last executing test programs:

6.929358814s ago: executing program 1 (id=111):
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6(0xa, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40440, 0x0)
preadv2(r1, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fe00}], 0x1, 0x0, 0x0, 0x2b)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x5, @empty}, 0x1c)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000140))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x2ef2, &(0x7f0000000340)={0x0, 0xca10, 0x4, 0x2})
r3 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
read$hiddev(r3, &(0x7f0000000740)=""/43, 0x2b)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000003000000000000000000000000dfe5fd60a069ed4d4c086c05ff3eeece904e0e7687b16c6f8811ab272cb5c9f61fd3796e55429304f07d32568586bcfec376a7ecec75bb7cf696fec62e2fd4b4135fab9a0564754280656053517773cdaf295d687f4b5aa955c7e550c2d8614d64692629a096dce92963ab9259f4444ff768b560b66d1e47a734d641e23dedd06b4a604e8f76480852c600d7d13ebb088a4676f9c05b3595c4ab8d89f853fbe2e96b0defdfd948bf9098aadd1bba7b7c8e251f6616dd6d32df750d94396ed3518d34b355020902260f"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r5, 0x5, 0x0, 0x280d0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb"], 0x0, 0x29, 0x0, 0x1, 0x9, 0x0, @void, @value}, 0x20)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r6 = openat$rdma_cm(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x200, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, {0xa, 0x4e24, 0x10001, @dev={0xfe, 0x80, '\x00', 0xb}, 0x2}, 0xffffffffffffffff, 0x9}}, 0x48)

5.254150248s ago: executing program 1 (id=120):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002500)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x2000}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10}]}]}]}}]}, 0x54}}, 0x0)

4.57924124s ago: executing program 0 (id=121):
creat(&(0x7f00000005c0)='./file0\x00', 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x1c8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000000000000000000000000000f38bb23dd23f44100000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001d00000000000000000065727370616e3000000000000000000062726964676530000000000000000000b43b24af61af8e2f000000000000000065716c00000000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a000000010010000380100006d61726b5f6d00000000000000000000000000000000000000000000000000000c0000000400000001000000000100006e666c6f670000000000000000000000000000000000000000000000000000004c0000006d8000000900090000000000b80eba8ec4468a0538ee0eed5dd9119d918668afa6c019b085be3837595dc113ccf27499f7202a2b59394b2619bcf57ec99b9abb99943198532b0b7bdd0f61e5726564697265637400000000000000000000000000000000000000000000000004000000fdffffff"]}, 0x218)
read$FUSE(0xffffffffffffffff, &(0x7f0000004680)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0xfffffffffffffeff)
move_pages(r2, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='rxrpc_rx_abort\x00'}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x4040083)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = syz_io_uring_setup(0x71d3, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, 0x4c}, 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'nicvf0\x00', 0x3666b165f8ff1357})
ioctl$TUNGETVNETLE(r5, 0x400454de, &(0x7f0000001940))
r6 = syz_io_uring_setup(0x23b, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x0, 0xfffffffe}, 0x0, &(0x7f0000000340))
io_uring_enter(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000045c0)={0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000004640)={0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
openat$sndtimer(0xffffff9c, &(0x7f0000000380), 0x80000)
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000b, 0x8012, r3, 0x0)

4.519531886s ago: executing program 1 (id=122):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
fcntl$getown(0xffffffffffffffff, 0x9) (async)
socket(0x21, 0x80006, 0x3) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff1b) (async)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="6800000010000000010000000000000000000000d485fe9e86674ae6b503d1628fd7dd01ce4e79d8653cb1335335c122cacaf25c", @ANYRES32=0x0, @ANYBLOB="0480000000000000240012800b00010067656e65766500001400028005000c00000000000500"], 0x60}}, 0x0) (async)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000200)={0x1, @vbi={0x0, 0x0, 0x0, 0x31424752}}) (async)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10) (async)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000007724169b68c892e1ac2527c85b5870b0189f8772d8c2"], 0x26}}, 0x0) (async)
read$FUSE(r2, &(0x7f0000000d80)={0x2020}, 0x28)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) (async)
write$FUSE_LK(0xffffffffffffffff, &(0x7f00000003c0)={0x28, 0xfffffffffffffff5, 0x0, {{0x0, 0x8, 0x2}}}, 0x28)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
r8 = memfd_create(&(0x7f0000000c80)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\x8aWpA\xd4\x98\x85K\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/m\xdf\xb6]\xc2\xaa\x86\xec)\xf7\xcd\xa6\xd9n^.\x13*\xd4\xb8\xe8\xc4E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97$\xee\x84\x14n,B\xd5?\xe5E:+Pm\x1d\xb4\xb8\xeb\xe8Op2\x82\xc7\x0e\x97\x03\xef\x1a\xa5\x00.\x89\b!m\f\xd9\x8b$}\x9f\fX\x81\xa8\xf6\x94\xbc\xed\x80|l]\xe9\xca\xd3\xc9\xa3\x9e\x9cJI\xf1\xa2\xa0\xc4:\x00\x00\x00\x00\x00\x00\b\x00\x00', 0x0) (async)
pipe2(&(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$binfmt_misc(r10, &(0x7f0000000100), 0x91) (async)
r11 = syz_clone(0x100000, &(0x7f0000000400)="bac80ff8573c5a9d4ca3cf0ee43c6ca92fcdc6379645c097a62beff25015e09ad9b665a91f096750ab837e10b6f1d84916448ed84180398515792756994efd565ce43459183273b5f9284e455b8a099e0bc3c2fa9610137634250e244671bb36774ac0d587f025eaa77bac3d4e4c27bf58e530ccb785c3f948e8b7d5ddbd32080172413edeca909784cbad89a42a5f698b2ea0d7ac42a995fc7e1dd2f0573074ca071acfe868a1d094e6a105afec6c6ab7cccbae90d138d90314bf35396b3decc2da547cc3e1fff0c44228b5b336437ba4bf4dc7f13f6fbb662ee87cb380f3ffd1534c0455c4d98a0c5d6c28a37b063a19c12d343107ad7eb4f0a778042077a8c782abd0071e80b3780cb414821847d57e707e68cd6f3a39a0d60f0bcfcea1a7d4313a318d89a354507676bef09754172d5fa916699c35bdca0d72e2848837fe3656bfd9a478e98739f98f361cab4a8ebb1d3fced46765ee1633463ab992677c5423406ad437bef0266e5aae56f2af0ebbdffb05f27a5cc622d239d5b9bebdb0245b84e646d41cbe70b50973507920906cc9ca69d0030c06c9ba71f99014bdb950272c899ec5a45e256216a152afef9e1e3928c1bfddbecbc9924ed6c609673028f62755887008c6c8af0c622fb7303d49414ce4f1318d252dff1cb90cbfcbf1fc4e94f2108dab12adfd6cfedea41d309b2d677fd6e533fa1f8b68792b6027a7eafe615ef379c71168902cee0850d6ddeef322bcb34e61379bb0e90ec3244edbd6b52e7620fe1ff74c1c9299c2ab4e1dcf6cf6abef03be5306b866ca3df27a9ab483d208aad4da2fb32ca56a6fabae6969fdbe591e7592c3ded03e37ab6b6e0556ca16970a2e04b292e6412b76263b964a1b5ad7b095cf651c1660abc3368d89c420891a0f5acb0849a0e2f0c69207d4f5b234c567805a3138980ca3c14ecf7d74a022e39c44b8062e18ffcc8499b3c87c1222c299b13cd88333865d130de566e8df0eafb1e4c7654676cf9d22edc9c01658c2dedb4c6951ae7f84ea2061c032b08b7f2bae82c811f0da88c1e36c2857209c254135b923a790cbcf5c550e18e837b6fd50e877b6c8e1c191186597cade74b6acf1302c52ca2627c5655a463d99b7426fe69db33f2579c3659d45079ff29a247d20b68fba862635984519b5aa1f701b704c6fc88ecbb173e00945432d945ce1b7030f58528e1f5ba4a98be75376ec15cec5779e280ad093e5c050f241ec76d532e3064468a588a1f211f918cd0fc8844ce76054e91fdb93d45142184ebae86e36f2b645189615bc836678fe903d2bb48cd83e5107932ac7cf294e0cdc8b9ab46ff64b0133cf397552b95feb1607ebbd7cf6fa58a26247dee2dd4fc31ca045e3e4012a0eabea37804b895be09ded1b9a3f09b2f70bda06b8f2d56341f12cfb7bf4502ebb8892cc61d418d5a025787f4c25c407d9184809a76d210b44ac37215f77bc2ea643805a2f975721cdc8f2d59b0b356139f21a79338af51c8a8487da042761172bd86c25967d725c11f99b402f168dae61a26783923376e937e5464dd89b4632a2c2ae571aec0b696ceb1893bd40aa7dd769bb1f4b4aacfa62c4416a0fd18114d9d6c3bab9a2a8e49ece17a2a54b53e1263cb4c11b3bb4bc48359c7bbf303beb1fa7f0d7415d1143bdb2023dbb76e1c69174cbc2bb27f3112767f93be90daa4ed015e66468ff7a94bd123255b04b7a2550b3c5b67ba0c9df9a82612246942d8bc9bdbe78a88aa513dd4ce0c0cefef45cf517f48b1970121b62b593a05060a7890c284372135bb42333be66cd1d5f9094e7c2b7aacc2e58b28969a28aa10fbf7543b29b7c9004802ff1aa9517300e29a1f60c8af629cdb944eb8ddf4b987ae681cb8aa199fe1dab56dcbd34135a30d5e4df3dc946ae5761de8468193866704b46d108323253ee8885021f1dfc4a2983bee96ba36fe93252a3344b5fce3faf70d6cfa190e2e4b1a4f337fc7c84d9f56e3453fe50872056e7b08491683b1fc501e39cac62e95a6054696767a6b8ec0c9f037aeb5963b74ba35571510ee3f4bf8639191f93276664b3da659d530f09af854876dbe5794a284f6dd5a98807889452be8df53c67a88c9ae1ada94ae66f2ef48175e898514cf9cdbe6197354ff7c0b539748c2cb10e7fe910aca0e0482c289ef991a0520a413caac1ffbe581a3c13aa92c7b7fc2cfd858d44c99055600798091718a6f97a5e6d54434b91f079fb3238384ce0430a41b32899e2d9a9798ba12ddd8da591598cd381ec4809b8af07aa5e916d71092b1bc72d0204fde7665d2b77255e1a12d99f75facd313a417c7407572a0169c5d30640541f6b2620fbda7511a9c9ea1bc36ddacd2f77bed781ab3b0c9a0dbf24e60592b2f8a91fd29751ad7363850330f41cd14a8b4fadb57f53333f42c62842744fc3b50f4089e4cb239f3c5da3d43edf72135f159fa70762e08bc35f1f3a959f1cf30dee3bed4c2d53dc7678fb41b758a25c49e2174a250a16aa1a142966bfdaaf5e3d8a7063d5f0c6d88646ad404ee8d801911078a6dbca56d6766f0e7705ba09bbd167d332140966b639fa468d6d77cdc76528c62ab29bf43523d2d4d61fa204048131902c52bf78f08f2e4f416b5d7b54cf8b4f7679f9da332b3a05d018a4b541f7b4aaaed7d50e983f4653241cd55a7379b66ba78789751da1bbd8fa96a3de20a4eb78c651728b9ea94d368b60efa0c0853fac4a72b976c0f7dc346a8319e01930aaecacd231b1811febd7d706d23e66713761c25739089df3456bb83683e3a5564cab6ca900a8d6f128ad6a982ba6a166e95aa058247b94760bff33b72390160796111c2be1574fbf165e6fc2b6f603a3917fa4286cf355bf12255d2b11b8f7c6b04abe021216b5ae94ff82ca772552b3aedc7e47caaf4c12a0664168b54c8bdcf6aeccb5e479dc1fed4af4f14fe35929a7105c3a9d9db875c6f083f4150467a813d1111022c9e9b699ba6d286c9bd1c2e3c9c57c497f2e2903ba7cf279dc64647b2b2fbea521782cbcdb57da59e15f02f77303c913e9b92b07fd5050195be8b84247c007", 0x880, 0x0, 0x0, 0x0)
ioprio_set$pid(0x1, r11, 0x4004) (async)
splice(r9, 0x0, r8, &(0x7f0000000140), 0x2, 0x0) (async)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="310300000000ffa600000b00000008000300", @ANYRES32=r7, @ANYBLOB="df999bced22a28717809ecc5dfe63f"], 0x1c}}, 0x0) (async)
timer_gettime(0x0, 0x0) (async)
r12 = openat$cgroup_ro(r10, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mq_getsetattr(r12, 0x0, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002e40)=@deltclass={0x0, 0x29, 0x800, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {0xd, 0x5}, {0x8, 0xffe0}}, [@tclass_kind_options=@c_mq, @TCA_RATE={0x0, 0x5, {0x0, 0x6}}, @TCA_RATE={0x0, 0x5, {0x5, 0x9}}, @TCA_RATE={0x0, 0x5, {0xff, 0x5}}, @tclass_kind_options=@c_multiq, @TCA_RATE={0x0, 0x5, {0x20, 0x1}}, @TCA_RATE={0x0, 0x5, {0x0, 0x1}}, @TCA_RATE={0x0, 0x5, {0x7, 0xd0}}]}, 0x124}}, 0x4000800)

4.403442209s ago: executing program 1 (id=123):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
setfsgid(0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'})
ioperm(0x0, 0x1, 0x1bf4)
mq_notify(0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x80803, 0x83)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {0xffff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe4)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={0x0})
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @win={{0xff3f, 0x2, 0x10001, 0x4}, 0x2, 0x550b, &(0x7f0000000440)={{0x0, 0x8, 0xd, 0x1ff}, &(0x7f00000003c0)={{0xfffffffa, 0x9, 0xfff, 0x3}, &(0x7f0000000000)={{0x9, 0xf4, 0xc0, 0xf3de}}}}, 0xfff, &(0x7f00000004c0)="b6449277e621fc8ef3c23b5579dbef292640e1c61ba7cb0fb21eb6c7f3cfc3a4a2767cae94975c9e13e2f4eab7220039c5304550833a8fe017d97ace5505233c6ea4670a7789ca20623d386388761018d99b5665dfd6020565d0843cb65552d6123d3330ad20ecb90803960034d2cc10b79a8f6943059c4941259bef5155f7c399c2039d9da0ada1d0a5f16b7c0f613eed1537b2223318ac3f9d3c1dda5fcbb17fe57bd7d098", 0x88}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r6 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r6, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r8, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f0000005e40), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r0, &(0x7f0000004d80), 0x493, 0xa, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0)

3.749617855s ago: executing program 3 (id=126):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r2}, 0x38) (fail_nth: 37)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

3.099483163s ago: executing program 3 (id=127):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000000000000000000000000000000000000ff"])
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000fdff8504"])
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
r4 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fcntl$setstatus(r4, 0x4, 0x4400)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r5 = syz_io_uring_setup(0x2330, &(0x7f0000000400)={0x0, 0x2a36, 0x10, 0x3, 0x210}, &(0x7f0000000200), &(0x7f0000000280))
r6 = syz_io_uring_setup(0x40069a7, &(0x7f0000000380)={0x0, 0xd2ec, 0x2000, 0x6, 0x177, 0x0, r5}, &(0x7f0000000000), &(0x7f0000000180))
syz_io_uring_setup(0x67fd, &(0x7f0000000100)={0x0, 0x3400, 0x822a28cc43044cf8, 0x2, 0x0, 0x0, r6}, 0x0, 0x0)
r7 = io_uring_setup(0x4d63, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x2d6})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
openat$vhost_vsock(0xffffff9c, &(0x7f0000000480), 0x2, 0x0)
r8 = getpid()
process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
process_vm_readv(r8, &(0x7f0000008400), 0x0, &(0x7f0000000340)=[{0x0}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)

2.927033738s ago: executing program 1 (id=128):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r2 = socket(0x1f, 0x2, 0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x10, &(0x7f0000000500)=0x800001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback={0x18020000}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)

2.912621262s ago: executing program 2 (id=129):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$inet6(r2, &(0x7f0000002d40)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f00000007c0)="d4006ba0799d8391b5454134b494163a963a47fcfc82441b4144e40e5f0e6dd8ee2c6769a1323d8d2177609bad40edfeff06fe0d793ab3083df3de397ceaf92d3680de5e1b187ed468ea3c4cd53e42aa3be8e9282812ce8baf5092e0a25793867e2fc575951b2b94ec19ac6ba29754e21ef00668e388a2b60bbc3693d01a9ff37957d6cf3428ee37b776c009c8fda62e376040ce4dcb3f3d3d5c54e4e867da10132d35dbc2ad515be4c99a919a9932c8f0f59ac0032934730e4b57dc65f5cdca186ffb726dc333549e8b6c7c78865789caa36bc62ca17fa60baac22a645dc7dcf435dc91d5c3480d6091c24943b830e9", 0xf0}], 0x1}}], 0x1, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
write$uinput_user_dev(r3, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x296], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x695], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x0)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000c80)="0f920f72cd50d592c39c35c6fa90d162609ff1ad5a9e5d49b96fc6d1ffb44977d2d3d5277b51110ef8503e7288c7368c1212c7ad06e1e83815b5576b1054f16394f04968bda7af391afc96b9e682161b90b57acf83de8660e26ebb90df6f71d8bf9555c50327f35a759243f22f3f6655fb844e3c90f932a5b0449e1573eeff762aac92d36e442ec78ce4c73ba5f44abf66d304557ebc1c4262f4c8a3d36dbd31131abc12de77c061fc11ede9a90027bb3e7ac407a00ae77853622cdc9a764942290e7537f2e0a5dfe7323bf1229e17494f6582b8425e07ad8bb2d950ac7c8e8d15db578f3508aca81d59a73048d968e40aefe5495bc2dd0416f666fbfb0bf1ce034ddbb3bb577d07b01a154ab7ad3f8816253b1bff4822c288fb3f629737fa40669314286062535d806a20f59bccdbd000368b4e40ee9f028052d7a15588208dd7f732d0cc6f08e20cd14c26dfef9c490c1685487d4c9ca43ec52d286f431de3fa74de3f740ce3b4d6c9d2c816106ddb943a1dbdda846799c21058ef05790a42820cc12765dbade19bb40d2fb70ee3168e0a75fd37e21cfe17a883b104e8e649eacd8bb29d6c83ea41dbf0ab1fd83f66c9a5d5f1ccc2f4004b4eef785e048f2eb1829a184ac37dfabfbf9a0f761174cc020ebda27f14bd53b27dc26dde0defad391f72a6f1c681596c8b212ecc00f2d560de46eff69051213c7fb76ef3807a00c22d16d2e8a20059a03c9bba47b11602df989a581fa019a17a64926ec5459a76f83a83c4ab69ffa66c924d15f20a45d3bd585214a6c369307924bc89fcfb584ad070b65bb82c91d3fe80429b0738054e59c8550e897e48e05d1942b968025aabdc1b88539952df5f40748b27b940a57d82ec2238ddd2559d239c9bd27d608740ae6a62990fec9260e90183e0b63c051c554abac8084e13c296f3201d84a9717706d87232a4e61b37fbad6269331b0476fe659c0e9124cc6658fc6bcf1b91b0fffb1e6ad918bf1c69928f411eb7c45a8bb3ffbe2a117c682d3e5dd40dfd76879e7895e22ce7addc49387ab8686228cc55813d74f1620e09e44d342ef59c893106ef1df02566b6f14d322a69606e1b3cb97a8735b6dccf1a54bccc18363091f43f1054d08c39c58001d4b655b50ddc8ee9db7af2c622b2178a5846e3f99180985baf15e8871c526b868a2154046365e0633ab5ba111e9531a7ca647c3da7f806099b357c10650785f9fa7363f966a88b70d01737889bbc15685a80d6225eb4810c119714839b312fd5074492379f583088763ab8a288aeef13b2c0a2d869d7cadd14871b863711302094e21aff0c20f37e8d8c21ef7f418b5afc29d6d1ad50feffebdca4101b74d8a2302bc481e0886c453919dc455d8058df7aea7f4697c107dd9775272406bf5d04e24b8d8c1ce08c16a8ed93190e04acf3f2bb2bbd514872b7220df0125de6f94bc03ee04ecddceffbacc50fbce75bb63d9c21a2c765fe49ed3b159f7f795ac9d91357dc8f47a45df74ecef74fa1f619327e962334c2fc8ac8094e20e48da40b83157975affa8455f939f605de176e73a80641904885dd65a3915087a2b31fefd1e4651ec3efbdfae6a2358e9bb07fa8005d8de1283f011e83ab54dce2f19a6281fba895c82da4873f6563abbb470561a9fac3cd8e32f8a200f82d9671ce1982ed93f55ba9106e2623a66996a40480f18e3ad69c820266cccf9a16e0ba425fa0ccce88518f1253ce81eb0d1582e27111fc3fcbfe41e268c91aaf9bb3eb32f0e042e1fdcb36839dde5d28513d2f721a81f3f7026812358d5893ee1a2037002a3ba8a055255fd856bf701dbf1c8136294d52472b0efbdf7edbeb19179f287c04c549ccdd405a8cc089fdedfa3fb1fce1870837e864da05cf42d58d30fadefd7d4051ad37ff855d8f520c057d3f83f3978959b8446e11392c8a45172a1b6c9509bca6d26fa1fe64c197e02ac6066471ce74ac9efd9b4e54e4fc0b3a72c2c76030817cb6b343ee05cdebfafe9e1afe950924bbc8dfa12649c60037554eeac80db28bebcb4fc830f4135bdcb6b23eb407ffc14c520f3303a21777c159227afcac8a79eb019dd0032b8ed79ce7d29e7b7757c7fb4ca5abb043945fdf180091b1b312471941d2029d9a12f14054683e3b992203930383d6340d4d7af2e543d77440a33b15d612027533290ce520100aa0798c8437d17727d2b0d755aa4dc1cf37f60ecc7d7d0badee844bc31505f55cfca8d5e440334b24d71b949d2072141e46705ae56a53c47481ba92e5ebc3204a09e2a971330dd9f550cecf467519f68f9c6aece2499798923cee2827360a26e703c74c4758c8753607fcaeafd2f5c9467fbe3ba788037b8ce3f3b1db4bd931c163be79630013d9e806eb8f95f4481f82a7a3a18c3a343d8f9cab9ec0392d5a2d0236815b912d5b974d0e59b6ec2d3e55f2d4f6d1a5b270d322c09cfd19f7e7bd2b7b548bd778e3c60f04491182f0c3b59016d9d9c3a3e26dd955cbd3c543c3bbd8b614bb41dc0e6135953d13ea6debd90c551b0f97895f2de7a33370215c7be7dcf5313175ec739505dbfff8a7fc00ca4c00195853bf23063a257e5841b86343b2a8080b0c487b4d90574d6672b1b8e08fed8917c53dfe81a775faf1c571af439161f24edd6cbcd6aa0f1325d406e4584b331d5212883239cea68d4064343578c6c6b73f2975a59372bac914404da94f63088d95143508cfc3c785ab9ccd357b42614643df70685591b23587687bd310bee1fecb1137125f45953d9b9b7288a3763f2dfa447ea34fc8c836e3d76448c6c20cf2282e01ce5afc0fa53ae0b333a2c7c048a270a24dbe2806bda7388cb9ae1e5cfdd1418bbcd2cbddef4410200bc24a993b95a2a24509b69f550328132e8cc88b42008790a43f5548f11aca9dab9fe00c166861a6bc62cfff1bf5ca43d77793666e1d3213bd76c093b39ce0799a7c42a4c715a4f86bd44ace855e71414a14f7c4ef214cde4b19e7a2488dbbdaeff47ab1f11d1b4914338ff4f0ecd708482484349c0824f06f3109d41bf845e41084d1d7b8552489af05e9a5fc388d26036c6ed59234bd34239417be7dde1a36aaa6f738eccdc95f59e0eb5765a61db0eb7cec9d47b097a3e5e9102398214a89c6ddf3685232d9ea2d632d15dcb2b49202250d63217792dd11df3df1f06ceefe4b4c8e0f544af0a338d556aabe7830aafab3600268d0a5eb2e31b2dae208816a4d1c6c98bffde51b73c2bd5a73e48d30a3b366eb2675c9df31e1b455608f30834030c24ae6d42de228f24dafffde4708f29e74d7ddbb1ad279df226cfd35ecb10102f3e8f2469615d9cc7a0aa5368ca42e2b921b7d8bb88766442916a24ba234fc22cb0c8031fd5b3f80af24b633faa6b3fc4996c188a67a77fbd6c365114952f02519b56512f49885740d09cdc2f545af5c84eb2f0c154790e92b68fe3df1f169b61576e09f7d3882b3eb6524ef8fd2163a948150b20ac8e10155e5492b17cdf47ddddeeb251d53798ff823496c272fe1111111ba64ba0c23fb0aba5540e6ea0ac8ebc4a24aec38708399070530ba984daf541ca46880f973fb9ddc555b4565263d14a64647410e40c0e3e8614b84557b0cfd6b64d035f87ab957fbf60f5715d31af293e66bf46c2ff9aaea3937f3784a033db57214d5fc3d2402f3e9e0927aaaba5ebd794e5e6891a1e6e01435c1a5601f5ef1ba33d252e7a4aa6a4eb557976678c4ceb11f2dfe901de47e19ca5ed0c0c5ae0e0d07c2a29a94c9a03e80d0a64694085ffe222f62dd47faf2b82f5420ca848b88d39726b10e4508c1a5ad3c90c2f1014c00d404801bdab8b1c66f7f3b05617a05972c7dc852695634f2e0ca7fc791eb859f6bfc1ffb71f545d2203360f278b17ae610158c858364141c8e5037b3b2e9ca66deed6a110ca106f3e366ea56789e7ef95f7f0fcc884117e51f67653f45e841e96ec8dad95f520283730c31e112da5c57ddeb26f750e37b09acd44b326e75509e3dbb625ba8ce34aeaaa1593ae07d130a7848054c6dea9a5727363fc5d912910063b80ed293cec16b198b8c2d0abcc78d1f398d99437bc8e895a00fc2cdb81eee9f4f4514a5ff1d4edbe5fa4acc64ea447aff5ee04472440d494e9f01831094e23aeaeb95e844c97e8688c344ba6be61b19f4a84200b3f727a5e15522be6c7ecf69adff7e894fadf731516abb550d7fd7b95b6ac544f15afc68a47c5dd16dfa379587bd49018e0c67ed867e7b1127ac0e45e6731ad2345b571b7324850c2e168ddba89a01938c31d711d40094389e18d67c267e543d759f44e4d4d0a06cef7e1d769802c2b8ed660775f27d9fd3c739f4f436aadb2f449c2d9a4100aebff1c581743164b6f0732ce830dbb65c437f2fb45849de5e656324749594ab2226a51f5ef7b0b988e574f0cb12c084ee19f5b7f9805c2c096f70241cb17fb1c942b1030fcf2d7a4d7c2bdd146dea1b1bbf391cee2397caff6ca0f52da6f0b9143d604a5538e72f588a2fab7b01c298a33e3883a9b837270f98db2daa1000337da378e5347a81854a28e0c82de94a417581af27b1a1bb95a429f39e624ec9b8e37f23be9e05b7eb88a9c30b245a3965410bdf7a02f938225212a1cd8d3894cc12847126cf3da8c3ba15c4ed8bab3c3ea8119501aeb38db6e0095431de13a196f195859eeddafd42580cee3c0ec41fda311b7287ab9b3eea6c18ede046d1f5ba0f8a5966a5f013311bd17516bc61fb33785f39d7d59601b7e81a0490bb38678f69450de60ea2c35bebff6c5608db7feb24c0a49f7fde067d42cafc5a103277ffc9d65ade25c25b368b5c71f39728e361c4a49e08e1faf525cb31f83489e9b81d89900fd75aaa86f372cea04e9fcfff2b9a92506bc29d3e339c432586d3b2408772b6d039e662c609bbde594747359d2e3e3a6b06046e081ac9c6f1c95dcdf80d0e2d9f9ec601e7d03aa347427948491485476968399e649730faedd15573fa3ae852a0c1b5ece4ce0a96dc205416fbd9877e6a8d40c4e6eac46e0cec926c015ffc158f646a5cb20b3f30b74b63307d5cebfe145d574945c2874a66eaa5b2407dac9f15a91c335887ecfa2554cecc4f70cb373767ab8b632d044f2ccc322f858140a776c6b37d31034a754bdba19039fcc8075ee36335201798609eb13addab2058143fc11517e0c935303003d003b017d2910f4ed35c6c3665cff89e8ed9299220b5691f7c125fac153e5ee064659f156009c0c430a389e459d6f314e3347a22513fb2ae627357c7191133f19893362fa1676dcaba438ecf792c0376f9c7e76771ef3d7ad532e95697f4a4063648e814cc474a8dc15ecce63cdb9874e86a015d51e592bfa020cdbc225fa669d3180c9d7821d54a7aec14f466e6c486315449787cff639f07c1493113a43639d5ddad76e0ac3d410626f1563433ce199a2de861dc0fbcb3630e35ce6b4a558b45de1782898b1918a25555aa9a8dc8b38d629962f53d5e06a5544f1e42c83db8776f6e2e93d5a8257a4034110c9fa72aee43262a914da54cbe60777923869dac7659b7dd3cca9bea5d54024ce2221076d5c5bdc0a22cf7b43fe68e8707dae6b4ff8a0ca2f25a8d3fb67eca47c619ce1919ccf4085b6ef0cf67f3fe74e3c52cfbf063209fe3f6df318d69f09991166b44240f920005fc46938c15791a2cea209b9fdd28ab0b10f81e74ca57b4878f282eefef6572a5dc1ea43847513fb4dc2a3843e8969bf0a251555ddf546aff48e5791b13a07e53495abbac40f6cfd3c02e0bbbce83", 0x1000}, {&(0x7f0000000080)="05680e10db13f8056d9407cdeabca47f4a0343edf72cf97b754862e3426da94677f552c7a665c8581cabfe3f18ffd4294dcf048723604177ae1cc9883b21e05fca9eca8b3e138d4fb5cf2478ce6b44223a13812c4c7441c3eb0b5a6c9f1228a6abfd950422fec48970425eb6d6637c5273b71db5dcee470877df43253689f7d993a340a31492d734a619e4850b4c49692140bde78114bd12f570aa52c8bc10b9525304880b96d5817766d89b8478b322b8f5496d3326c9c11a3c47d5276591154b19eff84bdfea2489ae74c86f4960752f7531d3766cf3e6708d938e04c67b66a14e47c12baa15", 0xe7}, {&(0x7f0000000000)="6cbe0be8dba251b4c8b4a66d7c33", 0xe}], 0x3, &(0x7f00000001c0)="4241e5c11314ff3b106ffcd63628d3a335f577f062da9af76673079c0ba4ddefe1b703ee0d0c620fd4330892f05eb3644194533b0518162083c8c56fc1efc30add9121a974c7bc197b894605fddf711301b8", 0x52, 0x4000010}, 0x40040)
close_range(r0, 0xffffffffffffffff, 0x0)

2.77900438s ago: executing program 2 (id=130):
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f00000001c0), 0xfffffecc)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x2c, 0x3e, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @typed={0x8, 0x0, 0x0, 0x0, @uid=0xffffffffffffffff}]}]}, 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r5, 0xf05, 0x0, 0x0, {0x8}}, 0x13}}, 0x0)
sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, r5, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x11}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff516d}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffffa}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20048850}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f00000000c0)=@framed={{}, [@jmp={0x0, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), 0xffffffffffffffff)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x4b}, @val={0x8, 0x3, r12}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_to_batadv\x00'}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x2c, r8, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x36}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x1}]}, 0x2c}}, 0x24000000)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r6, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r7, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x163aa158b6f3c738}, 0x40800)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'})

2.352208495s ago: executing program 3 (id=131):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x40186f40, 0x20000502)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0x40046f41, 0x20000502)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[], 0x7d)
r2 = socket(0x10, 0x1, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000ac0)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x20008874}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x19, 0x5, &(0x7f00000000c0)=ANY=[@ANYRES16=r1], &(0x7f0000000480)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000240)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f00000003c0)=""/148, 0x94}], 0x2, &(0x7f0000000540)=[{&(0x7f0000000280)=""/29}, {&(0x7f0000000500)=""/58}], 0x56, 0x0)
r6 = fsopen(&(0x7f0000000100)='proc\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r7 = fsmount(r1, 0x1, 0xe)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xfffffffffffffffe, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8010, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
clock_gettime(0x6, &(0x7f0000000580))
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="1e00ebff02dc7947ee1d5207da7f000020020000", @ANYRES32=r7, @ANYBLOB="ffffff7f00"/20, @ANYRES16=r1, @ANYRES32=r7, @ANYBLOB="0000000002000000000000000c00"/28], 0x48)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
syz_emit_vhci(0x0, 0x8a)
socket$inet6_udplite(0xa, 0x2, 0x88)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.97924403s ago: executing program 1 (id=132):
syz_open_procfs(0x0, &(0x7f0000000300)='fd\x00')
r0 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x682e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, 0x0, 0x4008800)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000000))
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/timers\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f00000045c0)={0x2020}, 0x2020)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05640, &(0x7f0000000340)={0x9, @pix_mp={0x7, 0x3ff, 0x30314752, 0x2, 0x2, [{0x6, 0x30000000}, {0x80, 0x8}, {0x8, 0x3}, {0x8, 0x1}, {0x3ff, 0x7fff}, {0x5, 0x8}, {0xc9e, 0x1}, {0x8, 0x9}], 0x9, 0x1, 0x0, 0x2, 0x5}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'veth1_to_bridge\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = io_uring_setup(0x5091, &(0x7f0000000040)={0x0, 0x2, 0x2})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$TCFLSH(r6, 0x5608, 0x1)
io_uring_register$IORING_UNREGISTER_FILES(r4, 0x3, 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r7 = creat(&(0x7f0000000600)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r7, &(0x7f0000000040)={'#! ', '', [{0x20, '\xd2\xb2\x10\f\x0e\xcef\xd4\x0f\xe2\xbe>S\x0f\x17o\xa4\x1c\t{I\xfb5Ar\x84\x89\xc9\xdd\xff\xdf\xd3\xf1\xd9\xe4\xb8\fub\xff\x961\xf2\xcd\\\xc1\xbb\xc2\xc0\xd3\xf7\x10\xda\xfe\xb6/\x15\x17\xbb\xe2\x02\xdaZ\xac\x13\xde\xab\x8f\xac\xa6U`A\xa5\b\x00\x00\x00\x1c\x01a\x83\xc5X\xed?\x82\x8f\\Vr\xda\xf6\x82\xe6,m \"-\xf2\xbf\x12\x95|\xaf\xe0\xd5\x0e0\xde:\xcf'}]}, 0x76)

1.909240415s ago: executing program 2 (id=133):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x10) (fail_nth: 34)

1.735622279s ago: executing program 2 (id=134):
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ffffac03424203"], 0x0)

1.657250585s ago: executing program 2 (id=135):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3000000}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f041})

1.581528261s ago: executing program 0 (id=136):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="000100001a0001000000000000000000fe880000000000000000000000000001ffffffff00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000662b0000002001000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000014000e00ff010000000000000000000000000001"], 0x100}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000380)=0x3)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
clock_getres(0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c00000000000000000000004700000044aa00210a2101"], 0x230}, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000001000390400"/20, @ANYRES32=r5, @ANYBLOB="00000000000000000c002b80080004"], 0x34}}, 0x0)
read$FUSE(r3, &(0x7f0000000440)={0x2020}, 0x2020)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000005100000008000300", @ANYRES32=r8, @ANYBLOB="0a00060008021100000100ff05008a0003"], 0x30}}, 0x0)
r9 = fcntl$dupfd(r2, 0x0, r2)
write$sndseq(r9, &(0x7f0000000100)=[{0x0, 0x0, 0x0, 0x0, @time={0x88ffffff}}, {0x0, 0x0, 0x0, 0x0, @time}], 0x38)
r10 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000040)={0x4f, 0xa, 0x0, "3258c546dacccfae1e008faa00000000f4ff4000"})
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374"], 0x78}, 0x1, 0x0, 0x0, 0x810}, 0x40095)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r11}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

1.449959905s ago: executing program 3 (id=137):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
setfsgid(0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'})
ioperm(0x0, 0x1, 0x1bf4)
mq_notify(0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x80803, 0x83)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {0xffff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe4)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={0x0})
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @win={{0xff3f, 0x2, 0x10001, 0x4}, 0x2, 0x550b, &(0x7f0000000440)={{0x0, 0x8, 0xd, 0x1ff}, &(0x7f00000003c0)={{0xfffffffa, 0x9, 0xfff, 0x3}, &(0x7f0000000000)={{0x9, 0xf4, 0xc0, 0xf3de}}}}, 0xfff, &(0x7f00000004c0)="b6449277e621fc8ef3c23b5579dbef292640e1c61ba7cb0fb21eb6c7f3cfc3a4a2767cae94975c9e13e2f4eab7220039c5304550833a8fe017d97ace5505233c6ea4670a7789ca20623d386388761018d99b5665dfd6020565d0843cb65552d6123d3330ad20ecb90803960034d2cc10b79a8f6943059c4941259bef5155f7c399c2039d9da0ada1d0a5f16b7c0f613eed1537b2223318ac3f9d3c1dda5fcbb17fe57bd7d098", 0x88}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r6 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r6, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r8, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f0000005e40), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r0, &(0x7f0000004d80), 0x493, 0xa, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0)

1.378719153s ago: executing program 0 (id=138):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff0010000008003950323030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'wfdno'}}, {@cache_fscache}], [], 0x6b}})

1.289362039s ago: executing program 0 (id=139):
getpid()
r0 = socket$l2tp(0x2, 0x2, 0x73)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESOCT=r2])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000006c0)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000f000000050033000100000008000300", @ANYRES32=r6], 0x24}}, 0x0)
r7 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
read(r7, &(0x7f0000000740)=""/384, 0x200008c0)
mknodat(r7, &(0x7f0000000040)='./file0\x00', 0x8000, 0x1ff)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)

889.372422ms ago: executing program 0 (id=140):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x3, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fcntl$getownex(r0, 0x10, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x68)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_FUNCS(r2, 0x705, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0xe0})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEV(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="da495c2807be4dae53dc3eaa20b045c5abdc6e8c710b7db7ab5c2c4367f2422e3f597cf7c8dd12870e99b58cdd39372c0fb6f99636fc6a2fa392bda97322cb18792f1918ac15c9443f3a96b06766593f01f53a702af153806f757f1e50c3e6777df0beb519a711508c7e5150d706c8c87f8f55965705ef74281929a31b52da809e965fbf9f5015b72432d366ab102c89e2e9c85429115ff22039ead4eb3f2fd335c6d3c47a075ea2278fbe8341e1b62054e1c34f0785fb9c5a8297a20cbaaeb1c9b2112b09070eeaa539b7dec071"], 0x20}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x9, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa158f35f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d09dcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
sendto$inet6(r5, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
shutdown(r5, 0x2)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYBLOB], 0x2c}}, 0x0)
socket$kcm(0x10, 0x9, 0x4)
syz_open_dev$midi(&(0x7f00000001c0), 0x6d7, 0xa0802)
r6 = getpid()
process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000440)=""/67, 0x43}, {&(0x7f0000006180)=""/152, 0xfffffd5d}], 0x2, &(0x7f0000008640)=[{&(0x7f00000004c0)=""/95, 0x5f}], 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0xee54, 0x7, 0xa7, 0x100, r0, 0x1f6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0xc, @void, @value, @void, @value}, 0x7c)
ioperm(0x0, 0x3, 0x3f)

655.610886ms ago: executing program 0 (id=141):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r1, &(0x7f0000000100)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @loopback}}, 0x24)
r2 = openat$incfs(0xffffffffffffffff, &(0x7f0000000240)='.pending_reads\x00', 0x40, 0x50)
connect$rxrpc(r2, &(0x7f0000000040)=@in4={0x21, 0x12, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x24)
getsockname(r0, 0x0, &(0x7f0000000200))
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
pipe2(&(0x7f0000001440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1004}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vti={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VTI_LOCAL={0x8, 0x4, @rand_addr=0x64010101}, @vti_common_policy=[@IFLA_VTI_IKEY={0x8}]]}}}, @IFLA_MTU={0x8}]}, 0x48}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r6, 0x0, r4, 0x0, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x1004010, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r6}})
sendmsg$NFNL_MSG_CTHELPER_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = openat$mice(0xffffff9c, &(0x7f0000000040), 0x402800)
ioctl$UFFDIO_COPY(r8, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000, 0x2})
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000740)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='hfsplus\x00', 0x0, &(0x7f0000001080)='\xfb\xa4\xfc\x1d\xe7\xff\xff\xff\x00\x98\x00\x00\x00\x00\x00\x00')

119.443715ms ago: executing program 3 (id=142):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$vbi(&(0x7f0000000700), 0x2, 0x2)
r0 = syz_io_uring_setup(0x16e, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r1=>0x0, &(0x7f0000001340)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d727009000000000000000000001800128008000100707070"], 0x4c}}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="02000000040000000800000001", @ANYRES32=0x0, @ANYBLOB='\x00N'], 0x48)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

59.223773ms ago: executing program 3 (id=143):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000dc0)={'filter\x00', 0x1002, 0x4, 0x38c, 0x0, 0xec, 0xec, 0x2ac, 0x2ac, 0x2ac, 0x4, 0x0, {[{{@uncond, 0xbc, 0xec, 0x300}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x8001, 0xff, 0x2}}}, {{@uncond, 0xbc, 0xe0}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0x1cc}}, {{@arp={@local, @multicast1, 0xffffffff, 0xffffffff, 0xe, 0x3, {@empty, {[0x0, 0xff, 0x7f]}}, {@mac=@random="9614e85f2156", {[0xff, 0x0, 0x0, 0xff]}}, 0x0, 0xdc1, 0x3, 0x7, 0x81, 0x6, 'veth0_virt_wifi\x00', 'netdevsim0\x00', {0xff}, {0xff}, 0x0, 0x2f5}, 0xbc, 0xe0}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3d8)

0s ago: executing program 2 (id=144):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x10, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000000240)=[&(0x7f0000000100)={0x18, 0x7000000, 0x4, 0x1, 0x0, r1, 0x0, 0x0, 0x2, 0xfe00}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x8001, r0, 0x0, 0x0, 0xbe, 0x0, 0x0, r1}])

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:38127' (ED25519) to the list of known hosts.
[   34.713347][ T5272] cgroup: Unknown subsys name 'net'
[   34.882191][ T5272] cgroup: Unknown subsys name 'cpuset'
[   34.885618][ T5272] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   35.753773][ T5272] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   38.767742][ T5345] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   38.774610][ T5353] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   38.778376][ T5353] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   38.780761][ T5353] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   38.782879][ T5353] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   38.785180][ T5353] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   38.787416][ T5353] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   38.789554][ T5353] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   38.791549][ T5353] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   38.796597][ T5356] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   38.798710][ T5357] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   38.799389][ T5356] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   38.801047][ T5357] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   38.802865][ T5356] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   38.804619][ T5357] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   38.807501][ T5356] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   38.808243][ T5357] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   38.810267][ T5356] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   38.811878][ T5357] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   38.813784][ T5359] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   38.815562][ T5358] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   38.832656][ T5359] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   38.835927][ T5359] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   38.838118][ T5359] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   39.064985][ T5342] chnl_net:caif_netlink_parms(): no params data found
[   39.072210][ T5346] chnl_net:caif_netlink_parms(): no params data found
[   39.109912][ T5348] chnl_net:caif_netlink_parms(): no params data found
[   39.115210][ T5347] chnl_net:caif_netlink_parms(): no params data found
[   39.229224][ T5342] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.231423][ T5342] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.233451][ T5342] bridge_slave_0: entered allmulticast mode
[   39.235484][ T5342] bridge_slave_0: entered promiscuous mode
[   39.265097][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.267085][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.269034][ T5346] bridge_slave_0: entered allmulticast mode
[   39.271033][ T5346] bridge_slave_0: entered promiscuous mode
[   39.273821][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.275948][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.278142][ T5346] bridge_slave_1: entered allmulticast mode
[   39.280218][ T5346] bridge_slave_1: entered promiscuous mode
[   39.283194][ T5342] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.285685][ T5342] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.290567][ T5342] bridge_slave_1: entered allmulticast mode
[   39.293562][ T5342] bridge_slave_1: entered promiscuous mode
[   39.411338][ T5347] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.413233][ T5347] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.415108][ T5347] bridge_slave_0: entered allmulticast mode
[   39.417764][ T5347] bridge_slave_0: entered promiscuous mode
[   39.421916][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.436095][ T5342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.439405][ T5348] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.441300][ T5348] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.443168][ T5348] bridge_slave_0: entered allmulticast mode
[   39.445206][ T5348] bridge_slave_0: entered promiscuous mode
[   39.448597][ T5347] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.450548][ T5347] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.452498][ T5347] bridge_slave_1: entered allmulticast mode
[   39.454426][ T5347] bridge_slave_1: entered promiscuous mode
[   39.468380][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.471545][ T5342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.474213][ T5348] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.476590][ T5348] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.479527][ T5348] bridge_slave_1: entered allmulticast mode
[   39.482183][ T5348] bridge_slave_1: entered promiscuous mode
[   39.505202][ T5347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.556551][ T5348] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.560895][ T5347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.575427][ T5342] team0: Port device team_slave_0 added
[   39.579454][ T5346] team0: Port device team_slave_0 added
[   39.582265][ T5348] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.604340][ T5342] team0: Port device team_slave_1 added
[   39.606620][ T5346] team0: Port device team_slave_1 added
[   39.638195][ T5347] team0: Port device team_slave_0 added
[   39.670139][ T5348] team0: Port device team_slave_0 added
[   39.672574][ T5347] team0: Port device team_slave_1 added
[   39.674707][ T5342] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.676672][ T5342] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.683666][ T5342] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.687841][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.689880][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.696753][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.701093][ T5348] team0: Port device team_slave_1 added
[   39.727160][ T5342] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.729711][ T5342] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.736482][ T5342] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.740440][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.742821][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.751216][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.763308][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.765245][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.773408][ T5347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.802383][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.804157][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.811023][ T5347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.837850][ T5348] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.839785][ T5348] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.846762][ T5348] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.850870][ T5348] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.852757][ T5348] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.860189][ T5348] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.877885][ T5342] hsr_slave_0: entered promiscuous mode
[   39.879890][ T5342] hsr_slave_1: entered promiscuous mode
[   39.911822][ T5346] hsr_slave_0: entered promiscuous mode
[   39.915052][ T5346] hsr_slave_1: entered promiscuous mode
[   39.919143][ T5346] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.922287][ T5346] Cannot create hsr debugfs directory
[   39.954194][ T5347] hsr_slave_0: entered promiscuous mode
[   39.956660][ T5347] hsr_slave_1: entered promiscuous mode
[   39.958956][ T5347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   39.960947][ T5347] Cannot create hsr debugfs directory
[   39.998864][ T5348] hsr_slave_0: entered promiscuous mode
[   40.000961][ T5348] hsr_slave_1: entered promiscuous mode
[   40.002787][ T5348] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   40.004790][ T5348] Cannot create hsr debugfs directory
[   40.238175][ T5342] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   40.242942][ T5342] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   40.246887][ T5342] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   40.260677][ T5342] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   40.280990][ T5346] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   40.289654][ T5346] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   40.300940][ T5346] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   40.310069][ T5346] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   40.331127][ T5348] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   40.336338][ T5348] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   40.340347][ T5348] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   40.343588][ T5348] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   40.368412][ T5347] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   40.372423][ T5347] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   40.376155][ T5347] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   40.379870][ T5347] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   40.429788][ T5342] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.435652][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.470454][ T5346] 8021q: adding VLAN 0 to HW filter on device team0
[   40.475419][ T5342] 8021q: adding VLAN 0 to HW filter on device team0
[   40.480558][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.482658][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.510591][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.512511][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.515585][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.517961][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.522087][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.524026][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.536730][ T5348] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.563688][ T5347] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.573505][ T5348] 8021q: adding VLAN 0 to HW filter on device team0
[   40.586185][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.588131][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.593073][ T5347] 8021q: adding VLAN 0 to HW filter on device team0
[   40.598271][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.600376][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.615287][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.617616][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.627859][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.630098][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.693351][ T5342] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.710032][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.725369][ T5342] veth0_vlan: entered promiscuous mode
[   40.733975][ T5342] veth1_vlan: entered promiscuous mode
[   40.759189][ T5346] veth0_vlan: entered promiscuous mode
[   40.763377][ T5342] veth0_macvtap: entered promiscuous mode
[   40.767594][ T5346] veth1_vlan: entered promiscuous mode
[   40.770675][ T5342] veth1_macvtap: entered promiscuous mode
[   40.777198][ T5347] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.791019][ T5348] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.800281][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.815006][ T5342] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.820910][ T5342] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.824273][ T5342] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.826607][ T5342] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.829064][ T5342] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.834006][ T5346] veth0_macvtap: entered promiscuous mode
[   40.847219][ T5346] veth1_macvtap: entered promiscuous mode
[   40.857971][ T5347] veth0_vlan: entered promiscuous mode
[   40.868305][ T5351] Bluetooth: hci3: command tx timeout
[   40.868308][ T5359] Bluetooth: hci2: command tx timeout
[   40.869158][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.874510][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.877248][ T5351] Bluetooth: hci0: command tx timeout
[   40.877260][ T5359] Bluetooth: hci1: command tx timeout
[   40.880920][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.884573][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.887805][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.890929][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.901555][ T5347] veth1_vlan: entered promiscuous mode
[   40.908080][ T5346] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.910397][ T5346] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.912671][ T5346] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.914845][ T5346] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.919341][ T5348] veth0_vlan: entered promiscuous mode
[   40.934780][ T5348] veth1_vlan: entered promiscuous mode
[   40.948648][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.950098][ T5347] veth0_macvtap: entered promiscuous mode
[   40.950807][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   40.953833][ T5347] veth1_macvtap: entered promiscuous mode
[   40.970803][ T5348] veth0_macvtap: entered promiscuous mode
[   40.986162][ T5348] veth1_macvtap: entered promiscuous mode
[   40.998351][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   40.998979][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.000416][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.005861][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.008861][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.011726][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.015968][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.028097][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.031982][ T5348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.032051][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.034815][ T5348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.041284][ T5348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.044336][ T5348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.047159][ T5348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.050197][ T5348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.054318][ T5348] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.058525][ T5348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.061244][ T5348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.063678][ T5348] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.066444][ T5348] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.070031][ T5348] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.072165][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.074914][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.077953][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.080664][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.083334][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.086108][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.089711][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.094870][ T5347] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.097699][ T5347] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.099929][ T5347] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.102237][ T5347] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.109865][ T5348] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.112440][ T5348] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.114753][ T5348] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.118589][ T5348] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.132749][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.134895][ T5342] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   41.135274][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.177520][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.179640][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.212160][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.212259][ T5407] syz.0.1 uses obsolete (PF_INET,SOCK_PACKET)
[   41.214327][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.232186][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.234475][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.250907][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.253001][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.263848][ T5409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'.
[   41.275409][ T5409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'.
[   41.368262][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   41.369360][ T5407] sctp: [Deprecated]: syz.0.1 (pid 5407) Use of struct sctp_assoc_value in delayed_ack socket option.
[   41.369360][ T5407] Use struct sctp_sack_info instead
[   41.417714][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   41.577363][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   41.929363][ T5428] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.308194][    T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!!
[   42.618679][ T5431] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7'.
[   42.737355][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.818110][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.820854][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.823480][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.825785][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.829186][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.948295][ T5351] Bluetooth: hci0: command tx timeout
[   42.948936][ T5359] Bluetooth: hci1: command tx timeout
[   42.949945][   T66] Bluetooth: hci3: command tx timeout
[   42.951307][ T5359] Bluetooth: hci2: command tx timeout
[   44.543884][ T5458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14'.
[   44.562352][ T5458] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14'.
[   45.033130][ T5359] Bluetooth: hci3: command tx timeout
[   45.033363][   T66] Bluetooth: hci2: command tx timeout
[   45.035062][ T5359] Bluetooth: hci0: command tx timeout
[   45.036770][ T5351] Bluetooth: hci1: command tx timeout
[   45.731062][ T5474] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   45.916922][    T8] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[   46.219697][    T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   46.222669][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   46.224861][    T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[   46.232006][    T8] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   46.237887][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.250567][ T5479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20'.
[   46.257665][ T5479] netlink: 12 bytes leftover after parsing attributes in process `syz.1.20'.
[   46.277942][ T5475] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   46.298849][    T8] hub 5-1:1.0: bad descriptor, ignoring hub
[   46.300633][    T8] hub 5-1:1.0: probe with driver hub failed with error -5
[   46.302674][    T8] cdc_wdm 5-1:1.0: skipping garbage
[   46.304031][    T8] cdc_wdm 5-1:1.0: skipping garbage
[   46.349541][    T8] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   46.351170][    T8] cdc_wdm 5-1:1.0: Unknown control protocol
[   46.602165][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.604612][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.606900][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.609099][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.610984][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.612645][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.614415][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.616452][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.618224][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.619912][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.621727][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.623453][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.625267][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.627110][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.629633][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.631362][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.633125][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.634798][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.636535][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   46.638269][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   46.767377][ T5466] usb 5-1: USB disconnect, device number 2
[   46.786878][  T829] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   46.956955][  T829] usb 8-1: Using ep0 maxpacket: 32
[   46.964333][  T829] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[   46.966678][  T829] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   46.970950][  T829] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[   46.973780][  T829] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   46.976328][  T829] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   46.979171][  T829] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   46.982646][  T829] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   46.985075][  T829] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.989246][  T829] usb 8-1: config 0 descriptor??
[   47.107012][ T5351] Bluetooth: hci0: command tx timeout
[   47.107050][ T5466] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[   47.108466][ T5351] Bluetooth: hci1: command tx timeout
[   47.112592][   T66] Bluetooth: hci3: command tx timeout
[   47.113978][   T66] Bluetooth: hci2: command tx timeout
[   47.229069][  T829] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   47.288823][ T5466] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   47.291517][ T5466] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   47.294479][ T5466] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[   47.297695][ T5466] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   47.300044][ T5466] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   47.304057][ T5472] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   47.306749][ T5466] hub 5-1:1.0: bad descriptor, ignoring hub
[   47.313079][ T5466] hub 5-1:1.0: probe with driver hub failed with error -5
[   47.315172][ T5466] cdc_wdm 5-1:1.0: skipping garbage
[   47.316555][ T5466] cdc_wdm 5-1:1.0: skipping garbage
[   47.322366][ T5466] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[   47.323972][ T5466] cdc_wdm 5-1:1.0: Unknown control protocol
[   47.487805][ T5492] vivid-006: disconnect
[   47.492094][ T5482] vivid-006: reconnect
[   47.496532][    T8] usb 8-1: USB disconnect, device number 2
[   47.503222][    T8] usblp0: removed
[   47.637042][   T25] usb 5-1: USB disconnect, device number 3
[   48.102515][ T5494] netlink: 'syz.3.23': attribute type 9 has an invalid length.
[   48.104893][ T5494] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.23'.
[   48.154748][ T5498] netlink: 28 bytes leftover after parsing attributes in process `syz.2.25'.
[   48.178870][ T5498] sp0: Synchronizing with TNC
[   48.506874][ T5508] netlink: 'syz.2.27': attribute type 9 has an invalid length.
[   48.509172][ T5508] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.27'.
[   48.537056][ T1447] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   48.707987][ T1447] usb 8-1: Using ep0 maxpacket: 8
[   48.711145][ T1447] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   48.714183][ T1447] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[   48.716904][ T1447] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   48.720042][ T1447] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   48.720641][ T5510] binder: 5509:5510 ioctl c0306201 20000140 returned -14
[   48.722805][ T1447] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   48.730621][ T1447] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.736312][ T1447] hub 8-1:1.0: bad descriptor, ignoring hub
[   48.740206][ T1447] hub 8-1:1.0: probe with driver hub failed with error -5
[   48.744640][ T1447] cdc_wdm 8-1:1.0: skipping garbage
[   48.746598][ T1447] cdc_wdm 8-1:1.0: skipping garbage
[   48.767329][ T1447] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[   48.773175][ T1447] cdc_wdm 8-1:1.0: Unknown control protocol
[   48.888475][ T5512] netlink: 'syz.2.29': attribute type 9 has an invalid length.
[   48.897005][ T5512] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.29'.
[   48.989447][ T5512] netlink: 'syz.2.29': attribute type 9 has an invalid length.
[   48.992182][ T5512] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.29'.
[   49.978579][ T5522] syz.1.31: attempt to access beyond end of device
[   49.978579][ T5522] nbd1: rw=2048, sector=2, nr_sectors = 1 limit=0
[   49.982093][ T5522] hfsplus: unable to find HFS+ superblock
[   50.371377][ T5527] binder: 5526:5527 ioctl 810c9365 20000980 returned -22
[   50.937612][   T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   51.097019][   T25] usb 5-1: Using ep0 maxpacket: 8
[   51.109333][   T25] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[   51.112418][   T25] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[   51.123733][   T25] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[   51.133431][   T25] usb 5-1: config 250 has no interface number 0
[   51.135684][   T25] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   51.139777][   T25] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   51.143743][   T25] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26
[   51.146616][   T25] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   51.152656][   T25] usb 5-1: config 250 interface 228 has no altsetting 0
[   51.159314][   T25] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   51.161775][   T25] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   51.163935][   T25] usb 5-1: Product: syz
[   51.165171][   T25] usb 5-1: SerialNumber: syz
[   51.178416][   T25] hub 5-1:250.228: bad descriptor, ignoring hub
[   51.180740][   T25] hub 5-1:250.228: probe with driver hub failed with error -5
[   51.267895][  T980] usb 8-1: USB disconnect, device number 3
[   51.391145][ T5532] capability: warning: `syz.0.35' uses 32-bit capabilities (legacy support in use)
[   51.400474][   T25] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 4 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   51.528438][ T5538] 9pnet_virtio: no channels available for device syz
[   52.244097][ T5549] __find_get_block_slow() failed. block=648518346341351425, b_blocknr=1, b_state=0x0011601b, b_size=4096, device sda1 blocksize: 4096
[   52.260204][ T5549] grow_buffers: requested out-of-range block 648518346341351425 for device sda1
[   52.266858][ T5549] EXT4-fs warning (device sda1): ext4_resize_fs:2019: can't read last block, resize aborted
[   52.300231][ T5532] usb 5-1: reset high-speed USB device number 4 using dummy_hcd
[   52.348787][   T39] audit: type=1326 audit(1728189439.527:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.387122][   T39] audit: type=1326 audit(1728189439.537:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.407761][   T39] audit: type=1326 audit(1728189439.537:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.413780][   T39] audit: type=1326 audit(1728189439.537:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.450669][   T39] audit: type=1326 audit(1728189439.537:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.469429][   T39] audit: type=1326 audit(1728189439.537:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.475966][   T39] audit: type=1326 audit(1728189439.537:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.483458][ T5553] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   52.486305][ T5553] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[   52.509935][ T5553] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   52.517066][   T39] audit: type=1326 audit(1728189439.537:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.524172][   T39] audit: type=1326 audit(1728189439.547:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.531661][ T5553] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[   52.557395][   T39] audit: type=1326 audit(1728189439.547:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5552 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[   52.558064][ T5553] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   52.569596][ T5553] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[   52.582693][ T5553] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   52.596710][ T5553] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[   52.712302][    C0] usblp0: nonzero read bulk status received: -71
[   52.937247][ T5386] usb 5-1: USB disconnect, device number 4
[   52.943772][ T5386] usblp0: removed
[   54.057996][ T5611] netlink: 4 bytes leftover after parsing attributes in process `syz.2.47'.
[   54.071156][ T5611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.47'.
[   55.682637][ T5629] misc userio: Invalid payload size
[   55.685989][ T5629] misc userio: No port type given on /dev/userio
[   55.721863][ T5632] netlink: 'syz.1.52': attribute type 9 has an invalid length.
[   55.724590][ T5632] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.52'.
[   55.760611][ T5632] Zero length message leads to an empty skb
[   55.887326][  T830] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   56.063711][  T830] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   56.066886][  T830] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   56.069669][  T830] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   56.072448][  T830] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   56.082760][  T830] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   56.094202][  T830] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   56.098616][  T830] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   56.100977][  T830] usb 5-1: Product: syz
[   56.102094][  T830] usb 5-1: Manufacturer: syz
[   56.131051][  T830] cdc_wdm 5-1:1.0: skipping garbage
[   56.132900][  T830] cdc_wdm 5-1:1.0: skipping garbage
[   56.135041][  T830] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   56.136738][  T830] cdc_wdm 5-1:1.0: Unknown control protocol
[   56.509323][    C3] wdm_int_callback: 5 callbacks suppressed
[   56.509338][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.512595][    C3] wdm_int_callback: 5 callbacks suppressed
[   56.512602][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.517065][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.518797][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.520565][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.522266][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.524006][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.525717][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.527487][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.529196][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.530992][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.532726][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.534469][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.536164][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.537945][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.539653][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.541429][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.543126][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.544919][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   56.546626][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   56.551190][   T35] usb 5-1: USB disconnect, device number 5
[   56.552776][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   56.858307][ T5648] netlink: 40 bytes leftover after parsing attributes in process `syz.1.55'.
[   56.863027][ T5648] ADFS-fs (nullb0): unrecognised mount option "
" or missing value
[   57.203244][ T5654] netlink: 4 bytes leftover after parsing attributes in process `syz.2.57'.
[   57.209986][ T5654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.57'.
[   57.768796][   T39] kauditd_printk_skb: 25 callbacks suppressed
[   57.768809][   T39] audit: type=1326 audit(1728189444.957:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.780800][   T39] audit: type=1326 audit(1728189444.957:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.787455][   T39] audit: type=1326 audit(1728189444.967:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=290 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.795378][   T39] audit: type=1326 audit(1728189444.967:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.802849][   T39] audit: type=1326 audit(1728189444.967:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.808716][   T39] audit: type=1326 audit(1728189444.977:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.814636][   T39] audit: type=1326 audit(1728189444.977:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.822095][   T39] audit: type=1326 audit(1728189444.977:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.828317][   T39] audit: type=1326 audit(1728189444.977:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf748e579 code=0x7ffc0000
[   57.834160][   T39] audit: type=1326 audit(1728189444.977:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5662 comm="syz.3.59" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[   58.047168][   T30] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   58.088702][ T5670] libceph: resolve '.
[   58.088702][ T5670] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[   58.088702][ T5670] ' (ret=-3): failed
[   58.208546][   T30] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   58.210836][   T30] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   58.213481][   T30] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   58.216554][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   58.220983][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   58.226518][   T30] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   58.229173][   T30] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   58.231886][   T30] usb 6-1: Product: syz
[   58.233361][   T30] usb 6-1: Manufacturer: syz
[   58.250859][   T30] cdc_wdm 6-1:1.0: skipping garbage
[   58.252695][   T30] cdc_wdm 6-1:1.0: skipping garbage
[   58.259485][   T30] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   58.261117][   T30] cdc_wdm 6-1:1.0: Unknown control protocol
[   58.637570][   T35] usb 6-1: USB disconnect, device number 2
[   58.637634][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   58.644027][ T5666] cdc_wdm 6-1:1.0: Tx URB error: -19
[   59.125976][ T5682] netlink: 'syz.2.63': attribute type 9 has an invalid length.
[   59.129376][ T5682] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.63'.
[   59.172130][ T5682] netlink: 'syz.2.63': attribute type 9 has an invalid length.
[   59.174317][ T5682] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.63'.
[   60.031059][ T1100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.144360][ T1100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.169288][ T5692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.69'.
[   60.177491][ T5692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.69'.
[   60.182477][   T66] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.185324][   T66] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.187860][   T66] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.190923][   T66] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.199952][   T66] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.202945][   T66] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.226193][ T5351] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.230129][ T1100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.233611][ T5351] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.235963][ T5351] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.239880][ T5351] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.242689][ T5351] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.248017][ T5351] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.316759][ T1100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.395999][ T5699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.70'.
[   60.415481][ T5699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.70'.
[   60.489294][ T1100] bridge_slave_1: left allmulticast mode
[   60.491615][ T1100] bridge_slave_1: left promiscuous mode
[   60.493894][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.502559][ T1100] bridge_slave_0: left allmulticast mode
[   60.504372][ T1100] bridge_slave_0: left promiscuous mode
[   60.506091][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.061431][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   61.087408][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   61.107841][ T1100] bond0 (unregistering): Released all slaves
[   61.200961][ T5693] chnl_net:caif_netlink_parms(): no params data found
[   61.810725][ T5693] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.812679][ T5693] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.815119][ T5693] bridge_slave_0: entered allmulticast mode
[   61.819769][ T5693] bridge_slave_0: entered promiscuous mode
[   61.844616][ T5693] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.846537][ T5693] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.849210][ T5693] bridge_slave_1: entered allmulticast mode
[   61.851531][ T5693] bridge_slave_1: entered promiscuous mode
[   61.918406][ T5693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.922785][ T5693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.047086][ T5693] team0: Port device team_slave_0 added
[   62.050823][ T5693] team0: Port device team_slave_1 added
[   62.051978][ T5733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'.
[   62.141350][ T5693] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.146256][ T5693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.168240][ T5693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.171867][ T5693] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.173706][ T5693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.190707][ T5693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.231809][ T1100] hsr_slave_0: left promiscuous mode
[   62.235180][ T1100] hsr_slave_1: left promiscuous mode
[   62.241105][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.243700][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.251234][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.253318][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.274409][ T1100] veth1_macvtap: left promiscuous mode
[   62.276116][ T1100] veth0_macvtap: left promiscuous mode
[   62.278722][ T1100] veth1_vlan: left promiscuous mode
[   62.280443][ T1100] veth0_vlan: left promiscuous mode
[   62.306987][ T5351] Bluetooth: hci0: command tx timeout
[   62.748191][   T35] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   62.928342][   T35] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   62.931258][   T35] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   62.933928][   T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   62.936298][   T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   62.949653][   T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   62.958042][   T35] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   62.960501][   T35] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   62.962634][   T35] usb 5-1: Product: syz
[   62.963953][   T35] usb 5-1: Manufacturer: syz
[   62.977212][   T35] cdc_wdm 5-1:1.0: skipping garbage
[   62.979116][   T35] cdc_wdm 5-1:1.0: skipping garbage
[   62.984322][   T35] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   62.986008][   T35] cdc_wdm 5-1:1.0: Unknown control protocol
[   63.136898][ T5466] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   63.193523][ T1100] team0 (unregistering): Port device team_slave_1 removed
[   63.308053][ T5466] usb 8-1: Using ep0 maxpacket: 8
[   63.323771][ T5466] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[   63.325891][ T5466] usb 8-1: config 0 has no interface number 0
[   63.336881][ T5466] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   63.339685][ T5466] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   63.343391][ T5466] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   63.346199][ T5466] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   63.349950][ T1100] team0 (unregistering): Port device team_slave_0 removed
[   63.366888][ T5466] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   63.369236][ T5466] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.376513][    C3] wdm_int_callback: 29 callbacks suppressed
[   63.376533][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[   63.377499][ T5386] usb 5-1: USB disconnect, device number 6
[   63.378716][    C3] wdm_int_callback: 29 callbacks suppressed
[   63.378729][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[   63.382460][ T5466] usb 8-1: config 0 descriptor??
[   63.383987][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   63.398095][ T5466] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   63.768472][ T5386] usb 8-1: USB disconnect, device number 4
[   63.788361][ T5386] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[   64.068375][ T5693] hsr_slave_0: entered promiscuous mode
[   64.071719][ T5693] hsr_slave_1: entered promiscuous mode
[   64.386939][ T5351] Bluetooth: hci0: command tx timeout
[   64.636665][ T5777] fuseblk: Unknown parameter 'f"'
[   64.638611][ T5693] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   64.660025][ T5693] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   64.664912][ T5693] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   64.673545][ T5693] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   64.725353][ T5693] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.758600][ T5693] 8021q: adding VLAN 0 to HW filter on device team0
[   64.779298][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.781824][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.785793][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.788632][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.814691][ T5693] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   64.918899][ T5693] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.939497][ T5693] veth0_vlan: entered promiscuous mode
[   64.943453][ T5693] veth1_vlan: entered promiscuous mode
[   64.959622][ T5693] veth0_macvtap: entered promiscuous mode
[   64.962783][ T5693] veth1_macvtap: entered promiscuous mode
[   64.979343][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.982094][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.984503][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.991586][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.994137][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.997074][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.000396][ T5693] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.004789][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.009549][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.012070][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.014760][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.017338][ T5693] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.019982][ T5693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.028389][ T5693] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.034784][ T5693] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.038350][ T5693] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.040646][ T5693] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.042892][ T5693] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.084651][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.086715][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.110787][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.112847][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.157726][ T5810] Driver unsupported XDP return value 0 on prog  (id 25) dev N/A, expect packet loss!
[   66.126984][  T829] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   66.278324][  T829] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   66.280708][  T829] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   66.283458][  T829] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   66.285877][  T829] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   66.290495][  T829] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   66.294712][  T829] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   66.297948][  T829] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   66.300029][  T829] usb 7-1: Product: syz
[   66.301164][  T829] usb 7-1: Manufacturer: syz
[   66.305300][  T829] cdc_wdm 7-1:1.0: skipping garbage
[   66.306796][  T829] cdc_wdm 7-1:1.0: skipping garbage
[   66.311729][  T829] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   66.313376][  T829] cdc_wdm 7-1:1.0: Unknown control protocol
[   66.467100][ T5351] Bluetooth: hci0: command tx timeout
[   66.681556][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.683328][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.685143][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.686860][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.688657][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.690369][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.692120][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.694045][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.696167][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.698350][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.701315][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.703824][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.706710][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.708922][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.711264][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.713404][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.715721][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[   66.717941][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[   66.723993][  T829] usb 7-1: USB disconnect, device number 2
[   66.725994][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   67.096983][ T5466] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   67.256958][ T5466] usb 6-1: Using ep0 maxpacket: 8
[   67.261685][ T5466] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[   67.263812][ T5466] usb 6-1: config 0 has no interface number 0
[   67.265445][ T5466] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   67.268353][ T5466] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   67.271280][ T5466] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   67.273849][ T5466] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   67.277386][ T5466] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   67.279716][ T5466] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.282659][ T5466] usb 6-1: config 0 descriptor??
[   67.297842][ T5466] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   67.639598][  T829] usb 6-1: USB disconnect, device number 3
[   67.644473][  T829] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[   67.646652][ T5842] block nbd1: shutting down sockets
[   67.699326][ T5858] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'.
[   67.717070][ T5858] netlink: 277 bytes leftover after parsing attributes in process `syz.2.91'.
[   67.720213][ T5858] netlink: 277 bytes leftover after parsing attributes in process `syz.2.91'.
[   67.810984][ T5860] netlink: 'syz.2.92': attribute type 29 has an invalid length.
[   68.174779][ T5871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.96'.
[   68.180320][ T5871] netlink: 12 bytes leftover after parsing attributes in process `syz.0.96'.
[   68.558429][ T5351] Bluetooth: hci0: command tx timeout
[   68.871906][ T5884] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.874914][ T5884] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.891513][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.894146][ T5884] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.897744][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.900365][ T5884] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.902657][ T5884] bridge0: entered promiscuous mode
[   68.904533][ T5884] bridge0: entered allmulticast mode
[   69.214105][    C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   69.279279][ T5897] FAULT_INJECTION: forcing a failure.
[   69.279279][ T5897] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   69.279299][ T5897] CPU: 3 UID: 0 PID: 5897 Comm: syz.3.105 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[   69.279312][ T5897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.279318][ T5897] Call Trace:
[   69.279322][ T5897]  <TASK>
[   69.279326][ T5897]  dump_stack_lvl+0x16c/0x1f0
[   69.279344][ T5897]  should_fail_ex+0x497/0x5b0
[   69.279361][ T5897]  _copy_from_iter+0x29b/0x13e0
[   69.279375][ T5897]  ? __pfx__copy_from_iter+0x10/0x10
[   69.279384][ T5897]  ? __virt_addr_valid+0x1a4/0x590
[   69.279399][ T5897]  ? __virt_addr_valid+0x5e/0x590
[   69.279411][ T5897]  ? __phys_addr_symbol+0x30/0x80
[   69.279423][ T5897]  ? __check_object_size+0x488/0x710
[   69.279440][ T5897]  netlink_sendmsg+0x813/0xd70
[   69.279454][ T5897]  ? __pfx_netlink_sendmsg+0x10/0x10
[   69.279466][ T5897]  ? lock_acquire+0x2f/0xb0
[   69.279484][ T5897]  ____sys_sendmsg+0x9ae/0xb40
[   69.279497][ T5897]  ? __pfx_____sys_sendmsg+0x10/0x10
[   69.279508][ T5897]  ? get_compat_msghdr+0x11b/0x170
[   69.279521][ T5897]  ? __pfx___lock_acquire+0x10/0x10
[   69.279538][ T5897]  ___sys_sendmsg+0x135/0x1e0
[   69.279553][ T5897]  ? __pfx____sys_sendmsg+0x10/0x10
[   69.279573][ T5897]  ? lock_acquire+0x2f/0xb0
[   69.279587][ T5897]  ? __fget_files+0x40/0x3f0
[   69.279602][ T5897]  ? fdget+0x176/0x210
[   69.279613][ T5897]  __sys_sendmsg+0x117/0x1f0
[   69.279628][ T5897]  ? __pfx___sys_sendmsg+0x10/0x10
[   69.279642][ T5897]  ? __fget_files+0x244/0x3f0
[   69.279659][ T5897]  __do_fast_syscall_32+0x73/0x120
[   69.279675][ T5897]  do_fast_syscall_32+0x32/0x80
[   69.279688][ T5897]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.279703][ T5897] RIP: 0023:0xf748e579
[   69.279712][ T5897] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.279723][ T5897] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   69.279752][ T5897] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[   69.279759][ T5897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.279765][ T5897] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.279771][ T5897] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.279778][ T5897] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.279789][ T5897]  </TASK>
[   69.576956][ T5714] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   69.727173][ T5714] usb 8-1: Using ep0 maxpacket: 32
[   69.732380][ T5714] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[   69.741988][ T5714] usb 8-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[   69.745110][ T5714] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.748433][ T5714] usb 8-1: Product: syz
[   69.750043][ T5714] usb 8-1: Manufacturer: syz
[   69.751724][ T5714] usb 8-1: SerialNumber: syz
[   69.765501][ T5714] usb 8-1: config 0 descriptor??
[   69.773616][ T5899] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   69.780222][ T5714] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   69.988585][ T5714] usb 8-1: USB disconnect, device number 5
[   70.654621][ T5932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.116'.
[   70.665246][ T5932] netlink: 12 bytes leftover after parsing attributes in process `syz.3.116'.
[   70.711039][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[   70.713946][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[   71.496348][ T5950] netlink: 4 bytes leftover after parsing attributes in process `syz.1.120'.
[   71.500596][ T5950] netlink: 12 bytes leftover after parsing attributes in process `syz.1.120'.
[   73.082619][ T5974] FAULT_INJECTION: forcing a failure.
[   73.082619][ T5974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.086412][ T5974] CPU: 1 UID: 0 PID: 5974 Comm: syz.3.126 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[   73.089336][ T5974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.092169][ T5974] Call Trace:
[   73.093049][ T5974]  <TASK>
[   73.093820][ T5974]  dump_stack_lvl+0x16c/0x1f0
[   73.095066][ T5974]  should_fail_ex+0x497/0x5b0
[   73.096324][ T5974]  _copy_from_user+0x30/0xf0
[   73.097533][ T5974]  generic_map_update_batch+0x3ff/0x5f0
[   73.098976][ T5974]  ? __pfx_generic_map_update_batch+0x10/0x10
[   73.100585][ T5974]  ? __pfx_generic_map_update_batch+0x10/0x10
[   73.102129][ T5974]  bpf_map_do_batch+0x576/0x640
[   73.103400][ T5974]  __sys_bpf+0x1c9f/0x5780
[   73.104571][ T5974]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   73.106087][ T5974]  ? lockdep_hardirqs_on+0x7c/0x110
[   73.107454][ T5974]  ? __pfx___sys_bpf+0x10/0x10
[   73.108693][ T5974]  ? find_held_lock+0x2d/0x110
[   73.109903][ T5974]  ? bpf_trace_run2+0x266/0x590
[   73.111187][ T5974]  ? __pfx_lock_release+0x10/0x10
[   73.112528][ T5974]  ? bpf_send_signal_common+0x2b5/0x3a0
[   73.113979][ T5974]  ? fput+0x30/0x390
[   73.115016][ T5974]  ? ksys_write+0x1ad/0x260
[   73.116191][ T5974]  __ia32_sys_bpf+0x76/0xe0
[   73.117237][ T5974]  __do_fast_syscall_32+0x73/0x120
[   73.118400][ T5974]  do_fast_syscall_32+0x32/0x80
[   73.119505][ T5974]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   73.120938][ T5974] RIP: 0023:0xf748e579
[   73.121871][ T5974] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   73.126155][ T5974] RSP: 002b:00000000f575556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   73.128517][ T5974] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000340
[   73.130362][ T5974] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[   73.132391][ T5974] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   73.134881][ T5974] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   73.137211][ T5974] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   73.139284][ T5974]  </TASK>
[   73.857750][ T5982] input: syz1 as /devices/virtual/input/input5
[   73.959143][ T5989] netlink: set zone limit has 4 unknown bytes
[   74.359888][ T5992] ubi0: attaching mtd0
[   74.362968][ T5992] ubi0: scanning is finished
[   74.364711][ T5992] ubi0: empty MTD device detected
[   74.494227][ T5992] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   74.496055][ T5992] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   74.498018][ T5992] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   74.500257][ T5992] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   74.502437][ T5992] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   74.504023][ T5992] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   74.505899][ T5992] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4002264068
[   74.508745][ T5992] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   74.512551][ T5995] ubi0: background thread "ubi_bgt0d" started, PID 5995
[   74.512894][ T5993] ubi0: detaching mtd0
[   74.523142][ T5993] ubi0: mtd0 is detached
[   74.763484][ T6000] FAULT_INJECTION: forcing a failure.
[   74.763484][ T6000] name failslab, interval 1, probability 0, space 0, times 1
[   74.766962][ T6000] CPU: 3 UID: 0 PID: 6000 Comm: syz.2.133 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[   74.770338][ T6000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.774347][ T6000] Call Trace:
[   74.774368][ T6000]  <TASK>
[   74.774373][ T6000]  dump_stack_lvl+0x16c/0x1f0
[   74.774394][ T6000]  should_fail_ex+0x497/0x5b0
[   74.774410][ T6000]  ? fs_reclaim_acquire+0xae/0x160
[   74.774424][ T6000]  should_failslab+0xc2/0x120
[   74.774439][ T6000]  kmem_cache_alloc_noprof+0x6e/0x2f0
[   74.774454][ T6000]  ? __kernfs_new_node+0xd3/0x890
[   74.774471][ T6000]  __kernfs_new_node+0xd3/0x890
[   74.774487][ T6000]  ? __pfx___kernfs_new_node+0x10/0x10
[   74.774500][ T6000]  ? __pfx_lock_release+0x10/0x10
[   74.774517][ T6000]  ? kernfs_add_one+0x39d/0x520
[   74.774536][ T6000]  ? up_write+0x1b2/0x520
[   74.774548][ T6000]  kernfs_new_node+0x186/0x240
[   74.774565][ T6000]  __kernfs_create_file+0x53/0x350
[   74.774578][ T6000]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   74.774594][ T6000]  internal_create_group+0x565/0xe50
[   74.774611][ T6000]  ? __pfx_internal_create_group+0x10/0x10
[   74.774627][ T6000]  ? kernfs_create_link+0x1bd/0x240
[   74.774640][ T6000]  internal_create_groups+0x9d/0x150
[   74.774655][ T6000]  device_add+0x6d3/0x1a70
[   74.774669][ T6000]  ? __pfx_device_add+0x10/0x10
[   74.774681][ T6000]  ? __init_waitqueue_head+0xca/0x150
[   74.774696][ T6000]  netdev_register_kobject+0x187/0x3f0
[   74.774714][ T6000]  register_netdevice+0x1473/0x1e20
[   74.774732][ T6000]  ? __pfx_register_netdevice+0x10/0x10
[   74.774747][ T6000]  ? alloc_netdev_mqs+0xf2a/0x12a0
[   74.774761][ T6000]  ? validate_linkmsg+0x6d2/0x9a0
[   74.774774][ T6000]  br_dev_newlink+0x27/0x110
[   74.774787][ T6000]  ? __pfx_br_dev_newlink+0x10/0x10
[   74.774797][ T6000]  __rtnl_newlink+0x119c/0x1920
[   74.774817][ T6000]  ? __pfx___rtnl_newlink+0x10/0x10
[   74.774842][ T6000]  rtnl_newlink+0x67/0xa0
[   74.774856][ T6000]  ? __pfx_rtnl_newlink+0x10/0x10
[   74.774870][ T6000]  rtnetlink_rcv_msg+0x3c7/0xea0
[   74.774885][ T6000]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.774899][ T6000]  ? __pfx___dev_queue_xmit+0x10/0x10
[   74.774915][ T6000]  netlink_rcv_skb+0x165/0x410
[   74.774928][ T6000]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.774943][ T6000]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   74.774961][ T6000]  ? netlink_deliver_tap+0x1ae/0xcf0
[   74.774974][ T6000]  netlink_unicast+0x53c/0x7f0
[   74.774987][ T6000]  ? __pfx_netlink_unicast+0x10/0x10
[   74.774999][ T6000]  ? __phys_addr_symbol+0x30/0x80
[   74.775012][ T6000]  ? __check_object_size+0x488/0x710
[   74.775038][ T6000]  netlink_sendmsg+0x8b8/0xd70
[   74.775052][ T6000]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.775064][ T6000]  ? lock_acquire+0x2f/0xb0
[   74.775081][ T6000]  ____sys_sendmsg+0x9ae/0xb40
[   74.775095][ T6000]  ? __pfx_____sys_sendmsg+0x10/0x10
[   74.775107][ T6000]  ? get_compat_msghdr+0x11b/0x170
[   74.775121][ T6000]  ? __pfx___lock_acquire+0x10/0x10
[   74.775137][ T6000]  ___sys_sendmsg+0x135/0x1e0
[   74.775153][ T6000]  ? __pfx____sys_sendmsg+0x10/0x10
[   74.775173][ T6000]  ? lock_acquire+0x2f/0xb0
[   74.775187][ T6000]  ? __fget_files+0x40/0x3f0
[   74.775203][ T6000]  ? fdget+0x176/0x210
[   74.775214][ T6000]  __sys_sendmsg+0x117/0x1f0
[   74.775230][ T6000]  ? __pfx___sys_sendmsg+0x10/0x10
[   74.775244][ T6000]  ? __fget_files+0x244/0x3f0
[   74.775263][ T6000]  __do_fast_syscall_32+0x73/0x120
[   74.775279][ T6000]  do_fast_syscall_32+0x32/0x80
[   74.775292][ T6000]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.775308][ T6000] RIP: 0023:0xf7f76579
[   74.775319][ T6000] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.775329][ T6000] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   74.775341][ T6000] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[   74.775348][ T6000] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[   74.775354][ T6000] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.775360][ T6000] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.775367][ T6000] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.775379][ T6000]  </TASK>
[   75.152657][ T6008] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.136'.
[   75.158641][ T6008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'.
[   75.195919][ T5994] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   75.198216][ T5994] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   75.211128][ T5994] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   75.412372][ T6016] 9pnet_fd: Insufficient options for proto=fd
[   75.477002][   T25] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   75.482905][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.139'.
[   75.487740][ T6016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   75.490790][ T6016] batman_adv: batadv0: Removing interface: batadv_slave_0
[   75.495007][ T6016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   75.497616][ T6016] batman_adv: batadv0: Removing interface: batadv_slave_1
[   75.627529][   T25] usb 7-1: Using ep0 maxpacket: 32
[   75.633396][   T25] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[   75.647439][   T25] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   75.649698][   T25] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[   75.652044][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   75.655052][   T25] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   75.665273][   T25] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   75.687297][   T25] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   75.690196][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.694494][   T25] usb 7-1: config 0 descriptor??
[   75.838079][ T1289] cfg80211: failed to load regulatory.db
[   75.914906][   T25] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   76.170501][ T6026] vivid-004: disconnect
[   76.174302][ T6005] vivid-004: reconnect
[   76.177727][  T829] usb 7-1: USB disconnect, device number 3
[   76.183973][  T829] usblp0: removed
[   76.192962][ T6023] hfsplus: unable to parse mount options
[   76.550914][ T6028] netlink: 12 bytes leftover after parsing attributes in process `syz.3.142'.
[   76.551991][ T5351] Bluetooth: hci0: command 0x0c1a tx timeout
[   76.708556][ T6031] ------------[ cut here ]------------
[   76.710459][ T6031] kmem_cache of name '9p-fcall-cache' already exists
[   76.712238][ T6031] WARNING: CPU: 1 PID: 6031 at mm/slab_common.c:107 __kmem_cache_create_args+0xb0/0x3c0
[   76.714794][ T6031] Modules linked in:
[   76.715958][ T6031] CPU: 1 UID: 0 PID: 6031 Comm: syz.2.144 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[   76.720245][ T6031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.723289][ T6031] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
[   76.724839][ T6031] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[   76.729765][ T6031] RSP: 0018:ffffc9000362f8f0 EFLAGS: 00010286
[   76.731348][ T6031] RAX: 0000000000000000 RBX: ffff888040492f00 RCX: ffffc90003f7c000
[   76.733398][ T6031] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[   76.735505][ T6031] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[   76.737608][ T6031] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.740063][ T6031] R13: 0000000000020018 R14: ffffc9000362f9e0 R15: 0000000000020018
[   76.742097][ T6031] FS:  0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f56f6b40
[   76.744341][ T6031] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   76.745960][ T6031] CR2: 00000000f73bbad8 CR3: 0000000000942000 CR4: 0000000000352ef0
[   76.748157][ T6031] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   76.750228][ T6031] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   76.752312][ T6031] Call Trace:
[   76.753236][ T6031]  <TASK>
[   76.754013][ T6031]  ? __warn+0xea/0x3d0
[   76.755037][ T6031]  ? __kmem_cache_create_args+0xb0/0x3c0
SYZFAIL: failed to recv rpc
[   76.756415][ T6031]  ? report_bug+0x3c0/0x580
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   76.757786][ T6031]  ? handle_bug+0x54/0xa0
[   76.758970][ T6031]  ? exc_invalid_op+0x17/0x50
[   76.760210][ T6031]  ? asm_exc_invalid_op+0x1a/0x20
[   76.761526][ T6031]  ? __warn_printk+0x1a6/0x350
[   76.762783][ T6031]  ? __kmem_cache_create_args+0xb0/0x3c0
[   76.764264][ T6031]  p9_client_create+0xe04/0x1150
[   76.765558][ T6031]  ? __pfx_p9_client_create+0x10/0x10
[   76.766996][ T6031]  ? __raw_spin_lock_init+0x3a/0x110
[   76.768377][ T6031]  v9fs_session_init+0x1f8/0x1a80
[   76.769712][ T6031]  ? __pfx_v9fs_session_init+0x10/0x10
[   76.771146][ T6031]  ? kasan_save_track+0x14/0x30
[   76.772388][ T6031]  v9fs_mount+0xc6/0xa50
[   76.773482][ T6031]  ? __pfx_v9fs_mount+0x10/0x10
[   76.774776][ T6031]  ? __pfx_v9fs_mount+0x10/0x10
[   76.776072][ T6031]  legacy_get_tree+0x109/0x220
[   76.777431][ T6031]  vfs_get_tree+0x8f/0x380
[   76.778616][ T6031]  path_mount+0x6e1/0x1f10
[   76.779791][ T6031]  ? kmem_cache_free+0x152/0x4b0
[   76.781121][ T6031]  ? __pfx_path_mount+0x10/0x10
[   76.782401][ T6031]  ? putname+0x12e/0x170
[   76.783552][ T6031]  __ia32_sys_mount+0x292/0x310
[   76.785007][ T6031]  ? __pfx___ia32_sys_mount+0x10/0x10
[   76.786506][ T6031]  __do_fast_syscall_32+0x73/0x120
[   76.787951][ T6031]  do_fast_syscall_32+0x32/0x80
[   76.789230][ T6031]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.790873][ T6031] RIP: 0023:0xf7f76579
[   76.791940][ T6031] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.796858][ T6031] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   76.798964][ T6031] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[   76.800936][ T6031] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000
[   76.802846][ T6031] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   76.804957][ T6031] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   76.807069][ T6031] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.809042][ T6031]  </TASK>
[   76.809857][ T6031] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.811730][ T6031] CPU: 1 UID: 0 PID: 6031 Comm: syz.2.144 Not tainted 6.12.0-rc1-syzkaller-00330-gfc20a3e57247 #0
[   76.814392][ T6031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.817174][ T6031] Call Trace:
[   76.818053][ T6031]  <TASK>
[   76.818834][ T6031]  dump_stack_lvl+0x3d/0x1f0
[   76.820051][ T6031]  panic+0x71d/0x800
[   76.821157][ T6031]  ? __pfx_panic+0x10/0x10
[   76.822338][ T6031]  ? show_trace_log_lvl+0x29d/0x3d0
[   76.823756][ T6031]  ? __kmem_cache_create_args+0xb0/0x3c0
[   76.825181][ T6031]  check_panic_on_warn+0xab/0xb0
[   76.826476][ T6031]  __warn+0xf6/0x3d0
[   76.827515][ T6031]  ? __kmem_cache_create_args+0xb0/0x3c0
[   76.829075][ T6031]  report_bug+0x3c0/0x580
[   76.830243][ T6031]  handle_bug+0x54/0xa0
[   76.831356][ T6031]  exc_invalid_op+0x17/0x50
[   76.832589][ T6031]  asm_exc_invalid_op+0x1a/0x20
[   76.833890][ T6031] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0
[   76.835540][ T6031] Code: 98 48 3d 10 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 c5 68 34 09 85 c0 75 e0 90 48 c7 c7 e8 1f 58 8d 48 89 ee e8 41 b1 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 4f 6a 34 09 48 85 c0 0f 85
[   76.840560][ T6031] RSP: 0018:ffffc9000362f8f0 EFLAGS: 00010286
[   76.842162][ T6031] RAX: 0000000000000000 RBX: ffff888040492f00 RCX: ffffc90003f7c000
[   76.844309][ T6031] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001
[   76.846351][ T6031] RBP: ffffffff8ca1e320 R08: 0000000000000001 R09: 0000000000000000
[   76.848335][ T6031] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[   76.850357][ T6031] R13: 0000000000020018 R14: ffffc9000362f9e0 R15: 0000000000020018
[   76.852398][ T6031]  ? __warn_printk+0x1a6/0x350
[   76.853672][ T6031]  p9_client_create+0xe04/0x1150
[   76.854923][ T6031]  ? __pfx_p9_client_create+0x10/0x10
[   76.856308][ T6031]  ? __raw_spin_lock_init+0x3a/0x110
[   76.857687][ T6031]  v9fs_session_init+0x1f8/0x1a80
[   76.859017][ T6031]  ? __pfx_v9fs_session_init+0x10/0x10
[   76.860460][ T6031]  ? kasan_save_track+0x14/0x30
[   76.861700][ T6031]  v9fs_mount+0xc6/0xa50
[   76.862804][ T6031]  ? __pfx_v9fs_mount+0x10/0x10
[   76.864136][ T6031]  ? __pfx_v9fs_mount+0x10/0x10
[   76.865479][ T6031]  legacy_get_tree+0x109/0x220
[   76.866744][ T6031]  vfs_get_tree+0x8f/0x380
[   76.867920][ T6031]  path_mount+0x6e1/0x1f10
[   76.869100][ T6031]  ? kmem_cache_free+0x152/0x4b0
[   76.870401][ T6031]  ? __pfx_path_mount+0x10/0x10
[   76.871677][ T6031]  ? putname+0x12e/0x170
[   76.872805][ T6031]  __ia32_sys_mount+0x292/0x310
[   76.874081][ T6031]  ? __pfx___ia32_sys_mount+0x10/0x10
[   76.875466][ T6031]  __do_fast_syscall_32+0x73/0x120
[   76.876763][ T6031]  do_fast_syscall_32+0x32/0x80
[   76.878027][ T6031]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.879648][ T6031] RIP: 0023:0xf7f76579
[   76.880691][ T6031] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.885740][ T6031] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   76.887899][ T6031] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000480
[   76.889976][ T6031] RDX: 00000000200004c0 RSI: 0000000000000000 RDI: 0000000000000000
[   76.892058][ T6031] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   76.894153][ T6031] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   76.896234][ T6031] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.898316][ T6031]  </TASK>
[   76.899707][ T6031] Kernel Offset: disabled
[   76.900988][ T6031] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:37:44  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff848eebff RDX=ffff888021d38000
RSI=0000000000000004 RDI=0000000000000001 RBP=ffffffff8bb1c760 RSP=ffffc900032f73c0
R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000004 R11=0000000000000000
R12=0000000000000004 R13=0000000000000001 R14=0000000000000003 R15=0000000000000004
RIP=ffffffff818ca882 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ffb68f1cd00 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055f37ac0c000 CR3=0000000000d42000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a ee7d917aee7d917a
ZMM22=38135b7738135b77 38135b7738135b77 38135b7738135b77 38135b7738135b77 38135b7738135b77 38135b7738135b77 38135b7738135b77 38135b7738135b77
ZMM23=96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549 96bfb54996bfb549
ZMM24=bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd bd696acdbd696acd
ZMM25=9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490 9f00a4909f00a490
ZMM26=3667bad73667bad7 3667bad73667bad7 3667bad73667bad7 3667bad73667bad7 3667bad73667bad7 3667bad73667bad7 3667bad73667bad7 3667bad73667bad7
ZMM27=354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3 354a67d3354a67d3
ZMM28=000001a00000019f 0000019e0000019d 0000019c0000019b 0000019a00000199 0000019800000197 0000019600000195 0000019400000193 0000019200000191
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=8305000083050000 8305000083050000 8305000083050000 8305000083050000 8305000083050000 8305000083050000 8305000083050000 8305000083050000
info registers vcpu 1

CPU#1
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc9000362f258
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000003a R14=ffffffff85034de0 R15=0000000000000000
RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73bbad8 CR3=0000000000942000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000039000000000 0000000700000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff9698caf0 RBX=ffff88801f41af70 RCX=1ffffffff2d3196a RDX=dffffc0000000000
RSI=0000000000000008 RDI=ffffffff9698cb50 RBP=ffffc90000e9f0f8 RSP=ffffc90000e9efc0
R8 =0000000000000000 R9 =fffffbfff2d31588 R10=ffffffff9698ac47 R11=0000000000000002
R12=ffff88801f41a440 R13=0000000000000200 R14=0000000000000009 R15=1ffff920001d3dfe
RIP=ffffffff8169d0fe RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020025000 CR3=000000006092e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001b800000000 0000000500000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000012aad5 RBX=0000000000000003 RCX=ffffffff8b12f709 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12120 RBP=ffffed10036ec488 RSP=ffffc90000497e08
R8 =0000000000000001 R9 =ffffed10056e7025 R10=ffff88802b73812b R11=0000000000000000
R12=0000000000000003 R13=ffff88801b762440 R14=ffffffff901cce88 R15=0000000000000000
RIP=ffffffff8b130aef RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020030000 CR3=00000000002dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0abdfab5605ce123 71af12864ce5601a
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f0af8765d63a568d 0d142621be5eb1d0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 68afa943cfcf63b9 e27f7ee445f06e38
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bd1988714cbc64f0 a6b752ccec654436
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000060
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000020
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 df7783cd5406206c 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 03eefca100000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 634c2b1777b7136a 4615d1cab3f3f114
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000bc19f654
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f4eadfedbcbe1d34 79c8943e47b427bb
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a8a70e3b67108ee8 f5e5355b21710723
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000