last executing test programs:

14.098110179s ago: executing program 3 (id=67):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi2\x00', 0x20800, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'dt2814\x00', [0x5c22, 0x800, 0x1, 0xffff3244, 0x82, 0xe6, 0xc, 0x4, 0x5, 0x4, 0x695b, 0x2, 0x4, 0x403, 0x6, 0x1, 0x1000001, 0x0, 0x10, 0x8, 0x90, 0x2, 0x200003, 0x5, 0x8004, 0x8, 0x2, 0x8, 0x5, 0x41, 0xfffffffd]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
stat64(&(0x7f0000003740)='./file0\x00', &(0x7f0000003780))

12.980374896s ago: executing program 3 (id=73):
ioprio_set$pid(0x1, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f00000038c0)=[{&(0x7f0000004980)=""/4096, 0x1000}], 0x1)

12.89948112s ago: executing program 3 (id=74):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "d607f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f001d34c09f39c3539e4f8d3ee0878ae95bc7f52363c468b257ff3e24852548deb01efd54f11ed2c41d078b9cf1fc8f72566153c97e4af37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4e97da2213f9d5c3b90400000000000000c279f03558083906666827d61dcc3a633bffff250b5a293e3877adc1660edbc9a0307a25720a170e7f5670e419dc44febf7ddc73fd4a5a0b6c28665f7f46c7084e17c809268103a2584ab40a68e528329d97afc3612e325c1eb4a3ab2e156a97444800", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4ceeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d3acc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f4455419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a80ec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b226a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141ea4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb69c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc6925355c7aee7a070477d9ec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684084ec0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626302c70f37628835e1fcfff1da3099c0b4af433eb9a51f9609f2c0c09a98b18880c846b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d1836687c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed55710d2478ea4bd15813921817b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033ea1d00000000000086ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a038d475dbcdb2df1278d5dba55c2fb5ba6a9778c2a244198491f0f711cdb2ef0332f347afffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfecce67027d579e1226bd7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aedd4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75040685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a542f92744495e10a4ce37f19f5c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72465657593339506fd0c3807cd6445eb54cfb5ca9d35ef93eec6383224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556bbc471e89225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x80000000, 0x20000008b}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x28040, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x48, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xfff1}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xb}}]}}]}, 0x48}}, 0x20040054)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='mounts\x00')
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r7, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000040)='binder\x00', 0x2200892, 0x0)
pread64(r6, &(0x7f0000002380)=""/253, 0xfd, 0x4eb)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000002e003f0026bdf000fcdbdf250400000008000c", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_clone(0x1144280, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
rseq(&(0x7f0000001080)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)

11.609889984s ago: executing program 3 (id=77):
openat$vcsu(0xffffff9c, &(0x7f0000000280), 0x32561f040d7f561b, 0x0)
socket$alg(0x26, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40eaf000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c00000000010104000000000000000002000000240001801400018008000100e000000108000200000000000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000108000200ac1e000108000740000000000680124000010000"], 0x6c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000020105"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r2, &(0x7f0000000000)={0x0, 0xffffffffffffffab, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)
remap_file_pages(&(0x7f00000e4000/0x3000)=nil, 0x3000, 0x0, 0xc, 0x20000)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x1304000, 0x800, 0x1, 0x1}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x103841, 0x186)
fcntl$setstatus(r5, 0x4, 0x24400)
lseek(r5, 0x100, 0x4)
fanotify_init(0x1200, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040), 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11.07995571s ago: executing program 3 (id=82):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) (async)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0) (async)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010100}, {0x2, 0x0, @local}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8}) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) (async)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r5, 0x0) (async)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000000c0)={<r6=>0x0, 0x10, 0x30}, &(0x7f0000000100)=0xc)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000280)={r6, 0x8}, 0xc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r5, &(0x7f0000000040), &(0x7f000009de80), 0x0)

10.630109429s ago: executing program 3 (id=83):
r0 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x84, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000080)="7800000018002507b9409b14ffff00000202be040205fe056403040c5c000900580020010a0000000d0085a168216b46d32345653600648d270015000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160012000a0024a40423e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup2(r2, r3)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c)
sendto$inet6(r3, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000300)=ANY=[], 0x9)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x8010}, 0x9ca971b14a5eb6e0)

10.469727266s ago: executing program 32 (id=83):
r0 = socket$tipc(0x1e, 0x5, 0x0)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x84, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000080)="7800000018002507b9409b14ffff00000202be040205fe056403040c5c000900580020010a0000000d0085a168216b46d32345653600648d270015000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160012000a0024a40423e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup2(r2, r3)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c)
sendto$inet6(r3, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000300)=ANY=[], 0x9)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x101, 0x0, 0x0, {0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x8010}, 0x9ca971b14a5eb6e0)

6.448766798s ago: executing program 1 (id=114):
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read(r0, &(0x7f0000000880)=""/4096, 0x1000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f00000001c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000340), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'macvlan1\x00', <r2=>0x0})
sendmsg$can_j1939(r0, &(0x7f0000000500)={&(0x7f00000001c0)={0x1d, r2, 0x0, {0x1, 0xf0, 0x1}, 0x1}, 0x18, &(0x7f0000000480)={&(0x7f00000003c0)="e1b89fff830444f2965bc0740af3dd4cbc4b4c6ff443acf04a186e4955bb307f7f45b621b267c53e96dabd1e1db6a61c03129d84d46f68d4c9befc0ecb41e5154770f7303d28222f5a4cf4dca1efa3757bce8544d5a2d2f531de07f70a9a79025e51e93c31a2aff2fd38ea84ffc6f0ad41e00d867decf5abf74715d188d99ed2df0f2bb1222af46be5f0317e30f78132985762f06dc7fc0fe422a276fbc2d73d78f603ae083e344c048fedc25a4c6f1c9c451a", 0xb3}, 0x1, 0x0, 0x0, 0x1}, 0x48041)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a09000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a3100"], 0xec}, 0x1, 0x0, 0x0, 0x840}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r5, &(0x7f00000000c0), 0x492492492492627, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e20, 0x21e72e76, @empty, 0xb}}, 0x3, 0x0, 0x318, 0x1, 0x24}, 0x9c)

5.446035771s ago: executing program 1 (id=118):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048084)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
connect(r1, &(0x7f0000000000)=@ieee802154={0x27, @long={0x3, 0x2, {0xaaaaaaaaaaaa0102}}}, 0x80)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f00000000c0)={@remote, @private0, @mcast2, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043})

5.179957617s ago: executing program 4 (id=121):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x480180, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x10002, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000440)={0x2, @win={{0x2, 0x8, 0x4, 0xd}, 0x6, 0x5, 0x0, 0x1, 0x0, 0x87}})
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @private0, 0x4}, {0xa, 0x0, 0x7, @mcast1}, r4, 0x800}}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
r6 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0xd4da, 0x40, 0x2, 0x2d0}, &(0x7f0000000040), &(0x7f0000000400), &(0x7f0000000000))
io_uring_enter(r6, 0x7b20, 0xe93c, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r7 = io_uring_setup(0x35c5, &(0x7f0000000040)={0x0, 0x105b4a, 0xf080, 0xc, 0xa0002f5})
io_uring_enter(r6, 0x1e61, 0x9296, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r6, 0x18, 0x0, 0x1)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x800)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r8, 0xc0145401, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x7fffffff, 0x2, 0xc})
r9 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r5, 0xe0, &(0x7f0000000600)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000300), &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r11=>0x0, 0x64, &(0x7f0000000300), 0x0, 0x10, &(0x7f00000003c0), &(0x7f0000000580), 0x8, 0x8a, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
sendmsg$nl_route(r9, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000880)={&(0x7f0000000a40)=ANY=[@ANYRES16=r10, @ANYRES16=r10, @ANYRESOCT=r10, @ANYBLOB="a4c1a6d599db735eaa14edacdc400884d2626b88dcfba2877a55a2994abb7d43225667242caf91b2485a0955acb593614855b2ac02d40922e24193e1a991f717727482e40c746318b84460752ecef9ae1f716c3b7792602ee0cc27a2bde7aead032ccb5c8db41b7b89a58afe08e2cd8542b79ba8fa3a8dc9f4b0bb38b24257874b53389961c7730b62b44bd20047501cba63b481a0aaa6e8ca074d33af8812efe55ccd1a7eae75b1103803b7d97b7fdf7326e2f98cdcb39c5b4149fd0b3b0d5a8f474b04bd69b223180fad3ff0278c33f08b5dcb06", @ANYRESOCT=r11, @ANYRESHEX, @ANYBLOB="ee29ca03ed597095cf4a4fce081f6a3437e5e91682f9d201e4fb2afc60aab012b03a50aa0c7dac1b2fc87b0d470964bd23a8b9928b47122a95d988dee4025ccfad3cff0d910ceac88ce3", @ANYRESOCT=r7, @ANYRES64=r8], 0x138}, 0x1, 0x0, 0x0, 0x4000820}, 0x8004)
r12 = openat$hwrng(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r14, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x850)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)=@o_path={&(0x7f0000000080)='./file0\x00', r12, 0x4000, r1}, 0x14)
syz_emit_ethernet(0x42, &(0x7f0000000740)=ANY=[@ANYBLOB="99177fa54f29aaaaaaaaaa3986dd6000000000071100fe80000000000000000000be39b29a57d3e8f5000000000000000000000000aa00000e22000c907841030000a1684f0d87856c9b00a87660017494b67fc1d0b05351ac9e4b0f5c8a3c9bb057403ee631826109f3bcdc57a84e49fe180e2e09424a8e7a3d92c850a2fba41dbd093879bdd57efd76d40000000000eb1c05d37db449b39b9c2000e64bbf7115087284b6a978f77b6749011d1daab371c675d6f8c8f5bde903f4af9c77c5ef75e32d9d6563e017d96bdf27e6daa005bd6b7964ad5662c43d45af96008a4d2b625f4d8cbb9c782c5b199f9aaa63218b7b1e8dbeda118200"/262], 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000010400)='@', 0x1}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

5.114588465s ago: executing program 4 (id=123):
mknod(&(0x7f00000048c0)='./file0\x00', 0xd010, 0xffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd27, 0x25dfdbfb, 0x1, [@XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000d40)=ANY=[@ANYBLOB="030000000a004e230000000cff010000000000000000000000000001f8ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x190)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2c, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xa42, @mcast1, 0xbf9}}, {{0xa, 0x4e24, 0xc7e2, @empty, 0xfffffe01}}}, 0x108)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
utimensat(r5, &(0x7f0000000080)='./mnt\x00', 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000340)="85533da79fcded66d8cca4b8e4995697c24685784cc42ed1a48831bfd9b9d18dc46beb74b6c11fe81a0da58b6fef36", 0x2f)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x14, r7, 0x1, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20004000)
r8 = socket$netlink(0x10, 0x3, 0xa)
bind$netlink(r8, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r9, 0x0, 0x100000000000000}, 0x38)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000140)={0x1, 0x0, 0x98, &(0x7f0000000080)={0x0, 0x1000, 0x12}})
socket$nl_netfilter(0x10, 0x3, 0xc)

4.947608375s ago: executing program 0 (id=125):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000280)={0xa, 0x102, 0x0, {0x40000, 0x1005, 0x7, 0x800}})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x22042, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$kcm(0x11, 0x3, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2b, 0xfffffffe, {0x0, 0x0, 0x0, r10, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_XOR={0x8, 0x7, 0x6}]}}]}, 0x44}}, 0x0)
close(r8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
socket$packet(0x11, 0x3, 0x300)
sendmsg$kcm(r7, &(0x7f0000000640)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r11, 0x40}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000200)='\'', 0x1}], 0x1}, 0x4041)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x118)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
getsockopt$TIPC_IMPORTANCE(r12, 0x10f, 0x7f, &(0x7f00000006c0), &(0x7f0000000700)=0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

4.772434255s ago: executing program 0 (id=126):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="240077886bd10000", @ANYRES16=r2, @ANYBLOB="0100ffffffff0000400001000000080009000000001008000a0000000000"], 0x24}, 0x1, 0x620b}, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x0, 0x7f, 0x0})

4.758227242s ago: executing program 0 (id=128):
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read(r0, &(0x7f0000000880)=""/4096, 0x1000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f00000001c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000340)='\a\x00\x00\x00', 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'macvlan1\x00', <r2=>0x0})
sendmsg$can_j1939(r0, &(0x7f0000000500)={&(0x7f00000001c0)={0x1d, r2, 0x0, {0x1, 0xf0, 0x1}, 0x1}, 0x18, &(0x7f0000000480)={&(0x7f00000003c0)="e1b89fff830444f2965bc0740af3dd4cbc4b4c6ff443acf04a186e4955bb307f7f45b621b267c53e96dabd1e1db6a61c03129d84d46f68d4c9befc0ecb41e5154770f7303d28222f5a4cf4dca1efa3757bce8544d5a2d2f531de07f70a9a79025e51e93c31a2aff2fd38ea84ffc6f0ad41e00d867decf5abf74715d188d99ed2df0f2bb1222af46be5f0317e30f78132985762f06dc7fc0fe422a276fbc2d73d78f603ae083e344c048fedc25a4c6f1c9c451a", 0xb3}, 0x1, 0x0, 0x0, 0x1}, 0x48041)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a09000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a3100"], 0xec}, 0x1, 0x0, 0x0, 0x840}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r5, &(0x7f00000000c0), 0x492492492492627, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e20, 0x21e72e76, @empty, 0xb}}, 0x3, 0x0, 0x318, 0x1, 0x24}, 0x9c)

4.602853231s ago: executing program 0 (id=131):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x1, 0x1003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
creat(&(0x7f0000000100)='./file0\x00', 0x104)
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
openat$ttynull(0xffffff9c, 0x0, 0x24800, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x2, [{0x0, 0x11e}, {}]}, 0x44)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$inet6(r4, &(0x7f0000000000)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @empty, 0x4}, 0x1c, 0x0}}], 0x1, 0x20040005)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

4.490170368s ago: executing program 1 (id=133):
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000080)={0x0, 0x1, 0x7, 0x10001, 0x5, "1afa86d35101b58680cdda128ed251c679583d", 0x3f, 0x80000004})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
r0 = socket$kcm(0x2, 0xa, 0x2)
prlimit64(0x0, 0x1, 0x0, 0x0)
listen(r0, 0x9)
gettid()
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff0600000001ffa60045000000", 0x1c}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e3", 0x1f}], 0x2)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r7 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r7, 0x114, 0x1d, &(0x7f0000000280), 0x4)
fcntl$lock(r6, 0x410, &(0x7f0000000080)={0x0, 0x1, 0x6, 0x1fd})

3.978396712s ago: executing program 4 (id=134):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000180)={0x53, 0x0, 0x6, 0xa, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000300)="120980ff0000", 0x0, 0x4, 0x4, 0x0, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8c40, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100), 0x201, 0x0)
r4 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2c, &(0x7f0000000040)=0x40000d, 0x4)
modify_ldt$write(0x1, &(0x7f0000000040)={0xe587, 0x20001000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x5, 0x20000800, 0x1000, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1}, 0x10)
write$vga_arbiter(r3, &(0x7f00000002c0)=@other={'decodes', ' ', 'io+mem'}, 0xf)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000480)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xf, 0x8, 0x2, 0x80000000, 0x6, 0xc, 0x33c, 0x6c7, 0x3}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x25dfdc01, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0x9, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x240040e0}, 0x200040d0)
r9 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r9, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x0, &(0x7f00000001c0)={0x11, 0x8100, r8, 0x1, 0x7, 0x6, @multicast}, 0x14)

3.400079275s ago: executing program 1 (id=137):
r0 = syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0)
socket(0x10, 0x2, 0x0)
set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x101442, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0)
r3 = mq_open(&(0x7f0000000100)='\xdf\x96\xf66\xab\x97\x00\x00\x00\x00\x00[', 0x800, 0x118, 0x0)
mq_notify(r2, &(0x7f00000002c0)={0x110c230000, 0x2a, 0x0, @thr={&(0x7f0000000580)="9627ca2829b86aa17b6c59fead0e0fd874bbdc58eb550528b7c1e1e8a64ece7149bba3718877f7cdcb389261b6ce57a2f665d7afee0db8aed0fa02abf6513fa54dfccb0e9b2a48dd806261bf234f2879bf28deb595193d93b602dc8c23b518c0235d47722e9b5becf76e8bf05f51c99e3358cb53623087af8cd73f89765f49f435747493c4a0280fe1454a0b96d8de9b263a755ec8d5aaeea1d932e8d52bd18d2dab1d4dc9862af0164a28c3635cfa2d33777eb0bd28ab62ada21e76fb80eae44bad29c01946cd07876b78e88fc1442825", &(0x7f0000000300)="50ca8d8802f14b89f292e340a1c79f13681f636efc6732ff78e53f"}})
close(0x3)
mq_notify(r3, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001c00010a00000000fbc2989a"], 0x14}}, 0x20008000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendfile(r5, r2, &(0x7f0000000240), 0x60)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x1000000000, 0x5, 0x5, 0x4, 0x0, 0x2004cb, 0x0, 0x40000000000a1d, 0x68ff, 0x5, 0x0, 0x1, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x400)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r8, 0x0, 0x0, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0x8000, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000140)='cdg', 0x3)
setsockopt$inet6_int(r7, 0x29, 0xd0, 0x0, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x200c8084, 0x0, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x40004, 0x0, 0x0)

2.120206782s ago: executing program 4 (id=139):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, &(0x7f0000000100)})
r0 = socket(0x1e, 0x7, 0x0)
setsockopt(r0, 0x107, 0x1, &(0x7f0000000000)="110000000000060000071a80010061cc", 0x10)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r5, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.987787871s ago: executing program 1 (id=142):
syz_clone(0xe280, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xa1a9000)
r0 = epoll_create(0xaf2)
epoll_pwait2(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000300)={0x0, 0x800}, &(0x7f0000000380)=0x8)
syz_usb_connect$uac2(0x3, 0x7b, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0xe41, 0x4242, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x69, 0x3, 0x1, 0x0, 0x20, 0x3, {0x8, 0xb, 0x0, 0x2, 0x1, 0x3, 0x20, 0x2}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x2, 0x6, 0x9, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x8, 0x5, 0x0, {0x8, 0x25, 0x1, 0x1, 0x6, 0x4, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x3, 0xe6, 0x40, {0x8, 0x25, 0x1, 0x3, 0x33, 0xfe, 0x5}}}}}}}}]}}, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac141400340008"], 0x2c}}, 0x0)
sendto$inet6(r2, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x100, 0xd7, 0x40, 0x1}, {0x7, 0x80, 0x1, 0x8}, {0x5, 0x9, 0xb, 0x2}, {0x3, 0x1, 0xf, 0x5}, {0x7, 0x9, 0x5, 0xffff}]}, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, 0x0)
eventfd(0xfffffff9)

1.563707738s ago: executing program 0 (id=143):
socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0xe280, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0bd428bd700000400000300000000a00010077a70dd2180feee2e8852be3fb41d214ff0f616e31000000"], 0x20}, 0x1, 0x8000000, 0x0, 0x4004}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_io_uring_setup(0x2f90, &(0x7f0000000080)={0x0, 0x91d9, 0x3010, 0x2, 0x200004}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newtaction={0xa8, 0x30, 0x1, 0x0, 0x0, {}, [{0x94, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x0, 0x20000000, 0x0, 0x4f}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x4c, 0x16, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6}, 0x1}}]}, {0x5, 0x6, "ee"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
socket$inet6_sctp(0xa, 0x801, 0x84)

1.559577451s ago: executing program 2 (id=144):
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read(r0, &(0x7f0000000880)=""/4096, 0x1000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f00000001c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000340)="070000000100", 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'macvlan1\x00', <r2=>0x0})
sendmsg$can_j1939(r0, &(0x7f0000000500)={&(0x7f00000001c0)={0x1d, r2, 0x0, {0x1, 0xf0, 0x1}, 0x1}, 0x18, &(0x7f0000000480)={&(0x7f00000003c0)="e1b89fff830444f2965bc0740af3dd4cbc4b4c6ff443acf04a186e4955bb307f7f45b621b267c53e96dabd1e1db6a61c03129d84d46f68d4c9befc0ecb41e5154770f7303d28222f5a4cf4dca1efa3757bce8544d5a2d2f531de07f70a9a79025e51e93c31a2aff2fd38ea84ffc6f0ad41e00d867decf5abf74715d188d99ed2df0f2bb1222af46be5f0317e30f78132985762f06dc7fc0fe422a276fbc2d73d78f603ae083e344c048fedc25a4c6f1c9c451a", 0xb3}, 0x1, 0x0, 0x0, 0x1}, 0x48041)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a09000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a3100"], 0xec}, 0x1, 0x0, 0x0, 0x840}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r5, &(0x7f00000000c0), 0x492492492492627, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e20, 0x21e72e76, @empty, 0xb}}, 0x3, 0x0, 0x318, 0x1, 0x24}, 0x9c)

500.375467ms ago: executing program 2 (id=145):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000140)='\\', 0x1}], 0x1)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000980)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9ec}]}]}, 0x20}}, 0x0)

400.087384ms ago: executing program 2 (id=146):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r0)
signalfd(r0, &(0x7f00000001c0)={[0x2e, 0x2]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, 0x0, 0x21eae}}, 0x20}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$vim2m(0x0, 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x100)
close(r7)
socket$inet_sctp(0x2, 0x1, 0x84)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000049c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a4693989c36ffffffffffffd0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1530f8d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c11090000000000000000b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c8565117fcb8ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17911540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc240000000000127535a468702cac97b6b82a6e65d4cf1200"/2702], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xe80, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f088a847e0ffff00124000632f77fb81371416e000030a94029f034d2f87e589ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

299.182291ms ago: executing program 0 (id=147):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYRES8=r0], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000000e0505000000000605000100"/25], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x20044040)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)=0x5)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
r1 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000000c0), 0x10012, &(0x7f0000000040)={[{@name={'name', 0x3d, '_))%['}}]})
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={0xffffffffffffffff, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000)
ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x48)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x267)
bpf$PROG_LOAD(0x2d, &(0x7f0000000080)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x5, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x4, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r0)

298.955068ms ago: executing program 2 (id=148):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000000)='./file0\x00', 0x43, 0x40)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x83, r2)
keyctl$search(0xa, r2, &(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x1, 0x2e}, 0xffffffffffffffff)
syz_open_dev$video(&(0x7f00000001c0), 0x80000001, 0xd2c32d0bd80c9792)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x80}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x88}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20009084}, 0x40040c0)

229.316429ms ago: executing program 4 (id=149):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmmsg(r2, &(0x7f0000006780)=[{{0x0, 0x0, &(0x7f00000036c0)=[{&(0x7f0000000b40)="acb3", 0x2}], 0x1}}], 0x1, 0x800)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000006c0)=""/240, 0xf0}], 0x1}, 0x1ff}], 0x1, 0x20022, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {}, {}, {0x448eade7, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {0x0, 0x10}, {0x7fffffff}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {0x7}, {}, {0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffb}, {}, {0x0, 0x9, 0xfffffffc, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0xd5a0}, {}, {}, {}, {}, {}, {0x4}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x7f}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x7}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x7}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

229.101846ms ago: executing program 2 (id=150):
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78b})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000180)=@x86={0x3, 0x5, 0x81, 0x0, 0x9, 0xe, 0x5, 0x2, 0x1, 0x1, 0x6, 0x5, 0x0, 0x1af2, 0x3, 0x8, 0xf, 0xf4, 0x9, '\x00', 0x5, 0x8})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x7fffffffffffffff, 0x3, 0xc30d, 0x7f, 0x1, 0x0, 0x202, 0xfffffffffffff804, 0x0, 0x0, 0x0, 0x2000000000000, 0x7, 0x2, 0x1, 0x8], 0xeeef0000, 0x14fbc0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

85.334882ms ago: executing program 1 (id=151):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161642, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000000000/0x3000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000001000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000000200), 0x0, r0}, 0x68)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000300)={0x80000000, 0x0, &(0x7f0000000200)})
sched_setaffinity(0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r2, 0x4004f506, &(0x7f0000000180)=0x1)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x10000, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x4, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5ba, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x9, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xfffffffd, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0xfffffffc, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xfffffffa, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x8007, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x0, 0x8, 0x8, 0x5, 0x8, 0x45eb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0x8, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000040)=0x8000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'gre0\x00'})
r5 = socket$phonet(0x23, 0x2, 0x1)
sendto(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
fcntl$getownex(r3, 0x10, &(0x7f0000000080))
listen(r6, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r6, 0x60}], 0x1, 0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)

260.789µs ago: executing program 2 (id=152):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)={0x2, 0x0, [{0x40000000, 0x0, 0x6}, {0x40000001, 0x0, 0x7}]})
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0)

0s ago: executing program 4 (id=153):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0xc0, 0x2, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_TUPLE_ORIG={0x4}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'syz1\x00'}}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'snmp\x00'}}, @CTA_TUPLE_ORIG={0x80, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3f}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @rand_addr=0x64010100}}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x400}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:26491' (ED25519) to the list of known hosts.
[   48.047853][ T5876] cgroup: Unknown subsys name 'net'
[   48.176731][ T5876] cgroup: Unknown subsys name 'cpuset'
[   48.181249][ T5876] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.154131][ T5876] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.963229][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   52.967084][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   52.970613][ T5941] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   52.974931][ T5941] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   52.978494][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   52.982109][ T5941] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   52.986254][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   52.988890][ T5941] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   52.992037][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   52.993034][ T5946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   52.995220][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   52.998788][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   53.000001][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   53.004640][ T5946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   53.010983][ T5941] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   53.011081][ T5949] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   53.023551][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   53.029965][ T5949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   53.032096][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   53.036183][ T5941] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   53.301315][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   53.317177][ T5936] chnl_net:caif_netlink_parms(): no params data found
[   53.363048][ T5934] chnl_net:caif_netlink_parms(): no params data found
[   53.402822][ T5935] chnl_net:caif_netlink_parms(): no params data found
[   53.481542][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.485335][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.489107][ T5936] bridge_slave_0: entered allmulticast mode
[   53.493456][ T5936] bridge_slave_0: entered promiscuous mode
[   53.506110][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.509243][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.512403][ T5936] bridge_slave_1: entered allmulticast mode
[   53.516943][ T5936] bridge_slave_1: entered promiscuous mode
[   53.569038][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.571646][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.574280][ T5943] bridge_slave_0: entered allmulticast mode
[   53.578372][ T5943] bridge_slave_0: entered promiscuous mode
[   53.583511][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.586677][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.589456][ T5943] bridge_slave_1: entered allmulticast mode
[   53.592198][ T5943] bridge_slave_1: entered promiscuous mode
[   53.607272][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.657402][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.677813][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.681588][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.685155][ T5935] bridge_slave_0: entered allmulticast mode
[   53.689348][ T5935] bridge_slave_0: entered promiscuous mode
[   53.700953][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.704064][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.707070][ T5935] bridge_slave_1: entered allmulticast mode
[   53.711162][ T5935] bridge_slave_1: entered promiscuous mode
[   53.717351][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.720471][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.722773][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.725620][ T5934] bridge_slave_0: entered allmulticast mode
[   53.728340][ T5934] bridge_slave_0: entered promiscuous mode
[   53.732201][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.736142][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.738969][ T5934] bridge_slave_1: entered allmulticast mode
[   53.742694][ T5934] bridge_slave_1: entered promiscuous mode
[   53.762366][ T5936] team0: Port device team_slave_0 added
[   53.765905][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.797046][ T5936] team0: Port device team_slave_1 added
[   53.800959][ T5943] team0: Port device team_slave_0 added
[   53.811366][ T5943] team0: Port device team_slave_1 added
[   53.818489][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.834250][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.839278][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.879209][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.884066][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.887053][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.898095][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.903877][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.906322][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.914863][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.919378][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.921706][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.930284][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.948130][ T5935] team0: Port device team_slave_0 added
[   53.955233][ T5935] team0: Port device team_slave_1 added
[   53.964253][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.966694][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   53.977184][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.011829][ T5934] team0: Port device team_slave_0 added
[   54.015699][ T5934] team0: Port device team_slave_1 added
[   54.035670][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.038713][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.049855][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.062337][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.065786][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.076560][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.096455][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.098680][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.107609][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.113715][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.116057][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.124629][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.169880][ T5943] hsr_slave_0: entered promiscuous mode
[   54.173183][ T5943] hsr_slave_1: entered promiscuous mode
[   54.192927][ T5936] hsr_slave_0: entered promiscuous mode
[   54.196742][ T5936] hsr_slave_1: entered promiscuous mode
[   54.198931][ T5936] debugfs: 'hsr0' already exists in 'hsr'
[   54.200752][ T5936] Cannot create hsr debugfs directory
[   54.234779][ T5935] hsr_slave_0: entered promiscuous mode
[   54.237015][ T5935] hsr_slave_1: entered promiscuous mode
[   54.239124][ T5935] debugfs: 'hsr0' already exists in 'hsr'
[   54.241122][ T5935] Cannot create hsr debugfs directory
[   54.267740][ T5934] hsr_slave_0: entered promiscuous mode
[   54.270487][ T5934] hsr_slave_1: entered promiscuous mode
[   54.273170][ T5934] debugfs: 'hsr0' already exists in 'hsr'
[   54.275376][ T5934] Cannot create hsr debugfs directory
[   54.577564][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   54.591126][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   54.598805][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   54.608191][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   54.658184][ T5934] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   54.665162][ T5934] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   54.670149][ T5934] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   54.675469][ T5934] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   54.712580][ T5936] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   54.725274][ T5936] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   54.729461][ T5936] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   54.733843][ T5936] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   54.800586][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.806568][ T5935] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   54.811746][ T5935] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   54.826136][ T5935] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   54.830795][ T5935] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   54.852073][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   54.867818][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.870353][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.882953][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.885282][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.910037][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.942558][ T5934] 8021q: adding VLAN 0 to HW filter on device team0
[   54.951071][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.953508][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.964194][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.967993][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.970388][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.993683][ T5936] 8021q: adding VLAN 0 to HW filter on device team0
[   55.009037][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.011467][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.028505][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.031019][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.036523][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.057003][ T5935] 8021q: adding VLAN 0 to HW filter on device team0
[   55.068062][  T167] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.070968][  T167] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.088769][  T167] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.091909][  T167] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.095875][ T5941] Bluetooth: hci1: command tx timeout
[   55.098453][ T5941] Bluetooth: hci2: command tx timeout
[   55.101358][ T5950] Bluetooth: hci3: command tx timeout
[   55.101406][ T5940] Bluetooth: hci0: command tx timeout
[   55.104304][ T5936] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   55.109127][ T5936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.176178][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.201552][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.226897][ T5943] veth0_vlan: entered promiscuous mode
[   55.246914][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.250842][ T5943] veth1_vlan: entered promiscuous mode
[   55.280609][ T5934] veth0_vlan: entered promiscuous mode
[   55.289861][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.297202][ T5934] veth1_vlan: entered promiscuous mode
[   55.316347][ T5943] veth0_macvtap: entered promiscuous mode
[   55.330149][ T5936] veth0_vlan: entered promiscuous mode
[   55.333234][ T5943] veth1_macvtap: entered promiscuous mode
[   55.349267][ T5936] veth1_vlan: entered promiscuous mode
[   55.353181][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.357380][ T5934] veth0_macvtap: entered promiscuous mode
[   55.368716][ T5934] veth1_macvtap: entered promiscuous mode
[   55.373727][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.378182][ T5935] veth0_vlan: entered promiscuous mode
[   55.394356][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.398836][   T72] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.402250][   T72] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.409418][ T5935] veth1_vlan: entered promiscuous mode
[   55.417322][   T72] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.425124][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.428623][   T72] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.448080][   T60] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.453291][ T5936] veth0_macvtap: entered promiscuous mode
[   55.459399][ T5936] veth1_macvtap: entered promiscuous mode
[   55.461946][   T60] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.466933][   T60] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.481914][   T60] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.516097][ T5935] veth0_macvtap: entered promiscuous mode
[   55.525923][   T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.528814][   T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.544352][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.559520][  T167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.564202][  T167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.567552][ T5935] veth1_macvtap: entered promiscuous mode
[   55.571272][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.578342][   T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.592672][   T60] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.597121][   T60] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.600795][   T60] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.608514][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.612528][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.619899][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   55.633407][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.637701][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.641680][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.646528][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.685408][   T60] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.688309][   T60] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.697305][   T60] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.700577][   T60] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.749411][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.768600][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.798890][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.802328][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.838101][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.840752][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.883105][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.890005][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.900441][ T6028] process 'syz.3.4' launched './file2' with NULL argv: empty string added
[   56.233400][ T6037] Bluetooth: MGMT ver 1.23
[   56.302079][ T6039] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[   56.304672][ T6039] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   56.309278][ T6038] Zero length message leads to an empty skb
[   56.318257][ T6039] vhci_hcd vhci_hcd.0: Device attached
[   56.604752][ T1331] usb 42-1: SetAddress Request (2) to port 0
[   56.607497][ T1331] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[   56.760825][ T6046] bridge_slave_0: left allmulticast mode
[   56.764744][ T6046] bridge_slave_0: left promiscuous mode
[   56.767925][ T6046] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.797529][ T6046] bridge_slave_1: left allmulticast mode
[   56.799967][ T6046] bridge_slave_1: left promiscuous mode
[   56.802350][ T6046] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.806971][ T6047] netlink: 'syz.3.6': attribute type 10 has an invalid length.
[   56.813597][ T6046] bond0: (slave bond_slave_0): Releasing backup interface
[   56.821725][ T6046] bond0: (slave bond_slave_1): Releasing backup interface
[   56.832085][ T6046] team0: Port device team_slave_0 removed
[   56.841832][ T6046] team0: Port device team_slave_1 removed
[   56.849082][ T6046] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.852140][ T6046] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.875955][ T6046] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.878676][ T6046] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.884031][ T6046] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   57.213990][ T5950] Bluetooth: hci1: command tx timeout
[   57.216050][ T5950] Bluetooth: hci0: command tx timeout
[   57.218059][ T5950] Bluetooth: hci3: command tx timeout
[   57.220073][ T5950] Bluetooth: hci2: command tx timeout
[   57.517941][ T6047] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   57.694060][ T6040] vhci_hcd: connection reset by peer
[   57.699306][ T1173] vhci_hcd vhci_hcd.2: stop threads
[   57.701967][ T1173] vhci_hcd vhci_hcd.2: release socket
[   57.704428][ T1173] vhci_hcd vhci_hcd.2: disconnect device
[   58.471187][ T6058] netlink: 'syz.1.10': attribute type 2 has an invalid length.
[   58.483951][ T6058] netlink: 'syz.1.10': attribute type 2 has an invalid length.
[   58.544114][ T6061] lo speed is unknown, defaulting to 1000
[   58.546813][ T6061] lo speed is unknown, defaulting to 1000
[   58.610488][  T842] cfg80211: failed to load regulatory.db
[   58.626017][ T6061] lo speed is unknown, defaulting to 1000
[   58.668217][ T6061] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   58.684911][ T6061] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   58.700456][ T6071] netlink: 'syz.0.11': attribute type 1 has an invalid length.
[   58.707291][ T6061] lo speed is unknown, defaulting to 1000
[   58.738905][ T6072] kernel profiling enabled (shift: 9)
[   58.856955][ T6077] netlink: 96 bytes leftover after parsing attributes in process `syz.2.9'.
[   58.942852][ T6061] lo speed is unknown, defaulting to 1000
[   58.949778][ T6061] lo speed is unknown, defaulting to 1000
[   58.952726][ T6061] lo speed is unknown, defaulting to 1000
[   59.254442][ T5940] Bluetooth: hci2: command tx timeout
[   59.256381][ T5940] Bluetooth: hci3: command tx timeout
[   59.258167][ T5940] Bluetooth: hci1: command tx timeout
[   59.457335][ T6063] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   59.459868][ T6063] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   59.470382][ T6063] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   59.477913][ T6063] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   59.484735][ T6063] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   59.490544][ T6063] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   59.496144][ T6063] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   59.504904][ T6063] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   59.515242][ T6063] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   59.519502][ T6063] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   59.525260][ T6063] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   59.536946][ T6063] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   60.775538][ T5941] Bluetooth: hci0: command 0x0419 tx timeout
[   61.505190][ T5941] Bluetooth: hci1: command 0x0c1a tx timeout
[   61.583892][ T5941] Bluetooth: hci3: command 0x0c1a tx timeout
[   61.583917][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[   61.666206][ T1331] usb 42-1: device descriptor read/8, error -110
[   62.069560][ T1331] usb usb42-port1: attempt power cycle
[   62.193479][ T6119] netlink: 12 bytes leftover after parsing attributes in process `syz.2.20'.
[   62.205168][ T6119] loop5: detected capacity change from 0 to 2640
[   62.211439][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.215093][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.218249][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.221411][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.225382][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.228689][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.231821][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.237755][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.241336][ T5944] ldm_validate_partition_table(): Disk read failed.
[   62.244403][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.247716][ T5944] Buffer I/O error on dev loop5, logical block 0, async page read
[   62.251013][ T5944] Dev loop5: unable to read RDB block 0
[   62.253461][ T5944]  loop5: unable to read partition table
[   62.634434][ T1331] usb usb42-port1: unable to enumerate USB device
[   62.854017][ T5940] Bluetooth: hci0: command 0x0419 tx timeout
[   62.872040][ T6119] ldm_validate_partition_table(): Disk read failed.
[   62.890344][ T6119] Dev loop5: unable to read RDB block 0
[   62.905032][ T6119]  loop5: unable to read partition table
[   62.933261][ T6119] loop_reread_partitions: partition scan of loop5 (3„¾‚³˜) failed (rc=-5)
[   63.668979][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout
[   63.671085][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[   63.673180][ T5940] Bluetooth: hci2: command 0x0c1a tx timeout
[   63.822928][ T6135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24'.
[   63.903337][ T6135] bond1: Unable to set down delay as MII monitoring is disabled
[   63.912424][ T6135] bond1 (unregistering): Released all slaves
[   64.297571][ T6141] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.395767][ T6141] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.516205][ T6141] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.597095][ T6141] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.810358][ T1173] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.823424][  T211] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.835408][  T211] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.847626][  T211] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.861003][ T6138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'.
[   64.946111][ T5950] Bluetooth: hci0: command 0x0419 tx timeout
[   65.772487][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[   65.774613][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[   65.776532][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[   66.877951][ T6173] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   67.013973][ T5940] Bluetooth: hci0: command 0x0419 tx timeout
[   67.065090][ T6178] usb 1-1: USB disconnect, device number 2
[   67.702648][ T6187] =======================================================
[   67.702648][ T6187] WARNING: The mand mount option has been deprecated and
[   67.702648][ T6187]          and is ignored by this kernel. Remove the mand
[   67.702648][ T6187]          option from the mount to silence this warning.
[   67.702648][ T6187] =======================================================
[   67.717467][ T6187] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   67.819414][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[   68.725656][ T3872] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   68.886268][ T3872] usb 5-1: device descriptor read/64, error -71
[   69.194013][ T3872] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   69.374173][ T3872] usb 5-1: device descriptor read/64, error -71
[   69.520670][ T3872] usb usb5-port1: attempt power cycle
[   70.178948][ T3872] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   70.319707][ T6194] warning: `syz.2.35' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   70.337635][ T6194] netlink: 'syz.2.35': attribute type 10 has an invalid length.
[   70.380384][ T3872] usb 5-1: device descriptor read/8, error -71
[   70.406698][ T6194] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   70.522178][ T6199] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes
[   70.739331][ T6204] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[   70.742020][ T6204] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   70.742681][ T6208] netlink: 'syz.0.37': attribute type 10 has an invalid length.
[   70.759542][ T6208] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   70.773613][ T6204] vhci_hcd vhci_hcd.0: Device attached
[   70.899806][ T6217] netlink: 96 bytes leftover after parsing attributes in process `syz.0.41'.
[   71.008540][ T6220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.42'.
[   71.013112][ T6220] netlink: 'syz.0.42': attribute type 10 has an invalid length.
[   71.044525][   T39] usb 44-1: SetAddress Request (2) to port 0
[   71.046593][   T39] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[   71.137047][ T6204] rdma_rxe: rxe_newlink: failed to add wg2
[   71.419875][ T6218] QAT: failed to copy from user cfg_data.
[   71.780793][ T6240] netlink: 'syz.1.49': attribute type 10 has an invalid length.
[   71.807678][ T6240] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   71.945427][ T6245] netlink: 'syz.1.50': attribute type 5 has an invalid length.
[   72.508306][ T6209] vhci_hcd: connection reset by peer
[   72.533579][  T102] vhci_hcd vhci_hcd.3: stop threads
[   72.536084][  T102] vhci_hcd vhci_hcd.3: release socket
[   72.538557][  T102] vhci_hcd vhci_hcd.3: disconnect device
[   73.008818][ T6260] sp0: Synchronizing with TNC
[   74.127628][ T6274] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes
[   74.420739][ T6285] netlink: 8 bytes leftover after parsing attributes in process `syz.3.63'.
[   74.430383][ T6285] netlink: 'syz.3.63': attribute type 10 has an invalid length.
[   74.455791][ T6287] capability: warning: `syz.2.64' uses 32-bit capabilities (legacy support in use)
[   74.674736][ T6297] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   75.633961][ T6295] comedi comedi2: reset error (fatal)
[   76.057095][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[   76.059147][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[   76.494692][   T39] usb 44-1: device descriptor read/8, error -110
[   76.707059][ T6319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.75'.
[   76.723712][ T6319] netlink: 'syz.0.75': attribute type 10 has an invalid length.
[   76.905183][   T39] usb usb44-port1: attempt power cycle
[   77.473903][ T6334] netlink: 8 bytes leftover after parsing attributes in process `syz.3.77'.
[   77.482126][ T6334] mmap: syz.3.77 (6334) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   77.484451][   T39] usb usb44-port1: unable to enumerate USB device
[   78.062913][   T72] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.205629][   T72] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.286303][   T72] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.290349][ T6343] netlink: 16 bytes leftover after parsing attributes in process `syz.0.84'.
[   78.303560][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   78.307259][ T6343] netlink: 'syz.0.84': attribute type 10 has an invalid length.
[   78.310167][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   78.313322][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   78.316257][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   78.319926][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   78.351307][ T6344] lo speed is unknown, defaulting to 1000
[   78.393094][ T6347] tipc: Started in network mode
[   78.394837][ T6347] tipc: Node identity ea0249d20e71, cluster identity 4711
[   78.397118][ T6347] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   78.405062][ T6347] syzkaller0: entered promiscuous mode
[   78.406932][ T6347] syzkaller0: entered allmulticast mode
[   78.409187][ T6347] tipc: Resetting bearer <eth:syzkaller0>
[   78.422115][   T72] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.447140][ T6347] tipc: Resetting bearer <eth:syzkaller0>
[   78.578032][ T6335] tipc: Resetting bearer <eth:syzkaller0>
[   78.589308][ T6335] tipc: Disabling bearer <eth:syzkaller0>
[   78.681827][ T6344] chnl_net:caif_netlink_parms(): no params data found
[   79.002196][   T72] bond0 (unregistering): (slave wlan1): Releasing backup interface
[   79.008868][   T72] bond0 (unregistering): Released all slaves
[   79.345422][ T6344] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.357300][ T6344] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.359673][ T6344] bridge_slave_0: entered allmulticast mode
[   79.373065][ T6344] bridge_slave_0: entered promiscuous mode
[   79.378496][   T39] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   79.391075][ T6344] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.394177][ T6372] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.399058][ T6344] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.402228][ T6344] bridge_slave_1: entered allmulticast mode
[   79.406544][ T6344] bridge_slave_1: entered promiscuous mode
[   79.447448][ T6344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.452846][ T6344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.536439][   T39] usb 6-1: Using ep0 maxpacket: 8
[   79.540517][   T39] usb 6-1: config index 0 descriptor too short (expected 74, got 45)
[   79.543597][   T39] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[   79.552424][   T39] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   79.558921][ T6344] team0: Port device team_slave_0 added
[   79.563221][ T6344] team0: Port device team_slave_1 added
[   79.565440][   T39] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[   79.570112][   T39] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[   79.580015][   T39] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   79.592350][   T39] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   79.603940][   T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.636638][ T6344] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.638902][ T6344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.656374][ T6344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.690519][ T6344] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.694350][ T6344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.704952][ T6344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.735908][   T72] hsr_slave_0: left promiscuous mode
[   79.739262][   T72] hsr_slave_1: left promiscuous mode
[   79.782190][   T72] veth1_macvtap: left promiscuous mode
[   79.791712][   T72] veth0_macvtap: left promiscuous mode
[   79.794532][   T72] veth1_vlan: left promiscuous mode
[   79.797055][   T72] veth0_vlan: left promiscuous mode
[   79.868578][   T39] usb 6-1: usb_control_msg returned -32
[   79.870811][   T39] usbtmc 6-1:16.0: can't read capabilities
[   79.941883][ T6396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.98'.
[   79.947968][ T6396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.98'.
[   80.059320][ T6404] FAULT_INJECTION: forcing a failure.
[   80.059320][ T6404] name failslab, interval 1, probability 0, space 0, times 1
[   80.065147][ T6404] CPU: 2 UID: 0 PID: 6404 Comm: syz.2.101 Not tainted syzkaller #0 PREEMPT(full) 
[   80.065166][ T6404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   80.065173][ T6404] Call Trace:
[   80.065177][ T6404]  <TASK>
[   80.065182][ T6404]  dump_stack_lvl+0x100/0x190
[   80.065205][ T6404]  should_fail_ex.cold+0x5/0xa
[   80.065220][ T6404]  should_failslab+0xc2/0x120
[   80.065234][ T6404]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[   80.065253][ T6404]  ? alloc_vmap_area+0x640/0x2bd0
[   80.065268][ T6404]  alloc_vmap_area+0x640/0x2bd0
[   80.065300][ T6404]  ? __pfx_alloc_vmap_area+0x10/0x10
[   80.065319][ T6404]  __get_vm_area_node+0x1ca/0x330
[   80.065336][ T6404]  __vmalloc_node_range_noprof+0x213/0x1530
[   80.065352][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.065370][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.065388][ T6404]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   80.065403][ T6404]  ? compat_copy_ebt_replace_from_user+0x299/0x3b0
[   80.065418][ T6404]  ? __pfx_compat_copy_ebt_replace_from_user+0x10/0x10
[   80.065432][ T6404]  ? add_lock_to_list+0x99/0x110
[   80.065448][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.065474][ T6404]  __vmalloc_node_noprof+0xad/0xf0
[   80.065490][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.065504][ T6404]  compat_do_replace+0x241/0x7a0
[   80.065520][ T6404]  ? __pfx_compat_do_replace+0x10/0x10
[   80.065535][ T6404]  ? rcu_is_watching+0x12/0xc0
[   80.065560][ T6404]  ? bpf_lsm_capable+0x9/0x10
[   80.065573][ T6404]  ? security_capable+0x80/0x260
[   80.065587][ T6404]  do_ebt_set_ctl+0x2f5/0x3f0
[   80.065602][ T6404]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[   80.065617][ T6404]  ? smc_setsockopt+0x100/0xa10
[   80.065635][ T6404]  ? nf_sockopt_find.isra.0+0x222/0x290
[   80.065651][ T6404]  nf_setsockopt+0x8d/0xf0
[   80.065665][ T6404]  ip_setsockopt+0xcb/0xf0
[   80.065681][ T6404]  tcp_setsockopt+0xa7/0x100
[   80.065698][ T6404]  smc_setsockopt+0x1b6/0xa10
[   80.065712][ T6404]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   80.065726][ T6404]  ? __pfx_smc_setsockopt+0x10/0x10
[   80.065742][ T6404]  ? aa_sock_opt_perm+0xfe/0x1b0
[   80.065761][ T6404]  ? __pfx_smc_setsockopt+0x10/0x10
[   80.065776][ T6404]  do_sock_setsockopt+0xf3/0x1d0
[   80.065790][ T6404]  __sys_setsockopt+0x119/0x190
[   80.065809][ T6404]  __ia32_sys_setsockopt+0xbc/0x160
[   80.065830][ T6404]  ? __do_fast_syscall_32+0x94/0x8c0
[   80.065842][ T6404]  ? lockdep_hardirqs_on+0x78/0x100
[   80.065852][ T6404]  __do_fast_syscall_32+0xe3/0x8c0
[   80.065865][ T6404]  do_fast_syscall_32+0x32/0x70
[   80.065877][ T6404]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   80.065892][ T6404] RIP: 0023:0xf7f55f6c
[   80.065901][ T6404] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   80.065911][ T6404] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[   80.065923][ T6404] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[   80.065929][ T6404] RDX: 0000000000000080 RSI: 0000000080001980 RDI: 000000000000017e
[   80.065935][ T6404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   80.065941][ T6404] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   80.065947][ T6404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   80.065960][ T6404]  </TASK>
[   80.068841][ T6404] syz.2.101: vmalloc error: size 302, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[   80.197773][ T6404] CPU: 2 UID: 0 PID: 6404 Comm: syz.2.101 Not tainted syzkaller #0 PREEMPT(full) 
[   80.197790][ T6404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   80.197797][ T6404] Call Trace:
[   80.197801][ T6404]  <TASK>
[   80.197806][ T6404]  dump_stack_lvl+0x100/0x190
[   80.197835][ T6404]  warn_alloc.cold+0x95/0x1c1
[   80.197856][ T6404]  ? __pfx_warn_alloc+0x10/0x10
[   80.197873][ T6404]  ? lockdep_hardirqs_on+0x78/0x100
[   80.197887][ T6404]  ? __get_vm_area_node+0x2c5/0x330
[   80.197904][ T6404]  ? __get_vm_area_node+0x208/0x330
[   80.197921][ T6404]  __vmalloc_node_range_noprof+0xbf4/0x1530
[   80.197940][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.197959][ T6404]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   80.197974][ T6404]  ? compat_copy_ebt_replace_from_user+0x299/0x3b0
[   80.197989][ T6404]  ? __pfx_compat_copy_ebt_replace_from_user+0x10/0x10
[   80.198002][ T6404]  ? add_lock_to_list+0x99/0x110
[   80.198019][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.198031][ T6404]  __vmalloc_node_noprof+0xad/0xf0
[   80.198046][ T6404]  ? compat_do_replace+0x241/0x7a0
[   80.198061][ T6404]  compat_do_replace+0x241/0x7a0
[   80.198075][ T6404]  ? __pfx_compat_do_replace+0x10/0x10
[   80.198090][ T6404]  ? rcu_is_watching+0x12/0xc0
[   80.198115][ T6404]  ? bpf_lsm_capable+0x9/0x10
[   80.198128][ T6404]  ? security_capable+0x80/0x260
[   80.198142][ T6404]  do_ebt_set_ctl+0x2f5/0x3f0
[   80.198156][ T6404]  ? __pfx_do_ebt_set_ctl+0x10/0x10
[   80.198171][ T6404]  ? smc_setsockopt+0x100/0xa10
[   80.198189][ T6404]  ? nf_sockopt_find.isra.0+0x222/0x290
[   80.198205][ T6404]  nf_setsockopt+0x8d/0xf0
[   80.198219][ T6404]  ip_setsockopt+0xcb/0xf0
[   80.198236][ T6404]  tcp_setsockopt+0xa7/0x100
[   80.198254][ T6404]  smc_setsockopt+0x1b6/0xa10
[   80.198267][ T6404]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   80.198283][ T6404]  ? __pfx_smc_setsockopt+0x10/0x10
[   80.198299][ T6404]  ? aa_sock_opt_perm+0xfe/0x1b0
[   80.198319][ T6404]  ? __pfx_smc_setsockopt+0x10/0x10
[   80.198334][ T6404]  do_sock_setsockopt+0xf3/0x1d0
[   80.198349][ T6404]  __sys_setsockopt+0x119/0x190
[   80.198370][ T6404]  __ia32_sys_setsockopt+0xbc/0x160
[   80.198387][ T6404]  ? __do_fast_syscall_32+0x94/0x8c0
[   80.198400][ T6404]  ? lockdep_hardirqs_on+0x78/0x100
[   80.198411][ T6404]  __do_fast_syscall_32+0xe3/0x8c0
[   80.198425][ T6404]  do_fast_syscall_32+0x32/0x70
[   80.198438][ T6404]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   80.198453][ T6404] RIP: 0023:0xf7f55f6c
[   80.198463][ T6404] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   80.198473][ T6404] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[   80.198485][ T6404] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[   80.198491][ T6404] RDX: 0000000000000080 RSI: 0000000080001980 RDI: 000000000000017e
[   80.198498][ T6404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   80.198504][ T6404] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   80.198510][ T6404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   80.198524][ T6404]  </TASK>
[   80.198528][ T6404] Mem-Info:
[   80.331281][ T6404] active_anon:9867 inactive_anon:74 isolated_anon:0
[   80.331281][ T6404]  active_file:13695 inactive_file:19399 isolated_file:0
[   80.331281][ T6404]  unevictable:1768 dirty:515 writeback:0
[   80.331281][ T6404]  slab_reclaimable:6478 slab_unreclaimable:51241
[   80.331281][ T6404]  mapped:28579 shmem:7297 pagetables:1146
[   80.331281][ T6404]  sec_pagetables:293 bounce:0
[   80.331281][ T6404]  kernel_misc_reclaimable:0
[   80.331281][ T6404]  free:61642 free_pcp:12211 free_cma:0
[   80.356119][ T6404] Node 0 active_anon:4kB inactive_anon:4kB active_file:8kB inactive_file:120kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:12kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8224kB pagetables:1488kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB
[   80.370427][ T6404] Node 1 active_anon:38964kB inactive_anon:292kB active_file:54772kB inactive_file:77476kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:113636kB dirty:2048kB writeback:0kB shmem:27052kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4856kB pagetables:2996kB sec_pagetables:32kB all_unreclaimable? no Balloon:0kB
[   80.384683][ T5950] Bluetooth: hci2: command tx timeout
[   80.389477][ T6404] Node 0 DMA free:2156kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:0kB writepending:4kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:172kB local_pcp:0kB free_cma:0kB
[   80.402656][ T6404] lowmem_reserve[]: 0 285 285 285 285
[   80.405094][ T6404] Node 0 DMA32 free:18376kB boost:29392kB min:42460kB low:45724kB high:48988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:8kB inactive_file:40kB unevictable:3536kB writepending:8kB zspages:0kB present:1032196kB managed:292480kB mlocked:0kB bounce:0kB free_pcp:12240kB local_pcp:3512kB free_cma:0kB
[   80.450427][ T6404] lowmem_reserve[]: 0 0 0 0 0
[   80.452114][ T6404] Node 1 DMA32 free:218216kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42424kB inactive_anon:292kB active_file:54836kB inactive_file:77480kB unevictable:3536kB writepending:2052kB zspages:3304kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:37268kB local_pcp:12172kB free_cma:0kB
[   80.457047][ T6344] hsr_slave_0: entered promiscuous mode
[   80.462907][ T6404] lowmem_reserve[]: 0 0 0 0 0
[   80.466221][ T6344] hsr_slave_1: entered promiscuous mode
[   80.466916][ T6404] Node 0 DMA: 45*4kB (UM) 13*8kB (UM) 3*16kB (U) 9*32kB (U) 2*64kB (M) 3*128kB (M) 2*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2156kB
[   80.470010][ T6344] debugfs: 'hsr0' already exists in 'hsr'
[   80.475062][ T6404] Node 0 
[   80.476969][ T6344] Cannot create hsr debugfs directory
[   80.478009][ T6404] DMA32: 424*4kB (UM) 167*8kB (UM) 47*16kB (UM) 90*32kB (UM) 55*64kB (UME) 14*128kB (UM) 9*256kB (UM) 8*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 18376kB
[   80.486729][ T6404] Node 1 DMA32: 459*4kB (UME) 523*8kB (UME) 314*16kB (UME) 70*32kB (UME) 151*64kB (UME) 158*128kB (UME) 112*256kB (UME) 86*512kB (UME) 54*1024kB (UME) 9*2048kB (UM) 7*4096kB (UM) = 218276kB
[   80.492944][ T6404] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   80.496804][ T6404] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   80.499876][ T6404] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   80.503448][ T6404] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   80.506432][ T6404] 41821 total pagecache pages
[   80.507927][ T6404] 419 pages in swap cache
[   80.509310][ T6404] Free swap  = 117248kB
[   80.510707][ T6404] Total swap = 124996kB
[   80.512284][ T6404] 524155 pages RAM
[   80.513925][ T6404] 0 pages HighMem/MovableOnly
[   80.515672][ T6404] 210142 pages reserved
[   80.517211][ T6404] 0 pages cma reserved
[   80.567774][ T6413] autofs: Bad value for 'fd'
[   80.620416][ T6413] overlayfs: failed to resolve './file1': -2
[   80.621152][ T6344] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   80.644863][ T6344] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   80.675380][ T6344] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   80.684961][ T6344] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   80.760934][ T6344] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.775287][ T6344] 8021q: adding VLAN 0 to HW filter on device team0
[   80.781003][  T211] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.783539][  T211] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.813961][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.816324][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.978100][ T6344] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.125928][ T6344] veth0_vlan: entered promiscuous mode
[   81.131649][ T6344] veth1_vlan: entered promiscuous mode
[   81.152376][ T6344] veth0_macvtap: entered promiscuous mode
[   81.161554][ T6344] veth1_macvtap: entered promiscuous mode
[   81.179085][ T6344] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.187796][ T6344] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.198293][   T72] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.207546][   T72] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.211355][   T72] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.223707][   T72] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.248074][  T211] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.250429][  T211] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.267309][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.269578][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.118961][   T40] audit: type=1326 audit(1775193605.510:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6478 comm="syz.2.112" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f55f6c code=0x0
[   82.122199][ T3872] usb 6-1: USB disconnect, device number 2
[   82.454748][ T5950] Bluetooth: hci2: command tx timeout
[   83.447636][ T6513] netlink: 'syz.0.120': attribute type 1 has an invalid length.
[   83.491669][ T6513] netlink: 44 bytes leftover after parsing attributes in process `syz.0.120'.
[   83.496863][ T6513] netlink: 16 bytes leftover after parsing attributes in process `syz.0.120'.
[   83.500337][ T6513] netlink: 12 bytes leftover after parsing attributes in process `syz.0.120'.
[   84.224105][ T6552] syz.1.133 uses obsolete (PF_INET,SOCK_PACKET)
[   84.534057][ T5950] Bluetooth: hci2: command tx timeout
[   84.843208][ T6561] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[   84.854579][ T6561] syzkaller0: entered promiscuous mode
[   84.856656][ T6561] syzkaller0: entered allmulticast mode
[   85.102896][ T6566] faux_driver vgem: [drm] Unknown color mode 65545; guessing buffer size.
[   85.484067][   T39] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   85.644327][   T39] usb 6-1: Using ep0 maxpacket: 32
[   85.648894][   T39] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[   85.652860][   T39] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[   85.658965][   T39] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   85.663522][   T39] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[   85.670892][   T39] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[   85.675092][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.678498][   T39] usb 6-1: Product: syz
[   85.680377][   T39] usb 6-1: Manufacturer: syz
[   85.682256][   T39] usb 6-1: SerialNumber: syz
[   85.694364][    C2] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[   85.703042][   T39] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/input/input5
[   85.940920][ T6568] syz.1.137 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[   85.945394][ T6568] CPU: 3 UID: 0 PID: 6568 Comm: syz.1.137 Not tainted syzkaller #0 PREEMPT(full) 
[   85.945411][ T6568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.945418][ T6568] Call Trace:
[   85.945422][ T6568]  <TASK>
[   85.945427][ T6568]  dump_stack_lvl+0x100/0x190
[   85.945450][ T6568]  dump_header+0xfb/0x606
[   85.945465][ T6568]  oom_kill_process.cold+0xd/0x330
[   85.945478][ T6568]  out_of_memory+0x1256/0x14f0
[   85.945499][ T6568]  ? __pfx_out_of_memory+0x10/0x10
[   85.945520][ T6568]  __alloc_frozen_pages_noprof+0x233d/0x2ba0
[   85.945547][ T6568]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   85.945565][ T6568]  ? __pfx_vma_wants_writenotify+0x10/0x10
[   85.945584][ T6568]  ? __pfx_uprobe_mmap+0x10/0x10
[   85.945602][ T6568]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   85.945619][ T6568]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   85.945630][ T6568]  ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80
[   85.945647][ T6568]  ? policy_nodemask+0xed/0x4f0
[   85.945660][ T6568]  alloc_pages_mpol+0x1fb/0x550
[   85.945673][ T6568]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   85.945686][ T6568]  ? __lock_acquire+0x4a5/0x2630
[   85.945708][ T6568]  alloc_pages_noprof+0x136/0x390
[   85.945721][ T6568]  pte_alloc_one+0x1c/0x3d0
[   85.945734][ T6568]  do_fault+0x88e/0x18e0
[   85.945749][ T6568]  __handle_mm_fault+0x1815/0x2b60
[   85.945767][ T6568]  ? mt_find+0x45e/0x8e0
[   85.945780][ T6568]  ? __pfx___handle_mm_fault+0x10/0x10
[   85.945795][ T6568]  ? __pfx_mt_find+0x10/0x10
[   85.945817][ T6568]  handle_mm_fault+0x36d/0xa20
[   85.945835][ T6568]  __get_user_pages+0xf9c/0x34d0
[   85.945853][ T6568]  ? __pfx___get_user_pages+0x10/0x10
[   85.945870][ T6568]  populate_vma_page_range+0x267/0x3f0
[   85.945885][ T6568]  ? __pfx_populate_vma_page_range+0x10/0x10
[   85.945899][ T6568]  ? __pfx_find_vma_intersection+0x10/0x10
[   85.945912][ T6568]  ? do_mmap+0x93f/0x12f0
[   85.945926][ T6568]  __mm_populate+0x107/0x3a0
[   85.945940][ T6568]  ? __pfx___mm_populate+0x10/0x10
[   85.945954][ T6568]  ? up_write+0x290/0x4f0
[   85.945972][ T6568]  vm_mmap_pgoff+0x37f/0x470
[   85.945987][ T6568]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[   85.945999][ T6568]  ? __fget_files+0x215/0x3d0
[   85.946013][ T6568]  ? __fget_files+0x21f/0x3d0
[   85.946026][ T6568]  ksys_mmap_pgoff+0x3c8/0x650
[   85.946040][ T6568]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[   85.946057][ T6568]  __do_fast_syscall_32+0xe3/0x8c0
[   85.946071][ T6568]  do_fast_syscall_32+0x32/0x70
[   85.946084][ T6568]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   85.946098][ T6568] RIP: 0023:0xf6ffef6c
[   85.946108][ T6568] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   85.946118][ T6568] RSP: 002b:00000000f53ed50c EFLAGS: 00000292 ORIG_RAX: 00000000000000c0
[   85.946130][ T6568] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000b36000
[   85.946136][ T6568] RDX: 0000000001000002 RSI: 0000000000028011 RDI: 0000000000000006
[   85.946143][ T6568] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   85.946148][ T6568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.946154][ T6568] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   85.946167][ T6568]  </TASK>
[   85.946172][ T6568] Mem-Info:
[   86.058273][ T6568] active_anon:12242 inactive_anon:74 isolated_anon:0
[   86.058273][ T6568]  active_file:13759 inactive_file:19404 isolated_file:0
[   86.058273][ T6568]  unevictable:1768 dirty:535 writeback:0
[   86.058273][ T6568]  slab_reclaimable:6388 slab_unreclaimable:53322
[   86.058273][ T6568]  mapped:30460 shmem:9392 pagetables:1205
[   86.058273][ T6568]  sec_pagetables:295 bounce:0
[   86.058273][ T6568]  kernel_misc_reclaimable:0
[   86.058273][ T6568]  free:71867 free_pcp:0 free_cma:0
[   86.072496][ T6568] Node 0 active_anon:4kB inactive_anon:4kB active_file:84kB inactive_file:44kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:20kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7968kB pagetables:1488kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB
[   86.082710][ T6568] Node 0 DMA free:2352kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:88kB unevictable:0kB writepending:4kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   86.092495][ T6568] lowmem_reserve[]: 0 285 285 285 285
[   86.094388][ T6568] Node 0 DMA32 free:32432kB boost:29392kB min:42460kB low:45724kB high:48988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:8kB inactive_file:40kB unevictable:3536kB writepending:16kB zspages:0kB present:1032196kB managed:292480kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB
[   86.104463][ T6568] lowmem_reserve[]: 0 0 0 0 0
[   86.106199][ T6568] Node 0 DMA: 49*4kB (UM) 14*8kB (UM) 4*16kB (UM) 10*32kB (U) 0*64kB 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2356kB
[   86.111051][ T6568] Node 0 DMA32: 882*4kB (UME) 303*8kB (UME) 141*16kB (UME) 239*32kB (UME) 98*64kB (UME) 19*128kB (UME) 9*256kB (UME) 9*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 32496kB
[   86.116710][ T6568] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   86.120043][ T6568] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   86.123125][ T6568] 42974 total pagecache pages
[   86.124822][ T6568] 423 pages in swap cache
[   86.126243][ T6568] Free swap  = 117248kB
[   86.127600][ T6568] Total swap = 124996kB
[   86.128942][ T6568] 524155 pages RAM
[   86.130205][ T6568] 0 pages HighMem/MovableOnly
[   86.131818][ T6568] 210142 pages reserved
[   86.133292][ T6568] 0 pages cma reserved
[   86.134880][ T6568] Unreclaimable slab info:
[   86.136528][ T6568] Name                      Used          Total
[   86.138541][ T6568] pid_3                     10KB         15KB
[   86.140690][ T6568] pid_2                     39KB         63KB
[   86.142738][ T6568] bio-464                   17KB         31KB
[   86.144849][ T6568] bio-528                   19KB         31KB
[   86.146831][ T6568] bio-544                   19KB         31KB
[   86.148836][ T6568] bio-560                   19KB         31KB
[   86.151080][ T6568] zswap_entry              144KB        177KB
[   86.153241][ T6568] AF_VSOCK                  43KB         61KB
[   86.161375][ T6568] sw_flow_stats              7KB         12KB
[   86.163482][ T6568] sw_flow                   21KB         30KB
[   86.165744][ T6568] batadv_tt_change_cache         12KB         16KB
[   86.167899][ T6568] batadv_tl_cache           28KB         32KB
[   86.169942][ T6568] p9_req_t                  23KB         31KB
[   86.172145][ T6568] SMC6                      37KB         62KB
[   86.174373][ T6568] SMC                      106KB        187KB
[   86.176355][ T6568] TIPC                      81KB        123KB
[   86.178297][ T6568] RDS                       22KB         30KB
[   86.180424][ T6568] SCTPv6                   111KB        180KB
[   86.182663][ T6568] SCTP                      85KB        122KB
[   86.184942][ T6568] sctp_chunk               109KB        156KB
[   86.186968][ T6568] sctp_bind_bucket          10KB         12KB
[   86.189268][ T6568] L2TP/IPv6                 20KB         31KB
[   86.191402][ T6568] L2TP/IP                   19KB         31KB
[   86.193439][ T6568] RXRPC                     70KB         96KB
[   86.195464][ T6568] rxrpc_call_jar           116KB        159KB
[   86.197453][ T6568] net_bridge_fdb_entry         45KB         47KB
[   86.199510][ T6568] MPTCPv6                  133KB        223KB
[   86.201597][ T6568] fib6_node                149KB        152KB
[   86.203560][ T6568] ip6_dst_cache            168KB        390KB
[   86.205892][ T6568] RAWv6                    158KB        216KB
[   86.208112][ T6568] UDPv6                     94KB        157KB
[   86.210214][ T6568] tw_sock_TCPv6             20KB         31KB
[   86.212226][ T6568] TCPv6                    149KB        298KB
[   86.214425][ T6568] nf_conntrack              20KB         31KB
[   86.216436][ T6568] wg_peer                  104KB        118KB
[   86.218404][ T6568] allowedips_node           16KB         19KB
[   86.220419][ T6568] t10_alua_lu_gp_cache          8KB         15KB
[   86.222593][ T6568] scsi_sense_cache          60KB         60KB
[   86.225000][ T6568] virtio_scsi_cmd           21KB         24KB
[   86.227028][ T6568] bio-136                   42KB         52KB
[   86.228997][ T6568] bio-264                   10KB         15KB
[   86.230973][ T6568] mqueue_inode_cache         74KB        121KB
[   86.232957][ T6568] f2fs_bio_post_read_ctx         30KB         31KB
[   86.235168][ T6568] jfs_mp                    14KB         15KB
[   86.237139][ T6568] fuse_request              27KB         31KB
[   86.239124][ T6568] cifs_small_rq             28KB         32KB
[   86.241317][ T6568] cifs_request              67KB         67KB
[   86.243381][ T6568] cifs_mpx_ids               8KB         15KB
[   86.245591][ T6568] cifs_io_subrequest         42KB         47KB
[   86.247858][ T6568] cifs_io_request          105KB        111KB
[   86.249878][ T6568] nfs_commit_data           24KB         31KB
[   86.251951][ T6568] nfs_write_data            38KB         63KB
[   86.254131][ T6568] jbd2_inode                22KB         23KB
[   86.256035][ T6568] ext4_system_zone           1KB          3KB
[   86.257886][ T6568] ext4_io_end_vec           10KB         15KB
[   86.259858][ T6568] kioctx                    11KB         31KB
[   86.262124][ T6568] aio_kiocb                  8KB         15KB
[   86.264404][ T6568] userfaultfd_ctx_cache         53KB         94KB
[   86.266702][ T6568] fasync_cache               9KB         11KB
[   86.268776][ T6568] zspage                    90KB        114KB
[   86.270750][ T6568] zs_handle                 47KB         72KB
[   86.272620][ T6568] pid_namespace             88KB        123KB
[   86.274712][ T6568] kvm_gmem_inode_cache         15KB         31KB
[   86.276771][ T6568] kvm_async_pf              13KB         15KB
[   86.278781][ T6568] kvm_vcpu                  73KB        219KB
[   86.281174][ T6568] kvm_mmu_page_header          4KB         19KB
[   86.283395][ T6568] pte_list_desc              3KB         15KB
[   86.285647][ T6568] x86_emulator             112KB        221KB
[   86.287605][ T6568] rpc_buffers               25KB         31KB
[   86.289711][ T6568] rpc_tasks                  8KB         15KB
[   86.291968][ T6568] UNIX-STREAM               91KB        214KB
[   86.296228][ T6568] UNIX                     190KB        367KB
[   86.298213][ T6568] UDP-Lite                  23KB         31KB
[   86.300212][ T6568] MPTCP                     94KB        183KB
[   86.302138][ T6568] request_sock_subflow_v4         12KB         15KB
[   86.304339][ T6568] tcp_bind2_bucket          26KB         32KB
[   86.306406][ T6568] tcp_bind_bucket           29KB         32KB
[   86.308550][ T6568] xfrm_state                11KB         31KB
[   86.310714][ T6568] ip_fib_trie               25KB         32KB
[   86.312642][ T6568] ip_fib_alias              78KB         90KB
[   86.314644][ T6568] rtable                    85KB        160KB
[   86.316596][ T6568] PING                      38KB         63KB
[   86.318560][ T6568] RAW                      108KB        159KB
[   86.320708][ T6568] UDP                       91KB        223KB
[   86.322874][ T6568] tw_sock_TCP               19KB         31KB
[   86.325254][ T6568] request_sock_TCP          20KB         30KB
[   86.327235][ T6568] TCP                      213KB        318KB
[   86.329191][ T6568] hugetlbfs_inode_cache         40KB         62KB
[   86.331333][ T6568] netfs_subrequest          43KB         46KB
[   86.333262][ T6568] netfs_request            130KB        143KB
[   86.335252][ T6568] bio-280                   21KB         23KB
[   86.337236][ T6568] ep_head                    4KB         24KB
[   86.339166][ T6568] eventpoll_pwq             14KB         31KB
[   86.341649][ T6568] eventpoll_epi             52KB         63KB
[   86.344232][ T6568] inotify_inode_mark         24KB         39KB
[   86.346327][ T6568] sgpool-128                29KB        238KB
[   86.348385][ T6568] sgpool-64                 72KB        191KB
[   86.350507][ T6568] sgpool-32                 34KB         63KB
[   86.352586][ T6568] sgpool-16                 46KB         78KB
[   86.354639][ T6568] sgpool-8                   9KB         31KB
[   86.356678][ T6568] bio_crypt_ctx              9KB         11KB
[   86.358772][ T6568] bio_integrity_data          7KB          8KB
[   86.361279][ T6568] request_queue            228KB        247KB
[   86.365583][ T6568] blkdev_ioc                 8KB         15KB
[   86.367778][ T6568] bio-200                   28KB         78KB
[   86.370398][ T6568] biovec-max               259KB        386KB
[   86.372998][ T6568] biovec-128                55KB         63KB
[   86.376948][ T6568] biovec-64                 16KB         63KB
[   86.379504][ T6568] biovec-16                 15KB         54KB
[   86.382290][ T6568] mm_slot                    6KB          7KB
[   86.385135][ T6568] uid_cache                 25KB         46KB
[   86.387740][ T6568] iommu_iova_magazine        987KB       1071KB
[   86.390395][ T6568] iommu_iova               145KB        148KB
[   86.392966][ T6568] dmaengine-unmap-256         26KB         30KB
[   86.395761][ T6568] dmaengine-unmap-128         14KB         30KB
[   86.398499][ T6568] dmaengine-unmap-16          7KB          8KB
[   86.401327][ T6568] dmaengine-unmap-2          3KB          4KB
[   86.404017][ T6568] QIPCRTR                   18KB         31KB
[   86.406547][ T6568] audit_buffer              11KB         11KB
[   86.409148][ T6568] skbuff_ext_cache          15KB         32KB
[   86.411892][ T6568] skbuff_small_head       1053KB       1682KB
[   86.414846][ T6568] skbuff_fclone_cache         90KB        140KB
[   86.417005][ T6568] skbuff_head_cache       1181KB       1335KB
[   86.418958][ T6568] configfs_dir_cache         30KB         32KB
[   86.420980][ T6568] file_lease_cache           7KB          7KB
[   86.423158][ T6568] file_lock_cache           17KB         63KB
[   86.425638][ T6568] file_lock_ctx             40KB         43KB
[   86.428264][ T6568] fsnotify_inode_mark_connector         20KB         39KB
[   86.430945][ T6568] posix_timers_cache         40KB         48KB
[   86.433048][ T6568] taskstats                 52KB         95KB
[   86.435281][ T6568] mem_cgroup_per_node         90KB        154KB
[   86.437475][ T6568] mem_cgroup               119KB        119KB
[   86.439428][ T6568] proc_dir_entry           620KB        664KB
[   86.441519][ T6568] pde_opener                 6KB         15KB
[   86.443669][ T6568] seq_file                  32KB         78KB
[   86.446214][ T6568] sigqueue                  20KB         43KB
[   86.448368][ T6568] shmem_inode_cache       7722KB       7866KB
[   86.450380][ T6568] kernfs_iattrs_cache         46KB         46KB
[   86.452501][ T6568] kernfs_node_cache      25605KB      25778KB
[   86.455530][ T6568] mnt_cache                 72KB        141KB
[   86.457778][ T6568] bfilp                     11KB         15KB
[   86.459958][ T6568] filp                     476KB        622KB
[   86.461905][ T6568] names_cache              422KB        512KB
[   86.464970][ T6568] net_namespace            115KB        173KB
[   86.466955][ T6568] ima_iint_cache            39KB         55KB
[   86.468924][ T6568] lsm_inode_cache         1407KB       1858KB
[   86.475615][ T6568] lsm_file_cache           135KB        204KB
[   86.483913][ T6568] key_jar                   46KB         55KB
[   86.486765][ T6568] uts_namespace             67KB         92KB
[   86.488757][ T6568] nsproxy                   15KB         31KB
[   86.490740][ T6568] vm_area_struct           785KB       1195KB
[   86.492711][ T6568] fs_cache                  30KB         64KB
[   86.494952][ T6568] files_cache              117KB        223KB
[   86.497083][ T6568] signal_cache             795KB       1910KB
[   86.499175][ T6568] sighand_cache           1029KB       2254KB
[   86.501507][ T6568] task_struct             4299KB       4851KB
[   86.503671][ T6568] cred                     135KB        292KB
[   86.505812][ T6568] anon_vma_chain           235KB        366KB
[   86.507711][ T6568] anon_vma                 261KB        581KB
[   86.509606][ T6568] pid                      150KB        429KB
[   86.511654][ T6568] Acpi-Operand             201KB        332KB
[   86.513595][ T6568] Acpi-ParseExt             11KB         31KB
[   86.516290][ T6568] Acpi-Parse                12KB         23KB
[   86.518237][ T6568] Acpi-State                16KB         31KB
[   86.520234][ T6568] Acpi-Namespace            35KB         52KB
[   86.522400][ T6568] numa_policy                7KB          8KB
[   86.525036][ T6568] perf_event                15KB         31KB
[   86.527185][ T6568] trace_event_file         540KB        540KB
[   86.529772][ T6568] ftrace_event_field       1026KB       1027KB
[   86.533143][ T6568] pool_workqueue          1873KB       1968KB
[   86.536942][ T6568] task_group                68KB         77KB
[   86.539576][ T6568] maple_node              1049KB       1704KB
[   86.542632][ T6568] mm_struct                248KB        490KB
[   86.546469][ T6568] vmap_area                557KB        720KB
[   86.549151][ T6568] debug_objects_cache       1965KB       3525KB
[   86.551740][ T6568] page->ptl                112KB        149KB
[   86.554780][ T6568] kmalloc-cg-8k           1312KB       1600KB
[   86.557614][ T6568] kmalloc-cg-4k          12064KB      12608KB
[   86.560301][ T6568] kmalloc-cg-2k           7772KB       8480KB
[   86.562942][ T6568] kmalloc-cg-1k           2422KB       2656KB
[   86.565902][ T6568] kmalloc-cg-512          1391KB       1408KB
[   86.567946][ T6568] kmalloc-cg-256           334KB        384KB
[   86.570545][ T6568] kmalloc-cg-128           236KB        252KB
[   86.573204][ T6568] kmalloc-cg-64             50KB         68KB
[   86.576444][ T6568] kmalloc-cg-32             44KB        188KB
[   86.579175][ T6568] kmalloc-cg-16              6KB         20KB
[   86.582114][ T6568] kmalloc-cg-8              19KB         32KB
[   86.589629][ T6568] kmalloc-cg-192            58KB         80KB
[   86.592338][ T6568] kmalloc-cg-96             60KB         76KB
[   86.597474][ T6568] kmalloc-8k              5264KB       5472KB
[   86.600490][ T6568] kmalloc-4k             30312KB      30592KB
[   86.603152][ T6568] kmalloc-2k             12088KB      13120KB
[   86.607530][ T6568] kmalloc-1k              7838KB       8352KB
[   86.607629][ T6578] netlink: 8 bytes leftover after parsing attributes in process `syz.2.140'.
[   86.610442][ T6568] kmalloc-512            10239KB      10704KB
[   86.618080][ T6568] kmalloc-256             4612KB       4664KB
[   86.620848][ T6568] kmalloc-128             1543KB       1564KB
[   86.623392][ T6568] kmalloc-64              3077KB       3136KB
[   86.624084][ T5950] Bluetooth: hci2: command tx timeout
[   86.626149][ T6568] kmalloc-32              1383KB       1616KB
[   86.630798][ T6568] kmalloc-16               386KB        400KB
[   86.633120][ T6568] kmalloc-8                405KB        420KB
[   86.635178][ T6568] kmalloc-192             1308KB       1420KB
[   86.637491][ T6568] kmalloc-96              1494KB       1604KB
[   86.639538][ T6568] kmem_cache_node          213KB        220KB
[   86.641574][ T6568] kmem_cache               176KB        226KB
[   86.643503][ T6568] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz1,task=syz.1.137,pid=6568,uid=0
[   86.649556][ T6568] Out of memory (oom_kill_allocating_task): Killed process 6567 (syz.1.137) total-vm:102004kB, anon-rss:1284kB, file-rss:23404kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000
[   86.680255][   T39] imon:send_packet: packet tx failed (-71)
[   86.695556][   T39] imon 6-1:155.0: panel buttons/knobs setup failed
[   86.700230][   T39] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[   86.702831][   T39]  (id 0x00)
[   86.784608][   T39] rc_core: IR keymap rc-imon-pad not found
[   86.788673][   T39] Registered IR keymap rc-empty
[   86.790326][   T39] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[   86.795036][   T39] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[   86.798652][   T39] imon:send_packet: packet tx failed (-71)
[   86.824841][   T39] imon 6-1:155.0: remote input dev register failed
[   86.830374][   T39] imon 6-1:155.0: imon_init_intf0: rc device setup failed
[   87.394111][   T39] imon 6-1:155.0: unable to initialize intf0, err 0
[   87.396594][   T39] imon:imon_probe: failed to initialize context!
[   87.398779][   T39] imon 6-1:155.0: unable to register, err -19
[   87.408160][   T39] usb 6-1: USB disconnect, device number 3
[   87.743867][   T39] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   88.001684][ T6585] netlink: 27 bytes leftover after parsing attributes in process `syz.1.142'.
[   88.009886][   T39] usb 6-1: unable to get BOS descriptor or descriptor too short
[   88.018164][   T39] usb 6-1: unable to read config index 0 descriptor/start: -71
[   88.021520][   T39] usb 6-1: can't read configurations, error -71
[   88.268804][ T6607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.146'.
[   88.273189][ T6607] netlink: 'syz.2.146': attribute type 10 has an invalid length.
[   88.367853][ T6609] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   88.372544][ T6609] cgroup: Invalid name
[   88.713890][ T5950] ==================================================================
[   88.716543][ T5950] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0xde7/0xf80
[   88.719102][ T5950] Read of size 8 at addr ffff888012a0e480 by task kworker/u33:7/5950
[   88.722956][ T5950] 
[   88.724002][ T5950] CPU: 3 UID: 0 PID: 5950 Comm: kworker/u33:7 Not tainted syzkaller #0 PREEMPT(full) 
[   88.724018][ T5950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.724027][ T5950] Workqueue: hci0 hci_rx_work
[   88.724047][ T5950] Call Trace:
[   88.724051][ T5950]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   88.724056][ T5950]  dump_stack_lvl+0x100/0x190
[   88.724075][ T5950]  print_report+0x156/0x4c9
[   88.724092][ T5950]  ? __virt_addr_valid+0x81/0x620
[   88.724107][ T5950]  ? __phys_addr+0xe8/0x180
[   88.724139][ T5950]  ? l2cap_connect_cfm+0xde7/0xf80
[   88.724154][ T5950]  kasan_report+0xdf/0x1e0
[   88.724167][ T5950]  ? l2cap_connect_cfm+0xde7/0xf80
[   88.724184][ T5950]  l2cap_connect_cfm+0xde7/0xf80
[   88.724202][ T5950]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   88.724220][ T5950]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   88.724235][ T5950]  le_conn_complete_evt+0x197c/0x1f60
[   88.724251][ T5950]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   88.724268][ T5950]  hci_le_conn_complete_evt+0x23c/0x3a0
[   88.724283][ T5950]  ? skb_pull_data+0x15f/0x1e0
[   88.724297][ T5950]  hci_le_meta_evt+0x34a/0x5f0
[   88.724313][ T5950]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   88.724330][ T5950]  hci_event_packet+0x51c/0xcd0
[   88.724344][ T5950]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   88.724361][ T5950]  ? __pfx_hci_event_packet+0x10/0x10
[   88.724376][ T5950]  ? kcov_remote_start+0x374/0x660
[   88.724386][ T5950]  ? lockdep_hardirqs_on+0x78/0x100
[   88.724399][ T5950]  hci_rx_work+0x451/0xfc0
[   88.724414][ T5950]  process_one_work+0xa23/0x19a0
[   88.724433][ T5950]  ? __pfx_process_one_work+0x10/0x10
[   88.724450][ T5950]  ? __pfx_hci_rx_work+0x10/0x10
[   88.724465][ T5950]  worker_thread+0x5ef/0xe50
[   88.724481][ T5950]  ? __pfx_worker_thread+0x10/0x10
[   88.724497][ T5950]  ? kthread+0x13a/0x450
[   88.724510][ T5950]  ? __pfx_worker_thread+0x10/0x10
[   88.724525][ T5950]  kthread+0x370/0x450
[   88.724538][ T5950]  ? __pfx_kthread+0x10/0x10
[   88.724552][ T5950]  ret_from_fork+0x754/0xd80
[   88.724569][ T5950]  ? __pfx_ret_from_fork+0x10/0x10
[   88.724584][ T5950]  ? rcu_is_watching+0x12/0xc0
[   88.724601][ T5950]  ? __switch_to+0x7b4/0x1120
[   88.724612][ T5950]  ? __pfx_kthread+0x10/0x10
[   88.724626][ T5950]  ret_from_fork_asm+0x1a/0x30
[   88.724641][ T5950]  </TASK>
[   88.724645][ T5950] 
[   88.796500][ T5950] Allocated by task 5950:
[   88.797888][ T5950]  kasan_save_stack+0x30/0x50
[   88.799403][ T5950]  kasan_save_track+0x14/0x30
[   88.800985][ T5950]  __kasan_kmalloc+0xaa/0xb0
[   88.802466][ T5950]  l2cap_chan_create+0x44/0x940
[   88.804024][ T5950]  l2cap_sock_alloc.constprop.0+0xf5/0x1e0
[   88.805961][ T5950]  l2cap_sock_new_connection_cb+0x101/0x260
[   88.807918][ T5950]  l2cap_connect_cfm+0x4e2/0xf80
[   88.809608][ T5950]  le_conn_complete_evt+0x197c/0x1f60
[   88.811492][ T5950]  hci_le_conn_complete_evt+0x23c/0x3a0
[   88.813285][ T5950]  hci_le_meta_evt+0x34a/0x5f0
[   88.814827][ T5950]  hci_event_packet+0x51c/0xcd0
[   88.816422][ T5950]  hci_rx_work+0x451/0xfc0
[   88.817869][ T5950]  process_one_work+0xa23/0x19a0
[   88.819457][ T5950]  worker_thread+0x5ef/0xe50
[   88.820977][ T5950]  kthread+0x370/0x450
[   88.822349][ T5950]  ret_from_fork+0x754/0xd80
[   88.823970][ T5950]  ret_from_fork_asm+0x1a/0x30
[   88.825730][ T5950] 
[   88.826620][ T5950] Freed by task 6616:
[   88.827988][ T5950]  kasan_save_stack+0x30/0x50
[   88.829530][ T5950]  kasan_save_track+0x14/0x30
[   88.831104][ T5950]  kasan_save_free_info+0x3b/0x70
[   88.832720][ T5950]  __kasan_slab_free+0x5f/0x80
[   88.834237][ T5950]  kfree+0x1f6/0x6b0
[   88.835512][ T5950]  l2cap_chan_put+0x235/0x300
[   88.837060][ T5950]  l2cap_sock_cleanup_listen+0x4d/0x2d0
[   88.838818][ T5950]  l2cap_sock_release+0x69/0x280
[   88.840466][ T5950]  __sock_release+0xb3/0x260
[   88.841998][ T5950]  sock_close+0x1c/0x30
[   88.843429][ T5950]  __fput+0x3ff/0xb40
[   88.844844][ T5950]  task_work_run+0x150/0x240
[   88.846481][ T5950]  exit_to_user_mode_loop+0x100/0x4a0
[   88.848337][ T5950]  __do_fast_syscall_32+0x578/0x8c0
[   88.850031][ T5950]  do_fast_syscall_32+0x32/0x70
[   88.851588][ T5950]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   88.853624][ T5950] 
[   88.854405][ T5950] The buggy address belongs to the object at ffff888012a0e000
[   88.854405][ T5950]  which belongs to the cache kmalloc-2k of size 2048
[   88.858856][ T5950] The buggy address is located 1152 bytes inside of
[   88.858856][ T5950]  freed 2048-byte region [ffff888012a0e000, ffff888012a0e800)
[   88.863720][ T5950] 
[   88.864600][ T5950] The buggy address belongs to the physical page:
[   88.866671][ T5950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888012a0b000 pfn:0x12a08
[   88.869959][ T5950] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   88.872684][ T5950] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[   88.875456][ T5950] page_type: f5(slab)
[   88.876902][ T5950] raw: 00fff00000000240 ffff88801b842f00 ffffea000086b010 ffffea000086d810
[   88.879856][ T5950] raw: ffff888012a0b000 0000000800080007 00000000f5000000 0000000000000000
[   88.882723][ T5950] head: 00fff00000000240 ffff88801b842f00 ffffea000086b010 ffffea000086d810
[   88.885442][ T5950] head: ffff888012a0b000 0000000800080007 00000000f5000000 0000000000000000
[   88.888181][ T5950] head: 00fff00000000003 ffffea00004a8201 00000000ffffffff 00000000ffffffff
[   88.890955][ T5950] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[   88.893687][ T5950] page dumped because: kasan: bad access detected
[   88.895920][ T5950] page_owner tracks the page as allocated
[   88.897983][ T5950] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5936, tgid 5936 (syz-executor), ts 54731995396, free_ts 34151068888
[   88.904624][ T5950]  post_alloc_hook+0x153/0x170
[   88.906219][ T5950]  get_page_from_freelist+0x111d/0x3140
[   88.908020][ T5950]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[   88.910080][ T5950]  new_slab+0xa6/0x6b0
[   88.911519][ T5950]  refill_objects+0x26b/0x400
[   88.913213][ T5950]  __pcs_replace_empty_main+0x1ab/0x660
[   88.915111][ T5950]  __kmalloc_node_track_caller_noprof+0x694/0x850
[   88.917194][ T5950]  kmalloc_reserve+0xe8/0x350
[   88.918732][ T5950]  pskb_expand_head+0x246/0xfe0
[   88.920352][ T5950]  netlink_trim+0x22d/0x2f0
[   88.921843][ T5950]  netlink_broadcast_filtered+0xd7/0xf50
[   88.923735][ T5950]  nlmsg_notify+0xb1/0x290
[   88.925280][ T5950]  rtnetlink_event+0x1b3/0x1f0
[   88.926878][ T5950]  notifier_call_chain+0x99/0x420
[   88.928562][ T5950]  call_netdevice_notifiers_info+0xbe/0x110
[   88.930505][ T5950]  netif_change_name+0x4d9/0x830
[   88.932156][ T5950] page last free pid 44 tgid 44 stack trace:
[   88.934131][ T5950]  __free_frozen_pages+0x7e1/0x10d0
[   88.935838][ T5950]  __folio_put+0x3b4/0x540
[   88.937368][ T5950]  migrate_folio_done+0x2a1/0x360
[   88.939145][ T5950]  migrate_pages_batch+0x1a90/0x4530
[   88.941067][ T5950]  migrate_pages_sync+0x12c/0x880
[   88.942875][ T5950]  migrate_pages+0x1aae/0x28a0
[   88.944476][ T5950]  compact_zone+0x2464/0x44c0
[   88.946024][ T5950]  compact_node+0x17f/0x2c0
[   88.947487][ T5950]  kcompactd+0x74f/0xe00
[   88.948889][ T5950]  kthread+0x370/0x450
[   88.950269][ T5950]  ret_from_fork+0x754/0xd80
[   88.951820][ T5950]  ret_from_fork_asm+0x1a/0x30
[   88.953511][ T5950] 
[   88.954437][ T5950] Memory state around the buggy address:
[   88.956485][ T5950]  ffff888012a0e380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.959145][ T5950]  ffff888012a0e400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.961716][ T5950] >ffff888012a0e480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.964243][ T5950]                    ^
[   88.965577][ T5950]  ffff888012a0e500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.968186][ T5950]  ffff888012a0e580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   88.971037][ T5950] ==================================================================
[   88.975341][ T5950] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   88.977732][ T5950] CPU: 3 UID: 0 PID: 5950 Comm: kworker/u33:7 Not tainted syzkaller #0 PREEMPT(full) 
[   88.980774][ T5950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.984326][ T5950] Workqueue: hci0 hci_rx_work
[   88.986079][ T5950] Call Trace:
[   88.987230][ T5950]  <TASK>
[   88.988263][ T5950]  dump_stack_lvl+0x100/0x190
[   88.989803][ T5950]  vpanic+0x552/0x970
[   88.991121][ T5950]  ? __pfx_vpanic+0x10/0x10
[   88.992622][ T5950]  ? l2cap_connect_cfm+0xde7/0xf80
[   88.994250][ T5950]  panic+0xd1/0xe0
[   88.995584][ T5950]  ? __pfx_panic+0x10/0x10
[   88.997235][ T5950]  ? l2cap_connect_cfm+0xde7/0xf80
[   88.999112][ T5950]  ? preempt_schedule_common+0x42/0xc0
[   89.001058][ T5950]  check_panic_on_warn.cold+0x19/0x34
[   89.002841][ T5950]  end_report.part.0+0x3a/0x90
[   89.004401][ T5950]  kasan_report.cold+0xe/0x18
[   89.005938][ T5950]  ? l2cap_connect_cfm+0xde7/0xf80
[   89.007656][ T5950]  l2cap_connect_cfm+0xde7/0xf80
[   89.009361][ T5950]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   89.011216][ T5950]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[   89.013075][ T5950]  le_conn_complete_evt+0x197c/0x1f60
[   89.014924][ T5950]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   89.016962][ T5950]  hci_le_conn_complete_evt+0x23c/0x3a0
[   89.018889][ T5950]  ? skb_pull_data+0x15f/0x1e0
[   89.020528][ T5950]  hci_le_meta_evt+0x34a/0x5f0
[   89.022085][ T5950]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   89.024038][ T5950]  hci_event_packet+0x51c/0xcd0
[   89.025641][ T5950]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   89.027428][ T5950]  ? __pfx_hci_event_packet+0x10/0x10
[   89.029351][ T5950]  ? kcov_remote_start+0x374/0x660
[   89.031164][ T5950]  ? lockdep_hardirqs_on+0x78/0x100
[   89.032915][ T5950]  hci_rx_work+0x451/0xfc0
[   89.034375][ T5950]  process_one_work+0xa23/0x19a0
[   89.036026][ T5950]  ? __pfx_process_one_work+0x10/0x10
[   89.037664][ T5950]  ? __pfx_hci_rx_work+0x10/0x10
[   89.039318][ T5950]  worker_thread+0x5ef/0xe50
[   89.041133][ T5950]  ? __pfx_worker_thread+0x10/0x10
[   89.043100][ T5950]  ? kthread+0x13a/0x450
[   89.044782][ T5950]  ? __pfx_worker_thread+0x10/0x10
[   89.046449][ T5950]  kthread+0x370/0x450
[   89.047763][ T5950]  ? __pfx_kthread+0x10/0x10
[   89.049247][ T5950]  ret_from_fork+0x754/0xd80
[   89.050721][ T5950]  ? __pfx_ret_from_fork+0x10/0x10
[   89.052360][ T5950]  ? rcu_is_watching+0x12/0xc0
[   89.053857][ T5950]  ? __switch_to+0x7b4/0x1120
[   89.055385][ T5950]  ? __pfx_kthread+0x10/0x10
[   89.056953][ T5950]  ret_from_fork_asm+0x1a/0x30
[   89.058500][ T5950]  </TASK>
[   89.060407][ T5950] Kernel Offset: disabled
[   89.061976][ T5950] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:20:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc900044efcf8 RCX=ffffffff8b8750c2 RDX=0000000000000001
RSI=0000000000000001 RDI=ffff8880247cc980 RBP=0000000000000001 RSP=ffffc900044efc40
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000000
R12=ffffffffffffffff R13=ffffc900044efd40 R14=dffffc0000000000 R15=00000000000003e2
RIP=ffffffff8b87556e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097141000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f7fa6ec0 CR3=00000000514b5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858 2e7a797300000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000187cf7 RBX=ffff88801c3224c0 RCX=ffffffff8b8e5c75 RDX=0000000000000000
RSI=ffffffff8de826ce RDI=ffffffff8c1b19a0 RBP=0000000000000000 RSP=ffffc9000046fdf0
R8 =0000000000000001 R9 =ffffed100566679d R10=ffff88802b333ceb R11=0000000000000000
R12=0000000000000001 R13=ffffed1003864498 R14=0000000000000001 R15=ffffffff90d9f810
RIP=ffffffff8b8e45df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097241000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c41b580 CR3=000000006a90b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000108e7b RBX=ffff88801c3c4980 RCX=ffffffff8b8e5c75 RDX=0000000000000000
RSI=ffffffff8de826ce RDI=ffffffff8c1b19a0 RBP=0000000000000000 RSP=ffffc9000047fdf0
R8 =0000000000000001 R9 =ffffed100568679d R10=ffff88802b433ceb R11=0000000000000000
R12=0000000000000002 R13=ffffed1003878930 R14=0000000000000002 R15=ffffffff90d9f810
RIP=ffffffff8b8e45df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097341000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000f000 CR3=000000006a90b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85781095 RDI=ffffffff9b497680 RBP=ffffffff9b497640 RSP=ffffc90004c4f250
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000035393554
R12=0000000000000000 R13=0000000000000038 R14=0000000000000010 R15=ffffffff85781030
RIP=ffffffff857810bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097441000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000000c43f1a8 CR3=000000006a90b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000