da98f799326a28544bb4199594f360ffc8e9be52ab39b821fb790d412c1ecac8df74be5575923f3262588eb80aa508b45a65f017b9ff39e0844cd67c2fd022e512846c2b175846037f7be2e80e4365b7a3a92d4fd64c52508b4aba325bdfa8bfa64c64d3c12e854bfae2e449ba7ccc5b6d0739231e10f151871027b2b245c7345290b8ab3028afd8e57e7fb3de13a8ab332be42747f5569eba504664e2710efd65e1e3472a6721778b1182a180fda422fe3042f5a27c1a4507598779a17346ef69c0ba763d628c6d4adb51d1f53b72b88a42a10849ec42742615bd169212ec4b32f2b7ad9608c95c01b1b88b621712dde658a5b1d7a857722e97a99636877ddb1d360e2182d30860803c633daf6d4dd25b75d0bc56de6e88b4116585ddaf0f6708febe1e9a6cd825feb45a4ac4241a045fbe67858395738a6bfa8e2cc80bb509ef8ee6cd1ec788482bdf297650d4765466fc003b027200adc04eca7936456b1b36bb8e4bd2c425b386f241232d1f073309cdd7e6ec2fa67138b68b6c722bc2943cdd44bb2667513c111bdc71bdb2aa690f19de5ca72fdea07ff766d735c33366dd9f8c43fd052ba8aa7631c151c9d84a6ce0153c64b49a6aa86ea5d9f459489421fc5b2c3219c815bff857b2b2948fcbbba95e0d45a6c04384521f5ed8000e7c2621dca3a6012f16e55d93deedb154e4f7132655c27da6bc0137be4f9712c24584d06feaf6d5c6beb66b4460d6dbb4fdb4d441ab8a95346acad051c6ac3213993fb04a1a475fd2256981745c8e08f7e8c545082dec0343bf76990c56bcb378d5561dd2b2d0abb7295972a07650f89e271dc21dd81406468b99018740f154a850ed5e8532a52ac64c51d9e45f6c973523f4f51e29858ae6213c94336d41e7e7e6b7b8134d892b5218d9c77e86017ad01cfa3ce50eba5057e578e7880c41e0a7bced7b34f5b4fd335e1c62ef652a9b8ad7000adf52804f65a6f364a89da0fa898e86d1b3d66af9f0854d8cb86046c0a4b5ab6b2f693d237b4f35e7ab19f879c8d25c64549e25e57fb5c1f415ed6270ab41a81a5914990cafd9673bb2765ffcaecad6ea6a50ccf3e521dd93d93f4d3b45b085c7d60257011ace184de4f5d41dcb2ece6f4a8f1e07027f461ca256f22eea9debd0b893f689c3f83b2698067f6a443adb7ce2ae26b55f55712f246e6ddf916f3e0bcfba5b282de5c10318e6fdded3bb6d1bf390bb1c66c6b7fc4f26be3f3703c6ce1adc1103b37a6dc75fb1fe7c0e3e22a303b8965db0e4d586df07815bfc37951f4da6e30cb5be0367f43691c684cfabe10a03d632a873b4926de8d0c8351ea8fda63767b59af3acd6dc15ba95b6c1928e46a226b602fc993487d5aca82d835c6ec8a006016b394bc8f92a8c1964e182e01645c08e6f8c5b025968dca2d2d7fc3ac10bce0485efad28db4bb095d788d1245e4629b4b55a4fa90d044038371baaec16df05575e9d90736ddd8885df67bcd0e4182c1f26dab67ff0978a53d976d81c6c9025de5a96c1557b8a57009b10cfb8846ea52590b945df0585c7d45f4b4e01d2b52bdd71608d2f6ebb813025164f9de6b68011e6e4511563efb2b2dc889faec77e35ef87319719c2fb68c1d866c410d8522bf3292d0bd223ddcaf654c3733ad0ffbbea1d278dd1dd9bbafa21524577d21e429a261f30b3de553f3fed9291b9b91e0a1cce41853be35f4d8919127d3e305b623df1eccd813648bcefb9abb6a0a7cc3d1cd73f80dc91d9cd949ee54b7fac51db582a4500ba5f0aa56c365f1e77fed0a62863d873e31eab49745fc043212075f8f162a2428c9e05e73b6ce783a076ee958f6ba8bef836ae0ec9b6cdfd6eb271c905dcac2a58d3b4ae2d3b7ad2dc3a214b975e6cb26189f911533635eb2caa928595941c9ad742de0b0252332b18dd2d7b54ff07e508556572769f2625b8529fa900ff4ef4666eabf6c6e0aaee15a03dc7aae00f22361b380d8dd19ae7da3dd585486edd5e4960c51a435fb4478cb4dedbfffb645393e893480f21304055d907a50b3f9e56a2404b7b5c696f5e05322d46708ff712599acc2402eb4abe955a643a70d3864dc462919e849cefe0880a416f25a85fb41d3334b4bb1ddc5eca693e29edf1bcb66fd42325b9cc33f499168f5e81162dad04f0f0c12a3bd230188bc5134e9c286ad1dbef738e8308cdf968882b93e50f792e92489b9dfcff65ca52ada4987c04dd46cde3563c5d032cb61eb883344f187513836fce031ebe6af9220aafab23b97f1bda669bf42b2260ac3878a71b75314566230363e28b3357895ef6e220af4ea0f21c959db9824a124c8767e6f7ae9fc25233f731d63ead7bd23ddc5cfe75967f22dda59be6f4a9a7547a53b3efdf2022c9d3c7d5a5641f7cdbfb69f47ca941336929a067a75a7f32130af4d5167bbcbdb56dc17b9062a8fd44cbc24f2d54e11c76395d8ef08b7af976138043c1a27a9000bfcb6376fb5100b8da36449842b431d7fafe2b198e91073fba152837157f8e940b9f2d571c11abc6a75929849056d18b5a2020bebcdd9bf93685d1d18021645e3129788ca0f036fe44dab61d80b290bf674f284549b3a01d968fba8bd80cd17f108b77e511a872d907ea10bd795fd2d42e28dc04622d3659c9c823137397ac8db723daebc46e539112216a09bdc7cdd37c0a3ed0ca0ee3de77f4864dd96e36d7901b6f54878fa8d4ce507dc3a3c8e89606e2247d510189b5f38973bb5b2808091bfef8d22cdfd651f6fff9480c6a077597deda27d89f3849f966bee3749e4988ce9c2706cd803794b2b405d46560132c6164986c3b40bead82936d2f3c872727be46db508b7355274ba8c8b29ef0b400d5da1eb32b32ddc587b626300ca6581a6b330d5c49cef6e0375f2057c56c11deef76fb86b67a16edf3fdd9b98bb2a07c577e331c096b62e65d7106a557cde5c6ffcfae057c8178414fb3f06e7d34cfd3e42c0a4621a87e095bb07dac389e7cb5a24645342916319968667b36db2654c3c4ff4307e69245b22edd16cf3bee79886d2aa25df48267bc293dc55f1936e6602c07983bd02fd9367c1c8cf242a6b504caf657bc67b435b78d5184bcec18dc7c05d4e5333bbbfaabc093249774ca33d26fb7e323f49d7c0eda9e0b7e7941d03a790bb1655b30289740db976e222590662e6c55b950efccbefca9bba47427b25713a33ac719b712fc79df81d2c5aba9f4cd4a3dd00a32c7cf8aff88a7d2c1ba97d8ab8f72d2a81ed92f7c32df71300f71cad2da67db7be201d50c759c0483218fa06b075e2fb3bee2a0432b2e9a9828e9c9d67ece96f2d17676a132a91fe7dea592533699567d3a5277844c4322af0cbac21f3598d738d8282e73f7931bc7227854cfad6145c4ece8e291eb0b8dbcb1aee3f5ae0fd5728b8c47f0ae96e0a04caaa1e5b7435e2b70ac96df5b4601a9e64dbf444ce1ff803d6fc626a8650f2425d59032eb6964ea8d4da1ae0efe0cbeed0a94d1d957606215c463f3b6a83f1147faf63aa3b782582e9e3034a7b93647254c34b7ec7b743f1e908bc71960dc690d20818db0dd38f9b49b0f6a6d5f6d5ccdc93948108bd8937d1675ed9adcfacda4c5f3c61c5aafd094becf74379511ea375266a2d358120ae2083fee6fb77dcac8ce1de1e9a7e80300a4b5eae0dafc27bf92e438d742aeee5141760d7257b5b1cfe720a5370a31fc1a2d1f3f53c199d3f8b48fa11661dc3432c2089db448f97ac977fddf6b7f57de190f874ecbcd0f3da611ff404653db6ca2d0d6cc4b66ce2e29092d2711a76b3868e8fd4ea60664d6673c7a4feb23d4c67cc060974dd87ac17dda69b99a7e8a6d99892033d2d0f37be9c81be567048f9673f5a41cd4da246172b1f9e7d9bfe9b61434917ab2f296a8a9b51598989839ea1447cbf583c0e02ca74143dcf3ccab4d758abd18c96c17817dc826d94a28916eb141ec8427497849c8c39e2e7b4c47c33f3db9aa850fa73e90147de6ea10f82bef6f5ccae2b0d6f224b06e18083e983aa222d3c74c91dd0e20f73a639b3a87b4b20d4e618f54f2be7ed3362effe109c1dadb1107d037f36fb68d216e75314d09cb952ca7e73683546bc1500f23e909eb0d623e4b7d2588f8ec845ac83736eb49dffe1bfcead05020bd468cf6ae76179a5f5323f1fae60ee707e2efabe5b8aa4cbedf9a3fe7c5ee438bf99fb0e941a11f28e444acea6087878c4fe9af4261a75285b80d17c6eea825f43e97b946bcc96c8f66878f286286d61066b7a7e7bf3275325c354011a392d3534baadcebe6c3ba96ab27273b956ad67a669590cee34cd8bd3bb1557dc8803d570dfb0242af031eac62efeb8233f855546da56775dbae5d9793316042b410ff29864f119e7c6916ba1fa3f47429080c3e59784a937c7da6db2df9fd28190ada3eb274eb40c4343c5fc177abc0fcb1c077a81b46aad87476d850b8abd4db05a825aa534db91511e1c88b19644cf920caa6d264236745f3fbf34d40adf2eaf051c70a7644702f39fbee95d90cd7d6f80fc3a17f54495d5468dbd550a659a097cede388816a627a4b479de1efe0181a9d6f80baaa622b575e3d13181f8f5d3db40ff7a2f451eaa4fb0620d06c8d4d62c4e37e38eee1d12297c4d6622c2f5e680bfef3d8dc95f52f79b6e3f9adb468689fa1fcd9b85f0c0bd307af732750fb656e8a0e420201f4940d661dd7f943661446a0562e36206c2457714407fc4c5a6957b174e458f276f91c282291de452e95ccab44f2ee7b9c8667d6e861537b56445bf4d82366c073ec9e3319836b3693f9a78a2559bcf03d232f57e3c559ef539368a8405d68682e29ba3b481fb3dab7c0995cca3814d6eb130f15115460c2523eb458b14ea7c61ff80962ed7048d3fdfe92148f17e017ef7e3fbf92d076851da9566d2f9c07f35531f3f33fcdd20de5d004e4c0f96fd57e33160599685f62494d60598580ade8f3ca083461f7cff2e7edcc7d55a42667c09f41fae7e09e1992506d984b4ea3d6434ac78cf61681da8f4dd9892cee97371f99fa66b087f82a134ca05f3af7e84c7a1dfd624bfa42cd5873de3388a837291b6abd68e6ee54682ee8738a8ad2c3a2ed03ed4ed9bdfa8275c8cb5d1cef63d3e59e4c41ec7792f97e5bcb01", 0x1000}, {&(0x7f0000000440)="ade7d830d2885bd40cd204ac015e322f55f5407772ef2edb48be97cf186ad57de7e16f0df586e27d7d2fd9e8af8297d5c6231403346e5f24df1cc6b332c1bc51fb9c7c7fb10f519ca252d2029aef35f7df8dfa65bc418c43ca63aba17d3cdecbed5b33433bd70d8c855139b0d1efe306b47b9d9f79ffc98a1fbe40535f8af4d501269c4f9eb72fac2ff555f8cd80c8b6214832893d086bd6fea2ed0a3c24b9ec285b605d2b5877ae1c88134ca7b0409338ab89d885e2017b1ce40b3abd12ae58fa", 0xc1}], 0x3, &(0x7f0000001640)=[@pktinfo={{0x20, 0x29, 0x32, {@empty}}}, @hopopts_2292={{0x4c, 0x29, 0x36, {0x21, 0x6, '\x00', [@jumbo={0xc2, 0x4, 0x9}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @ra={0x5, 0x2, 0x6}, @pad1, @hao={0xc9, 0x10, @empty}]}}}], 0x6c}}], 0x1, 0x24000001) (async, rerun: 64)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84) (async, rerun: 32)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) (rerun: 32)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100}) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) (async, rerun: 64)
unlink(0x0) (rerun: 64)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async, rerun: 32)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 32)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58) (async, rerun: 64)
openat$tun(0xffffffffffffff9c, &(0x7f0000002a00), 0x800, 0x0) (rerun: 64)

1.515122671s ago: executing program 3 (id=546):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0x15f, 0xfffd}, @mss={0x2, 0x8}, @sack_perm, @window={0x3, 0x0, 0x7fe}, @window={0x3, 0x5, 0xfffc}, @timestamp, @timestamp], 0x8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x5c0, 0xffffffff, 0x2e8, 0xc8, 0x0, 0xfeffffff, 0xffffffff, 0x4f8, 0x4f8, 0x4f8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [0x0, 0x0, 0xff, 0xffffff00], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4000000000004, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c, 0x0, 0xb440adbb44d53f72}, {0x40}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x6, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @broadcast}, @remote, @local, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @common=@inet=@SET3={0x34}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x61c)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
unshare(0x8000080)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1ff, 0x181800)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r4, 0x80804120, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

1.170147115s ago: executing program 1 (id=547):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x94)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000580)=ANY=[@ANYRES32=r3, @ANYRES32=r1, @ANYBLOB="11"], 0x14)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
inotify_init()
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)

1.004493616s ago: executing program 0 (id=548):
syz_open_dev$sndmidi(&(0x7f00000001c0), 0x45aca605, 0x541182)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0xc09, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0xffffffff}]}}}]}, 0x38}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@remote, 0x3, 0x2, 0x0, 0x3, 0x0, 0x1}, 0x20)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r2, 0x8b32, &(0x7f0000000040))
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r3)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x8, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20004815}, 0x24000000)

890.029455ms ago: executing program 2 (id=549):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)={0x14, 0x25, 0x1, 0x70bd27, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0xf000, 0x4}, 0x40040)

889.725364ms ago: executing program 0 (id=550):
openat$drirender128(0xffffff9c, &(0x7f0000000000), 0x40000, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x8c36, 0x3c00, 0x2, 0xbfcffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

884.734083ms ago: executing program 1 (id=551):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES64], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = fsopen(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r5, 0x800, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x40}, 0x1, 0x0, 0x0, 0x64000}, 0x60)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000004c0)={@local, 0x1})
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

884.644879ms ago: executing program 2 (id=552):
r0 = socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0xa00}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)

789.037829ms ago: executing program 0 (id=553):
creat(0x0, 0xc2)
io_setup(0x7f, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYRESHEX=r0, @ANYRES64=0x0], 0x68}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e22, @empty}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@verity_require}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
ioctl$VIDIOC_G_CTRL(r3, 0xc008561b, &(0x7f0000000140)={0x0, 0x3})
listen(r2, 0x1ff)
sendto$inet(r2, &(0x7f00000004c0)="ab", 0x1, 0x20c0, &(0x7f00000001c0)={0x2, 0x4e22, @loopback=0x7f0000c0}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)

619.864663ms ago: executing program 0 (id=554):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000019c0)=@newchain={0x21bc, 0x64, 0x800, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xa, 0x8}, {0x8, 0x6}}, [@TCA_CHAIN={0x8, 0xb, 0x80}, @filter_kind_options=@f_bpf={{0x8}, {0x2168, 0x2, [@TCA_BPF_ACT={0x2158, 0x1, [@m_csum={0x10d8, 0x22, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x1, 0x20000000, 0xc, 0x57a46da8}, 0x52}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xffffffe3, 0x3, 0xa, 0x5, 0x80000000}, 0x12}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x10002, 0x10000000, 0x1, 0xfffffffd}, 0x1b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xd4, 0x80000000, 0x2, 0x8, 0x957}, 0x28}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x7, 0x80000002, 0xe}, 0x43}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x4, 0x20000000, 0xfffffffa, 0x73}, 0x464}}]}, {0x1004, 0x6, "6815063c8d7c7a6a233e1469324a1b86d42ee7c982c17f75313d7f513f30b7300f6a89d1e8869d5447775b0b8e71355bfaa6fdc0ee1296fab6b1ecdc419f31f06e22dd6990106c1e4345e06936db260970354284d0ae706de7a542a496bd64b3bdd845f00fbd0b95588b7afb85f9cb2ea4cffe5f9e0ad89aa02b18bc912665bfeb4e8304076b5b6b66dd6bb39668df92303733c958d89084bff0569875a957f6b257d34a3f0c3b05ce9bc6870fc57a5ed5d42229f89039910235cc76a5094426fdad392ad784df18a7105d49ae4aedddb7188d31557a29a405b7d5b759e7477ff7119e7196416dca4d2a4b218fb64a5c7d8ba6b8af08f624a58603396eccdc8537b89f554a7aaa2841a546f8305905e30f039efe81b19f67de6fd970ad2e804c5b39293187432ddb49a49865bbb23c6ffa5ea37efaef1a627abb8bea6064dec0c3e088b00f73a8a1a235d5aec0cee9838aa831ed77f6348b196db6e1d4b495840991c4fd608f3961068636f2e7f1c8ecada29e43f1fabe35805bc9c1a66aab3e8b5b5d182948e09d0cdddd4010cc89aef83fbb24ab189b8433bdbea3a528328d0f4398e52c60a37320aa29f7d771de0e9a473bb2f83f0f39519ed4b9696a186d500d5808b926325e6137d815ce43bef5bcf981446423ba9b42e6d5d3af1091c50dc31c3dd59e04a0dc38e312021008e4f699b83ea30f81765ed04be82451a6b6eb58cad004ec07d9d55ee24221dc3052691f6e81d3d6310798cb7161c56c5f0d2217733cc4188beb05d556bf8ebfb7093d5fbc0d4dee63b814ade6bb54d0f5d5dfb8fbe7013c434c761d9153fd1cd549b382e5aa29d15082f436f1a580104b529991e4be69f16057ca2ed7e92bef3a69b3f05a46bedf056b9e85d775229e22d756367386c98f4e06addc675832dbc6a6e5881b4b2abf43974ff9ba1edf41bcf7d1d5a94b351736dfca1427f57ecc32a2c251c869949dce8b18634fbfb43b259be7e0374a7003d567c4cb9a59b23499bd3d4f6df71292c0d28a79f46a3b3302aa443ffd88afc08e2179ad9a6b3b8ea2c1fd408c75156522c49133d059bc5a06bb3bc9e3f84adf144f1124585aae9eaf7b8b0d82c3613d7e090fa2d5874b66032dffa3494506b2efd817f61420abb34a1725b048c8b7eebd90a2db8db0a7d63eae1adbd0534fbab9b1e360ce75719e2c72618570aaf0f860e9d37a560020daa10c0153d73025d4f992283b2f22ff86f35a55388f667009583fc7a49e8417ac3c95a2dd22e289ecbb4f0f37ea92285e0e1c35fab56e76e4f2c8c238c7c8bc109b89866d392bbfd261e5cc24a77becc9c447a002c3204269a2504d80f5fba913513b34864f28f9cefed4114f5537b17d28d33e852329442f3956c38e8d40c45d7324199b679640f330cdb067b90436c4e2fbe9ff64a8a04b44c2df385040946d1cb1059626b9d5b9d9426ebb2aa8ca9a68a102767cdc38591865eee6ddc1c5c60c0089e3153be9939bdf41e8b7a3cb095bc02681e7ae69c14e31beeccac4303d7957da42ed1e66bb8e99c985ed8fc1afba3447d31a7462d03017812e48f2c7175517cb2b567497f7d13647b6bc78dc502c0b2b6fd4aa0756db925e999cf58e5e931672c874537ffbf45e141e632d43cfb67af55fea6fd1eda5d0fcf6f33f621d33eed531e1b6aab93169e5538cc4e592594f0b6c1863fc0f55551cbeca288c381b5ed885c12c11a2c16d7e246a21ebe47c042c8fcd0e08fe399d5ae9c577d6d3547f0ab10cedb89335e6322be6bf1b8a0458ad34e69256838a7fc66b869945f3bcb3d0934b9abfd72a0ed6062dcf0cc610de03ce00ba56a344f2a5be7adfe3f0364f813ac1ede00dc0dd3188408ff65f844a50f7db28ceaa6626593652f3d6ceb3a000230a976ef8e2c7de59580653d3ff779866b70384897f20cd99deaae9c86bf6fe2bcc64537720423cda89f6917793e0254deeb7b21601e1d81c3e07dee07d2bae75b5da5df62ef38973ba48a8d975b9c7ba902b413c8b9639a1ce0b04827ed056c5b2392a8a9e8930ca6b64de8f90957346dcd1ae0ba205e33c53ac9e879f5ba2e29c3d37f6a27d914be0c9ae7f93719667eb31366ae189111da982cd287a1ee14e7156fbc44e49d5457bedd5e4f08a79bf2082d1ab5bf71ff9f3a3cfb6138bc6e75fa665b76857a46ee773620a3a5cb693b38d036228778fcb02d7e25e02446553f7f98855785541fbf52b5c0cc374d5a563061c1964836bbec804ed69849de5b88d1b1bfe78178d133a89b7b9c99da064ccabe3b2bbc1ff2f99ec746f85050dbe1f8dbc5dcceedbf741a94552696d6d7a0804be6cdc0e281a9b4fbd9d771dc43b89d74b4ef643c990c009113aa0a4ad96231f9bab27eddf5437eb8622304ffbb4d9f7e7d0d6551c27318fbabfb7c6a4703915095ba220b778bd327c33a65bc0cabb74c98041eabb9fb430fcca92cbcb768da494138800162e406f27429605390bbb6a2d2ac8f6a7754bed5183a26f7ecbbe4343a1944a3fc884de0b09d2c5bc5b75cb3c0315414aacbed83628051ef7df4b5cb5ba0d84156f9673ab7d6912e278c0c530c5cfa79cfaecedbb5e622ed4326100f8c2f2d23f0672cbffb18cce26e1921c99510096ae527de48ef2c231d2cc4ae49ea67e3e8213ac807d746d9a31ebff8c820ec191c82cfea6b2844e89d30e787631005072ac56d7259a7ca2eba82f68e8127f4a0e9768aa91ae42e8c8149f635782b17450791c8397d7c5daa1c8b72e91177e720646385a8abe8699c8b6b3b85d8066f1a3eefbd21b5826b5b5f270d48d8c299edefa416f4faa1014cca9ae816d8acb611a07f9a792117af641408151ea9ac2061273d176e9489dfc5dbfca36fda7b8c1029776804f6fd054f8353005e8cee12ac415ab2c636d9c9e460b982d24d6df08f87d9e585c5fd584a801941c825257379ecff53845f33eeeff7acdaaf62f124ee1c4467cba16367d447d45895cc4460bc817baf447b0ef3b058d476464c7f5482090a2f64d9ba27d89193272af9b07fd23ac69860e8bb7d1232de57802eeab86515dca03e004b5c9b4dccb0701cba956916da28133325df077910b3584017702b5cd606d97fb32dfce80a2ba7f56fac80263b4a53b50a0637a0694621144d33f7235e024cefa438ba786d64174bb4d54cc9b30a5176dc1932330fa7593fa6938c6f895902ced222dd9073286ccbc810f2aaac803b9ccb21fa3d864a0ed96c1b0e666aabcfd0b79edf81298c21ece7d0ddd29c9053b0e2796f8696f460e437001e23cd3dea99714f85e10c60cf6a417c9c39831ce5527f2a04f1f8f38b095db584dcc10645f878943280a3638d721f808f5561033ce3db8a6fb0f3b89ccfd58914b909c99005082b5f7600312a067dc3793cc4e7a2c76a0c17468648e2869a88b129243dc328cf5cab39ceeaaa8c8be52224c4ab8bf3f67e39de63dcb00c3be7c9598df6e81e5be2b17582327cfd5020db1084a44fc8abe64b29acb865925d4394b15103522afbd3b94660521e51f0664079f3486d75348cd5fb5ff4c72750bbf012272563f940fad3c5299e287124478d02fa2263e6ed5ea41786b8a097e31d189472e5fda7ea753e75b06f6b86b09c8f71ec0357a83a541a3abcaf64384bf20fcd8fce45d61c4dd88683dfdd338e14efb23ab2288b9ace0a10d913497c20631d1bd3fc4dfcf1d33e1d07079d2739cedcb1f43f9acfc84e703f34133e090e2fba06bd660a39e91b1dc2c152357ae281ca6f6bdff079cefc9c1908d27e97f6fd5b53125abda01fa49c30985e7e180a0475b07ca88d0707bf4458146e5daba169f1769c804cef6bdab61e36f9a8f47ce8693508d261e7120c3b95ebc87efc51e239e54fe98df9e07477de40c7b226023f8e6b49c1fc1da80e16979de080f90a658c2d2a3158b8c1cfca92abd00181ccb9d2ca3a4a6889c84873e47881de4fe15fa45309d3a22714ea36be333ebe0034633343dec6aaf7be122597cbe183a8bab7bfed7438f2fbe0f4cc87aed3fb190d98cbb2d7d14511ff5e70e83ded1f73c71a84791b3d80faae785e8d4945ef118d131dc99c0f89191efc10c45715e109423825476db400525e97cf99cb55f015d9ebf256971116fca358a1a4b722467c7b00a5879d466971b944dd9889c84cb0049336de7ff7ad2cca24a685241367dbcd8ee136b6b2a1059b4a4ff7bba1d06d3c30cf5279c9742879cb9bb9c6d3c98e7d8191630e98d77a1271824bc715defccfdb1f0edcf2b0e80607cafe27334e4cbec358b2991cfacb6a5347d572487d0cee3c9a40d8a6355f270bae3e7f6bdc3d69861350b12268b46c89cdf626f58f2e70cc702907499c5e0d5003e366a8d11b53c914945730f1a6db676885e9ea33841f0b31a325e1ae2788b6e02c8c65fb4bc4fdbaf2e83bca861cd3139a76566e33cb541d8eab8f246e59428fd545e9ddc22e95a780bf89b7739e4d71c133b29ca195c1aa015ab56c3aa678d28c492f8e4c17e9a98214dcf7233a7bef35848465d4916ac2d049c5d2043fc365b6bbd3347d2321af1adabdf4af000831ad8cc13a919aaa30d566518279441b89741af9aade8ce6377cc883f36d43879e6d0c0c4ebc0047f10d430f129666be8a9b2e35adc5ea1b2e21599a92d09c9238534c955b48512473d55b1613f27abeab5c33cfe41e66dfa326d115959139dd19e53828605925d2cb1c2323098ac0a82fb9cea5e1d110aab1b01285438cd2753e54ab18ced34ae2246e66434ea9b4e1fef6766ad34de99b285be48e9a7ff753599bfc8de7b80597b7f54d40b592de80c78c1c44964f836fa717525da639589ff0c313f3fa023551e986576a817595b3e54da2b76b475945bf2e3a4db14d3f7300715044488be4d39c715359fef671ab541d1294082cef25e3de1dcac0707c8e50aefc9ae4b19030fb4b1a63d7139b10cc88c37dca8cd9bfe1ae9966a3d11103a544ca1b1f74ba7f3cce9ddf70a6c5f52c459f4288c9bca5df9e43ac70cbeb444714637af5b25920f9ae28f6b76cf533175c66b47128c7425b3a980c1bbf4cbab666fe043d104f26322ce0454e0f6cd596e0b901b6ddeac745c9b4faad2bfc52f3e6df9d92b1bc2fa99ea2d37d49849d735597f9657da69394cd7b510eb8fcfcb7713ee377b18a73ebf10219ddb17b9591d8f7d8cb513e28f87917a5f5222c9c86fe719b73071bf398ae60feaba3995c73677be51f5ddb49e630c749015cecfe49cf27e63b7a529af8d50fe8654a041faf8ce74b800d799fc684bd2dd01bc99545ca6370d7c3710cb49f6d423919c30c639698ca6d035747b1bad4d1d765510ce2004b501f505e83c13c63f5a15a59f38ffe744867275e540151ab9502bb12a52aa0d9f5172a248f86195425a0b09f510b02e797f818e4083bd46c1d95c76536e0a42da1460bc30827b18c1a855fcac63ec150a8d2ba0686a2fab0e3b29196fb3292ecf7bdb725dbc488c8c79113da76ee122c7d638cdcea40f32945a409ebbcf0cffaf341c6a22a68ffd39f4379679858eb412301de912d9abd16a7bb179e958ac9f16831e133f9351bac2120b5ca5c565594637c83b1ddb3bb33a47b7e28c7b11e804ac85a400fb84c7405f2b64eebf4b039fb2415157ae6ed639a585cad6dbbac1adf0395a5318503c562c0aeac9111621f09c05b33282416ed038b81a9c3cf779a92dc926530ce191556577d29464a84b7a6a778a60db1fb8a1542d0dd5a64d032bcd44bfafad564ab9a8b845676c24d44e2220650186da3e424962d3ee00ff"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_skbmod={0x107c, 0x6, 0x0, 0x0, {{0xb}, {0x50, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0x6, 0x8, 0x20000000, 0x3, 0x4}, 0x1}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x4, 0xffff, 0xffffffffffffffff, 0x2, 0x2}, 0x6}}]}, {0x1004, 0x6, "abad7a84868fac7266a96215d8d5068d51c61635bd2c8973bb9c98b81d43cecd7c5be759d6ae7c584c957f6863263ed56a3b125d1b5c9fa704a06a776978e3a8d709f98c1c928c3aeaf591f920bb17d653e2668938dcf335f406c070b698f4d7249983951df3a82a3be177e9d371f8c62c16c49f452b893bbb17db7293de127fa37882e14066d0787f27accc2238522f60562bdf7357f13fb1b2da258f6ea1831a14031c003d6acceb19b547b5df8b8fda44e9f8b9f3d91569008f06092c3e77787156d86c3e80806f7d7a6cec0f4adf5594bed7e701adca7b782de0da30412b0901b019e2884289642cc5f74feeb280a8772c49e32b7443d0a3692987cb4f40cd73fba802e3d20027ac1402c399221fdc93c9fe635003234d2ab6ae5006ff9a30e7719c170ef25d0e5236ea9b515623624d941dd733e4cada6b9f67122fa0925b0fda4622e836be155eb2318eac650ae4b9677472527aa820df304caeab9b41f4c822af0e282e0812f66843ad78b122399fca570fc92d0808d03c10874e9c22505c8b4f3c72dc607636b90506ffa7916b2d61152f38974a1874b47f0a5a5ef60bde5357a6b5a5249be36a95da016642f1db1488a2ed7e5bb1a3c0b287d5d253f2ee2be1d5343282f512d93c298f913b3831f2263bf8931da26874210ec32bb1976ed84576307a3ba5d44666b87a066bea0e1ef9fe7160cca95d19baebf1a00d08de8f060e9ab5c64e1e10efe2166fab56be34b17542d2b738e09cfe0b8bd5b22494e7d14b202d249785c70483b547398cd4570f88ae061a98c5d9aafb2fa3b49fda4a72fdda229617d6565ca375797277ed7daca00857a8ad979b3d31d14f11b75e3dee031ec4e15182f40821b439ed070afddfdb979be9a4aaae85867c462d7e20f8a1068c217a9e87389f37c523075e63baa7abdb19e100e0ae237de9a77f9b64b97ea7bb728140a96dd43a2130b1d871678b3399ea992a5b53202eced98bdc7571317b4b17b93d288c9423809bfe6ab78d710d5f6fed99d0846d1b3c0f34b4ba13328c0c7113454f35965a60f28b08c34d4b9c676f2ced7ff9d5d559fd207fed2b1f36683e4ce55fa4cf9a77817a51f2d648f9e8b01fc7dd25191c208ee81cad96a0eff6c24134b24d880d566a2a47e26bcfd3f8eaa89cc565a235c5e0513a3ced3998ca376b475dbd2998aeaf4c2ccc232d9d711ef23a8100dd27f3b546e673967f8f72097e54c1995fd753f02ba4815ca13e0742110b0731440f204f69d478a715edcef5aa3cda954ad7dd9fa87a123dd0d5eb57fbe53def4acfd7587e1639a9dc90e1992f40b2123ccfe3f48b3803d92bd02163936070f61b80d6622579fa2076b362a1fc90929f0098dff1122ba7cd80fba9541f8a793914e2c0a3ec5af506cae3eabfe52452d68a6cc2cd7b6215cf426b23568987face3ff1b857fd695b1af400428c0a0f5715d3d73b9ceffb9375ce0cb4c4efefa6112ca46ccb73697dd3ab7c2c6aa531a01a4ea9ae5bc6190fd3d299831464aaa8d45c4b380702981f28e2ff4e338f7ce22b1e1c3b31ca605836ecabf896e1c86017a81a38bbb72abbd332c753386c114a71e2f4979e0c041a250cc26129415ff0bfa4eaac0615bf8c53a7c26b2cda97d30cb4f95659db3d2c882fc4f4e98e6f168491797b923f83c4843babf7816fd23b9a92bf484acf6c94e549e4e78a46c6dbf0430e1ff5ace976f1dd4a9403b516547817d0b9c46a3077dafc0e4f4c45a73f18267cdf0c6f322348d30d1c23f2a7c21970d905c7014f149db1a6fccbbfc6d3765474134168e01b9377fddea59633f5cf0960226a2f6ed1e74e8debdbb666637843a2b0c779646cc5f119246e01177c3a35ac406a352af7eee00beb190375b50d358bb8e210812c415fde0b9759b3e03f2fbc3dc410c5e66ac44a6f7a210f76b80178195bb1b88b786c55e9447c416d2fb1209cb30caa0003cd1a7872ff4a36648e028280bbb99bbb150284a35ef4ac79cdfb55d74df72b5b26a0ad14c89ffd75417adaa794172b6521f9fb5f30eb2d3f1c3f29c7be0ba7f122acc9eabcf0d219c285758e3043021475bced65de085f3ac797fe4a992d451730e48ca60fbd479988381f2398e3d78dc8ca04fa89203c89f0031b87878270f41dbe64180830960ce8483184de3af9f12d92402c0b72d8104537689e7a6bb94764996171060629114fe0c347e42a8f489bb12fe76c490664102294c3f22132edc19a6d43f87b51901cf54f2cc52b30c1d2cacad13e564c407af858334525516ead8335941f54821f30e8133b2d6be0db6a06d67a8a79254a8f3d150957442e5a842119d93422529ad41eeb0f1d8a7eac80f9841da39f64850d3c5d4999ca8d6e559916e94e07c908c40503576f6c1f0e5b75d43d90abcb1b917daba407ed4d17111990dd289103d55a55fae1f179ded9b975e435fc0661b40d592481934b680ed6d6e52fc4cfc80425739d140a2580edd99b11663de2cafc92de92fb61c46c0751bcb4926a9fa4cd036b955b0b4b06ab9f1540d3eb44ca29cc309201f0721f43d6141d87f2e7621c1e652c1488f05d9692f89c16885a7f41e109a42e785b048b56ebfd758fab612de0f02f03f5166905fadebd60ebbb95c16a22bc517cd9c8e168cf968a9711cca0b48d3ac11360b9c86c8b28cbc814238b80525243aaff532e6856e28ce1edf168ed40048f6ec40a1f73a8901bf0b05d88461488203914785eb76c12889359ad9a10c51f6ecbc60bed4d6030709d2e46f8c502c9131c56d6e458cbeff54c0763cc94abd85c5d9365ba6dfb5e0d1e96c1b5f6f609068bf27dacf431e8e47f336aefb790d9df3b2f077e115b7a4423714895007a4aeb0b3681a78d87afd9063a570b766d8626128c2a8d014d1ce47e97dec10c2c335466b23d29586900fcc3be5e8daf41bfc345f38795ffc47afb8f52212ab31db0c642cd088d7b1f9eabd3cff4077a012c3c1150e9cc565ae58695cb355231fc78b686650a87c45ff7c69181c77d099ca69b8b75cbf674a8fba2fc6f2112d71d2cb42dcca81d61cdfd2ed2f125726c449a366d3947eedf983d4ed6e751028b8103f6b0a0b1cbbae1ec89964241797d96414d4b69d64b29823d50dedf9a289369f964931c35b87082f54fc41f4e77e0d93ef77ffc3141eb2e457a6f7151f309aab42fa18beee9dc86d49230713096d3e1052690099ffda5794f8c83e4b8782c15d973aac89d5c172745c84bed790d9b03d1ba572b44dc1c61c44085d156e98822118e1460a43ca7912a4576816d3817060d25cd458bf69f3d9ffc0325736ce6d4c3530fae025e6ce5f33ecb5857479d5131baecc2bbe2298c85dc8d9dcb87e60cfd8d017d573a890aed50253a9938bec75783028d11aa9d0432e20b5cab94ae9c9d960dabb9a10b912fed895f8b3f770432b5a58b633a16fee385895233077c1072139272c59ddadd0dcdfa371532f2ba85f90c19a6acaa7842d7442c03ab9b3ae7bd27144a3e1ac00cd462ab7f4fb5cd2b0dc54de5a144994ebd63e7abceca331de8f6d22b9a97cebb276860da3e340e3922f4acab62926da1c5438df977ab5b013e3a0968566ab801e2e6317ec93d4b83a53ab5b5eabd4898e2f792e53f106516ee112e109ca70c571047e99eeb94617f6f22791b1137059f48db3836632e200d99174bf17f2887211e306e152afcc0b3fe82162c13b9e62917af14ee57c1e83c3cf06d6a4869d8668c16e5a942f46d33101a2c0b5887a6ef6be703fca665f11bbe353fb669149d01f6a16ae95ad66e5fe38a9440b865858dbf3fab893f5c27cb7483ae18de5ab5a9b7547e5aad09a94d83647b3f1cf8bf63a3992f89462f6a710b5f17a16a0ca13fd3590ca90d4741d57332f20bbfe61562094483bd576ce28259da6e6b476f41c821af895a171265698b213dc00b32d51c910fba6265bf3804e9c3a57865437ef638078506770deca94da8105592d9a708e0c28059113337af16c16f6e256cb3975c01450ac6194f5c95eb4370fbcbed87c68298dda895499121fa1063f8980c98cfba0cce094433469ea3b64997f87814a503e9e6413fd6345dc61f73443bfeaf75042922895a93a39468354a87a92d19eb5d6dce326506fc4870be69b2eab1eb66ed553b13ad7316e804c03655a6b39a041c14d6cf2e99c16e918cf2ac9e59c4581796f227908de2b7373e90416be0923755200541ba06374f01bbb5c927e60f89de3268470d87ed739870c23e6f3e834a2f04a058a9e5d8e31eeb9416501603eb69d0c2355c9e9728e43da9824553c65273e390d7278478fcfde7db9ae840a217c924ec552045311102695222dd86563b640b30a2b2f5a9d062f24f6f52e67c6b8b42cf0fdf5e447564a711b3bfba71fb44ac14d4f93637536716dd08c98614ef265cd711b6ce6c85cda673f6653ad1dc5cb3837965467280a80b0db34ffa5afad681b2248cc27b6e137b09308cd3e1a607ea6933ef7081b4c278d1f294003e61d5fc586394e4751ec18cd0a0b88afac79e24b86a33bb0c2e34f6405fddc7d1ca72313ed290e2974385bd9fac93c770746d06eeb310cccad325a186f91ad26ca91cff63f9aeee16517b0d143d6f1652f78ddad9cd39284623b34fd9d6dc703524b4185e77c709c862785fa4fa9cded54396f30f1f5d28121ad6fc1c0337ee0a1bd0ce919a807508dc783d03d35a4ce43b46536a1cc091509029a4d35ec31d59af470e1878e48868dcc36db23685b4f0c0ee499a3bf262b71ee3cfee80f487dc21859fc4263a62c15991282210dee61823a989c29749bab72f2b460bb7755c72d961632b91650e941a91fd9ee75a58da1d7a2f93e65b3cd93dde82a176e42430e2ec11b082824c066cf733749ce01bc7c0fab2a4eeac2506702f258468ad5159b4d36d2dfd9d7a59b0e47d8d39d7f16cd4b359727ea9c5405e63f802dbab423d759d8f904846b36133087028302633beca16ea32c8ffaa368710e4bfffef5b7d3f4cc9ee864050114ae4eaa47f89767551398ae88c10887859ef6b0c42536037edda881a9fad3fe04a58663d88e3c925603bd50f4ba1b7c40a982e062ab96ad6c26eae9b77a3ad05e900ebe2429d476789b3e867c25dbd6c87c85783034c889f5990b17ff7da898b9b5c8c5134d3bada50041676ecabb35fbf406cc30b5081fee14896dee2dc7bccba987e68e93dcb98d7e49205de860fdff70de16df0cdd7c36660493f7344a0b23de4f0356031551f748f00e6a9b9b99f6e83d53b3d23f50aed1dd1c35abc18abd316a21beaa27f2db66857e6934410fb02bcf230dc3332eb4356667dff40243453d96c298eae8ce9446007c27fb9c86823abda62bc31659593c66f4ec6ad75c9f814e0857889e9221c63053322414d7e4541244982475a41e882785d796fa8ccfd178f189f0ac4d4a4f3c83c2b6c771305ebdf60585a4f7242609ecfbe3ab7093f17ad6b75410c62639d487cd4a0ead1b938dac1beb2d36c1ca112602ecb2520e4e66d5120e122cb364ca0d0dc1feda46198798f8922ded6aa1e95b0f661b490d7fc44401e5834bc4435b2b29e742d0cf55e6bdc2c06977be0e6fd0aea66efeca364bf17f2a4bd98b1affa8531d6fcbf950cd3702ae80d76a4135427200c7b133196a6e51a243c19b476e0690d157448d61a2259904715588f1994e84ca2d92a8c005ad98b340e506673ea4cd93c1a6212d67ae20db2de6fd656108a45cbbf3460571f7742d8f8258f456a5dfbecb3e5f91d994933c9e39ef6899103d19c9bfd63c2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}, @filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x1}, @TCA_ROUTE4_CLASSID={0x8, 0x1, {0x8, 0xa}}]}}]}, 0x21bc}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0900000009000000000000000000000000000000f85a75bf899d93ce19038bad8913454670de50961df87fc7536212879331d6f6fad9fa9be3f151d01d775c00fa9b9f36d703c4cfa73d79cde21fdeec0114289cca3776fb611874b5826a8ec2aafe3585ae8f565a830004005f50a3db2366efaf07157e0db33bd7a569ac18e1800a607ccb2d4a9f88efc62dd82027062c9dccdc8371d71984f4c35e8feb82972eac6613c2", @ANYRES32, @ANYRES32=0x0, @ANYRES16=0x0, @ANYBLOB], 0x48) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='gid_map\x00') (async)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0) (async)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r5=>0x0}) (async)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) (async)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88) (async)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/mcfilter\x00')
pread64(r8, 0x0, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r9=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r9, 0xffc, r6}, 0x10) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x6, 0xdaf9216ab6092fba}}}, 0x24}}, 0x800) (async)
write$P9_ROPEN(r0, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

528.885335ms ago: executing program 3 (id=555):
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000002340), 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x800, 0x2, 0xbf22, 0x21, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r4, 0x0, 0xa002a0}, 0x38)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200898, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xfecf, 0x4eb)

269.854374ms ago: executing program 0 (id=556):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r1, &(0x7f00000007c0))
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r3, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000280)="bf04", 0x0, 0x8000}, 0x4c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000017000000180006800400050008000600ffffffff0800060000040000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000004)
r8 = dup3(r0, r2, 0x80000)
ioctl$VHOST_VSOCK_SET_RUNNING(r8, 0x4004af61, &(0x7f00000000c0))
setsockopt$inet_tcp_TLS_TX(r8, 0x6, 0x1, &(0x7f0000000200)=@gcm_128={{0x7}, "0b7f2bb1964d95b7", "89050f6c58f1dd7ce077eb4a378ee200", "a35e612c", "369aae8a7ef7afd5"}, 0x28)
ioctl$VHOST_SET_VRING_ERR(r8, 0x4008af22, &(0x7f0000000140)={0x1, r8})

269.537667ms ago: executing program 0 (id=557):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket(0x25, 0x1, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x95ef, 0x10000, 0x1000000, 0x1}, &(0x7f0000000240), &(0x7f0000000280))
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x1b8, 0x30, 0x1, 0x0, 0x0, {}, [{0x1a4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x1, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_csum={0x15c, 0x8, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x8001, 0x3, 0x101, 0x8}, 0x62}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x6, 0x4, 0x6, 0x15}, 0x5c}}]}, {0xf6, 0x6, "ce6d9b932f9e08c4b451ebedaece5ca1a927d51989d76e2517f44a180cff404081ca7fdf8931cbb4bb4b520ac8a64d8c7e00827c601b6a9e5e5c60a2fd8db18a8f6915025f871ca02db64055064d9d718952a6baf001dac233b766a258adbd4f9c38b0add9095b7740e3adfc65048b15b66761da5585c21ba4c15a810654c73923277d669a8c7cc0b63cf4bc4e78a4a384a9315a49cc9ff939bc4d22bdb0cecca8d2989ac17d9e5e79ad96ea6eca3dd4e957e2317dcc0bc98d97bf735c22e9812d92fc231e5c313961385ce6e25a50b3979e789e7ed366b15d90b384187e35463f89092c01deaf2e78b4b4321d7323629487"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000001f0000000200000022bf000001000000", @ANYRES32, @ANYBLOB="000000000000000000000000000018f67f550965ae62d2ab1ec052b5000000000c00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38)
r6 = openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r6, 0x4004510d, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x0)
bind$rxrpc(r4, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

0s ago: executing program 2 (id=558):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f00000000c0)={0x1}) (async)
syz_pidfd_open(0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffeff}, 0x94) (async)
r1 = accept4$rose(0xffffffffffffffff, &(0x7f0000000100)=@full={0xb, @remote, @null, 0x0, [@netrom, @bcast, @default, @rose, @null, @null]}, &(0x7f0000000280)=0x40, 0x800)
ioctl$SIOCRSGL2CALL(r1, 0x89e5, &(0x7f0000000300)=@null) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0xc0, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000440)={'syzkaller1\x00', @random="0e8b4efed476"}) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
write$tun(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000200bbbbbbbbbbbb00000000000008004525001400e40000481190aef8a57929539cfb00"], 0x26) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000d000000000000000001000084000000001745281c02000000000000010000000000000004000000000000"], 0x0, 0x3e}, 0x20) (async)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000000)={0x10003, 0x0, 0xd7c4, 0xfffffff9}, 0x10) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0xd, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000066c3a7039f40000000000000000000000180200001c8388690d2422386f70730a72803dc7f4f7e3c47caee9dd2c1dde1a116d2efddc221a65ecddfc226ed21a473bae", @ANYRESDEC, @ANYBLOB="0000000002000000b70300000000000085000000ba000000b7000000000000009500000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c010400190000042abd70fdfadbdf2582100008fd03c80100010000080000000000ffff06001d004e220000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000040}, 0xc080)
write(r7, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:25825' (ED25519) to the list of known hosts.
[   47.400573][ T5928] cgroup: Unknown subsys name 'net'
[   47.507855][ T5928] cgroup: Unknown subsys name 'cpuset'
[   47.512290][ T5928] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   48.415673][ T5928] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.001186][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   52.005486][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   52.006624][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   52.009102][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   52.011850][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   52.015293][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   52.016935][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   52.021089][ T5949] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   52.022749][ T5951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   52.026037][ T5949] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   52.027147][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   52.032230][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   52.032444][ T5954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   52.035092][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   52.038969][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   52.041673][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   52.043201][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   52.045951][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   52.048847][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   52.054796][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   52.327789][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   52.390895][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   52.400614][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   52.458289][ T5956] chnl_net:caif_netlink_parms(): no params data found
[   52.466077][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.469678][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.473055][ T5942] bridge_slave_0: entered allmulticast mode
[   52.476923][ T5942] bridge_slave_0: entered promiscuous mode
[   52.552565][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.554981][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.557824][ T5942] bridge_slave_1: entered allmulticast mode
[   52.560481][ T5942] bridge_slave_1: entered promiscuous mode
[   52.677237][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.753258][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.756366][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.758601][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.760879][ T5943] bridge_slave_0: entered allmulticast mode
[   52.764697][ T5943] bridge_slave_0: entered promiscuous mode
[   52.768718][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.771058][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.773466][ T5952] bridge_slave_0: entered allmulticast mode
[   52.777313][ T5952] bridge_slave_0: entered promiscuous mode
[   52.817862][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.820981][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.824185][ T5943] bridge_slave_1: entered allmulticast mode
[   52.826940][ T5943] bridge_slave_1: entered promiscuous mode
[   52.829657][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.831932][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.834484][ T5952] bridge_slave_1: entered allmulticast mode
[   52.837500][ T5952] bridge_slave_1: entered promiscuous mode
[   52.839992][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.842250][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.845647][ T5956] bridge_slave_0: entered allmulticast mode
[   52.848256][ T5956] bridge_slave_0: entered promiscuous mode
[   52.907282][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.910368][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.915726][ T5956] bridge_slave_1: entered allmulticast mode
[   52.919585][ T5956] bridge_slave_1: entered promiscuous mode
[   52.925313][ T5942] team0: Port device team_slave_0 added
[   52.991250][ T5942] team0: Port device team_slave_1 added
[   53.010945][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.016698][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.073862][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.079119][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.084547][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.087821][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.090495][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.103333][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.138190][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.141704][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.144785][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.153322][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.222378][ T5943] team0: Port device team_slave_0 added
[   53.226905][ T5952] team0: Port device team_slave_0 added
[   53.231280][ T5952] team0: Port device team_slave_1 added
[   53.235145][ T5956] team0: Port device team_slave_0 added
[   53.238264][ T5943] team0: Port device team_slave_1 added
[   53.269083][ T5956] team0: Port device team_slave_1 added
[   53.375563][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.377920][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.387275][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.391440][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.394143][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.402252][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.406254][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.408646][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.416590][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.423891][ T5942] hsr_slave_0: entered promiscuous mode
[   53.426820][ T5942] hsr_slave_1: entered promiscuous mode
[   53.430482][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.433541][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.443379][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.448346][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.451181][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.461329][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.466300][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.468354][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.477364][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.674906][ T5952] hsr_slave_0: entered promiscuous mode
[   53.677078][ T5952] hsr_slave_1: entered promiscuous mode
[   53.679106][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.681455][ T5952] Cannot create hsr debugfs directory
[   53.687422][ T5943] hsr_slave_0: entered promiscuous mode
[   53.689914][ T5943] hsr_slave_1: entered promiscuous mode
[   53.692003][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.694932][ T5943] Cannot create hsr debugfs directory
[   53.704660][ T5956] hsr_slave_0: entered promiscuous mode
[   53.706936][ T5956] hsr_slave_1: entered promiscuous mode
[   53.709628][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.712656][ T5956] Cannot create hsr debugfs directory
[   54.062182][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   54.069232][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   54.074361][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   54.082821][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   54.094114][ T5300] Bluetooth: hci2: command tx timeout
[   54.094417][ T5954] Bluetooth: hci1: command tx timeout
[   54.095359][ T5949] Bluetooth: hci3: command tx timeout
[   54.095446][ T5949] Bluetooth: hci0: command tx timeout
[   54.113103][ T5952] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   54.118094][ T5952] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   54.122642][ T5952] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   54.127116][ T5952] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   54.164656][ T5943] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   54.175290][ T5943] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   54.181391][ T5943] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   54.187434][ T5943] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   54.251493][ T5956] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   54.256472][ T5956] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   54.260688][ T5956] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   54.265155][ T5956] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   54.307003][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.314443][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.338887][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.350934][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   54.360933][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.363410][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.375349][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.378342][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.386639][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   54.390433][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   54.396076][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.398403][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.410740][   T71] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.413135][   T71] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.417066][   T71] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.419541][   T71] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.434225][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.436972][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.462278][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.484326][ T5956] 8021q: adding VLAN 0 to HW filter on device team0
[   54.503646][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.506493][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.516531][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.519535][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.570266][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.596411][ T5942] veth0_vlan: entered promiscuous mode
[   54.601723][ T5942] veth1_vlan: entered promiscuous mode
[   54.628066][ T5942] veth0_macvtap: entered promiscuous mode
[   54.631855][ T5942] veth1_macvtap: entered promiscuous mode
[   54.645337][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.651415][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.656672][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.661862][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.666323][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.669039][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.671870][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.702489][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.711202][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.744734][ T5943] veth0_vlan: entered promiscuous mode
[   54.754804][ T5943] veth1_vlan: entered promiscuous mode
[   54.755956][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.759099][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.784055][ T5952] veth0_vlan: entered promiscuous mode
[   54.784267][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.789163][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.795409][ T5943] veth0_macvtap: entered promiscuous mode
[   54.799128][ T5943] veth1_macvtap: entered promiscuous mode
[   54.807339][ T5952] veth1_vlan: entered promiscuous mode
[   54.820771][ T5956] veth0_vlan: entered promiscuous mode
[   54.825581][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.827352][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   54.831456][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.840460][ T5943] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.843783][ T5943] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.846492][ T5943] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.849188][ T5943] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.853150][ T5956] veth1_vlan: entered promiscuous mode
[   54.874099][ T5952] veth0_macvtap: entered promiscuous mode
[   54.891998][ T5952] veth1_macvtap: entered promiscuous mode
[   54.905851][ T5956] veth0_macvtap: entered promiscuous mode
[   54.914680][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.915252][ T5956] veth1_macvtap: entered promiscuous mode
[   54.917228][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.942544][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.950554][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   54.954411][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   54.965331][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.973358][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.977248][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.988205][ T5956] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.991883][ T5956] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.996857][ T5956] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.000460][ T5956] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.020357][ T5952] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.023960][ T5952] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.027281][ T5952] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.030036][ T5952] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.092080][ T6035] netlink: 'syz.2.3': attribute type 1 has an invalid length.
[   55.095961][ T6035] netlink: 216 bytes leftover after parsing attributes in process `syz.2.3'.
[   55.102544][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.106147][ T6035] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   55.106192][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.132032][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.135904][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.147591][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.150753][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.172062][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.176683][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.213274][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.299009][ T6045] xt_hashlimit: invalid rate
[   55.346104][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.356073][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.356197][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.408207][ T6047] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[   55.462792][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   55.592988][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.595599][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.613609][ T6051] loop6: detected capacity change from 0 to 524287999
[   55.625776][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   55.628426][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   55.635007][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   55.671402][ T6056] binder: 6044:6056 ioctl c0046209 0 returned -22
[   56.084591][ T6058] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7'.
[   56.174912][ T5954] Bluetooth: hci3: command tx timeout
[   56.177312][ T5954] Bluetooth: hci0: command tx timeout
[   56.179421][ T5954] Bluetooth: hci2: command tx timeout
[   56.181443][ T5954] Bluetooth: hci1: command tx timeout
[   56.381273][ T6062] 9pnet_fd: Insufficient options for proto=fd
[   56.387608][ T5300] Bluetooth: hci2: connection err: -111
[   56.501059][ T6066] hub 6-0:1.0: USB hub found
[   56.508186][ T6066] hub 6-0:1.0: 1 port detected
[   56.523903][ T6059] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 6059 comm: syz.0.7)
[   56.533802][   T40] audit: type=1800 audit(1750861950.132:2): pid=6059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=8597 res=0 errno=0
[   58.006205][ T6077] bridge1: entered promiscuous mode
[   58.007858][ T6077] bridge1: entered allmulticast mode
[   58.252838][ T5954] Bluetooth: hci2: command tx timeout
[   58.255154][ T5954] Bluetooth: hci0: command tx timeout
[   58.256946][ T5954] Bluetooth: hci3: command tx timeout
[   58.258306][ T5300] Bluetooth: hci1: command tx timeout
[   59.167157][ T6096] syz.1.16: vmalloc error: size 1969448307, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[   59.171980][ T6096] CPU: 2 UID: 0 PID: 6096 Comm: syz.1.16 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   59.171996][ T6096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.172004][ T6096] Call Trace:
[   59.172008][ T6096]  <TASK>
[   59.172013][ T6096]  dump_stack_lvl+0x16c/0x1f0
[   59.172034][ T6096]  warn_alloc+0x248/0x3a0
[   59.172052][ T6096]  ? __pfx_warn_alloc+0x10/0x10
[   59.172077][ T6096]  ? ip_set_sockfn_get+0x18e/0xd30
[   59.172093][ T6096]  __vmalloc_node_range_noprof+0xff5/0x14b0
[   59.172108][ T6096]  ? __local_bh_enable_ip+0xa4/0x120
[   59.172125][ T6096]  ? ip_set_sockfn_get+0x18e/0xd30
[   59.172139][ T6096]  ? __lock_acquire+0x622/0x1c90
[   59.172153][ T6096]  ? aa_get_newest_label+0x375/0x680
[   59.172168][ T6096]  ? rcu_is_watching+0x12/0xc0
[   59.172180][ T6096]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   59.172193][ T6096]  ? rcu_is_watching+0x12/0xc0
[   59.172207][ T6096]  ? ip_set_sockfn_get+0x18e/0xd30
[   59.172221][ T6096]  __vmalloc_node_noprof+0xad/0xf0
[   59.172235][ T6096]  ? ip_set_sockfn_get+0x18e/0xd30
[   59.172251][ T6096]  ip_set_sockfn_get+0x18e/0xd30
[   59.172267][ T6096]  ? __pfx_ip_set_sockfn_get+0x10/0x10
[   59.172284][ T6096]  ? nf_sockopt_find.constprop.0+0x222/0x290
[   59.172299][ T6096]  nf_getsockopt+0x79/0xe0
[   59.172311][ T6096]  ip_getsockopt+0x18c/0x1e0
[   59.172327][ T6096]  ? __pfx_ip_getsockopt+0x10/0x10
[   59.172345][ T6096]  raw_getsockopt+0x4d/0x1f0
[   59.172359][ T6096]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   59.172372][ T6096]  do_sock_getsockopt+0x3ff/0x800
[   59.172385][ T6096]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   59.172396][ T6096]  ? __fget_files+0x204/0x3c0
[   59.172416][ T6096]  __sys_getsockopt+0x123/0x1b0
[   59.172433][ T6096]  __ia32_sys_getsockopt+0xbc/0x160
[   59.172448][ T6096]  ? lockdep_hardirqs_on+0x7c/0x110
[   59.172464][ T6096]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   59.172480][ T6096]  __do_fast_syscall_32+0x7c/0x3a0
[   59.172498][ T6096]  do_fast_syscall_32+0x32/0x80
[   59.172514][ T6096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   59.172527][ T6096] RIP: 0023:0xf710e579
[   59.172536][ T6096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   59.172546][ T6096] RSP: 002b:00000000f50dd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[   59.172557][ T6096] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000000000
[   59.172563][ T6096] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000080000080
[   59.172569][ T6096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   59.172575][ T6096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   59.172581][ T6096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   59.172593][ T6096]  </TASK>
[   59.172596][ T6096] Mem-Info:
[   59.287420][ T6099] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   59.291662][ T6096] active_anon:8989 inactive_anon:0 isolated_anon:0
[   59.291662][ T6096]  active_file:1242 inactive_file:39827 isolated_file:0
[   59.291662][ T6096]  unevictable:1768 dirty:728 writeback:0
[   59.291662][ T6096]  slab_reclaimable:10015 slab_unreclaimable:52754
[   59.291662][ T6096]  mapped:27333 shmem:5266 pagetables:1092
[   59.291662][ T6096]  sec_pagetables:300 bounce:0
[   59.291662][ T6096]  kernel_misc_reclaimable:0
[   59.291662][ T6096]  free:51763 free_pcp:17103 free_cma:0
[   59.311534][ T6096] Node 0 active_anon:3796kB inactive_anon:0kB active_file:4kB inactive_file:16704kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8404kB dirty:0kB writeback:0kB shmem:3852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7952kB pagetables:1164kB sec_pagetables:1108kB all_unreclaimable? yes Balloon:0kB
[   59.328384][ T6096] Node 1 active_anon:32072kB inactive_anon:0kB active_file:5048kB inactive_file:142604kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100852kB dirty:2916kB writeback:0kB shmem:17212kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4884kB pagetables:3360kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[   59.350165][ T6096] Node 0 DMA free:2080kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:416kB local_pcp:32kB free_cma:0kB
[   59.376725][ T6096] lowmem_reserve[]: 0 289 289 289 289
[   59.383236][ T6096] Node 0 DMA32 free:17764kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1316KB active_anon:3792kB inactive_anon:0kB active_file:4kB inactive_file:16704kB unevictable:3536kB writepending:0kB present:1032196kB managed:296416kB mlocked:0kB bounce:0kB free_pcp:11592kB local_pcp:2396kB free_cma:0kB
[   59.419153][ T6096] lowmem_reserve[]: 0 0 0 0 0
[   59.420812][ T6096] Node 1 DMA32 free:187176kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32196kB inactive_anon:0kB active_file:5148kB inactive_file:142604kB unevictable:3536kB writepending:2916kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:55652kB local_pcp:22348kB free_cma:0kB
[   59.432176][ T6096] lowmem_reserve[]: 0 0 0 0 0
[   59.452534][ T6096] Node 0 DMA: 10*4kB (U) 5*8kB (UE) 1*16kB (U) 10*32kB (UE) 2*64kB (UE) 0*128kB 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2080kB
[   59.475509][ T6096] Node 0 DMA32: 158*4kB (UEH) 54*8kB (UME) 28*16kB (UMEH) 246*32kB (UH) 82*64kB (UH) 12*128kB (UMEH) 2*256kB (UM) 2*512kB (ME) 0*1024kB 0*2048kB 0*4096kB = 17704kB
[   59.517217][ T6096] Node 1 DMA32: 2*4kB (ME) 252*8kB (UE) 141*16kB (UME) 58*32kB (UME) 13*64kB (UME) 37*128kB (UME) 21*256kB (UME) 10*512kB (UME) 1*1024kB (M) 6*2048kB (UM) 37*4096kB (UM) = 187064kB
[   59.523022][ T6096] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   59.525772][ T6096] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   59.528998][ T6096] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   59.531797][ T6096] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   59.537910][ T6096] 46430 total pagecache pages
[   59.542746][ T6096] 0 pages in swap cache
[   59.544193][ T6096] Free swap  = 124996kB
[   59.545437][ T6096] Total swap = 124996kB
[   59.546708][ T6096] 524155 pages RAM
[   59.547881][ T6096] 0 pages HighMem/MovableOnly
[   59.549345][ T6096] 209140 pages reserved
[   59.555381][ T6096] 0 pages cma reserved
[   59.762874][ T6121] xt_hashlimit: invalid rate
[   60.333493][ T5300] Bluetooth: hci3: command tx timeout
[   60.335202][ T5300] Bluetooth: hci1: command tx timeout
[   60.337192][ T5949] Bluetooth: hci0: command tx timeout
[   60.338879][ T5949] Bluetooth: hci2: command tx timeout
[   60.648797][ T6130] netlink: 3 bytes leftover after parsing attributes in process `syz.0.22'.
[   60.681559][ T6130] batadv1: entered allmulticast mode
[   60.862305][ T6141] xt_hashlimit: invalid rate
[   60.971443][ T6145] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23'.
[   61.195346][ T1046] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[   61.520202][ T6132] block device autoloading is deprecated and will be removed.
[   61.546916][ T6149] input: syz1 as /devices/virtual/input/input6
[   61.925444][ T6158] Zero length message leads to an empty skb
[   62.661981][ T6164] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.29'.
[   62.807265][ T6175] xt_hashlimit: invalid rate
[   62.928591][ T6179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.31'.
[   63.884513][   T40] audit: type=1326 audit(1750861957.492:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6193 comm="syz.3.37" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc5579 code=0x0
[   63.899272][ T6185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.34'.
[   63.946257][ T6195] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.949341][ T6195] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.996211][ T6199] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.39'.
[   64.198662][ T6214] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   64.202523][ T6214] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.205027][ T6214] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.217601][ T6214] binder: 6213:6214 ioctl c0306201 80000040 returned -22
[   64.451903][ T6224] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.50'.
[   64.556290][ T6228] kvm: vcpu 0: requested 79048 ns lapic timer period limited to 200000 ns
[   64.559461][ T6228] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=589832 (1179664 ns) > initial count (200000 ns). Using initial count to start timer.
[   64.615384][ T6226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.51'.
[   64.617297][ T6233] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[   65.731258][ T6266] netlink: 'syz.2.61': attribute type 10 has an invalid length.
[   65.778151][ T6266] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.802094][ T6266] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   65.805189][ T6271] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.807761][ T6271] batman_adv: batadv0: Removing interface: batadv_slave_0
[   65.840176][ T6272] netlink: 28 bytes leftover after parsing attributes in process `syz.0.60'.
[   66.021741][ T6271] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.024964][ T6271] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.077361][ T6271] bond0: (slave batadv0): Releasing backup interface
[   66.666673][ T6282] netlink: 28 bytes leftover after parsing attributes in process `syz.3.64'.
[   66.747286][ T6287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.67'.
[   66.752043][ T6287] netlink: 4 bytes leftover after parsing attributes in process `syz.2.67'.
[   66.757156][ T6287] program syz.2.67 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   66.798495][ T6293] netlink: 'syz.3.68': attribute type 1 has an invalid length.
[   66.937866][ T6295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.69'.
[   67.217153][ T6308] netlink: 88 bytes leftover after parsing attributes in process `syz.1.72'.
[   67.251906][ T6310] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   67.260286][ T6310] capability: warning: `syz.1.73' uses 32-bit capabilities (legacy support in use)
[   67.303676][ T6312] Bluetooth: MGMT ver 1.23
[   67.861727][ T6329] =======================================================
[   67.861727][ T6329] WARNING: The mand mount option has been deprecated and
[   67.861727][ T6329]          and is ignored by this kernel. Remove the mand
[   67.861727][ T6329]          option from the mount to silence this warning.
[   67.861727][ T6329] =======================================================
[   67.932811][ T6269] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   68.007621][ T6335] netlink: 88 bytes leftover after parsing attributes in process `syz.2.81'.
[   68.071005][ T6331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.80'.
[   68.204381][ T6348] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.84'.
[   68.304799][ T6353] xt_hashlimit: invalid rate
[   68.502114][ T6361] syz.0.87 uses obsolete (PF_INET,SOCK_PACKET)
[   68.506652][ T6361] syzkaller1: entered promiscuous mode
[   68.508442][ T6361] syzkaller1: entered allmulticast mode
[   68.512320][ T6361] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993
[   68.967531][ T6377] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.93'.
[   69.234852][ T6389] xt_hashlimit: invalid rate
[   69.326861][ T6391] netlink: 'syz.1.99': attribute type 10 has an invalid length.
[   69.337020][ T6391] team0: Port device geneve0 added
[   69.612861][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   69.775841][   T24] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   69.780242][   T24] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   69.791117][   T24] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   69.797571][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.817139][ T6391] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   69.854439][   T24] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[   70.024857][   T61] usb 6-1: USB disconnect, device number 2
[   70.291674][ T6421] input: syz1 as /devices/virtual/input/input7
[   70.298271][ T6421] FAULT_INJECTION: forcing a failure.
[   70.298271][ T6421] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   70.304767][ T6421] CPU: 0 UID: 0 PID: 6421 Comm: syz.2.108 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   70.304782][ T6421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   70.304789][ T6421] Call Trace:
[   70.304793][ T6421]  <TASK>
[   70.304797][ T6421]  dump_stack_lvl+0x16c/0x1f0
[   70.304817][ T6421]  should_fail_ex+0x512/0x640
[   70.304836][ T6421]  _copy_from_user+0x2e/0xd0
[   70.304854][ T6421]  input_event_from_user+0x137/0x290
[   70.304871][ T6421]  ? __pfx_input_event_from_user+0x10/0x10
[   70.304888][ T6421]  ? input_event+0x57/0xb0
[   70.304904][ T6421]  uinput_write+0xbe7/0xff0
[   70.304925][ T6421]  ? __pfx_uinput_write+0x10/0x10
[   70.304943][ T6421]  ? bpf_lsm_file_permission+0x9/0x10
[   70.304955][ T6421]  ? security_file_permission+0x71/0x210
[   70.304970][ T6421]  ? rw_verify_area+0xcf/0x680
[   70.304985][ T6421]  ? __pfx_uinput_write+0x10/0x10
[   70.305015][ T6421]  vfs_write+0x29d/0x1150
[   70.305035][ T6421]  ? __pfx_vfs_write+0x10/0x10
[   70.305049][ T6421]  ? find_held_lock+0x2b/0x80
[   70.305060][ T6421]  ? __fget_files+0x204/0x3c0
[   70.305077][ T6421]  ? __fget_files+0x20e/0x3c0
[   70.305091][ T6421]  ? handle_mm_fault+0x220/0xd10
[   70.305109][ T6421]  ksys_write+0x1f8/0x250
[   70.305128][ T6421]  ? __pfx_ksys_write+0x10/0x10
[   70.305144][ T6421]  ? rcu_is_watching+0x12/0xc0
[   70.305157][ T6421]  __do_fast_syscall_32+0x7c/0x3a0
[   70.305175][ T6421]  do_fast_syscall_32+0x32/0x80
[   70.305192][ T6421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   70.305206][ T6421] RIP: 0023:0xf70de579
[   70.305215][ T6421] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   70.305226][ T6421] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[   70.305236][ T6421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[   70.305243][ T6421] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000000
[   70.305249][ T6421] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   70.305254][ T6421] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   70.305260][ T6421] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   70.305273][ T6421]  </TASK>
[   70.514044][ T6429] xt_hashlimit: invalid rate
[   70.548211][ T6432] bridge0: entered promiscuous mode
[   70.555933][ T6425] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   70.561550][ T6425] IPv6: NLM_F_CREATE should be specified when creating new route
[   70.819402][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[   70.832752][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[   70.995183][ T6449] __nla_validate_parse: 6 callbacks suppressed
[   70.995199][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz.2.118'.
[   71.076918][ T6453] tipc: Started in network mode
[   71.078893][ T6453] tipc: Node identity 7f000001, cluster identity 4711
[   71.082974][ T6453] tipc: Enabled bearer <udp:syz2>, priority 10
[   71.087098][ T6453] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.213005][ T5945] tipc: Node number set to 2130706433
[   72.388411][ T6471] capability: warning: `syz.2.125' uses deprecated v2 capabilities in a way that may be insecure
[   72.391273][ T6474] input: syz1 as /devices/virtual/input/input8
[   72.501918][ T6476] xt_hashlimit: invalid rate
[   72.529763][ T6479] netlink: 'syz.1.128': attribute type 10 has an invalid length.
[   72.535385][ T6479] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.538366][ T6479] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   72.557293][ T6479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.559602][ T6479] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.564349][ T6479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.566511][ T6479] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.583944][ T6479] bond0: (slave batadv0): Releasing backup interface
[   72.736281][ T6485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.129'.
[   73.395297][ T6502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.136'.
[   73.518601][ T6489] Bluetooth: hci0: Opcode 0x0401 failed: -4
[   73.559620][ T6513] netlink: 'syz.2.140': attribute type 2 has an invalid length.
[   73.614611][ T6516] netlink: 36 bytes leftover after parsing attributes in process `syz.2.142'.
[   74.335480][ T6033] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   74.482833][ T6033] usb 8-1: Using ep0 maxpacket: 16
[   74.486187][ T6033] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   74.489342][ T6033] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   74.493733][ T6033] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[   74.496801][ T6033] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.501771][ T6033] usb 8-1: config 0 descriptor??
[   74.508326][ T6033] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input9
[   74.760936][ T5335] bcm5974 8-1:0.0: could not read from device
[   74.767183][ T6529] bcm5974 8-1:0.0: could not read from device
[   74.768864][ T6033] usb 8-1: USB disconnect, device number 2
[   74.769119][ T6549] openvswitch: netlink: IP tunnel dst address not specified
[   74.775125][ T5335] bcm5974 8-1:0.0: could not read from device
[   74.777930][ T5335] bcm5974 8-1:0.0: could not read from device
[   74.778287][ T6549] input: syz1 as /devices/virtual/input/input10
[   75.177442][ T6553] netlink: 36 bytes leftover after parsing attributes in process `syz.2.153'.
[   75.309305][ T6557] input: syz1 as /devices/virtual/input/input11
[   75.334045][ T6561] netlink: 24 bytes leftover after parsing attributes in process `syz.2.154'.
[   75.408558][ T6569] netlink: 8 bytes leftover after parsing attributes in process `syz.0.159'.
[   75.640446][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.161'.
[   75.643777][ T6576] netlink: 12 bytes leftover after parsing attributes in process `syz.3.161'.
[   75.646897][ T6576] netlink: 'syz.3.161': attribute type 18 has an invalid length.
[   75.668393][ T6576] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   75.671717][ T6576] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   75.675002][ T6576] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   75.677961][ T6576] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   75.728258][ T6581] netlink: 48 bytes leftover after parsing attributes in process `syz.3.163'.
[   76.065753][ T6598] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   76.068033][ T6598] overlayfs: failed to set xattr on upper
[   76.069784][ T6598] overlayfs: ...falling back to redirect_dir=nofollow.
[   76.072182][ T6598] overlayfs: ...falling back to index=off.
[   76.074429][ T6598] overlayfs: ...falling back to uuid=null.
[   76.076561][ T6598] overlayfs: maximum fs stacking depth exceeded
[   76.864814][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.175'.
[   76.876182][ T6620] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   76.879257][ T6620] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   76.882516][ T6620] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   76.885345][ T6620] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   76.889679][ T6620] vxlan0: entered promiscuous mode
[   76.954370][ T6621] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.175'.
[   76.963310][ T6621] netlink: 36 bytes leftover after parsing attributes in process `syz.2.175'.
[   77.690019][ T5945] libceph: connect (1)[c::]:6789 error -101
[   77.692557][ T5945] libceph: mon0 (1)[c::]:6789 connect error
[   77.698667][ T5945] libceph: connect (1)[c::]:6789 error -101
[   77.702817][ T5945] libceph: mon0 (1)[c::]:6789 connect error
[   77.759190][ T6644] FAULT_INJECTION: forcing a failure.
[   77.759190][ T6644] name failslab, interval 1, probability 0, space 0, times 0
[   77.763254][ T6644] CPU: 3 UID: 0 PID: 6644 Comm: syz.2.180 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   77.763269][ T6644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.763275][ T6644] Call Trace:
[   77.763279][ T6644]  <TASK>
[   77.763284][ T6644]  dump_stack_lvl+0x16c/0x1f0
[   77.763304][ T6644]  should_fail_ex+0x512/0x640
[   77.763320][ T6644]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   77.763336][ T6644]  should_failslab+0xc2/0x120
[   77.763347][ T6644]  __kmalloc_cache_noprof+0x6a/0x3e0
[   77.763362][ T6644]  ? nfnl_err_add+0x4e/0x350
[   77.763378][ T6644]  nfnl_err_add+0x4e/0x350
[   77.763392][ T6644]  nfnetlink_rcv_batch+0x12ea/0x2330
[   77.763411][ T6644]  ? consume_skb+0xcc/0x100
[   77.763423][ T6644]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[   77.763438][ T6644]  ? __local_bh_enable_ip+0xa4/0x120
[   77.763450][ T6644]  ? lockdep_hardirqs_on+0x7c/0x110
[   77.763466][ T6644]  ? __dev_queue_xmit+0x896/0x43e0
[   77.763479][ T6644]  ? __local_bh_enable_ip+0xa4/0x120
[   77.763490][ T6644]  ? __dev_queue_xmit+0x896/0x43e0
[   77.763504][ T6644]  ? __dev_queue_xmit+0x8b7/0x43e0
[   77.763523][ T6644]  ? __pfx___dev_queue_xmit+0x10/0x10
[   77.763538][ T6644]  ? __asan_memset+0x23/0x50
[   77.763552][ T6644]  ? __nla_validate_parse+0x600/0x2880
[   77.763564][ T6644]  ? __pfx_aa_get_newest_label+0x10/0x10
[   77.763576][ T6644]  ? rcu_is_watching+0x12/0xc0
[   77.763587][ T6644]  ? __pfx___nla_validate_parse+0x10/0x10
[   77.763600][ T6644]  ? apparmor_capable+0x114/0x1d0
[   77.763614][ T6644]  ? __nla_parse+0x40/0x60
[   77.763626][ T6644]  nfnetlink_rcv+0x3c1/0x430
[   77.763640][ T6644]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   77.763657][ T6644]  netlink_unicast+0x53a/0x7f0
[   77.763670][ T6644]  ? __pfx_netlink_unicast+0x10/0x10
[   77.763686][ T6644]  netlink_sendmsg+0x8d1/0xdd0
[   77.763699][ T6644]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.763716][ T6644]  ? __import_iovec+0x1dd/0x650
[   77.763737][ T6644]  ____sys_sendmsg+0xa98/0xc70
[   77.763752][ T6644]  ? __pfx_____sys_sendmsg+0x10/0x10
[   77.763763][ T6644]  ? get_compat_msghdr+0x11a/0x170
[   77.763787][ T6644]  ___sys_sendmsg+0x134/0x1d0
[   77.763805][ T6644]  ? __pfx____sys_sendmsg+0x10/0x10
[   77.763828][ T6644]  ? find_held_lock+0x2b/0x80
[   77.763848][ T6644]  __sys_sendmsg+0x16d/0x220
[   77.763865][ T6644]  ? __pfx___sys_sendmsg+0x10/0x10
[   77.763887][ T6644]  ? rcu_is_watching+0x12/0xc0
[   77.763899][ T6644]  __do_fast_syscall_32+0x7c/0x3a0
[   77.763918][ T6644]  do_fast_syscall_32+0x32/0x80
[   77.763935][ T6644]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   77.763948][ T6644] RIP: 0023:0xf70de579
[   77.763957][ T6644] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   77.763967][ T6644] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   77.763978][ T6644] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[   77.763984][ T6644] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   77.763990][ T6644] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   77.763996][ T6644] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   77.764002][ T6644] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   77.764015][ T6644]  </TASK>
[   78.084872][ T6670] FAULT_INJECTION: forcing a failure.
[   78.084872][ T6670] name failslab, interval 1, probability 0, space 0, times 0
[   78.088902][ T6670] CPU: 1 UID: 0 PID: 6670 Comm: syz.2.184 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   78.088919][ T6670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.088925][ T6670] Call Trace:
[   78.088930][ T6670]  <TASK>
[   78.088934][ T6670]  dump_stack_lvl+0x16c/0x1f0
[   78.088955][ T6670]  should_fail_ex+0x512/0x640
[   78.088971][ T6670]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   78.088990][ T6670]  should_failslab+0xc2/0x120
[   78.089001][ T6670]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   78.089017][ T6670]  ? __alloc_skb+0x2b2/0x380
[   78.089033][ T6670]  ? trace_mm_page_alloc+0x11f/0x1a0
[   78.089047][ T6670]  __alloc_skb+0x2b2/0x380
[   78.089063][ T6670]  ? __pfx___alloc_skb+0x10/0x10
[   78.089083][ T6670]  netlink_alloc_large_skb+0x69/0x130
[   78.089097][ T6670]  netlink_sendmsg+0x6a1/0xdd0
[   78.089110][ T6670]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.089123][ T6670]  ? __import_iovec+0x1dd/0x650
[   78.089143][ T6670]  ____sys_sendmsg+0xa98/0xc70
[   78.089157][ T6670]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.089169][ T6670]  ? get_compat_msghdr+0x11a/0x170
[   78.089192][ T6670]  ___sys_sendmsg+0x134/0x1d0
[   78.089209][ T6670]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.089232][ T6670]  ? find_held_lock+0x2b/0x80
[   78.089251][ T6670]  __sys_sendmsg+0x16d/0x220
[   78.089268][ T6670]  ? __pfx___sys_sendmsg+0x10/0x10
[   78.089290][ T6670]  ? rcu_is_watching+0x12/0xc0
[   78.089304][ T6670]  __do_fast_syscall_32+0x7c/0x3a0
[   78.089322][ T6670]  do_fast_syscall_32+0x32/0x80
[   78.089339][ T6670]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.089353][ T6670] RIP: 0023:0xf70de579
[   78.089362][ T6670] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.089372][ T6670] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   78.089383][ T6670] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[   78.089389][ T6670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   78.089395][ T6670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.089401][ T6670] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   78.089407][ T6670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.089420][ T6670]  </TASK>
[   78.161362][    C1] vkms_vblank_simulate: vblank timer overrun
[   78.183270][   T53] libceph: connect (1)[c::]:6789 error -101
[   78.185212][   T53] libceph: mon0 (1)[c::]:6789 connect error
[   78.197159][ T6679] netlink: 132 bytes leftover after parsing attributes in process `syz.2.185'.
[   78.221072][ T6627] ceph: No mds server is up or the cluster is laggy
[   78.253173][ T5945] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   78.423272][ T5945] usb 5-1: Using ep0 maxpacket: 16
[   78.426218][ T5945] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   78.429516][ T5945] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   78.439763][ T5945] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[   78.442480][ T5945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.453843][ T5945] usb 5-1: config 0 descriptor??
[   78.457909][ T5945] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input12
[   78.496642][ T6706] Bluetooth: MGMT ver 1.23
[   78.519706][ T6708] process 'syz.1.190' launched './file1' with NULL argv: empty string added
[   78.672541][ T6716] netlink: 'syz.1.193': attribute type 10 has an invalid length.
[   78.934696][ T5335] bcm5974 5-1:0.0: could not read from device
[   78.937022][  T837] usb 5-1: USB disconnect, device number 2
[   78.946058][ T6721] input: syz1 as /devices/virtual/input/input13
[   79.031650][ T5948] bcm5974 5-1:0.0: could not read from device
[   79.276483][ T6728] tipc: Started in network mode
[   79.278269][ T6728] tipc: Node identity 7f000001, cluster identity 4711
[   79.281676][ T6728] tipc: Enabled bearer <udp:syz2>, priority 10
[   79.295193][ T6728] tipc: Enabled bearer <eth:team0>, priority 0
[   79.365715][ T6727] xt_hashlimit: invalid rate
[   79.748617][ T6748] netlink: 'syz.3.202': attribute type 10 has an invalid length.
[   79.797272][ T6748] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.806853][ T6748] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   79.810536][ T6749] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.813876][ T6749] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.820315][ T6749] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.824057][ T6749] batman_adv: batadv0: Removing interface: batadv_slave_1
[   79.964187][ T6749] bond0: (slave batadv0): Releasing backup interface
[   80.392792][   T53] tipc: Node number set to 2130706433
[   80.715567][ T6759] xt_hashlimit: invalid rate
[   80.900146][   T60] IPVS: starting estimator thread 0...
[   80.903120][ T6768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   80.972732][ T6033] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   80.983586][ T6769] IPVS: using max 26 ests per chain, 62400 per kthread
[   81.064060][ T1334] cfg80211: failed to load regulatory.db
[   81.132761][ T6033] usb 6-1: Using ep0 maxpacket: 16
[   81.136080][ T6033] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.139883][ T6033] usb 6-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[   81.143332][ T6033] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.148036][ T6033] usb 6-1: config 0 descriptor??
[   81.644430][ T6781] openvswitch: netlink: IP tunnel TTL not specified.
[   81.771733][ T6785] netlink: 'syz.2.214': attribute type 10 has an invalid length.
[   81.783007][ T5945] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   81.820056][  T837] IPVS: starting estimator thread 0...
[   81.902844][ T6789] IPVS: using max 45 ests per chain, 108000 per kthread
[   81.936855][ T5945] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   81.940077][ T5945] usb 8-1: config 0 has no interfaces?
[   81.944365][ T5945] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   81.947326][ T5945] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   81.949894][ T5945] usb 8-1: Manufacturer: syz
[   81.956292][ T5945] usb 8-1: config 0 descriptor??
[   82.539275][ T6799] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[   82.823341][ T5954] Bluetooth: hci4: command 0x1003 tx timeout
[   82.825415][ T5300] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   83.713922][ T6033] usbhid 6-1:0.0: can't add hid device: -71
[   83.716457][ T6033] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[   83.760723][ T6812] xt_hashlimit: invalid rate
[   83.791416][ T6815] netlink: 100 bytes leftover after parsing attributes in process `syz.0.221'.
[   83.830703][ T6033] usb 6-1: USB disconnect, device number 3
[   83.917984][ T6825] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.224'.
[   83.968071][ T6829] netlink: 'syz.0.223': attribute type 10 has an invalid length.
[   83.973831][ T6829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.977926][ T6829] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   83.983650][ T6829] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   83.986148][ T6829] batman_adv: batadv0: Removing interface: batadv_slave_0
[   83.988946][ T6829] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.991745][ T6829] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.999665][ T6829] bond0: (slave batadv0): Releasing backup interface
[   84.122060][ T6832] netlink: 64 bytes leftover after parsing attributes in process `syz.2.226'.
[   84.281126][ T6836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.220'.
[   84.285409][ T6836] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   84.826985][ T5945] usb 8-1: USB disconnect, device number 3
[   85.229936][ T6849] xt_hashlimit: invalid rate
[   85.577784][ T6871] @: renamed from vlan0 (while UP)
[   86.084596][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.247'.
[   86.513353][   T40] audit: type=1326 audit(1750861980.122:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.520325][   T40] audit: type=1326 audit(1750861980.122:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.527529][   T40] audit: type=1326 audit(1750861980.122:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.534915][   T40] audit: type=1326 audit(1750861980.122:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.541285][   T40] audit: type=1326 audit(1750861980.122:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.548672][   T40] audit: type=1326 audit(1750861980.122:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.555882][   T40] audit: type=1326 audit(1750861980.122:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.562585][   T40] audit: type=1326 audit(1750861980.122:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.569508][   T40] audit: type=1326 audit(1750861980.122:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.576264][   T40] audit: type=1326 audit(1750861980.122:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6903 comm="syz.2.250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[   86.981824][ T6920] netlink: 12 bytes leftover after parsing attributes in process `syz.0.257'.
[   87.246085][ T6930] netlink: 84 bytes leftover after parsing attributes in process `syz.1.260'.
[   87.493737][ T6937] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.263' sets config #1
[   88.841413][ T6969] random: crng reseeded on system resumption
[   88.904268][ T6969] netlink: 'syz.0.272': attribute type 1 has an invalid length.
[   88.918370][ T6969] 8021q: adding VLAN 0 to HW filter on device bond1
[   88.928815][ T6969] bond1: (slave geneve2): making interface the new active one
[   88.932281][ T6969] bond1: (slave geneve2): Enslaving as an active interface with an up link
[   88.937926][ T6969] netlink: 12 bytes leftover after parsing attributes in process `syz.0.272'.
[   88.944586][ T6969] bond1: entered promiscuous mode
[   88.946740][ T6969] geneve2: entered promiscuous mode
[   88.949156][ T6969] bond1: entered allmulticast mode
[   88.951293][ T6969] geneve2: entered allmulticast mode
[   88.996148][ T6010] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   89.162856][ T6010] usb 6-1: device descriptor read/64, error -71
[   89.412816][ T6010] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   89.450501][ T6986] netlink: 148 bytes leftover after parsing attributes in process `syz.2.278'.
[   89.642756][ T6010] usb 6-1: device descriptor read/64, error -71
[   90.016719][ T6010] usb usb6-port1: attempt power cycle
[   90.153497][ T6996] binder: 6995:6996 ioctl c0306201 800007c0 returned -11
[   90.158250][ T6998] netlink: 'syz.0.282': attribute type 10 has an invalid length.
[   90.368934][ T7003] netlink: 12 bytes leftover after parsing attributes in process `syz.0.282'.
[   90.373066][ T6010] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   90.385984][ T7004] netlink: 'syz.3.283': attribute type 2 has an invalid length.
[   90.389002][ T7004] netlink: 132 bytes leftover after parsing attributes in process `syz.3.283'.
[   90.443580][ T6010] usb 6-1: device descriptor read/8, error -71
[   90.659944][ T7006] netlink: 32 bytes leftover after parsing attributes in process `syz.2.284'.
[   90.668033][ T7006] netlink: 8 bytes leftover after parsing attributes in process `syz.2.284'.
[   90.670885][ T7006] netlink: 44 bytes leftover after parsing attributes in process `syz.2.284'.
[   90.682884][ T6010] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   90.703267][ T6010] usb 6-1: device descriptor read/8, error -71
[   90.712575][ T7008] nfs: Deprecated parameter 'nointr'
[   90.814083][ T6010] usb usb6-port1: unable to enumerate USB device
[   90.936187][ T7015] netlink: 12 bytes leftover after parsing attributes in process `syz.2.286'.
[   91.085528][ T7018] ieee802154 phy0 wpan0: encryption failed: -22
[   91.794951][ T7039] FAULT_INJECTION: forcing a failure.
[   91.794951][ T7039] name failslab, interval 1, probability 0, space 0, times 0
[   91.798891][ T7039] CPU: 2 UID: 0 PID: 7039 Comm: syz.1.294 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   91.798906][ T7039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.798913][ T7039] Call Trace:
[   91.798918][ T7039]  <TASK>
[   91.798922][ T7039]  dump_stack_lvl+0x16c/0x1f0
[   91.798942][ T7039]  should_fail_ex+0x512/0x640
[   91.798958][ T7039]  ? fs_reclaim_acquire+0xae/0x150
[   91.798972][ T7039]  ? tomoyo_encode2+0x100/0x3e0
[   91.798987][ T7039]  should_failslab+0xc2/0x120
[   91.798998][ T7039]  __kmalloc_noprof+0xd2/0x510
[   91.799014][ T7039]  ? d_absolute_path+0x136/0x1a0
[   91.799028][ T7039]  tomoyo_encode2+0x100/0x3e0
[   91.799044][ T7039]  tomoyo_encode+0x29/0x50
[   91.799058][ T7039]  tomoyo_realpath_from_path+0x18f/0x6e0
[   91.799077][ T7039]  tomoyo_path_number_perm+0x245/0x580
[   91.799089][ T7039]  ? tomoyo_path_number_perm+0x237/0x580
[   91.799103][ T7039]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   91.799130][ T7039]  ? find_held_lock+0x2b/0x80
[   91.799140][ T7039]  ? hook_file_ioctl_common+0x145/0x410
[   91.799155][ T7039]  ? __fget_files+0x20e/0x3c0
[   91.799169][ T7039]  ? fput+0x70/0xf0
[   91.799181][ T7039]  security_file_ioctl_compat+0x9b/0x240
[   91.799197][ T7039]  __ia32_compat_sys_ioctl+0xc3/0x370
[   91.799212][ T7039]  __do_fast_syscall_32+0x7c/0x3a0
[   91.799230][ T7039]  do_fast_syscall_32+0x32/0x80
[   91.799248][ T7039]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.799262][ T7039] RIP: 0023:0xf710e579
[   91.799271][ T7039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   91.799281][ T7039] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   91.799292][ T7039] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000707
[   91.799298][ T7039] RDX: 0000000080000a40 RSI: 0000000000000000 RDI: 0000000000000000
[   91.799304][ T7039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.799310][ T7039] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   91.799316][ T7039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.799329][ T7039]  </TASK>
[   91.799340][ T7039] ERROR: Out of memory at tomoyo_realpath_from_path.
[   92.012297][ T7046] netlink: 'syz.1.295': attribute type 10 has an invalid length.
[   92.493697][ T1334] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   92.543941][ T7056] FAULT_INJECTION: forcing a failure.
[   92.543941][ T7056] name failslab, interval 1, probability 0, space 0, times 0
[   92.548014][ T7056] CPU: 1 UID: 0 PID: 7056 Comm: syz.3.298 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   92.548041][ T7056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.548048][ T7056] Call Trace:
[   92.548054][ T7056]  <TASK>
[   92.548059][ T7056]  dump_stack_lvl+0x16c/0x1f0
[   92.548079][ T7056]  should_fail_ex+0x512/0x640
[   92.548095][ T7056]  ? fs_reclaim_acquire+0xae/0x150
[   92.548109][ T7056]  ? p9_fcall_init+0x97/0x260
[   92.548125][ T7056]  should_failslab+0xc2/0x120
[   92.548136][ T7056]  __kmalloc_noprof+0xd2/0x510
[   92.548152][ T7056]  ? rcu_is_watching+0x12/0xc0
[   92.548166][ T7056]  p9_fcall_init+0x97/0x260
[   92.548183][ T7056]  p9_tag_alloc+0x161/0x640
[   92.548201][ T7056]  ? __pfx_p9_tag_alloc+0x10/0x10
[   92.548217][ T7056]  ? p9_req_put+0x1c6/0x250
[   92.548233][ T7056]  ? lookup_open.isra.0+0x83d/0x1580
[   92.548246][ T7056]  ? path_openat+0x893/0x2cb0
[   92.548260][ T7056]  ? do_filp_open+0x20b/0x470
[   92.548274][ T7056]  ? do_sys_openat2+0x11b/0x1d0
[   92.548285][ T7056]  ? __ia32_compat_sys_openat+0x16d/0x210
[   92.548297][ T7056]  ? __do_fast_syscall_32+0x7c/0x3a0
[   92.548314][ T7056]  ? do_fast_syscall_32+0x32/0x80
[   92.548330][ T7056]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   92.548346][ T7056]  p9_client_prepare_req+0x19b/0x4d0
[   92.548363][ T7056]  ? __pfx_p9_client_prepare_req+0x10/0x10
[   92.548386][ T7056]  p9_client_rpc+0x1c4/0xc50
[   92.548405][ T7056]  ? __pfx_p9_client_rpc+0x10/0x10
[   92.548423][ T7056]  ? __call_rcu_common.constprop.0+0x3f0/0xa10
[   92.548440][ T7056]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.548460][ T7056]  ? rcu_is_watching+0x12/0xc0
[   92.548474][ T7056]  p9_client_fcreate+0x14f/0x330
[   92.548487][ T7056]  ? __pfx_p9_client_fcreate+0x10/0x10
[   92.548499][ T7056]  ? v9fs_fid_lookup+0xe9/0xeb0
[   92.548519][ T7056]  v9fs_create+0x145/0x640
[   92.548533][ T7056]  ? __pfx_v9fs_create+0x10/0x10
[   92.548547][ T7056]  ? make_vfsuid+0xec/0x140
[   92.548557][ T7056]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   92.548576][ T7056]  v9fs_vfs_atomic_open+0x29b/0x920
[   92.548591][ T7056]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[   92.548605][ T7056]  ? security_inode_permission+0xbf/0x260
[   92.548619][ T7056]  ? inode_permission+0x156/0x630
[   92.548631][ T7056]  ? __pfx_v9fs_vfs_atomic_open+0x10/0x10
[   92.548645][ T7056]  lookup_open.isra.0+0x83d/0x1580
[   92.548661][ T7056]  ? __pfx_lookup_open.isra.0+0x10/0x10
[   92.548682][ T7056]  ? __pfx_down_write+0x10/0x10
[   92.548692][ T7056]  ? mnt_get_write_access+0x20c/0x300
[   92.548706][ T7056]  path_openat+0x893/0x2cb0
[   92.548727][ T7056]  ? __pfx_path_openat+0x10/0x10
[   92.548746][ T7056]  do_filp_open+0x20b/0x470
[   92.548762][ T7056]  ? __pfx_do_filp_open+0x10/0x10
[   92.548787][ T7056]  ? _raw_spin_unlock+0x28/0x50
[   92.548801][ T7056]  ? alloc_fd+0x471/0x7d0
[   92.548819][ T7056]  do_sys_openat2+0x11b/0x1d0
[   92.548831][ T7056]  ? __pfx_do_sys_openat2+0x10/0x10
[   92.548845][ T7056]  ? __fget_files+0x20e/0x3c0
[   92.548862][ T7056]  __ia32_compat_sys_openat+0x16d/0x210
[   92.548875][ T7056]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[   92.548888][ T7056]  ? ksys_write+0x1ac/0x250
[   92.548908][ T7056]  ? rcu_is_watching+0x12/0xc0
[   92.548921][ T7056]  __do_fast_syscall_32+0x7c/0x3a0
[   92.548939][ T7056]  do_fast_syscall_32+0x32/0x80
[   92.548956][ T7056]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   92.548969][ T7056] RIP: 0023:0xf7fc5579
[   92.548978][ T7056] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   92.548988][ T7056] RSP: 002b:00000000f50a455c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[   92.548999][ T7056] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0
[   92.549005][ T7056] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[   92.549012][ T7056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   92.549017][ T7056] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   92.549023][ T7056] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   92.549037][ T7056]  </TASK>
[   92.681354][ T1334] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   92.683130][ T7057] 9pnet: Unknown protocol version 9p2000.u
[   92.684378][ T1334] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.688916][ T1334] usb 5-1: Product: syz
[   92.691589][ T1334] usb 5-1: Manufacturer: syz
[   92.693332][ T1334] usb 5-1: SerialNumber: syz
[   92.709225][ T1334] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   92.740336][   T60] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   92.865637][ T7059] FAULT_INJECTION: forcing a failure.
[   92.865637][ T7059] name failslab, interval 1, probability 0, space 0, times 0
[   92.869792][ T7059] CPU: 2 UID: 0 PID: 7059 Comm: syz.1.299 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[   92.869808][ T7059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.869814][ T7059] Call Trace:
[   92.869829][ T7059]  <TASK>
[   92.869835][ T7059]  dump_stack_lvl+0x16c/0x1f0
[   92.869856][ T7059]  should_fail_ex+0x512/0x640
[   92.869872][ T7059]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   92.869890][ T7059]  should_failslab+0xc2/0x120
[   92.869901][ T7059]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   92.869918][ T7059]  ? fuse_request_alloc+0x22/0x200
[   92.869931][ T7059]  fuse_request_alloc+0x22/0x200
[   92.869942][ T7059]  fuse_get_req+0x748/0xfd0
[   92.869953][ T7059]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.869971][ T7059]  ? __pfx_fuse_get_req+0x10/0x10
[   92.869984][ T7059]  ? get_page_from_freelist+0x1321/0x3890
[   92.870001][ T7059]  ? __kasan_check_byte+0x13/0x50
[   92.870022][ T7059]  __fuse_simple_request+0xb8/0xcb0
[   92.870037][ T7059]  fuse_getxattr+0x255/0x420
[   92.870048][ T7059]  ? __pfx_fuse_getxattr+0x10/0x10
[   92.870058][ T7059]  ? is_bpf_text_address+0x94/0x1a0
[   92.870074][ T7059]  ? kernel_text_address+0x8d/0x100
[   92.870091][ T7059]  ? __kernel_text_address+0xd/0x40
[   92.870108][ T7059]  ? unwind_get_return_address+0x59/0xa0
[   92.870132][ T7059]  ? stack_trace_save+0x8e/0xc0
[   92.870145][ T7059]  ? __pfx_stack_trace_save+0x10/0x10
[   92.870159][ T7059]  ? __pfx_fuse_xattr_get+0x10/0x10
[   92.870168][ T7059]  fuse_xattr_get+0x7b/0xb0
[   92.870179][ T7059]  __vfs_getxattr+0x13a/0x1a0
[   92.870194][ T7059]  ? __pfx___vfs_getxattr+0x10/0x10
[   92.870209][ T7059]  ? lockdep_unlock+0x64/0xe0
[   92.870220][ T7059]  ? __lock_acquire+0x1053/0x1c90
[   92.870236][ T7059]  cap_inode_need_killpriv+0x40/0x60
[   92.870248][ T7059]  security_inode_need_killpriv+0x1b9/0x1e0
[   92.870262][ T7059]  file_remove_privs_flags+0x331/0x580
[   92.870282][ T7059]  ? __pfx_file_remove_privs_flags+0x10/0x10
[   92.870300][ T7059]  ? __pfx___might_resched+0x10/0x10
[   92.870311][ T7059]  ? generic_write_check_limits+0x1f1/0x290
[   92.870326][ T7059]  ? generic_write_checks+0x311/0x480
[   92.870341][ T7059]  ? __pfx_generic_write_checks+0x10/0x10
[   92.870358][ T7059]  kiocb_modified+0x8b/0x2c0
[   92.870369][ T7059]  fuse_file_write_iter+0x413/0x950
[   92.870384][ T7059]  vfs_write+0x6c4/0x1150
[   92.870399][ T7059]  ? __pfx_fuse_file_write_iter+0x10/0x10
[   92.870414][ T7059]  ? __pfx_vfs_write+0x10/0x10
[   92.870428][ T7059]  ? find_held_lock+0x2b/0x80
[   92.870447][ T7059]  ksys_write+0x12a/0x250
[   92.870462][ T7059]  ? __pfx_ksys_write+0x10/0x10
[   92.870479][ T7059]  ? rcu_is_watching+0x12/0xc0
[   92.870492][ T7059]  __do_fast_syscall_32+0x7c/0x3a0
[   92.870510][ T7059]  do_fast_syscall_32+0x32/0x80
[   92.870527][ T7059]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   92.870541][ T7059] RIP: 0023:0xf710e579
[   92.870550][ T7059] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   92.870561][ T7059] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[   92.870571][ T7059] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[   92.870578][ T7059] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000000
[   92.870584][ T7059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   92.870590][ T7059] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   92.870596][ T7059] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   92.870609][ T7059]  </TASK>
[   92.980396][    C2] vkms_vblank_simulate: vblank timer overrun
[   93.195960][  T839] usb 5-1: USB disconnect, device number 3
[   93.387813][ T7073] pim6reg: entered allmulticast mode
[   93.781597][   T60] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[   93.784194][   T60] ath9k_htc: Failed to initialize the device
[   93.787345][  T839] usb 5-1: ath9k_htc: USB layer deinitialized
[   93.850080][ T7089] netlink: 'syz.0.307': attribute type 10 has an invalid length.
[   94.611126][ T7100] mmap: syz.3.309 (7100) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   94.721514][ T7106] random: crng reseeded on system resumption
[   95.335843][ T7136] fuse: Bad value for 'fd'
[   95.340937][ T7136] autofs: Bad value for 'fd'
[   95.466702][ T7139] xt_hashlimit: invalid rate
[   96.389197][ T7155] binder: 7147:7155 ioctl c0046209 0 returned -22
[   96.445328][ T7156] netlink: 4 bytes leftover after parsing attributes in process `syz.2.321'.
[   96.545809][ T5350] udevd[5350]: worker [6052] terminated by signal 33 (Unknown signal 33)
[   96.639174][ T7164] netlink: 'syz.1.324': attribute type 1 has an invalid length.
[   96.656023][ T7164] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   96.659471][ T7164] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[   96.667245][ T7164] bond1: (slave wireguard0): making interface the new active one
[   96.670666][ T7164] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[   96.672087][ T7154] xt_hashlimit: invalid rate
[   96.705030][ T7169] trusted_key: encrypted_key: keyword 'uMdate' not recognized
[   96.849724][ T7178] netlink: 'syz.2.326': attribute type 10 has an invalid length.
[   97.259931][ T7180] xt_hashlimit: invalid rate
[   98.616707][ T7199] netlink: 24 bytes leftover after parsing attributes in process `syz.0.332'.
[   98.623200][ T7199] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   98.887047][ T7204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.333'.
[   99.233593][ T7223] xt_hashlimit: invalid rate
[   99.392843][   T60] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   99.416065][ T7235] netlink: 'syz.2.344': attribute type 10 has an invalid length.
[   99.562749][   T60] usb 5-1: Using ep0 maxpacket: 16
[   99.566467][   T60] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.570721][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   99.575276][   T60] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[   99.578996][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.586204][   T60] usb 5-1: config 0 descriptor??
[   99.590432][   T60] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input15
[   99.859179][ T5335] bcm5974 5-1:0.0: could not read from device
[   99.866808][ T7221] bcm5974 5-1:0.0: could not read from device
[   99.869936][ T5335] bcm5974 5-1:0.0: could not read from device
[   99.870428][   T60] usb 5-1: USB disconnect, device number 4
[  100.909993][ T7271] xt_hashlimit: invalid rate
[  101.157428][ T7276] 9pnet_virtio: no channels available for device syz
[  101.716679][ T7278] bond0: entered promiscuous mode
[  101.718343][ T7278] bond_slave_0: entered promiscuous mode
[  101.720599][ T7278] bond_slave_1: entered promiscuous mode
[  101.932331][ T7296] xt_hashlimit: invalid rate
[  101.935577][ T7302] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  101.943323][ T7301] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  101.986877][ T7298] netlink: 'syz.2.360': attribute type 10 has an invalid length.
[  102.516511][ T7324] Illegal XDP return value 4294967294 on prog  (id 79) dev N/A, expect packet loss!
[  102.934551][ T7322] syz.1.369 (7322) used greatest stack depth: 19240 bytes left
[  103.015612][ T7334] fuse: Unknown parameter 'ro'
[  104.513079][ T7357] lo speed is unknown, defaulting to 1000
[  104.516598][ T7357] lo speed is unknown, defaulting to 1000
[  104.519688][ T7357] lo speed is unknown, defaulting to 1000
[  104.621790][ T7357] infiniband s
z1: set active
[  104.623719][ T7357] infiniband s
z1: added lo
[  104.666463][ T7357] RDS/IB: s
z1: added
[  104.668036][ T7357] smc: adding ib device s
z1 with port count 1
[  104.670087][ T7357] smc:    ib device s
z1 port 1 has pnetid 
[  104.673517][ T7357] lo speed is unknown, defaulting to 1000
[  104.755520][ T7357] lo speed is unknown, defaulting to 1000
[  104.882938][   T53] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  104.886680][   T60] lo speed is unknown, defaulting to 1000
[  104.917112][   T24] lo speed is unknown, defaulting to 1000
[  104.922168][ T7357] lo speed is unknown, defaulting to 1000
[  105.007595][ T7357] lo speed is unknown, defaulting to 1000
[  105.048048][   T53] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  105.065265][   T53] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  105.072804][  T837] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  105.088151][ T7357] lo speed is unknown, defaulting to 1000
[  105.106939][   T53] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  105.108500][ T7377] netlink: 'syz.3.386': attribute type 10 has an invalid length.
[  105.109837][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.113876][ T7360] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  105.139781][   T53] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  105.239970][  T837] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  105.242616][  T837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.247941][  T837] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  105.251685][  T837] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  105.261806][  T837] usb 7-1: Manufacturer: syz
[  105.279181][  T837] usb 7-1: config 0 descriptor??
[  105.382794][  T837] rc_core: IR keymap rc-hauppauge not found
[  105.385509][  T837] Registered IR keymap rc-empty
[  105.391327][  T837] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  105.397480][  T837] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input17
[  105.497949][   T53] usb 7-1: USB disconnect, device number 2
[  106.072111][ T7396] input: syz1 as /devices/virtual/input/input18
[  106.139266][ T7400] xt_hashlimit: invalid rate
[  106.536553][ T7407] xt_hashlimit: invalid rate
[  107.081869][ T7411] FAULT_INJECTION: forcing a failure.
[  107.081869][ T7411] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  107.086248][ T7411] CPU: 0 UID: 0 PID: 7411 Comm: syz.2.396 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  107.086274][ T7411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.086281][ T7411] Call Trace:
[  107.086285][ T7411]  <TASK>
[  107.086290][ T7411]  dump_stack_lvl+0x16c/0x1f0
[  107.086325][ T7411]  should_fail_ex+0x512/0x640
[  107.086343][ T7411]  should_fail_alloc_page+0xe7/0x130
[  107.086355][ T7411]  prepare_alloc_pages+0x3c2/0x610
[  107.086368][ T7411]  ? rcu_is_watching+0x12/0xc0
[  107.086381][ T7411]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  107.086400][ T7411]  ? rcu_is_watching+0x12/0xc0
[  107.086410][ T7411]  ? trace_mm_page_alloc+0x11f/0x1a0
[  107.086423][ T7411]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  107.086439][ T7411]  ? stack_trace_save+0x8e/0xc0
[  107.086451][ T7411]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  107.086476][ T7411]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  107.086492][ T7411]  ? __get_vm_area_node+0x1ca/0x330
[  107.086505][ T7411]  ? vmap+0x135/0x320
[  107.086515][ T7411]  ? io_create_region+0x5f6/0xd30
[  107.086530][ T7411]  ? io_uring_setup+0x1124/0x2080
[  107.086543][ T7411]  ? __ia32_sys_io_uring_setup+0xc2/0x170
[  107.086556][ T7411]  ? __do_fast_syscall_32+0x7c/0x3a0
[  107.086573][ T7411]  ? do_fast_syscall_32+0x32/0x80
[  107.086588][ T7411]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.086607][ T7411]  alloc_pages_bulk_noprof+0x71c/0x1410
[  107.086623][ T7411]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  107.086640][ T7411]  ? policy_nodemask+0xea/0x4e0
[  107.086652][ T7411]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  107.086669][ T7411]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  107.086685][ T7411]  kasan_populate_vmalloc+0xf1/0x1f0
[  107.086703][ T7411]  alloc_vmap_area+0x959/0x29c0
[  107.086720][ T7411]  ? __pfx_alloc_vmap_area+0x10/0x10
[  107.086735][ T7411]  __get_vm_area_node+0x1ca/0x330
[  107.086749][ T7411]  ? io_create_region+0x5f6/0xd30
[  107.086765][ T7411]  get_vm_area_caller+0x71/0xa0
[  107.086777][ T7411]  ? io_create_region+0x5f6/0xd30
[  107.086793][ T7411]  vmap+0x135/0x320
[  107.086805][ T7411]  ? __pfx_vmap+0x10/0x10
[  107.086820][ T7411]  io_create_region+0x5f6/0xd30
[  107.086838][ T7411]  ? __pfx_io_create_region+0x10/0x10
[  107.086853][ T7411]  ? apparmor_capable+0x114/0x1d0
[  107.086865][ T7411]  ? bpf_lsm_capable+0x9/0x10
[  107.086879][ T7411]  ? security_capable+0x7e/0x260
[  107.086898][ T7411]  io_uring_setup+0x1124/0x2080
[  107.086915][ T7411]  ? __pfx_io_uring_setup+0x10/0x10
[  107.086928][ T7411]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  107.086949][ T7411]  ? rcu_is_watching+0x12/0xc0
[  107.086959][ T7411]  ? irqentry_exit+0x3b/0x90
[  107.086979][ T7411]  ? __ia32_sys_io_uring_setup+0x7f/0x170
[  107.086993][ T7411]  ? security_uring_allowed+0xa/0x1c0
[  107.087006][ T7411]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  107.087024][ T7411]  __ia32_sys_io_uring_setup+0xc2/0x170
[  107.087038][ T7411]  __do_fast_syscall_32+0x7c/0x3a0
[  107.087056][ T7411]  do_fast_syscall_32+0x32/0x80
[  107.087073][ T7411]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.087086][ T7411] RIP: 0023:0xf70de579
[  107.087095][ T7411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.087105][ T7411] RSP: 002b:00000000f50ad50c EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  107.087115][ T7411] RAX: ffffffffffffffda RBX: 0000000000002c0e RCX: 0000000080000400
[  107.087122][ T7411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.087128][ T7411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.087134][ T7411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.087140][ T7411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.087153][ T7411]  </TASK>
[  107.206269][   T53] usb 5-1: USB disconnect, device number 5
[  107.639808][ T7423] FAULT_INJECTION: forcing a failure.
[  107.639808][ T7423] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.644039][ T7423] CPU: 1 UID: 0 PID: 7423 Comm: syz.0.397 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  107.644065][ T7423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.644072][ T7423] Call Trace:
[  107.644077][ T7423]  <TASK>
[  107.644081][ T7423]  dump_stack_lvl+0x16c/0x1f0
[  107.644102][ T7423]  should_fail_ex+0x512/0x640
[  107.644120][ T7423]  _copy_from_user+0x2e/0xd0
[  107.644137][ T7423]  generic_map_update_batch+0x3e9/0x610
[  107.644158][ T7423]  ? __pfx_generic_map_update_batch+0x10/0x10
[  107.644178][ T7423]  ? __pfx_generic_map_update_batch+0x10/0x10
[  107.644195][ T7423]  bpf_map_do_batch+0x5b4/0x680
[  107.644211][ T7423]  __sys_bpf+0x15f3/0x4d80
[  107.644227][ T7423]  ? rcu_is_watching+0x12/0xc0
[  107.644240][ T7423]  ? __pfx___sys_bpf+0x10/0x10
[  107.644256][ T7423]  ? __schedule+0x1181/0x5de0
[  107.644288][ T7423]  __ia32_sys_bpf+0x76/0xe0
[  107.644298][ T7423]  __do_fast_syscall_32+0x7c/0x3a0
[  107.644316][ T7423]  do_fast_syscall_32+0x32/0x80
[  107.644333][ T7423]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.644347][ T7423] RIP: 0023:0xf7f97579
[  107.644356][ T7423] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.644366][ T7423] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  107.644376][ T7423] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000480
[  107.644383][ T7423] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  107.644389][ T7423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.644395][ T7423] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.644401][ T7423] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.644413][ T7423]  </TASK>
[  107.994709][ T7433] netlink: 'syz.1.402': attribute type 10 has an invalid length.
[  108.144648][ T7436] lo speed is unknown, defaulting to 1000
[  108.753690][ T7444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.404'.
[  108.848583][ T7451] xt_hashlimit: invalid rate
[  108.866069][ T7453] xt_hashlimit: invalid rate
[  109.468637][ T5954] Bluetooth: hci2: command 0x0406 tx timeout
[  109.469613][ T7462] netlink: 24 bytes leftover after parsing attributes in process `syz.0.411'.
[  109.838374][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  109.838387][   T40] audit: type=1326 audit(1750862003.442:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.848848][   T40] audit: type=1326 audit(1750862003.442:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.857208][   T40] audit: type=1326 audit(1750862003.442:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.865521][   T40] audit: type=1326 audit(1750862003.442:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.873281][   T40] audit: type=1326 audit(1750862003.442:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.882646][   T40] audit: type=1326 audit(1750862003.452:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.890698][   T40] audit: type=1326 audit(1750862003.452:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.898601][   T40] audit: type=1326 audit(1750862003.452:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.905503][   T40] audit: type=1326 audit(1750862003.452:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.912126][   T40] audit: type=1326 audit(1750862003.482:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7469 comm="syz.0.414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000
[  109.980544][ T7477] xt_hashlimit: invalid rate
[  110.152754][  T837] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  110.251453][ T7482] netlink: 'syz.2.418': attribute type 10 has an invalid length.
[  110.312811][  T837] usb 5-1: Using ep0 maxpacket: 8
[  110.316940][  T837] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  110.320060][  T837] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  110.323170][  T837] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  110.326176][  T837] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  110.330224][  T837] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  110.337998][  T837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.556936][  T837] usb 5-1: GET_CAPABILITIES returned 0
[  110.558770][  T837] usbtmc 5-1:16.0: can't read capabilities
[  110.769617][ T6010] usb 5-1: USB disconnect, device number 6
[  110.805965][ T7486] fuse: Bad value for 'fd'
[  110.889530][ T7490] xt_hashlimit: invalid rate
[  111.732790][  T838] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  111.884008][  T838] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  111.886517][  T838] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  111.889101][  T838] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  111.891803][  T838] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  111.895079][  T838] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  111.899232][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  111.904615][ T7507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.426'.
[  111.907164][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  111.911315][  T838] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  111.917309][  T838] usb 5-1: string descriptor 0 read error: -22
[  111.919226][  T838] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  111.922097][  T838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.925645][  T838] usb 5-1: config 0 descriptor??
[  111.927600][ T7500] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  111.930391][  T838] hub 5-1:0.0: bad descriptor, ignoring hub
[  111.932313][  T838] hub 5-1:0.0: probe with driver hub failed with error -5
[  111.936009][  T838] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input19
[  112.204375][  T837] usb 5-1: USB disconnect, device number 7
[  112.518530][ T7522] loop6: detected capacity change from 0 to 63
[  112.521720][ T7522] Buffer I/O error on dev loop6, logical block 0, async page read
[  112.524844][ T7522] Buffer I/O error on dev loop6, logical block 1, async page read
[  112.527498][ T7522] Buffer I/O error on dev loop6, logical block 2, async page read
[  112.530814][ T7522] Buffer I/O error on dev loop6, logical block 3, async page read
[  112.533379][ T7522] Buffer I/O error on dev loop6, logical block 0, async page read
[  112.536397][ T7522] Buffer I/O error on dev loop6, logical block 1, async page read
[  112.538792][ T7522] Buffer I/O error on dev loop6, logical block 2, async page read
[  112.541195][ T7522] Buffer I/O error on dev loop6, logical block 3, async page read
[  112.544612][ T7522] Buffer I/O error on dev loop6, logical block 0, async page read
[  112.547734][ T7522] Buffer I/O error on dev loop6, logical block 1, async page read
[  113.088881][ T7522] wireguard0: entered promiscuous mode
[  113.090588][ T7522] wireguard0: entered allmulticast mode
[  113.107676][ T7529] netlink: 'syz.0.432': attribute type 10 has an invalid length.
[  113.559205][ T7546] ipt_rpfilter: unknown options
[  113.763530][ T7546] netlink: 8 bytes leftover after parsing attributes in process `syz.2.434'.
[  113.898427][ T7552] xt_hashlimit: invalid rate
[  113.987370][ T7559] netlink: 'syz.2.440': attribute type 1 has an invalid length.
[  114.002964][ T7559] bond1: entered promiscuous mode
[  114.004584][ T7559] bond1: entered allmulticast mode
[  114.017400][ T7559] bond1: (slave erspan1): making interface the new active one
[  114.019640][ T7559] erspan1: entered promiscuous mode
[  114.021383][ T7559] erspan1: entered allmulticast mode
[  114.023652][ T7559] bond1: (slave erspan1): Enslaving as an active interface with an up link
[  114.034518][ T7562] xt_hashlimit: invalid rate
[  114.082796][ T7558] binder: 7556:7558 ioctl c0046209 0 returned -22
[  114.173115][ T7576] xt_hashlimit: invalid rate
[  114.197102][ T7578] input: syz1 as /devices/virtual/input/input20
[  114.622717][ T7592] netlink: 'syz.2.449': attribute type 10 has an invalid length.
[  114.769963][ T7598] syzkaller1: entered promiscuous mode
[  114.772325][ T7598] syzkaller1: entered allmulticast mode
[  114.935256][  T838] IPVS: starting estimator thread 0...
[  114.985908][ T7608] xt_hashlimit: invalid rate
[  115.044467][ T7604] IPVS: using max 44 ests per chain, 105600 per kthread
[  115.282139][ T7621] FAULT_INJECTION: forcing a failure.
[  115.282139][ T7621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.288723][ T7621] CPU: 0 UID: 0 PID: 7621 Comm: syz.1.462 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  115.288759][ T7621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.288766][ T7621] Call Trace:
[  115.288771][ T7621]  <TASK>
[  115.288775][ T7621]  dump_stack_lvl+0x16c/0x1f0
[  115.288796][ T7621]  should_fail_ex+0x512/0x640
[  115.288815][ T7621]  _copy_from_user+0x2e/0xd0
[  115.288832][ T7621]  get_compat_msghdr+0xa7/0x170
[  115.288850][ T7621]  ? __pfx_get_compat_msghdr+0x10/0x10
[  115.288873][ T7621]  ___sys_sendmsg+0x1ae/0x1d0
[  115.288890][ T7621]  ? __pfx____sys_sendmsg+0x10/0x10
[  115.288913][ T7621]  ? find_held_lock+0x2b/0x80
[  115.288933][ T7621]  __sys_sendmsg+0x16d/0x220
[  115.288950][ T7621]  ? __pfx___sys_sendmsg+0x10/0x10
[  115.288972][ T7621]  ? rcu_is_watching+0x12/0xc0
[  115.288985][ T7621]  __do_fast_syscall_32+0x7c/0x3a0
[  115.289004][ T7621]  do_fast_syscall_32+0x32/0x80
[  115.289020][ T7621]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  115.289034][ T7621] RIP: 0023:0xf710e579
[  115.289043][ T7621] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  115.289053][ T7621] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  115.289063][ T7621] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  115.289070][ T7621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  115.289075][ T7621] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  115.289081][ T7621] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  115.289088][ T7621] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  115.289100][ T7621]  </TASK>
[  115.386688][ T7625] xt_hashlimit: invalid rate
[  115.442097][ T7627] netlink: 20 bytes leftover after parsing attributes in process `syz.3.465'.
[  115.472698][ T7627] lo speed is unknown, defaulting to 1000
[  115.901054][ T7636] fuseblk: Unknown parameter 'pcr'
[  116.006246][ T7638] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  116.014315][   T46] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  116.622743][   T60] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  116.784081][   T60] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.787373][   T60] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  116.793458][   T60] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  116.796499][   T60] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.799140][   T60] usb 8-1: Product: syz
[  116.800564][   T60] usb 8-1: Manufacturer: syz
[  116.802137][   T60] usb 8-1: SerialNumber: syz
[  116.808657][   T60] cdc_ncm 8-1:1.0: skipping garbage
[  117.158099][ T7681] xt_hashlimit: invalid rate
[  117.674403][ T7659] FAULT_INJECTION: forcing a failure.
[  117.674403][ T7659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.678689][ T7659] CPU: 3 UID: 0 PID: 7659 Comm: syz.3.475 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  117.678705][ T7659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.678712][ T7659] Call Trace:
[  117.678716][ T7659]  <TASK>
[  117.678722][ T7659]  dump_stack_lvl+0x16c/0x1f0
[  117.678742][ T7659]  should_fail_ex+0x512/0x640
[  117.678761][ T7659]  _copy_to_user+0x32/0xd0
[  117.678779][ T7659]  put_old_timespec32+0xb4/0x120
[  117.678793][ T7659]  ? __pfx_put_old_timespec32+0x10/0x10
[  117.678807][ T7659]  ? ktime_get+0x200/0x310
[  117.678819][ T7659]  ? lockdep_hardirqs_on+0x7c/0x110
[  117.678834][ T7659]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  117.678852][ T7659]  nanosleep_copyout+0x91/0x130
[  117.678863][ T7659]  do_nanosleep+0x48a/0x570
[  117.678878][ T7659]  ? __pfx_do_nanosleep+0x10/0x10
[  117.678891][ T7659]  ? __asan_memset+0x23/0x50
[  117.678905][ T7659]  ? __hrtimer_setup+0x176/0x280
[  117.678923][ T7659]  hrtimer_nanosleep+0x155/0x380
[  117.678933][ T7659]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  117.678946][ T7659]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  117.678963][ T7659]  ? get_old_timespec32+0xda/0x130
[  117.678976][ T7659]  ? __pfx_get_old_timespec32+0x10/0x10
[  117.678991][ T7659]  common_nsleep+0xa1/0xd0
[  117.679005][ T7659]  __ia32_sys_clock_nanosleep_time32+0x340/0x4f0
[  117.679025][ T7659]  ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10
[  117.679045][ T7659]  ? rcu_is_watching+0x12/0xc0
[  117.679058][ T7659]  __do_fast_syscall_32+0x7c/0x3a0
[  117.679076][ T7659]  do_fast_syscall_32+0x32/0x80
[  117.679093][ T7659]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  117.679107][ T7659] RIP: 0023:0xf7fc5579
[  117.679116][ T7659] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  117.679126][ T7659] RSP: 002b:00000000f50e4430 EFLAGS: 00000293 ORIG_RAX: 000000000000010b
[  117.679136][ T7659] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  117.679143][ T7659] RDX: 00000000f50e4464 RSI: 00000000f50e445c RDI: 00000000f50e4464
[  117.679149][ T7659] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  117.679155][ T7659] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  117.679161][ T7659] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  117.679174][ T7659]  </TASK>
[  117.679709][   T60] cdc_ncm 8-1:1.0: bind() failure
[  117.759981][   T60] usbtest 8-1:1.1: probe with driver usbtest failed with error -71
[  117.763314][   T60] usb 8-1: USB disconnect, device number 4
[  118.091729][ T7700] ip6gretap0: entered promiscuous mode
[  118.101639][ T7700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.487'.
[  118.111619][ T7710] input: syz1 as /devices/virtual/input/input21
[  118.245955][ T7719] netlink: 71 bytes leftover after parsing attributes in process `syz.3.492'.
[  118.275017][ T7722] netlink: 'syz.1.493': attribute type 21 has an invalid length.
[  118.277436][ T7722] netlink: 'syz.1.493': attribute type 22 has an invalid length.
[  118.279824][ T7722] netlink: 'syz.1.493': attribute type 23 has an invalid length.
[  118.282235][ T7722] netlink: 'syz.1.493': attribute type 25 has an invalid length.
[  118.285336][ T7722] netlink: 'syz.1.493': attribute type 26 has an invalid length.
[  118.288948][ T7722] netlink: 16 bytes leftover after parsing attributes in process `syz.1.493'.
[  118.295079][ T7724] xt_hashlimit: invalid rate
[  118.311911][ T7722] overlayfs: missing 'workdir'
[  118.523647][ T7726] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  118.523647][ T7726]    program syz.3.495 not setting count and/or reply_len properly
[  118.526188][ T7732] lo speed is unknown, defaulting to 1000
[  118.937862][ T7744] xt_CT: You must specify a L4 protocol and not use inversions on it
[  119.320551][ T7760] nfs: Bad value for 'source'
[  119.655926][ T7753] input: syz1 as /devices/virtual/input/input22
[  119.815072][ T7753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.503'.
[  120.207255][ T7781] xt_hashlimit: invalid rate
[  120.789764][ T6027] IPVS: starting estimator thread 0...
[  120.872899][ T7797] IPVS: using max 45 ests per chain, 108000 per kthread
[  120.907121][ T7802] CUSE: unknown device info "ÿ
"
[  120.908774][ T7802] CUSE: zero length info key specified
[  121.912869][   T60] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  122.066663][   T60] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  122.071258][   T60] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  122.074397][   T60] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  122.077299][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.081852][ T7808] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  122.086651][   T60] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  122.146795][ T7816] xt_hashlimit: invalid rate
[  122.290938][  T837] usb 5-1: USB disconnect, device number 8
[  122.493518][ T7808] nbd: must specify at least one socket
[  122.498345][ T7809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  122.501295][ T7809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  122.548709][ T7830] fuse: Unknown parameter 'fðR1‰¨~¤X~³'
[  122.715738][ T7843] mkiss: ax0: crc mode is auto.
[  122.841320][  T837] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  122.939871][ T7855] FAULT_INJECTION: forcing a failure.
[  122.939871][ T7855] name failslab, interval 1, probability 0, space 0, times 0
[  122.943795][ T7855] CPU: 1 UID: 0 PID: 7855 Comm: syz.1.535 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  122.943821][ T7855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.943827][ T7855] Call Trace:
[  122.943832][ T7855]  <TASK>
[  122.943836][ T7855]  dump_stack_lvl+0x16c/0x1f0
[  122.943856][ T7855]  should_fail_ex+0x512/0x640
[  122.943872][ T7855]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  122.943889][ T7855]  should_failslab+0xc2/0x120
[  122.943900][ T7855]  __kmalloc_cache_noprof+0x6a/0x3e0
[  122.943914][ T7855]  ? __io_uring_add_tctx_node+0x132/0x500
[  122.943927][ T7855]  __io_uring_add_tctx_node+0x132/0x500
[  122.943938][ T7855]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[  122.943950][ T7855]  ? __fget_files+0x20e/0x3c0
[  122.943966][ T7855]  __io_uring_add_tctx_node_from_submit+0x89/0x130
[  122.943978][ T7855]  __do_sys_io_uring_enter+0x123a/0x1630
[  122.943995][ T7855]  ? __fget_files+0x20e/0x3c0
[  122.944009][ T7855]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  122.944024][ T7855]  ? fput+0x70/0xf0
[  122.944035][ T7855]  ? ksys_write+0x1ac/0x250
[  122.944049][ T7855]  ? __pfx_ksys_write+0x10/0x10
[  122.944066][ T7855]  ? rcu_is_watching+0x12/0xc0
[  122.944079][ T7855]  __do_fast_syscall_32+0x7c/0x3a0
[  122.944097][ T7855]  do_fast_syscall_32+0x32/0x80
[  122.944114][ T7855]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  122.944128][ T7855] RIP: 0023:0xf710e579
[  122.944136][ T7855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  122.944146][ T7855] RSP: 002b:00000000f50aa55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  122.944157][ T7855] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000026c8
[  122.944163][ T7855] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  122.944169][ T7855] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  122.944175][ T7855] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  122.944181][ T7855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  122.944194][ T7855]  </TASK>
[  123.024119][  T837] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.028048][  T837] usb 5-1: config 0 has no interfaces?
[  123.072802][  T837] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  123.079140][  T837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.091263][  T837] usb 5-1: config 0 descriptor??
[  123.298008][  T837] usb 5-1: USB disconnect, device number 9
[  124.543452][ T7891] block device autoloading is deprecated and will be removed.
[  124.767092][ T7894] xt_hashlimit: invalid rate
[  125.188988][ T7899] warning: `syz.0.548' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  126.154534][ T7930] ==================================================================
[  126.154543][ T7930] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0
[  126.154561][ T7930] Write of size 8 at addr ffffc90004c59000 by task syz.2.558/7930
[  126.154571][ T7930] 
[  126.154576][ T7930] CPU: 3 UID: 0 PID: 7930 Comm: syz.2.558 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  126.154590][ T7930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.154597][ T7930] Call Trace:
[  126.154601][ T7930]  <TASK>
[  126.154605][ T7930]  dump_stack_lvl+0x116/0x1f0
[  126.154623][ T7930]  print_report+0xcd/0x680
[  126.154633][ T7930]  ? __virt_addr_valid+0x81/0x610
[  126.154646][ T7930]  ? sys_fillrect+0x15d4/0x17b0
[  126.154657][ T7930]  kasan_report+0xe0/0x110
[  126.154667][ T7930]  ? sys_fillrect+0x15d4/0x17b0
[  126.154681][ T7930]  sys_fillrect+0x15d4/0x17b0
[  126.154694][ T7930]  ? __pfx_sys_fillrect+0x10/0x10
[  126.154709][ T7930]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  126.154724][ T7930]  ? fb_copy_cmap+0x2ad/0x360
[  126.154741][ T7930]  bit_clear_margins+0x2f7/0x4c0
[  126.154758][ T7930]  ? __pfx_bit_clear_margins+0x10/0x10
[  126.154776][ T7930]  ? fb_get_color_depth+0x120/0x250
[  126.154793][ T7930]  fbcon_clear_margins.constprop.0+0x1d3/0x290
[  126.154809][ T7930]  fbcon_switch+0xa01/0x14c0
[  126.154827][ T7930]  ? __pfx_fbcon_switch+0x10/0x10
[  126.154845][ T7930]  ? __pfx_bit_cursor+0x10/0x10
[  126.154862][ T7930]  ? fbcon_cursor+0x40c/0x5f0
[  126.154877][ T7930]  ? is_console_locked+0x9/0x20
[  126.154891][ T7930]  ? con_is_visible+0x65/0x150
[  126.154904][ T7930]  redraw_screen+0x2c1/0x760
[  126.154919][ T7930]  ? __pfx_vc_do_resize+0x10/0x10
[  126.154934][ T7930]  ? __pfx_redraw_screen+0x10/0x10
[  126.154950][ T7930]  fbcon_set_disp+0x7d4/0xe40
[  126.154966][ T7930]  set_con2fb_map+0x703/0x1060
[  126.154983][ T7930]  fbcon_set_con2fb_map_ioctl+0x16c/0x220
[  126.155000][ T7930]  ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10
[  126.155018][ T7930]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.155035][ T7930]  do_fb_ioctl+0x328/0x7e0
[  126.155047][ T7930]  ? __pfx_do_fb_ioctl+0x10/0x10
[  126.155057][ T7930]  ? lockdep_hardirqs_on+0x7c/0x110
[  126.155074][ T7930]  ? find_held_lock+0x2b/0x80
[  126.155087][ T7930]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.155109][ T7930]  fb_compat_ioctl+0x55e/0x670
[  126.155120][ T7930]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  126.155131][ T7930]  ? hook_file_ioctl_common+0x145/0x410
[  126.155144][ T7930]  ? __fget_files+0x20e/0x3c0
[  126.155159][ T7930]  ? __ia32_compat_sys_openat+0xb0/0x210
[  126.155174][ T7930]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  126.155184][ T7930]  __ia32_compat_sys_ioctl+0x23f/0x370
[  126.155198][ T7930]  __do_fast_syscall_32+0x7c/0x3a0
[  126.155215][ T7930]  do_fast_syscall_32+0x32/0x80
[  126.155232][ T7930]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  126.155246][ T7930] RIP: 0023:0xf70de579
[  126.155255][ T7930] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  126.155265][ T7930] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  126.155276][ T7930] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004610
[  126.155282][ T7930] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  126.155289][ T7930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  126.155295][ T7930] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  126.155301][ T7930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  126.155310][ T7930]  </TASK>
[  126.155314][ T7930] 
[  126.155319][ T7930] The buggy address belongs to the virtual mapping at
[  126.155319][ T7930]  [ffffc90004959000, ffffc90004c5a000) created by:
[  126.155319][ T7930]  drm_gem_shmem_vmap_locked+0x4bc/0x720
[  126.155335][ T7930] 
[  126.155338][ T7930] Memory state around the buggy address:
[  126.155349][ T7930]  ffffc90004c58f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.155357][ T7930]  ffffc90004c58f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.155364][ T7930] >ffffc90004c59000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  126.155370][ T7930]                    ^
[  126.155376][ T7930]  ffffc90004c59080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  126.155383][ T7930]  ffffc90004c59100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  126.155389][ T7930] ==================================================================
[  126.155395][ T7930] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  126.155402][ T7930] CPU: 3 UID: 0 PID: 7930 Comm: syz.2.558 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  126.155415][ T7930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.155422][ T7930] Call Trace:
[  126.155425][ T7930]  <TASK>
[  126.155429][ T7930]  dump_stack_lvl+0x3d/0x1f0
[  126.155444][ T7930]  panic+0x71c/0x800
[  126.155460][ T7930]  ? __pfx_panic+0x10/0x10
[  126.155475][ T7930]  ? __pfx__printk+0x10/0x10
[  126.155489][ T7930]  ? rcu_is_watching+0x12/0xc0
[  126.155501][ T7930]  ? check_panic_on_warn+0x1f/0xb0
[  126.155517][ T7930]  ? sys_fillrect+0x15d4/0x17b0
[  126.155529][ T7930]  check_panic_on_warn+0xab/0xb0
[  126.155544][ T7930]  end_report+0x107/0x170
[  126.155561][ T7930]  kasan_report+0xee/0x110
[  126.155571][ T7930]  ? sys_fillrect+0x15d4/0x17b0
[  126.155584][ T7930]  sys_fillrect+0x15d4/0x17b0
[  126.155598][ T7930]  ? __pfx_sys_fillrect+0x10/0x10
[  126.155613][ T7930]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  126.155626][ T7930]  ? fb_copy_cmap+0x2ad/0x360
[  126.155643][ T7930]  bit_clear_margins+0x2f7/0x4c0
[  126.155660][ T7930]  ? __pfx_bit_clear_margins+0x10/0x10
[  126.155678][ T7930]  ? fb_get_color_depth+0x120/0x250
[  126.155695][ T7930]  fbcon_clear_margins.constprop.0+0x1d3/0x290
[  126.155712][ T7930]  fbcon_switch+0xa01/0x14c0
[  126.155729][ T7930]  ? __pfx_fbcon_switch+0x10/0x10
[  126.155748][ T7930]  ? __pfx_bit_cursor+0x10/0x10
[  126.155764][ T7930]  ? fbcon_cursor+0x40c/0x5f0
[  126.155780][ T7930]  ? is_console_locked+0x9/0x20
[  126.155792][ T7930]  ? con_is_visible+0x65/0x150
[  126.155806][ T7930]  redraw_screen+0x2c1/0x760
[  126.155820][ T7930]  ? __pfx_vc_do_resize+0x10/0x10
[  126.155835][ T7930]  ? __pfx_redraw_screen+0x10/0x10
[  126.155852][ T7930]  fbcon_set_disp+0x7d4/0xe40
[  126.155868][ T7930]  set_con2fb_map+0x703/0x1060
[  126.155885][ T7930]  fbcon_set_con2fb_map_ioctl+0x16c/0x220
[  126.155902][ T7930]  ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10
[  126.155921][ T7930]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.155937][ T7930]  do_fb_ioctl+0x328/0x7e0
[  126.155948][ T7930]  ? __pfx_do_fb_ioctl+0x10/0x10
[  126.155959][ T7930]  ? lockdep_hardirqs_on+0x7c/0x110
[  126.155975][ T7930]  ? find_held_lock+0x2b/0x80
[  126.155989][ T7930]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  126.156011][ T7930]  fb_compat_ioctl+0x55e/0x670
[  126.156022][ T7930]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  126.156033][ T7930]  ? hook_file_ioctl_common+0x145/0x410
[  126.156046][ T7930]  ? __fget_files+0x20e/0x3c0
[  126.156060][ T7930]  ? __ia32_compat_sys_openat+0xb0/0x210
[  126.156074][ T7930]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  126.156085][ T7930]  __ia32_compat_sys_ioctl+0x23f/0x370
[  126.156099][ T7930]  __do_fast_syscall_32+0x7c/0x3a0
[  126.156117][ T7930]  do_fast_syscall_32+0x32/0x80
[  126.156133][ T7930]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  126.156147][ T7930] RIP: 0023:0xf70de579
[  126.156154][ T7930] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  126.156165][ T7930] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  126.156175][ T7930] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004610
[  126.156182][ T7930] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  126.156188][ T7930] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  126.156194][ T7930] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  126.156201][ T7930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  126.156211][ T7930]  </TASK>
[  126.156806][ T7930] Kernel Offset: disabled

VM DIAGNOSIS:
14:33:39  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff816048c0 RDX=ffff8880242f2440
RSI=ffffffff81604908 RDI=ffffffff93d12080 RBP=0000000000000000 RSP=ffffc90000007fd0
R8 =0000000000000001 R9 =fffffbfff27a2410 R10=ffffffff93d12087 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81604909 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097560000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000ffb12ff4 CR3=000000006aef4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080010000 RBX=0000000000000000 RCX=ffffffff816048c0 RDX=ffff888027074880
RSI=ffffffff81604908 RDI=ffffffff93d12080 RBP=0000000000000001 RSP=ffffc90000590fd0
R8 =0000000000000001 R9 =fffffbfff27a2410 R10=ffffffff93d12087 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81604909 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097660000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080287418 CR3=000000007117a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff816048c0 RDX=ffff88801deb4880
RSI=ffffffff81604908 RDI=ffffffff93d12080 RBP=0000000000000002 RSP=ffffc90000538fd0
R8 =0000000000000001 R9 =fffffbfff27a2410 R10=ffffffff93d12087 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81604909 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097760000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000007117a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000012000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85582190 RDI=ffffffff9b06ca00 RBP=ffffffff9b06c9c0 RSP=ffffc9000ddc7020
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff360d992 R15=dffffc0000000000
RIP=ffffffff855821b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097860000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000005795e4c0 CR3=0000000073aa2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008800000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000