last executing test programs:

1.532008316s ago: executing program 0 (id=70):
capget(0x0, &(0x7f00000001c0)={0x0, 0x6, 0x0, 0x0, 0xffd, 0x200})
setresuid(0x0, 0xee00, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
setgid(0x0)

1.458845402s ago: executing program 0 (id=71):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2542, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0x13, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0xfd, 0x0, 0x7fff0000}]})
r4 = fsmount(0xffffffffffffffff, 0x1, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000180)={0x53, 0x0, 0x6, 0xa, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000000)="1201b1008000", 0x0, 0x0, 0x0, 0x0, 0x0})
bind$inet(r4, &(0x7f00000002c0)={0x2, 0x4e21, @private=0xa010101}, 0x10)
sendmsg$NL80211_CMD_STOP_NAN(r4, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r5, 0x8, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x80000001, 0x7e}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000070000000000000000000018112000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='task_rename\x00', r9, 0x0, 0xfffffffffffffffc}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
setsockopt$inet_tcp_int(r4, 0x6, 0x16, &(0x7f0000000280)=0x401, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x1e, 0x0, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r10, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r11, 0x0, 0x0, 0x4}, 0x20)
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r12, 0x4008af30, &(0x7f0000000000)={0x1})
close_range(r3, 0xffffffffffffffff, 0x0)

1.323353065s ago: executing program 0 (id=75):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') (async)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0})
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000000))
readv(r2, &(0x7f0000002c40)=[{&(0x7f0000000100)=""/3, 0x3}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) (async)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x3c, r4, 0x1, 0xd0, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4008800)

1.127397081s ago: executing program 0 (id=83):
r0 = syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0x980902, 0xa})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_TABLE(r2, 0x29, 0xcf, &(0x7f0000000180)=0xfd, 0x4) (async)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10) (async)
sendmsg$can_bcm(r3, &(0x7f0000000200)={0x0, 0x2b, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=r4, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r5=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r5}, 0x10) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async, rerun: 32)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) (async, rerun: 32)
mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0xc000, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x1, 0x16, 0x1, {0x0, 0x2710}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "a5976ac6acd41fd8"}}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000400)="3ee6000000000000000422e563a3", 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
close(r1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
waitid(0x0, 0x0, &(0x7f0000000240), 0x41000004, &(0x7f0000000040))

1.063696063s ago: executing program 0 (id=85):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = timerfd_create(0x0, 0x0)
read(r1, &(0x7f0000000380)=""/189, 0x8)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x20}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
connect$netrom(r2, &(0x7f0000000040)={{0x3, @default, 0x2}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xa}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44080}, 0x2)
gettid() (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
timerfd_create(0x0, 0x0) (async)
read(r1, &(0x7f0000000380)=""/189, 0x8) (async)
socket(0x10, 0x803, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r4, {0xf}, {}, {0x7}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x20}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004001}, 0x0) (async)
connect$netrom(r2, &(0x7f0000000040)={{0x3, @default, 0x2}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x48) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xa}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44080}, 0x2) (async)

849.326317ms ago: executing program 0 (id=88):
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f0000000080)='nfs\x00', 0x0, &(0x7f00000001c0)='\x05\x00\x00\x00\x04\xb0\xfe\x98\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\xc77<r\xe9\x9cD\xb0\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3wA\xf6`>\x8b')
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000740)=0xffffffffffffffff)
preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000280)=""/220, 0xdc}], 0x1, 0x3, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x102, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x7a2, 0x0, 0x2, r4, 0x3})
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000080)={0x7a2, 0x0, 0x4, r4, 0x5})
io_setup(0x7ff, &(0x7f0000000600)=<r5=>0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000008010000060a010400000000000000000100000008000b40000000003c0004802c000180090001007866726d000000001c0002800800024000000004050003000000000008000140000000090c00018008000100636d70000900010073797a300000000098000480140001800d00010073796e70726f787900000000280001800d00010073796e70726f7879"], 0x17c}}, 0x0)
listen(r7, 0x3)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
io_submit(r5, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)="01", 0x400000}])

849.128955ms ago: executing program 1 (id=89):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58) (async)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x6, &(0x7f0000000000)=0x4, 0x4) (async)
setsockopt$inet_tcp_int(r2, 0x6, 0x6, &(0x7f0000000000)=0x4, 0x4)
getsockopt$inet_tcp_int(r2, 0x6, 0x6, 0x0, &(0x7f00000000c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000062010c000000190095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close_range(r1, 0xffffffffffffffff, 0x0)

739.149193ms ago: executing program 1 (id=90):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000040))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x33, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000680)="bc", 0x1}], 0x1}, 0x0)
recvmmsg(r3, &(0x7f0000007300)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000005c0)=""/34, 0x22}], 0x1, &(0x7f0000000d40)=""/59, 0x3b}}], 0x1, 0x2000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000040)) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x33, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) (async)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000680)="bc", 0x1}], 0x1}, 0x0) (async)
recvmmsg(r3, &(0x7f0000007300)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000005c0)=""/34, 0x22}], 0x1, &(0x7f0000000d40)=""/59, 0x3b}}], 0x1, 0x2000, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1) (async)

738.622168ms ago: executing program 1 (id=91):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210057ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) (async)
r1 = socket$inet(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r1, 0x6, 0x2a, 0x0, &(0x7f0000000340))
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x7, 0x1, 0x12, 0xf, 0xfffffffa})

679.362799ms ago: executing program 1 (id=93):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = dup(r0)
ioctl$KVM_SET_MSRS(r1, 0x4018aee3, &(0x7f0000000040)=ANY=[])
ioctl$TIOCGICOUNT(r1, 0x545d, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ea4000/0x2000)=nil], &(0x7f0000000100), &(0x7f0000000080), 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000007"], 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r4, 0x8b22, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
mlock(&(0x7f0000acf000/0x1000)=nil, 0x1000)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x401}]}}]}, 0x40}}, 0x8094)

597.382535ms ago: executing program 1 (id=96):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x54, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params, @NL80211_ATTR_KEYS={0x2c, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_IDX={0x5, 0x2, 0x3}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "5ecaa79f9b595aac66ad20b7c1"}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x804}, 0x0)

594.894809ms ago: executing program 2 (id=98):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'vxcan1\x00', 0x2})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000180)="992b6bde4e046ca2", 0x8}, {&(0x7f0000000240)="6da6f718903481bcc98465e2d74d051107e19ff9c4804bdd53ebd58a0ab57a30640a569c28526bcbe31d85f22eda6d4b861cbff41d14b9d3533df979b1c74d514635be073b7453b16bec0ad3b17e2bf5041fe0c7873c6e4d178c8c1bc18e3fdb108311464b7f812cb0521320a582ba39c632b13634cfdf0c09b76bf8a383f4bdde45325022ef0ffbb97b95a909ee67cc6f3fd937bbe2609e865bdfc526f47b1d14fff908972754113d38584dc130826e6932caf8ef2bcc2adb55c1482d80", 0xbe}, {&(0x7f0000000400)="e9b583fc7ea467d0814921639b9ea70a990ebe3e5aed53ddf80e8997ea3aebf905b13ced3461eacac3679b447ede039993108c03fe215c57df0ddc7189f487fdadfe2e1c88e0f2c74fde6efb5ea590be9076ef4d8357041ff4edcb29ff1b0040f3a490eaee06c56193deff6741ad38f1fbe6d5fdd2336ef32634979a4080c884bb8a01e87b33892e8ae7f5a3351f0832ff12641eab", 0x95}, {&(0x7f00000004c0)="2c3c77ef98fe0940b82c9f24ac03c3d14dd251dbb8a4e23679129db3fe72a3146feae42a0c745c9a266923a7b3c75b1ad992e3192b961b88a66156b62fb1d0cc62d73e0524f033d745d914f35360b595a56da2ee4fd0235d0826fa0dedc861c2c9930eb0b6e41af2ef15671877ce90f1d3b4df1d9083659786a23d45214d1ecfb6e9d749a95ba24f0617d0119549714af43befb0806afa6adf168017f5b8b91f8d7a5dea7285a9393d4974457e9e73762ecf38d35ccb0ff50929448f14bcda2e5fc46cae5bb3311ed17abc2217d7028f8c3fb5f722b52f6103718df299e97fed7aeeadfc54791749e6a3af41376f", 0xee}, {&(0x7f00000001c0)="c302bc1da2e5baf856929a13e712d733f68974f5f48cae2a18a2999f685a", 0x1e}], 0x5)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_ifreq(r3, 0x89fd, &(0x7f0000000100)={'bond0\x00', @ifru_settings={0x5, 0x8002, @sync=0x0}})
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$AUTOFS_IOC_ASKUMOUNT(r1, 0x80049370, &(0x7f0000000080))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@map=r4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r6, 0x0, &(0x7f00000000c0)=""/102}, 0x20)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c"], 0x280)

590.74873ms ago: executing program 1 (id=99):
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2) (async)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x7, 0x4, 0x1000, 0x400}, &(0x7f0000000200)=0x14)
fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1}) (async)
fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000000001}) (async)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000000001})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000340)=@mmap={0x0, 0x2, 0x4, 0x400, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "186856f3"}})
ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000001c0)=0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newlink={0x38, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r4}]}}}]}, 0x38}, 0x1, 0x2000000000000000}, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newlink={0x38, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r4}]}}}]}, 0x38}, 0x1, 0x2000000000000000}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
read$dsp(r6, &(0x7f0000000040)=""/37, 0x25) (async)
read$dsp(r6, &(0x7f0000000040)=""/37, 0x25)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x80)

489.968532ms ago: executing program 2 (id=101):
mkdir(&(0x7f0000000040)='./file0\x00', 0x8c)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r3, 0x1, 0x0, 0xfffbffff}, 0x14}}, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r4, &(0x7f000000c3c0)={0x2020}, 0x2020) (async)
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
r7 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$revoke(0x3, r7)
lchown(&(0x7f0000000000)='./file0\x00', r5, r6) (async)
lchown(&(0x7f0000000000)='./file0\x00', r5, r6)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x2c18e9f4da7ae504, &(0x7f00000000c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@allow_other}, {@max_read={'max_read', 0x3d, 0x80000000}}]}})
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)

472.542028ms ago: executing program 2 (id=104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0}) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}) (rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newlink={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x4100}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r5}]}]}, 0x2c}}, 0x0) (async)
r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async, rerun: 64)
r7 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x80, 0x1, 0xc0, 0x6, @tick=0xefd7, {0x2}, {0xf5, 0x44}, @note={0xb, 0x6, 0x4, 0x0, 0x5}}, {0x80, 0x40, 0x2, 0xc, @tick=0xffff, {0x4, 0x44}, {0x5, 0x81}, @raw8={"858a83ca0394f6d58110210b"}}, {0x0, 0x7f, 0x5, 0x40, @time={0x80000000}, {0x0, 0x4}, {0xa, 0x8}, @time=@time={0xb4, 0x300}}, {0x4, 0x7f, 0x9, 0x9, @tick=0x100, {0x7f, 0x3}, {0xf}, @note={0x8, 0x8, 0xed, 0x7f, 0x4}}], 0x70) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 32)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) (rerun: 32)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xc, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001000010000000000000000080000f000ea712f027d3deb3a4fd61375e2d8770d7759441a", @ANYRES32=0x0, @ANYBLOB="2880000000800200"], 0x20}, 0x1, 0x0, 0x0, 0x5b4efbb362ec6147}, 0x0) (async, rerun: 32)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000180)={0x2, 0x0, 0x98, &(0x7f00000000c0)={0x6, 0x0, 0xf}}) (rerun: 32)

468.508364ms ago: executing program 3 (id=105):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$nmem0(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000040)=[{&(0x7f00000001c0)="580000001400192340834b80044d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000d0c10000000224e00000000", 0x58}], 0x1)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r3, 0x4)
r5 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0)
ioctl$HIDIOCGRDESC(r5, 0x90044802, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a310000000014000780050015000c0000000800084000000090050005000a000000050001000600000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
ioctl$BTRFS_IOC_BALANCE(r6, 0x5000940c, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a80)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x5}]}}]}, 0x3c}}, 0x44080)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(r10, r10, 0x0, 0x6)
ioctl$FS_IOC_GETFLAGS(r9, 0x80086601, &(0x7f0000000180))
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)

299.488378ms ago: executing program 2 (id=106):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)={0x20, r3, 0x65283e1aaa2ddbb1, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}]}, 0x20}}, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000600)="61df712bc884fef053a7a9a26e9b722780", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={<r6=>0x0, 0xfffffff3}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000200)={r6, 0x0, 0x7, [0x0, 0x1, 0x3ff, 0x0, 0xb, 0x0, 0x2]}, 0x16)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r7, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000740)=""/234, 0xea, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000180)={0x2, 0x0, {&(0x7f00000006c0)=""/118, 0x76, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000c40)={0x2, 0x0, {&(0x7f0000000380)=""/51, 0xfffffff8, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000440)=""/195, 0xc3, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r7, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x13, &(0x7f0000000200)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0x21}, @printk={@x}], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x14, &(0x7f0000000600)={0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r8, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001c8005"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x5c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x84}}, 0x0)
sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000d80)={0x1d4, r3, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_MODES={0x34, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x8}, @ETHTOOL_A_BITSET_MASK={0x25, 0x5, "ad9d4cd022b6876d202a92252e26ff62630fd3fb36d40d16533993b5c09685708d"}]}, @ETHTOOL_A_WOL_SOPASS={0x96, 0x3, "0af463b655b6c6ec502ccc50aaa4efb824e06494a23ed4239e019d49fec1ed8b922ff2aa6e0d343950a653ab1d6abfac631964f7f3012c26fb92d3a42c039f973c9234122999f5ce3935f861f48d8ad48fc62d9cd2bb8981978c309526f9596a6c19386029988560866fa9bd9c9ced7bfdfc84fe85babbbeaec84f6fbb0755dbe3010dfc7db46be2485e373ce4611c54fd82"}, @ETHTOOL_A_WOL_SOPASS={0xf4, 0x3, "011ca179e054a230c43705f710cef51b6023eba54bb17ad8368c7a5b6da687ee98d57bf82f66e991c5115b7ebae9fe00349a6f56d60c6b440f3c359537372a147dd27a258f2c049cab7afc88494bbcead486065690739f3a45d8f834fda4e531caa4aeb5dd1de77422cc1e5cf1f15c8605eb9e3bd8ec0bc2f70c1592e0cce5a4a498b151395a100f44491526a3129fcc3fd3653810ca69d43eb283e723a93805792e03c9b60cbc594b29a395f1ca57711c297dfc013bcc1c8e2a0c590654485f9c252ca4339c6b8d7d10e9bf38b51501810b11b244490ebe985c6f2c34ef2e341b883256111d22bc6c9aa4c156c47f00"}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x1}, 0x48040)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r12=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r13=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000000000001000000008003a000700000008000300", @ANYRES32=r12, @ANYBLOB="08000600", @ANYRES32=r13], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x40004840)

297.708308ms ago: executing program 3 (id=107):
r0 = socket$inet6(0xa, 0x3, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8, @remote, 0x3}, 0x18) (async)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
syz_io_uring_setup(0x5c02, &(0x7f0000000480)={0x0, 0x7736, 0x1, 0x2, 0x134f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_emit_ethernet(0x11b5, &(0x7f00000016c0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @dccp_packet={0x7, 0x6, "838129", 0x117f, 0x21, 0x1, @empty, @private1={0xfc, 0x1, '\x00', 0x1}, {[@hopopts={0xdc90c38773ff69c6, 0x15, '\x00', [@hao={0xc9, 0x10, @loopback}, @generic={0x4, 0x6a, "0c39b4c120440e382e302f81ff91d284ccdb6149ee916acd440c2b2738c0ef54f9cd64b420180327037fc4e696e7341695939558c2288bb385d92a51461551b55cd8d6d8b745b6087c2bde43abaa08c029f80f6063d7734cae079613ac60ba402ff4a776ab25435a05b4"}, @calipso={0x7, 0x28, {0x0, 0x8, 0x40, 0x6, [0x0, 0xc, 0x7fff, 0x5]}}]}, @hopopts={0x32, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x5}]}, @dstopts={0x67, 0x208, '\x00', [@generic={0x9, 0x1000, "5af23ceec7f5de89a288cef25c94fd9f7b017a12d0566d7f87a14d7b2afe70ea1279a57997441b57bfe92dcdc98d1896f3cb3ca0bae9193d95849952316c43c35626246e799c5269f9ad545e02e2fec111dc311bf9c16bf0af3394293ab877a4dbf3655fb8d9ed4972ff2b9a956feb02706d9367eb03b5f61f6b47657275ab0380e33ac9500de7bbd7eb92b0879838378113ec8d540e1c863a62451f996ada7406b22a61c3b7c53cb226e7aa1227ccb15a2757ac8601bfaee1d3f1925791d38c92215ffc9063af81b044b91b40f77559d81a3f4cc9c544e4afa4d8065ed0dfef26c28dae72ed248081919675437432e61de82b40bf0aae63727e60ec559d5d04816a90702dd19c2952b0700d5e3e9e9bdc45001bc3a6a655d42e54495fe697306d803c0877918df7c31bcb9c94eb3e5b1c5eec21641ebe4bcc36a68673fec46817d2338320821d8deec7d662a1028463089177f202c28622b49bc003756bf8e829e0ff6bdb176a8553b51c18fda966ba5f26e9d76ffd443ecf19a66da3f3cd53c9dd13bcea6c2c9c1ffe6d6df6ea9de4b4c420b2b19007a35a25bc19aff82d16c94bca23bda6cdeaaef23dedca0fd4e6aeba734ba6d2eff36ce1a7e73ce4ac988cbc70453df1cf03ba0cfa2a5346e5cc59f7d57f14938bb201742b4f03740e0aec6e7302755578cabed9f51e1baf863bc8fc9a44f329f5a1ab5fd541204b355cdf2c488f1833575c6b08920d4d0fdd8cf929e13c95702ba2de77cd1c2a807ecdc03ae8ae5a16a8bbe489d3f2034083b73a122fc6cd3b53ad4a4beee5acdba9ab13d15487587c52136a12f7a4878bd3219ff890a954ba59023da752fae469f6de5645803ee7e14b28aa828e1c97720b74e9a3f2d0c24896f126a13147176d94793304a0811b8a550328fde770fabc8ac01e067dcea604aac220b8519fda3aadf40bd933994e04fa0051af84bffcadba3ef3fb66c4e529977d1e431c77a541b4b0da141a2c24931c62f3987b3c5728e61c0520235c49f3e8ee6e02726ca0fe4a65af94c1258cfb4f629e9325b2e73cab901ed9fcc71092dbb32c04f88e88f5248ceef25e5efcb965a8c7930ae769ecfc908336d8cf90d7e238305d9bea9e209b70ad582671a045f1dbe797930d14a0da57e80087b2739ffb575fbc9031c2e330a979c7c0a1b3f2bbd53fe0c13159dec2c6933f11149206e0c592cbff4c41e490558c3069bd7af1e4abb3aeb5b1398304d224566043e58d362057ffcced032ea279f526ab6a614f405a0cf13dc53256c9b1d72025049fdad52139ce835b6fbe24a19352899e51c3919989f71bf3a15e9eb68582cb355bd526ae9c11b2f92af595e31ef26741db4faeea323a5c19210cfb14d7c3eb892969d2eb7b9a051f30257bb0fa19dc0ec9768f07eddc6f68573ee3ff2acf4673b6939ea9885bacd4ab145275dbe9fcb96ede7c8aa669f1c39e5ddcd347623e0430ebacd1896e7b47cb1685884cf47c16c05fda9c452b88ee3183edf46882d83a052bf8f35012e7978223abc7c55b02fc07ec6ab93155dbace1481ff8a6140cb3cba99367351422e17c8f3aa1f2dcce2a47e9634cce24d84c5b1f70897e6d6dfe2da693c22380cbe032b750c50c0c04bb5a8d491aaa2af1d02e87e6dd8b24ed79a5b4fd8aa5fad7e9a1dc01dd822ba77e81f2ed3f3331720be642e0c49a23fbde59aac5ce41dcf1005c973df4fb06c0b316a7fdd1312a2d496c366a7f8610c2298a7240d48b63817387b6852f18774407137e6cfae8620a00dbbbe69ab677e782127438b0c03f7b4aa30432eed85e699577b094ef580c1aa9826553467041ade1e2055b9acec2e19704530db6e7618e63984c4ea06a05abd36fb2338ba86f51c509a94e499fb89728ec7be99d892aa86435548e968675c4cfd32eb3caa0c223128ee39f97bd2ae463a205d50eeb0573086c30515bfb40fc8cce781fbed8cbab5e012a2293a9690e766df6901ee2a4df0d441f827a5ab78edf800c0e38c594bf785b55e5a9d73a5cb4b35e3160a44cc6a06b608a3d6b672c31c864a2941c943f398562b77f0b327db4ef76976cf503e076cf3d55797df68d2a836169614b5b49a6404dc854d1fd1831780faf5fa6327a2379cacc4dc6c829b4c951675c4f3e7ce4e1e8a0a6c96cbd79bf005d79ec40153845a30dc1a7dc321da841bab770a393c56a9e5f31010b06459e18487138d782893190ef8ed52adc03a40067e47ad3ebb8cc6a38c93a7025dbf8eb622da5847e1b3b99b13b250f21ef66cf7a146cd09d5ff8d4fe17f133496fe426a48eb39d7c92f00b6d4601afed82c07ed81c702909a3f41902dbc97787c7a254016cb354e16cbedbc668be31573ffa5aebf8a1bbdfe4393c12d28c424e11032cd3d494c790c664c50e17feb2e73dfdd356d774b000914affc8bf528e49a8c003059571eabe8722e8ae85a4e37fd9d4600016d962020e1d630079fa48d6bfe2d426766e4f16a4348a67727fc3cd46b85eec3b8393ac20d8765472489db2ca90cb2eea88f7bdfdd6cf28d4d73c77a4bb9fc5f79ce81e6ee30b724e9d99dc8fb4e536b5be3156aa6d6870905c2e55737c0998ce82fb000cfb72657bf2569e64ba2a2f805bbedaff373865202c44700097df8518a48d07908f7349727aa159c4f398be5372d666140f8cc456240cdcccd4376c14d0617f5e974ca53c08e346f2d6cd35c07eff8ca2f042ba6ce1754af67ad6dfa9dc041aeb160c246520565a44bbe3f7752249201439c7d2994851112240b6f67397b8da1fa9045ccb41e2168943d2e141dce8b86cc19c5ac3004e1a1821e0c2de611d49bfb1457c57efb35aecd0647ee3bab86f462d9fdd5a30892857ccf10cec0a2dc871f919333faddc7781a4e9bf90874a34188163b3c0d974ce7b2e32604b7fc730425f8e4f330754f1671b520bbafb7d5fedac3884ef452bc460f01e47811108d897f835bd418d745fcd822b683e01fd1f79d7c8bf2b431b0a68b522877ebed7a3bce8d7de2e8deabe3001f4587258bac54c349d35f04eadbe0206ae502ff6069cd1b36fbec5622a527be41ca8a4eb52eab0ef87da7a66e5e6ebf23db2af9369b7580c280bf5dc065043e2dc03852e5a205584c7484a744145c01436f86446bfa918e937dec4cc92c0f548e445aa11134aca2a174a5e7b2f65d6081cee516be68bac86c377243b8716bd6c224d7532428a089b78ad3b8946f25446bc5c1f9e9a9da8833f726a9d7f9a2b839fc5a1b39bf32c37073031f194197554fbc1344187dc7f174923064e231c8f7f34c8d1363e4e532b0d14f417872ec5c81c68e51dfe8c7c50acb17e381beba6341794b5d127ac0c2160a73d045bbb172c6e66ecd2ad1df8f02c3a07c9f5e59b33e30c0f767bd5798c10acb56b048e79cfc6ecf55b7729a958a6ecd3892b3d73e83d630e614cb1093923ff1af4b79dce857ceb2aa0ec5fe6225502ccd10549a11521bd0d6e6e69ee917249383a4d07e82268f5a81236ebb0c9cd39c3ecce053959d2896a3aacd4b8a5ad8e02d1a95e952cb4f8150b9072e216d0545341c2213ba43ddd6d50f8887cef41305999867e90934ccc297a4d2ea014c0ddcd91e38bae383d317f69beaed67055d8babbaea1dbe27a135d598eba9d3194d37214071e5d47363d9e1cfaf49d1b720d2354693b3e70411229ee7ffd0098a76503a77173fe2947ff239e8c45b91c2e07e2076173b79741049fe29999a525559f55197cdd6001ebfeee3707c59e5ba4ec147c987014ce932e8cd6a6be3408dc44b40a5c6caaccdb81e873ba65d5e1dd9631ff4e8b2d912fbe741739e4a93ff7648d8e53841ff9edbbed27bf6637afe28146e7dc6dffc39ca07ce5112b51c66fa0d622f87e08dc7bda4e63d8831f4dffbe8870abd00ce7aa017f70d77d87276373f02d232543b2d559e468f640616af14bba3828ad147857ed70d7085195a5fb360d5feac9606d97d1fb849ba3b2675d0b520ed7a39fe430a1773f12d7980d4f1aa54c7ca4e9bf27252470a358e4b57bf24fa179de277a3687a884a8a77b61939648aa6a26a761bdb7456c7888997846e2ee4a9ac6baba86679ebd3b35c8f98e98a461a28cf6575de3b83bd6c6d0ad568691ea33f1325bc21f40751386dde87eaa3b379828f049966464ca25fae9421cd05b3b382135c635c19ee6ff37b582935bce4deaf4c04526e4909cc3450509e73569e8496bb18e60da8e9b44b75663eae94a3ccd77a0e2d0ac16f8ba8bb76273250cdbb1724ecec87036c58c81dbc53ad348b3ad1eb8494ab962cc21e0b7ab277d67a7cbf1aabf9efffad1c8dd63b76dbd1cc082c9c33636645bdf40f6e207ee33705b66d2ecc86240e3316f4b6c80a120f7201410fd716d9bdc2414cb7c459b52eb4fab11d09eb83d30b4e2866fb509ce3311c3b4836557a3d8a00d2496bc92ec2fce29fabaf32de632939a199d5a561474d1d548fef7ec05d15d6c11a51ed2495453027e6f716aba3c46f573f76581c99b990991396898603b3a6ab0a24ff5a1fea472d798315cc053e4c8269391a81f77cdaf374b7cc5595f2a2cb853e48976632fc0a18c024ac6c62936696b5aa83c4ee6c5aa6d9d8c4e119560e313fa50fe65e3ade24534115c83bdb7ef9393a7273068475b3e294fb0e3f02a6263b85b6cd2963fdbb0e708bfd09cb0ca20af10b40cbb2cebeb987b8b27ba37ff8c4538b3a5f92d818c60d7b3496d0a91bd52a8c55568d96eae68a3b1a3bcb48e996c3f2991a3f121f8a773ed0bb3a29cf3e0b88b800f74eec4a6f89da627f544f06100c4075bbed82dda52c77ae1f1a2ca91f29f4c1a988a6852c5286bcd364c80fa65a9234c75742c2f996345e434041ff5387795d0f7ec3e97968f2ae09fda297257d06b1478300b6ff041e5e4e1e51236e53d4c69cb1a3856e9a22ccc6c619ed9749669119369f1d1e364169a60f5b2e27d2ed706bcb7f8eae502019def0716c2e1392682d8f70530bccdc4241c3ecb91a58b36fe0b9d2bdc997626a8b7a031af64026369897c2174eaed97e328e0e4f7142ab9bc8bff21d7cc985c93e1b6d307e47a9c5626dd794c720a266c718d63762f83ef7370ce645c0cedab04f8c1f33077b4a006da273d77d8d9772f3d8f54d33f87dc3ec2a96b4360d6b92d9459471a5d20334b011fae62a6f26e6e0458fb5d1e1c848a24820e633faea7bad7d4aab8c462fab2ec8553ca92a85ada18a3cd211a5cca375d72e699cb768859afb14abb4724c641e2c88bf6d4c7440d660e8f33418ae22ec9fb956213c9e1f30877a1a422150c7664860e653d1b35c6e509bbf4ede9683e599261ddd7b5c183ac0613842bd181d9842c2963a52148f711e76c988b7cd22f13125f9d91f8072ed5be8dc133a330a9d6a4ce889cec5aefce4b32dacfdbd012a0d4f9e7cd4a18c49c7bc56d6d785a7a5e17026b9d92c293fc4d117c4333606200937b069b839f874f8588b37594669d55b60276b98fab63f38b559a57a81ce86219518d27bccaa291a048af40121e1c1a7291730230726af8b40957cf6adb5f37ecb72aeecdaca66d919e3311c416b20cb0e2e516891bb14c9426527e1acbd3219bedf67c36640e68b10f0c4aabffbb59551a5a86d72a2af5a3910346c7333b2fa66e83947bef3951576f8ff748e5a006f6d6e82a8daad395d30893446f2fa400ccd9d38ea8e86b136604219d1035deb386c2fa411c99f588cbfb4cfcc1a278c6c2c3c0f2d002e7d23a59c369f6914a601e814fde76dde813e7f473ff800dfcc40efab72ac9b9"}, @enc_lim={0x4, 0x1, 0xa}, @calipso={0x7, 0x30, {0x2, 0xa, 0x1, 0x3, [0x2, 0x101, 0x4, 0x1, 0x3]}}, @jumbo={0xc2, 0x4, 0xf}, @jumbo={0xc2, 0x4, 0x10}, @padn={0x1, 0x2, [0x0, 0x0]}]}], {{0x4e24, 0x4e22, 0x4, 0x1, 0x5, 0x0, 0x0, 0x8, 0x1, "f28376", 0x4, ';J]'}, "c45421ccbbedd16bc0013db039293414391e33d007cdb701378680700defd3c28d137340c49e071e21a6fb5f12c6d0f366a29dbd854f9427eac165c4987a304004bf833cbeef237913345add09147603e9f4924cb48eac7cd30a23155a1696"}}}}}}, 0x0) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async, rerun: 64)
r3 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0) (rerun: 64)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x0, 0x0, 0x32}, &(0x7f0000000500)='./file0\x00', 0x18}) (async)
io_uring_enter(r3, 0x47fa, 0x0, 0x45, 0x0, 0x0) (async)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) (async)
io_uring_enter(r3, 0x47bc, 0x0, 0x35, 0x0, 0x0) (async)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='tmpfs\x00', 0x10410, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

248.584297ms ago: executing program 2 (id=108):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x54, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params, @NL80211_ATTR_KEYS={0x2c, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_IDX={0x5, 0x2, 0x3}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "5ecaa79f9b595aac66ad20b7c1"}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x804}, 0x0)

247.545736ms ago: executing program 2 (id=109):
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlockall(0x3)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x101}, 0x38)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000700)={r1, 0x1, 0x8, 0x3}) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000700)={<r2=>r1, 0x1, 0x8, 0x3})
getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, &(0x7f0000000740), &(0x7f0000000780)=0x4) (async)
getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, &(0x7f0000000740), &(0x7f0000000780)=0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000a00)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd_index=0x4, 0x2, 0x0, 0x0, 0x3})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280)=0x4)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000003c0), 0x40000, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x7, 0xc9}}}, 0x6) (async)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x7, 0xc9}}}, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000980)=ANY=[@ANYBLOB="5c00000015009a2dbfc123434bd077010028bd7000fcdbdf25e0000001000000000000000000000000fc0000000000000000000000000000014e2300204e2100090a0020a06c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e00010000000a0010006a"], 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0) (async)
sendmsg$nl_xfrm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000980)=ANY=[@ANYBLOB="5c00000015009a2dbfc123434bd077010028bd7000fcdbdf25e0000001000000000000000000000000fc0000000000000000000000000000014e2300204e2100090a0020a06c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b56b6e00010000000a0010006a"], 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x5, <r6=>0x0}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000480), &(0x7f00000004c0)}, 0x20)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)=@o_path={&(0x7f0000000580)='./file0\x00', 0x0, 0x4000, r0}, 0x18) (async)
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)=@o_path={&(0x7f0000000580)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x17, 0x10, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x8e7}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0xd7, 0xb4, &(0x7f0000000300)=""/180, 0x41000, 0x0, '\x00', r3, @cgroup_sysctl=0x12, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x1, 0x2, 0x6, 0x1f}, 0x10, r6, 0xffffffffffffffff, 0x0, &(0x7f0000000600)=[r7, r8, r8], 0x0, 0x10, 0x9, @void, @value}, 0x94)
sendmmsg$inet6(r1, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000002c0)={0xa, 0x4e23, 0x2, @remote, 0x400}, 0x1c, 0x0}}], 0x2, 0x40000)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x68000000}, 0x0)
r9 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000007c0), 0x400100, 0x0)
ioctl$sock_netdev_private(r9, 0x89f2, &(0x7f0000000800)="75ca78a09b8d31799162c9aa57576a04927f4964728f03f377fffe63dae0c8f1ec62261189749c26a5a20134991042080fdd5b5657f22808461559d5b4278c804385b690b8d115b0e0be6286ed4060c26ea4f85b964512a94285ac0d9a9e0892828b1fb1dfc537a421ad330da4d1b7fbf3f53b0c4251002cc3f4c7971b428d905e71584876f4213ea8165e7ed2649fc6f9c620a84c2dd5f813f7b48f0610da2992da065ec1ce5c252adda63400fa07e83331f1302adff2445d481d94a53e489b")
r10 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r10, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x0, @private2}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x0) (async)
sendmsg$kcm(r10, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x0, @private2}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x0)
connect$inet(r4, &(0x7f00000008c0)={0x2, 0x4e21, @broadcast}, 0x10)
openat$cgroup_ro(r2, &(0x7f0000000900)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

247.168678ms ago: executing program 3 (id=110):
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f00000019c0)) (async)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f00000001c0)={0xe, 0x0, {0x2, 0xb136deaac00f4069, 0x2, 0x1, 0xbf4}, 0x1ff}) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050000000000000000001d00000008000300", @ANYRES32=r4], 0x24}}, 0x0)

189.772889ms ago: executing program 3 (id=111):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000003d0007010000000000000000017c0000040008800c00018006000600800ae6ff0800024404001463c68fa426d229049ec3380b3c0d0116fc"], 0x76}, 0x1, 0x0, 0x0, 0x50}, 0xc000)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x200, 0x80000001, 0x101, 0x6, 0x400, 0x3, 0x5}, 0x1c)

189.375796ms ago: executing program 3 (id=112):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r0) (async)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
syz_open_dev$dri(&(0x7f0000000300), 0x4, 0x300) (async)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r1, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r1, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0) (async)
r2 = syz_open_dev$media(&(0x7f0000000040), 0x43, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r2, 0xc0487c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000024c0)=[{}, {}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001400212100000000000000000200"], 0x28}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14}, 0x14}}, 0x8081)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900462b8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000200)="c67f0d7df9", 0x4b}], 0x2)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000001400211be16c008aa30100000000000e", @ANYRES32=r5, @ANYBLOB="08000200ac141400"], 0x20}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x10, 0xffffffffffffffff, 0x0) (async)
r8 = creat(&(0x7f00000001c0)='./file0\x00', 0x8) (async)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000003d40), 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x2, 0xd, 0x3, 0xaba}]})
write$RDMA_USER_CM_CMD_REJECT(r9, &(0x7f0000000180)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x3, '\x00', "ad55e8f08128ad2b9c98f5fda8686d25c134847fe6efd344372148d9b6591a6440909a1df518fc08785bff00698a24f5f69302563481022229120ed39f8dce5524922d8397b416b513811838208b1a1a3772ead535a37831d1c357ffd7aa9e05ed59af1dfec903e2355bf5b1ff2beef877abe1d47ee5e98b642388839e91a9240ad695ad877e91b0de18f7794c789dfc406b4121b5a51cfa483d6ceaf39bfe75bf0916b221453e0dd34d4b84ebecffc3a9b7e6b014fbac97a6fe2f99fbc0b5f818297a633626ed4d90ae3d147379e6f6b0aa13377541f276ef5a4bc0af71739f4f47349de063fb8f3a7eec2d879910b5640489a94940c5232658d1928948830e"}}, 0x110) (async)
close(r8)
read$FUSE(r8, &(0x7f000000c400)={0x2020}, 0x2020) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl0\x00', r5, 0x0, 0x9, 0xa, 0x3, 0x20, @remote, @local, 0x8, 0x8, 0x1, 0x3}}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

0s ago: executing program 3 (id=113):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
statfs(0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009b23fd406d040000"], 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x5, 0x2}, {0x0, 0x3}}}, 0x24}}, 0x40)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

[   38.008301][   T39] audit: type=1400 audit(1739061132.225:81): avc:  denied  { rlimitinh } for  pid=5909 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   38.015343][   T39] audit: type=1400 audit(1739061132.225:82): avc:  denied  { siginh } for  pid=5909 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   39.430423][   T39] audit: type=1400 audit(1739061133.665:83): avc:  denied  { read } for  pid=5337 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   39.438311][   T39] audit: type=1400 audit(1739061133.665:84): avc:  denied  { append } for  pid=5337 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   39.445757][   T39] audit: type=1400 audit(1739061133.665:85): avc:  denied  { open } for  pid=5337 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   39.451949][   T39] audit: type=1400 audit(1739061133.665:86): avc:  denied  { getattr } for  pid=5337 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '[localhost]:45141' (ED25519) to the list of known hosts.
[   39.980802][   T39] audit: type=1400 audit(1739061134.215:87): avc:  denied  { name_bind } for  pid=5922 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   41.949583][ T5925] cgroup: Unknown subsys name 'net'
[   42.138877][ T5925] cgroup: Unknown subsys name 'cpuset'
[   42.143705][ T5925] cgroup: Unknown subsys name 'rlimit'
[   42.326135][ T5932] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   42.958786][ T5925] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.303819][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   45.303831][   T39] audit: type=1400 audit(1739061139.535:105): avc:  denied  { execmem } for  pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   45.477879][   T39] audit: type=1400 audit(1739061139.715:106): avc:  denied  { create } for  pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   45.488784][   T39] audit: type=1400 audit(1739061139.715:107): avc:  denied  { read write } for  pid=5938 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   45.496733][   T39] audit: type=1400 audit(1739061139.715:108): avc:  denied  { open } for  pid=5938 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   45.503127][   T39] audit: type=1400 audit(1739061139.725:109): avc:  denied  { ioctl } for  pid=5938 comm="syz-executor" path="socket:[1670]" dev="sockfs" ino=1670 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   45.526687][ T5294] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.531746][ T5949] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.534885][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.537150][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.539824][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.541859][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.545121][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.547938][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.549303][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.550072][ T5954] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   45.553332][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.554223][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.554538][ T5954] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.554580][ T5954] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   45.556223][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.556921][ T5949] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.557200][ T5949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.557825][ T5949] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.558077][ T5949] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   45.558569][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.559033][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.559240][ T5950] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   45.559349][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.562256][   T39] audit: type=1400 audit(1739061139.795:110): avc:  denied  { read } for  pid=5940 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   45.565135][ T5949] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.566320][   T39] audit: type=1400 audit(1739061139.795:111): avc:  denied  { open } for  pid=5940 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   45.593240][   T39] audit: type=1400 audit(1739061139.795:112): avc:  denied  { mounton } for  pid=5940 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   45.714235][   T39] audit: type=1400 audit(1739061139.945:113): avc:  denied  { module_request } for  pid=5943 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   45.758254][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   45.777995][ T5940] chnl_net:caif_netlink_parms(): no params data found
[   45.867919][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   45.876032][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.878075][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.880752][ T5943] bridge_slave_0: entered allmulticast mode
[   45.884158][ T5943] bridge_slave_0: entered promiscuous mode
[   45.890386][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.892506][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.894805][ T5943] bridge_slave_1: entered allmulticast mode
[   45.896953][ T5943] bridge_slave_1: entered promiscuous mode
[   45.966732][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.970306][ T5938] chnl_net:caif_netlink_parms(): no params data found
[   45.977778][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.058316][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.061021][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.063923][ T5940] bridge_slave_0: entered allmulticast mode
[   46.067507][ T5940] bridge_slave_0: entered promiscuous mode
[   46.072998][ T5943] team0: Port device team_slave_0 added
[   46.077302][ T5943] team0: Port device team_slave_1 added
[   46.089395][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.091470][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.093455][ T5952] bridge_slave_0: entered allmulticast mode
[   46.096557][ T5952] bridge_slave_0: entered promiscuous mode
[   46.099803][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.102527][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.105942][ T5940] bridge_slave_1: entered allmulticast mode
[   46.109831][ T5940] bridge_slave_1: entered promiscuous mode
[   46.127053][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.129076][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.131120][ T5952] bridge_slave_1: entered allmulticast mode
[   46.133276][ T5952] bridge_slave_1: entered promiscuous mode
[   46.167931][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.169928][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.177105][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.213432][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.217950][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.219924][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.227253][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.241660][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.243710][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.246497][ T5938] bridge_slave_0: entered allmulticast mode
[   46.248635][ T5938] bridge_slave_0: entered promiscuous mode
[   46.251766][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.256167][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.260007][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.276382][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.278284][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.280128][ T5938] bridge_slave_1: entered allmulticast mode
[   46.282149][ T5938] bridge_slave_1: entered promiscuous mode
[   46.315703][ T5940] team0: Port device team_slave_0 added
[   46.346364][ T5952] team0: Port device team_slave_0 added
[   46.348879][ T5940] team0: Port device team_slave_1 added
[   46.352045][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.356930][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.371129][ T5943] hsr_slave_0: entered promiscuous mode
[   46.373173][ T5943] hsr_slave_1: entered promiscuous mode
[   46.377840][ T5952] team0: Port device team_slave_1 added
[   46.417073][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.419141][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.426532][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.453840][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.456344][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.465048][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.479969][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.481991][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.489286][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.496035][ T5938] team0: Port device team_slave_0 added
[   46.498359][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.500556][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.508116][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.531989][ T5938] team0: Port device team_slave_1 added
[   46.555950][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.558607][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.569061][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.575896][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.578470][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.587923][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.663908][ T5938] hsr_slave_0: entered promiscuous mode
[   46.668291][ T5938] hsr_slave_1: entered promiscuous mode
[   46.670762][ T5938] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.673931][ T5938] Cannot create hsr debugfs directory
[   46.689131][ T5940] hsr_slave_0: entered promiscuous mode
[   46.691141][ T5940] hsr_slave_1: entered promiscuous mode
[   46.692998][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.695732][ T5940] Cannot create hsr debugfs directory
[   46.700751][ T5952] hsr_slave_0: entered promiscuous mode
[   46.703335][ T5952] hsr_slave_1: entered promiscuous mode
[   46.705690][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.707879][ T5952] Cannot create hsr debugfs directory
[   46.918691][ T5943] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.933727][ T5943] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.940365][ T5943] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.949158][ T5943] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.001578][ T5952] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.007749][ T5952] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.012583][ T5952] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.018151][ T5952] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.056329][ T5938] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.066963][ T5938] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.072653][ T5938] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.078058][ T5938] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.084935][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.133106][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   47.136784][ T5940] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.142739][ T5940] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.148529][ T5940] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.153982][ T5940] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.164413][  T217] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.166597][  T217] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.179488][  T217] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.181507][  T217] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.220618][ T5943] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   47.223514][ T5943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.236608][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.259798][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   47.267995][   T39] audit: type=1400 audit(1739061141.505:114): avc:  denied  { sys_module } for  pid=5943 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   47.269734][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.280860][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.283818][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.294218][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.297110][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.313754][ T5938] 8021q: adding VLAN 0 to HW filter on device team0
[   47.321303][  T217] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.323760][  T217] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.329900][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.343615][ T5952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.354263][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[   47.360182][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.362154][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.367622][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.369704][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.382556][  T217] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.385468][  T217] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.402242][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.442682][ T5940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.469284][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.476387][ T5943] veth0_vlan: entered promiscuous mode
[   47.491295][ T5943] veth1_vlan: entered promiscuous mode
[   47.511004][ T5952] veth0_vlan: entered promiscuous mode
[   47.524116][ T5952] veth1_vlan: entered promiscuous mode
[   47.542542][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.548893][ T5943] veth0_macvtap: entered promiscuous mode
[   47.556819][ T5952] veth0_macvtap: entered promiscuous mode
[   47.562664][ T5943] veth1_macvtap: entered promiscuous mode
[   47.567492][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.569764][ T5952] veth1_macvtap: entered promiscuous mode
[   47.586979][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.589754][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.593079][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.596615][ T5294] Bluetooth: hci1: command tx timeout
[   47.597040][   T66] Bluetooth: hci3: command tx timeout
[   47.597365][ T5954] Bluetooth: hci0: command tx timeout
[   47.597838][ T5949] Bluetooth: hci2: command tx timeout
[   47.598232][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.603522][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.627134][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.631261][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.636309][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.639988][ T5952] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.643393][ T5952] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.647796][ T5952] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.650402][ T5952] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.660418][ T5943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.663733][ T5943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.667385][ T5943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.670714][ T5943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.703329][ T5940] veth0_vlan: entered promiscuous mode
[   47.710882][ T5938] veth0_vlan: entered promiscuous mode
[   47.745495][ T5940] veth1_vlan: entered promiscuous mode
[   47.746118][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.748171][ T5938] veth1_vlan: entered promiscuous mode
[   47.749678][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.775920][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.778997][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.781589][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.785503][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.808678][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.811644][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.816925][ T5938] veth0_macvtap: entered promiscuous mode
[   47.821104][ T5940] veth0_macvtap: entered promiscuous mode
[   47.823992][ T5938] veth1_macvtap: entered promiscuous mode
[   47.830115][ T5940] veth1_macvtap: entered promiscuous mode
[   47.837318][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.840185][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.842730][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.846387][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.850869][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.857771][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.859740][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   47.860621][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.868337][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.871421][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.874802][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.880227][ T5940] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.882631][ T5940] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.886095][ T5940] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.888789][ T5940] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.902346][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.906747][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.910557][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.916048][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.919532][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.922643][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.932997][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.940642][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.943531][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.947057][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.949993][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.952714][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.956202][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.960312][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.968086][ T5938] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.971495][ T5938] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.975162][ T5938] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.977610][ T5938] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.019486][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.021831][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.069234][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.071553][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.083381][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.085901][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.104114][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.116884][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.192578][ T6030] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1'.
[   48.217369][ T6022] syz.2.3 (6022) used greatest stack depth: 20480 bytes left
[   48.255647][ T6035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10'.
[   48.267841][ T6035] loop9: detected capacity change from 0 to 1
[   48.269249][ T6033] dlm: Unknown command passed to DLM device : 255
[   48.269249][ T6033] 
[   48.275140][ T6035]  loop9: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11
[   48.279655][ T6035] loop9: p1 start 2048 is beyond EOD, truncated
[   48.281978][ T6035] loop9: p2 start 5 is beyond EOD, truncated
[   48.284696][ T6035] loop9: p3 start 4294967292 is beyond EOD, truncated
[   48.287729][ T6035] loop9: p4 start 1610612737 is beyond EOD, truncated
[   48.289566][ T6035] loop9: p5 start 4 is beyond EOD, truncated
[   48.291339][ T6035] loop9: p6 start 3 is beyond EOD, truncated
[   48.291882][ T6033] Zero length message leads to an empty skb
[   48.293002][ T6035] loop9: p7 start 2523264691 is beyond EOD, truncated
[   48.298916][ T6035] loop9: p8 start 1926141035 is beyond EOD, truncated
[   48.300943][ T6035] loop9: p9 start 781472669 is beyond EOD, truncated
[   48.302858][ T6035] loop9: p10 start 1756420662 is beyond EOD, truncated
[   48.304845][ T6035] loop9: p11 start 1633641840 is beyond EOD, truncated
[   49.213241][ T6056] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16'.
[   49.216328][ T6056] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16'.
[   49.283111][ T6064] overlay: filesystem on ./bus is read-only
[   49.393280][ T6075] netlink: 10 bytes leftover after parsing attributes in process `syz.1.21'.
[   49.432433][ T6082] cgroup: Unknown subsys name 'cpuset'
[   49.442327][ T6084] No source specified
[   49.483167][ T6092] trusted_key: encrypted_key: insufficient parameters specified
[   49.487788][ T6091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.27'.
[   49.492069][ T6091] cgroup: Need name or subsystem set
[   49.590688][ T6104] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.602481][ T6104] netlink: 'syz.0.33': attribute type 12 has an invalid length.
[   49.608104][ T6104] netlink: 'syz.0.33': attribute type 29 has an invalid length.
[   49.610258][ T6104] netlink: 148 bytes leftover after parsing attributes in process `syz.0.33'.
[   49.675118][   T66] Bluetooth: hci2: command tx timeout
[   49.676539][ T5294] Bluetooth: hci0: command tx timeout
[   49.676793][ T5949] Bluetooth: hci3: command tx timeout
[   49.676822][ T5949] Bluetooth: hci1: command tx timeout
[   49.685018][ T6118] netlink: 36 bytes leftover after parsing attributes in process `syz.0.37'.
[   49.717968][ T6118] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.37' sets config #1
[   49.723625][ T5982] hid-generic 0101:0008:0008.0002: item fetching failed at offset 5/6
[   49.727164][ T5982] hid-generic 0101:0008:0008.0002: probe with driver hid-generic failed with error -22
[   49.776713][ T6121] fuse: Bad value for 'rootmode'
[   49.794237][ T6118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.37'.
[   49.859180][ T6127] @: renamed from vlan0 (while UP)
[   50.074951][  T835] IPVS: starting estimator thread 0...
[   50.164641][ T6140] IPVS: using max 36 ests per chain, 86400 per kthread
[   50.238210][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.45'.
[   50.300695][ T6157] 9pnet: Limiting 'msize' to 512000 as this is the maximum supported by transport virtio
[   50.305250][   T39] kauditd_printk_skb: 148 callbacks suppressed
[   50.305266][   T39] audit: type=1400 audit(1739061144.535:263): avc:  denied  { map } for  pid=6153 comm="syz.2.45" path="/dev/video3" dev="devtmpfs" ino=959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   50.305306][   T39] audit: type=1400 audit(1739061144.535:264): avc:  denied  { create } for  pid=6153 comm="syz.2.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   50.437105][   T39] audit: type=1400 audit(1739061144.675:265): avc:  denied  { setopt } for  pid=6170 comm="syz.3.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   50.503375][   T39] audit: type=1400 audit(1739061144.735:266): avc:  denied  { setopt } for  pid=6170 comm="syz.3.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   50.958498][ T6177] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.967915][   T39] audit: type=1400 audit(1739061145.205:267): avc:  denied  { create } for  pid=6176 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   50.976578][   T39] audit: type=1400 audit(1739061145.205:268): avc:  denied  { bind } for  pid=6176 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   50.981819][   T39] audit: type=1400 audit(1739061145.205:269): avc:  denied  { name_bind } for  pid=6176 comm="syz.2.52" src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   50.988547][   T39] audit: type=1400 audit(1739061145.205:270): avc:  denied  { node_bind } for  pid=6176 comm="syz.2.52" saddr=ff01::1 src=128 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[   50.996105][   T39] audit: type=1400 audit(1739061145.205:271): avc:  denied  { connect } for  pid=6176 comm="syz.2.52" laddr=ff01::1 lport=128 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   51.002036][   T39] audit: type=1400 audit(1739061145.205:272): avc:  denied  { name_connect } for  pid=6176 comm="syz.2.52" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[   51.754598][ T5294] Bluetooth: hci1: command tx timeout
[   51.754957][ T5954] Bluetooth: hci3: command tx timeout
[   51.756209][   T66] Bluetooth: hci2: command tx timeout
[   51.756249][   T66] Bluetooth: hci0: command tx timeout
[   52.012495][ T6189] xt_hashlimit: size too large, truncated to 1048576
[   52.143990][ T6206] process 'syz.2.60' launched '/dev/fd/3/./file1' with NULL argv: empty string added
[   52.180505][ T6211] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1542 sclass=netlink_route_socket pid=6211 comm=syz.0.61
[   52.311797][ T6223] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   52.317036][ T6223] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   52.322675][ T6223] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.328258][ T6223] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.545835][  T834] hid-generic 0005:7FFF:0008.0003: item fetching failed at offset 0/1
[   52.549363][  T834] hid-generic 0005:7FFF:0008.0003: probe with driver hid-generic failed with error -22
[   52.552073][ T6247] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[   52.586141][ T6254] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   52.759235][ T6274] netlink: 'syz.2.79': attribute type 1 has an invalid length.
[   53.272051][ T6341] fuse: Bad value for 'fd'
[   53.273190][ T6338] warning: `syz.1.93' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   53.345976][  T835] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   53.370562][ T6356] netlink: 'syz.3.100': attribute type 10 has an invalid length.
[   53.377371][ T6356] syz_tun: entered promiscuous mode
[   53.381769][ T6356] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   53.535004][  T835] usb 5-1: Using ep0 maxpacket: 32
[   53.542505][  T835] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[   53.545274][  T835] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[   53.547838][  T835] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[   53.550485][  T835] usb 5-1: config 1 has no interface number 0
[   53.552317][  T835] usb 5-1: config 1 interface 1 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   53.555386][  T835] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[   53.558893][  T835] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[   53.561621][  T835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.575319][  T835] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[   53.635752][ T6385] __nla_validate_parse: 10 callbacks suppressed
[   53.635764][ T6385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.106'.
[   53.693237][ T6396] netlink: 28 bytes leftover after parsing attributes in process `syz.3.110'.
[   53.696924][ T6396] netlink: 28 bytes leftover after parsing attributes in process `syz.3.110'.
[   53.697108][ T6397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.110'.
[   53.735343][ T6400] openvswitch: netlink: Flow actions attr not present in new flow.
[   53.769140][ T6403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.112'.
[   53.775638][  T835] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values
[   53.779070][  T835] snd_usb_pod 5-1:1.1: invalid control EP
[   53.781135][  T835] snd_usb_pod 5-1:1.1: cannot start listening: -22
[   53.783816][  T835] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[   53.786360][  T835] snd_usb_pod 5-1:1.1: probe with driver snd_usb_pod failed with error -22
[   53.788008][ T6403] syz.3.112 uses obsolete (PF_INET,SOCK_PACKET)
[   53.801660][ T6402] =======================================================
[   53.801660][ T6402] WARNING: The mand mount option has been deprecated and
[   53.801660][ T6402]          and is ignored by this kernel. Remove the mand
[   53.801660][ T6402]          option from the mount to silence this warning.
[   53.801660][ T6402] =======================================================
[   53.835727][ T5954] Bluetooth: hci1: command tx timeout
[   53.835795][ T5949] Bluetooth: hci0: command tx timeout
[   53.844557][ T5949] Bluetooth: hci3: command tx timeout
[   54.001519][ T6309] netlink: 20 bytes leftover after parsing attributes in process `syz.0.88'.
[   54.004011][ T6309] netlink: 12 bytes leftover after parsing attributes in process `syz.0.88'.
[   54.007516][ T6309] netlink: 20 bytes leftover after parsing attributes in process `syz.0.88'.
[   54.019315][ T5949] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   54.023137][ T5949] CPU: 0 UID: 0 PID: 5949 Comm: kworker/u33:4 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[   54.023162][ T5949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.023198][ T5949] Workqueue: hci0 hci_rx_work
[   54.023394][ T5949] Call Trace:
[   54.023415][ T5949]  <TASK>
[   54.023424][ T5949]  dump_stack_lvl+0x16c/0x1f0
[   54.023506][ T5949]  sysfs_warn_dup+0x7f/0xa0
[   54.023619][ T5949]  sysfs_create_dir_ns+0x24d/0x2b0
[   54.023647][ T5949]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   54.023689][ T5949]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   54.023737][ T5949]  ? kobject_add_internal+0x12d/0x990
[   54.023776][ T5949]  ? do_raw_spin_unlock+0x172/0x230
[   54.023797][ T5949]  kobject_add_internal+0x2c8/0x990
[   54.023840][ T5949]  kobject_add+0x16f/0x240
[   54.023864][ T5949]  ? __pfx_kobject_add+0x10/0x10
[   54.023905][ T5949]  ? class_to_subsys+0x3e/0x160
[   54.024002][ T5949]  ? do_raw_spin_unlock+0x172/0x230
[   54.024032][ T5949]  ? kobject_put+0xab/0x5a0
[   54.024061][ T5949]  device_add+0x289/0x1a70
[   54.024095][ T5949]  ? __pfx_dev_set_name+0x10/0x10
[   54.024124][ T5949]  ? __pfx_device_add+0x10/0x10
[   54.024158][ T5949]  ? mgmt_send_event_skb+0x2f2/0x460
[   54.024206][ T5949]  hci_conn_add_sysfs+0x17e/0x230
[   54.024248][ T5949]  le_conn_complete_evt+0x107f/0x1da0
[   54.024295][ T5949]  ? __pfx_lock_release+0x10/0x10
[   54.024358][ T5949]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   54.024407][ T5949]  ? __mutex_lock+0x1cc/0xb10
[   54.024453][ T5949]  hci_le_conn_complete_evt+0x23c/0x370
[   54.024489][ T5949]  hci_le_meta_evt+0x2e2/0x5d0
[   54.024516][ T5949]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   54.024558][ T5949]  hci_event_packet+0x666/0x1180
[   54.024581][ T5949]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   54.024622][ T5949]  ? __pfx_hci_event_packet+0x10/0x10
[   54.024657][ T5949]  ? mark_held_locks+0x9f/0xe0
[   54.024685][ T5949]  ? kcov_remote_start+0x3cf/0x6e0
[   54.024726][ T5949]  ? lockdep_hardirqs_on+0x7c/0x110
[   54.024753][ T5949]  hci_rx_work+0x2c5/0x16b0
[   54.024793][ T5949]  ? process_one_work+0x921/0x1ba0
[   54.024833][ T5949]  process_one_work+0x9c5/0x1ba0
[   54.024868][ T5949]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   54.024915][ T5949]  ? __pfx_process_one_work+0x10/0x10
[   54.024950][ T5949]  ? assign_work+0x1a0/0x250
[   54.024989][ T5949]  worker_thread+0x6c8/0xf00
[   54.025039][ T5949]  ? __pfx_worker_thread+0x10/0x10
[   54.025067][ T5949]  kthread+0x3af/0x750
[   54.025104][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.025127][ T5949]  ? lock_acquire+0x2f/0xb0
[   54.025169][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.025195][ T5949]  ret_from_fork+0x45/0x80
[   54.025247][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.025272][ T5949]  ret_from_fork_asm+0x1a/0x30
[   54.025314][ T5949]  </TASK>
[   54.115673][    C0] vkms_vblank_simulate: vblank timer overrun
[   54.117707][ T5949] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   54.122437][ T5949] Bluetooth: hci0: failed to register connection device
[   54.126385][ T5949] ==================================================================
[   54.128851][ T5949] BUG: KASAN: slab-use-after-free in sock_def_readable+0x5c4/0x610
[   54.131360][ T5949] Read of size 8 at addr ffff8880294a0180 by task kworker/u33:4/5949
[   54.136210][ T5949] 
[   54.136939][ T5949] CPU: 0 UID: 0 PID: 5949 Comm: kworker/u33:4 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[   54.136974][ T5949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.136984][ T5949] Workqueue: hci0 hci_rx_work
[   54.137017][ T5949] Call Trace:
[   54.137021][ T5949]  <TASK>
[   54.137027][ T5949]  dump_stack_lvl+0x116/0x1f0
[   54.137045][ T5949]  print_report+0xc3/0x620
[   54.137087][ T5949]  ? __virt_addr_valid+0x5e/0x590
[   54.137100][ T5949]  ? __phys_addr+0xc6/0x150
[   54.137122][ T5949]  kasan_report+0xd9/0x110
[   54.137135][ T5949]  ? sock_def_readable+0x5c4/0x610
[   54.137160][ T5949]  ? sock_def_readable+0x5c4/0x610
[   54.137175][ T5949]  sock_def_readable+0x5c4/0x610
[   54.137197][ T5949]  l2cap_sock_ready_cb+0x108/0x170
[   54.137216][ T5949]  l2cap_le_start+0x1ec/0xe40
[   54.137239][ T5949]  ? __pfx___mutex_lock+0x10/0x10
[   54.137254][ T5949]  ? __pfx_l2cap_le_start+0x10/0x10
[   54.137278][ T5949]  ? do_raw_read_unlock+0x44/0xe0
[   54.137297][ T5949]  ? __pfx_l2cap_global_fixed_chan+0x10/0x10
[   54.137318][ T5949]  ? __l2cap_chan_add+0x3db/0xa20
[   54.137352][ T5949]  l2cap_connect_cfm+0x99f/0xf10
[   54.137393][ T5949]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   54.137417][ T5949]  ? hci_cb_lookup+0x319/0x4e0
[   54.137457][ T5949]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   54.137482][ T5949]  le_conn_complete_evt+0x168d/0x1da0
[   54.137524][ T5949]  ? __pfx_lock_release+0x10/0x10
[   54.137552][ T5949]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   54.137597][ T5949]  hci_le_conn_complete_evt+0x23c/0x370
[   54.137634][ T5949]  hci_le_meta_evt+0x2e2/0x5d0
[   54.137662][ T5949]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   54.137702][ T5949]  hci_event_packet+0x666/0x1180
[   54.137726][ T5949]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   54.137764][ T5949]  ? __pfx_hci_event_packet+0x10/0x10
[   54.137800][ T5949]  ? mark_held_locks+0x9f/0xe0
[   54.137824][ T5949]  ? kcov_remote_start+0x3cf/0x6e0
[   54.137863][ T5949]  ? lockdep_hardirqs_on+0x7c/0x110
[   54.137893][ T5949]  hci_rx_work+0x2c5/0x16b0
[   54.137931][ T5949]  ? process_one_work+0x921/0x1ba0
[   54.137960][ T5949]  process_one_work+0x9c5/0x1ba0
[   54.138001][ T5949]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   54.138042][ T5949]  ? __pfx_process_one_work+0x10/0x10
[   54.138071][ T5949]  ? assign_work+0x1a0/0x250
[   54.138109][ T5949]  worker_thread+0x6c8/0xf00
[   54.138149][ T5949]  ? __pfx_worker_thread+0x10/0x10
[   54.138173][ T5949]  kthread+0x3af/0x750
[   54.138209][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.138232][ T5949]  ? lock_acquire+0x2f/0xb0
[   54.138274][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.138298][ T5949]  ret_from_fork+0x45/0x80
[   54.138333][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.138355][ T5949]  ret_from_fork_asm+0x1a/0x30
[   54.138399][ T5949]  </TASK>
[   54.138406][ T5949] 
[   54.174563][   T30] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   54.175856][ T5949] Allocated by task 6309:
[   54.175868][ T5949]  kasan_save_stack+0x33/0x60
[   54.175888][ T5949]  kasan_save_track+0x14/0x30
[   54.226445][ T5949]  __kasan_kmalloc+0xaa/0xb0
[   54.227763][ T5949]  __kmalloc_noprof+0x21c/0x510
[   54.229119][ T5949]  sk_prot_alloc+0x1a8/0x2a0
[   54.230410][ T5949]  sk_alloc+0x36/0xb90
[   54.231552][ T5949]  bt_sock_alloc+0x3b/0x3a0
[   54.232817][ T5949]  l2cap_sock_alloc.constprop.0+0x33/0x1d0
[   54.234463][ T5949]  l2cap_sock_create+0x123/0x1f0
[   54.235852][ T5949]  bt_sock_create+0x182/0x350
[   54.237178][ T5949]  __sock_create+0x335/0x8d0
[   54.238476][ T5949]  __sys_socket+0x14f/0x260
[   54.239757][ T5949]  __x64_sys_socket+0x72/0xb0
[   54.241084][ T5949]  do_syscall_64+0xcd/0x250
[   54.242358][ T5949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.244043][ T5949] 
[   54.244683][ T5949] Freed by task 6309:
[   54.245765][ T5949]  kasan_save_stack+0x33/0x60
[   54.247100][ T5949]  kasan_save_track+0x14/0x30
[   54.248375][ T5949]  kasan_save_free_info+0x3b/0x60
[   54.249687][ T5949]  __kasan_slab_free+0x51/0x70
[   54.250953][ T5949]  kfree+0x2c4/0x4d0
[   54.251961][ T5949]  __sk_destruct+0x5eb/0x720
[   54.253209][ T5949]  sk_destruct+0xc2/0xf0
[   54.254355][ T5949]  __sk_free+0xf4/0x3e0
[   54.255490][ T5949]  sk_free+0x6a/0x90
[   54.256597][ T5949]  l2cap_sock_kill+0x171/0x2d0
[   54.257949][ T5949]  l2cap_sock_release+0x189/0x210
[   54.259383][ T5949]  __sock_release+0xb0/0x270
[   54.260693][ T5949]  sock_close+0x1c/0x30
[   54.261849][ T5949]  __fput+0x3ff/0xb70
[   54.262955][ T5949]  task_work_run+0x14e/0x250
[   54.264285][ T5949]  syscall_exit_to_user_mode+0x27b/0x2a0
[   54.265785][ T5949]  do_syscall_64+0xda/0x250
[   54.267029][ T5949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.268646][ T5949] 
[   54.269351][ T5949] The buggy address belongs to the object at ffff8880294a0000
[   54.269351][ T5949]  which belongs to the cache kmalloc-2k of size 2048
[   54.273115][ T5949] The buggy address is located 384 bytes inside of
[   54.273115][ T5949]  freed 2048-byte region [ffff8880294a0000, ffff8880294a0800)
[   54.276910][ T5949] 
[   54.277605][ T5949] The buggy address belongs to the physical page:
[   54.279400][ T5949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x294a0
[   54.281788][ T5949] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   54.284158][ T5949] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   54.286243][ T5949] page_type: f5(slab)
[   54.287390][ T5949] raw: 00fff00000000040 ffff88801b042f00 dead000000000100 dead000000000122
[   54.289746][ T5949] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[   54.292138][ T5949] head: 00fff00000000040 ffff88801b042f00 dead000000000100 dead000000000122
[   54.294578][ T5949] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[   54.296996][ T5949] head: 00fff00000000003 ffffea0000a52801 ffffffffffffffff 0000000000000000
[   54.299392][ T5949] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   54.301787][ T5949] page dumped because: kasan: bad access detected
[   54.303593][ T5949] page_owner tracks the page as allocated
[   54.305215][ T5949] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 0, tgid 0 (swapper/0), ts 47024667822, free_ts 46991487570
[   54.310431][ T5949]  post_alloc_hook+0x181/0x1b0
[   54.311776][ T5949]  get_page_from_freelist+0xfce/0x2f80
[   54.313251][ T5949]  __alloc_frozen_pages_noprof+0x221/0x2470
[   54.314939][ T5949]  alloc_pages_mpol+0x1fc/0x540
[   54.316397][ T5949]  new_slab+0x23d/0x330
[   54.317578][ T5949]  ___slab_alloc+0xc5d/0x1720
[   54.318866][ T5949]  __slab_alloc.constprop.0+0x56/0xb0
[   54.320365][ T5949]  __kmalloc_node_track_caller_noprof+0x2f1/0x510
[   54.322099][ T5949]  kmalloc_reserve+0xef/0x2c0
[   54.323425][ T5949]  __alloc_skb+0x164/0x380
[   54.324700][ T5949]  igmpv3_newpack+0x1bd/0x11e0
[   54.326068][ T5949]  add_grhead+0x26a/0x310
[   54.327303][ T5949]  add_grec+0xf6d/0x11e0
[   54.328525][ T5949]  igmp_ifc_timer_expire+0x634/0x1020
[   54.330150][ T5949]  call_timer_fn+0x1a0/0x610
[   54.331529][ T5949]  __run_timers+0x6e8/0x930
[   54.332823][ T5949] page last free pid 5355 tgid 5355 stack trace:
[   54.334600][ T5949]  free_frozen_pages+0x6db/0xfb0
[   54.335992][ T5949]  qlist_free_all+0x4e/0x120
[   54.337303][ T5949]  kasan_quarantine_reduce+0x195/0x1e0
[   54.338831][ T5949]  __kasan_slab_alloc+0x69/0x90
[   54.340241][ T5949]  kmem_cache_alloc_lru_noprof+0x226/0x3d0
[   54.341930][ T5949]  shmem_alloc_inode+0x25/0x50
[   54.343306][ T5949]  alloc_inode+0x5d/0x230
[   54.344550][ T5949]  new_inode+0x22/0x210
[   54.345732][ T5949]  shmem_get_inode+0x194/0xf00
[   54.347041][ T5949]  shmem_mknod+0x1a8/0x450
[   54.348253][ T5949]  lookup_open.isra.0+0x11d2/0x1580
[   54.349718][ T5949]  path_openat+0x904/0x2d80
[   54.350950][ T5949]  do_filp_open+0x20c/0x470
[   54.352183][ T5949]  do_sys_openat2+0x17a/0x1e0
[   54.353507][ T5949]  __x64_sys_openat+0x175/0x210
[   54.354851][ T5949]  do_syscall_64+0xcd/0x250
[   54.356159][ T5949] 
[   54.356851][ T5949] Memory state around the buggy address:
[   54.358403][ T5949]  ffff8880294a0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.360643][ T5949]  ffff8880294a0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.362852][ T5949] >ffff8880294a0180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.365075][ T5949]                    ^
[   54.366214][ T5949]  ffff8880294a0200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.368353][ T5949]  ffff8880294a0280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   54.370490][ T5949] ==================================================================
[   54.372793][    C0] vkms_vblank_simulate: vblank timer overrun
[   54.377448][ T5949] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   54.379458][ T5949] CPU: 0 UID: 0 PID: 5949 Comm: kworker/u33:4 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[   54.382409][ T5949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.385392][ T5949] Workqueue: hci0 hci_rx_work
[   54.386721][ T5949] Call Trace:
[   54.387680][ T5949]  <TASK>
[   54.388516][ T5949]  dump_stack_lvl+0x3d/0x1f0
[   54.389815][ T5949]  panic+0x71d/0x800
[   54.390926][ T5949]  ? __pfx_panic+0x10/0x10
[   54.392172][ T5949]  ? preempt_schedule_thunk+0x1a/0x30
[   54.393624][ T5949]  ? preempt_schedule_common+0x44/0xc0
[   54.395185][ T5949]  check_panic_on_warn+0xab/0xb0
[   54.396511][ T5949]  end_report+0x117/0x180
[   54.397693][ T5949]  kasan_report+0xe9/0x110
[   54.398861][ T5949]  ? sock_def_readable+0x5c4/0x610
[   54.400234][ T5949]  ? sock_def_readable+0x5c4/0x610
[   54.401569][ T5949]  sock_def_readable+0x5c4/0x610
[   54.402920][ T5949]  l2cap_sock_ready_cb+0x108/0x170
[   54.404339][ T5949]  l2cap_le_start+0x1ec/0xe40
[   54.405607][ T5949]  ? __pfx___mutex_lock+0x10/0x10
[   54.407023][ T5949]  ? __pfx_l2cap_le_start+0x10/0x10
[   54.408476][ T5949]  ? do_raw_read_unlock+0x44/0xe0
[   54.409901][ T5949]  ? __pfx_l2cap_global_fixed_chan+0x10/0x10
[   54.411512][ T5949]  ? __l2cap_chan_add+0x3db/0xa20
[   54.412849][ T5949]  l2cap_connect_cfm+0x99f/0xf10
[   54.414196][ T5949]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   54.415648][ T5949]  ? hci_cb_lookup+0x319/0x4e0
[   54.416925][ T5949]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   54.418345][ T5949]  le_conn_complete_evt+0x168d/0x1da0
[   54.419850][ T5949]  ? __pfx_lock_release+0x10/0x10
[   54.421188][ T5949]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   54.422708][ T5949]  hci_le_conn_complete_evt+0x23c/0x370
[   54.424196][ T5949]  hci_le_meta_evt+0x2e2/0x5d0
[   54.425518][ T5949]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   54.427207][ T5949]  hci_event_packet+0x666/0x1180
[   54.428646][ T5949]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   54.430133][ T5949]  ? __pfx_hci_event_packet+0x10/0x10
[   54.431645][ T5949]  ? mark_held_locks+0x9f/0xe0
[   54.432984][ T5949]  ? kcov_remote_start+0x3cf/0x6e0
[   54.434408][ T5949]  ? lockdep_hardirqs_on+0x7c/0x110
[   54.435831][ T5949]  hci_rx_work+0x2c5/0x16b0
[   54.437096][ T5949]  ? process_one_work+0x921/0x1ba0
[   54.438523][ T5949]  process_one_work+0x9c5/0x1ba0
[   54.439922][ T5949]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   54.441479][ T5949]  ? __pfx_process_one_work+0x10/0x10
[   54.442988][ T5949]  ? assign_work+0x1a0/0x250
[   54.444305][ T5949]  worker_thread+0x6c8/0xf00
[   54.445601][ T5949]  ? __pfx_worker_thread+0x10/0x10
[   54.447037][ T5949]  kthread+0x3af/0x750
[   54.448135][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.449352][ T5949]  ? lock_acquire+0x2f/0xb0
[   54.450609][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.451916][ T5949]  ret_from_fork+0x45/0x80
[   54.453116][ T5949]  ? __pfx_kthread+0x10/0x10
[   54.454393][ T5949]  ret_from_fork_asm+0x1a/0x30
[   54.455740][ T5949]  </TASK>
[   54.457256][ T5949] Kernel Offset: disabled
[   54.458466][ T5949] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:32:28  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85403cd5 RDI=ffffffff9ab79740 RBP=ffffffff9ab79700 RSP=ffffc90003f5f0e8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3439323038386552
R12=0000000000000000 R13=0000000000000066 R14=ffffffff9ab79700 R15=0000000000000000
RIP=ffffffff85403cff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3f6e88 CR3=0000000021576000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc6a2b47e0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9934e0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a8
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 00000000000000a8
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffffffff9424f3e8 RCX=ffffffff8195b23e RDX=1ffffffff2d600cf
RSI=0000000000000008 RDI=ffffffff96ebbcc0 RBP=dffffc0000000000 RSP=ffffc9000336f100
R8 =0000000000000000 R9 =fffffbfff2dd7798 R10=ffffffff96ebbcc7 R11=0000000000000002
R12=000000000001194b R13=ffff8880272ec880 R14=9eb35f6310c15ca5 R15=ffff8880272ed3c0
RIP=ffffffff81967170 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb200fcdd00 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7a00b70ba0 CR3=00000000295dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=e46e7ebb7b90ac79 23b4685fb93c0a0a e46e7ebb7b90ac79 23b4685fb93c0a0a e46e7ebb7b90ac79 23b4685fb93c0a0a e46e7ebb7b90ac79 23b4685fb93c0a0a
ZMM18=37f3ef106ca07ea8 7963d06fbcbe0791 37f3ef106ca07ea8 7963d06fbcbe0791 37f3ef106ca07ea8 7963d06fbcbe0791 37f3ef106ca07ea8 7963d06fbcbe0791
ZMM19=7903000000000000 0000000000000005 7903000000000000 0000000000000004 7903000000000000 0000000000000003 7903000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=944000bd944000bd 944000bd944000bd 944000bd944000bd 944000bd944000bd 944000bd944000bd 944000bd944000bd 944000bd944000bd 944000bd944000bd
ZMM22=9b8526409b852640 9b8526409b852640 9b8526409b852640 9b8526409b852640 9b8526409b852640 9b8526409b852640 9b8526409b852640 9b8526409b852640
ZMM23=c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783 c33f1783c33f1783
ZMM24=5f7111455f711145 5f7111455f711145 5f7111455f711145 5f7111455f711145 5f7111455f711145 5f7111455f711145 5f7111455f711145 5f7111455f711145
ZMM25=349954a7349954a7 349954a7349954a7 349954a7349954a7 349954a7349954a7 349954a7349954a7 349954a7349954a7 349954a7349954a7 349954a7349954a7
ZMM26=4952361d4952361d 4952361d4952361d 4952361d4952361d 4952361d4952361d 4952361d4952361d 4952361d4952361d 4952361d4952361d 4952361d4952361d
ZMM27=e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1 e0ee04c1e0ee04c1
ZMM28=000000600000005f 0000005e0000005d 0000005c0000005b 0000005a00000059 0000005800000057 0000005600000055 0000005400000053 0000005200000051
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=9d0100009d010000 9d0100009d010000 9d0100009d010000 9d0100009d010000 9d0100009d010000 9d0100009d010000 9d0100009d010000 9d0100009d010000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff8209ff06 RDX=ffff88802806c880
RSI=ffffffff8209d7de RDI=ffffea0001289bc0 RBP=ffffea0001289bc0 RSP=ffffc90006027818
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000003
R12=0000000000000000 R13=ffffea0001289bc0 R14=ffff888024f7faa8 R15=dffffc0000000000
RIP=ffffffff81b9d251 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9935c8ef98 CR3=0000000023acc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00c0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00d7c488 00007f7a00d7c480 00007f7a00d7c478 00007f7a00d7c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a018dd100 00007f7a00d7c440 00007f7a00d7c458 00007f7a00d7c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7a00d7c498 00007f7a00d7c490 00007f7a00d7c488 00007f7a00d7c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000094
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a6468c0 RCX=ffffffff81adcd3a RDX=ffff8880279b4880
RSI=ffffffff81adcd14 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900033cf878
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d4c8d19 R13=0000000000000001 R14=ffff88806a93fe80 R15=ffff88806a6468c8
RIP=ffffffff81adcd1b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555566d53500 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fcb82ad56c0 CR3=000000002538c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a40f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a57c488 00007f519a57c480 00007f519a57c478 00007f519a57c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519b0dd100 00007f519a57c440 00007f519a57c458 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f519a57c498 00007f519a57c490 00007f519a57c488 00007f519a57c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000