last executing test programs:

7.47670101s ago: executing program 2 (id=157):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000100)="7a04", 0x0, 0x91eb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x82}, 0x50)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000"], 0xfdef)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x1c, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x200a00, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305615, &(0x7f0000000080)={0x0, {0x1, 0xffffffff}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCXONC(r4, 0x540a, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = syz_open_pts(r4, 0x101000)
ioctl$KDDISABIO(r6, 0x4b37)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000012c"], 0x0)

6.554963081s ago: executing program 1 (id=159):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x83, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x46)
getdents64(0xffffffffffffffff, &(0x7f00000000c0)=""/45, 0x2d)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x0, 0x5, 0x0, 0x5, 0x4}})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0xc, 0x4, 0xffffbe0000000001, 0x8, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000200)=0x415a, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000000010073797a300000000048000000030a010100000000000000000100000008000b400000000014000480080002400000000008000140000000000900010073797a31000000000900030073797a3000000000140000001000010000000000000000000000000a"], 0x90}}, 0x0)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
process_madvise(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000400)="8524d5e68c5f73d7b65b2fa844745f0ba3", 0x11}], 0x1, 0x15, 0x0)
sendmsg$NL80211_CMD_START_NAN(r5, &(0x7f00000006c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x4)
lstat64(&(0x7f0000000080)='./cgroup\x00', &(0x7f0000000a00))

6.554352754s ago: executing program 0 (id=160):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfffe, r5, 0x0}])
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b6e0987f70e06d038e7ff7fc6e5539b3248298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x14)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chown(&(0x7f00000003c0)='./cgroup\x00', 0x0, 0x0)
stat(&(0x7f0000000240)='./file0/file0\x00', 0x0)

5.897306701s ago: executing program 3 (id=161):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x36b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xffffffff, 0x0, 0xb49, 0x9, 0xd, 0x0, 0x3}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0x40045010, &(0x7f0000000080)=0xd8eb)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, 0x0, 0x20044000)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb03"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
r6 = syz_open_dev$dri(0x0, 0x7, 0x220042)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[<r9=>0x0], &(0x7f0000000340), 0x0, 0x1, 0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r7, 0xc01064ab, &(0x7f0000000380)={0x3, r9, r8})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r6, 0xc01064ab, &(0x7f0000000440)={0x5, r9})
syz_io_uring_setup(0x7a72, &(0x7f0000000480)={0x0, 0x2d12, 0x1000, 0x2, 0x306}, &(0x7f0000000140), &(0x7f0000000280))
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="02090000020000000000000000006ed50d169fd1259a4008814b921f312bdff9490675285f56e698679723b433298a597a017f02c5d6eb"], 0x10}}, 0x0)

5.68888553s ago: executing program 1 (id=162):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r4, 0x5607, 0x2c)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$TIOCL_SETVESABLANK(r6, 0x560e, &(0x7f0000000140))
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_ACTIVATE(r7, 0x5606, 0x4)
ioctl$TIOCL_BLANKSCREEN(r6, 0x541c, &(0x7f0000000040))
r8 = dup(r3)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_io_uring_setup(0x83b, &(0x7f00000000c0)={0x0, 0xc2f6, 0x0, 0x1, 0x319}, &(0x7f0000000500)=<r10=>0x0, &(0x7f0000000400)=<r11=>0x0)
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x0, 0xfffffff9, 0x3, 0xca60, r8, 0x5, '\x00', 0x0, r8, 0x2, 0x3, 0x3, 0x0, @value=r8}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xf, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x31887ab3, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x80000000, 0x68, &(0x7f0000000440)=""/104, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x10, 0x6, 0x76}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r8, r8, r8, r8, r13, 0x1, r8], &(0x7f0000000600)=[{0x2, 0x4, 0x6, 0x6}, {0x1, 0x5, 0xa, 0x6}, {0x4, 0x4, 0xe, 0x9}, {0x5, 0x5, 0xf, 0xe}, {0x1, 0x1, 0x0, 0xa}], 0x10, 0x5}, 0x94)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f0000000040)=0x5)
ioctl$TIOCSTI(r12, 0x5412, &(0x7f0000000200)=0xc0)
prctl$PR_SET_SECUREBITS(0x1c, 0x73)
setuid(0xee01)
r14 = socket(0x1d, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r14, 0x1, 0x1a, &(0x7f0000000180)={0x0, &(0x7f0000000140)}, 0x8)
syz_io_uring_submit(r10, r11, 0x0)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

5.347238528s ago: executing program 2 (id=163):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendto$rose(r0, 0x0, 0x0, 0x40, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r4, 0x4068aea3, &(0x7f0000000140)={0x74, 0x0, 0x90accf24a4511d13})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000040000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x2090}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @local}]}}}, @IFLA_MTU={0x8, 0x4, 0x44}]}, 0x44}, 0x1, 0x2}, 0x4050)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x20, 0x0, 0x0, 0xff}, {0x6, 0x0, 0x0, 0x6}]}, 0x8)
sendmsg$inet(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x20040000)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r9}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x1, 0x2ff}, &(0x7f0000000140), &(0x7f0000000280))
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r11, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r11, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r11, &(0x7f0000000100)={0x2, 0xfc}, 0x2)
sendmsg$NFNL_MSG_CTHELPER_NEW(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x70, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7ff}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x70}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4.986442835s ago: executing program 0 (id=164):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = gettid()
ptrace$ARCH_SHSTK_STATUS(0x1e, r2, &(0x7f0000000740), 0x5005)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x5, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048880}, 0x10)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000840), 0x101040, 0x0)
setsockopt$inet_udp_int(r4, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x4c4201, 0x3c)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0xff49, 0x0, 0x86, 0xb7, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$DRM_IOCTL_DMA(r5, 0xc0286429, &(0x7f0000000800)={0x0, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0xfffffc01, 0x7, 0x2, 0x100], &(0x7f0000000740), 0x63, 0x7, 0x400, &(0x7f0000000780)=[0x401, 0x9, 0x8, 0x8, 0x40, 0x9, 0x2], &(0x7f00000007c0)=[0x3]})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendmmsg$inet(r4, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r4, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

4.98550923s ago: executing program 3 (id=165):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = gettid()
ptrace$ARCH_SHSTK_STATUS(0x1e, r2, &(0x7f0000000740), 0x5005)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x5, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048880}, 0x10)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000840), 0x101040, 0x0)
setsockopt$inet_udp_int(r4, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x4c4201, 0x3c)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000340)={r5, r5, 0x8, 0xff49, 0x0, 0x86, 0xb7, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f00000006c0)={0x6, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}]})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendmmsg$inet(r4, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r4, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

4.684114967s ago: executing program 1 (id=166):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000100)="7a04", 0x0, 0x91eb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x82}, 0x50)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000"], 0xfdef)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x1c, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x200a00, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305615, &(0x7f0000000080)={0x0, {0x1, 0xffffffff}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCXONC(r4, 0x540a, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = syz_open_pts(r4, 0x101000)
ioctl$KDDISABIO(r6, 0x4b37)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000012c"], 0x0)

4.683605957s ago: executing program 2 (id=167):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@bridge_setlink={0x38, 0x13, 0xa2f, 0x70bd27, 0x0, {0x7, 0x0, 0x68, r2, 0x900, 0x62010}, [@IFLA_LINKINFO={0x18, 0x1a, 0x0, 0x1, @vlan={{0x9}, {0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x110)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$key(0xf, 0x3, 0x2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r6=>0x0, &(0x7f00000006c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, 0x0, 0x0, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r5, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r5, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
syz_io_uring_setup(0x1765, &(0x7f0000000180)={0x0, 0x5792, 0x4, 0x2, 0x112}, &(0x7f0000000100), &(0x7f0000000240))
r8 = userfaultfd(0x80001)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
ioctl$UFFDIO_ZEROPAGE(r8, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}})

4.187838552s ago: executing program 2 (id=168):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = gettid()
ptrace$ARCH_SHSTK_STATUS(0x1e, r2, &(0x7f0000000740), 0x5005)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x5, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048880}, 0x10)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000840), 0x101040, 0x0)
setsockopt$inet_udp_int(r4, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x4c4201, 0x3c)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0xff49, 0x0, 0x86, 0xb7, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$DRM_IOCTL_DMA(r5, 0xc0286429, &(0x7f0000000800)={0x0, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0xfffffc01, 0x7, 0x2, 0x100], &(0x7f0000000740), 0x63, 0x7, 0x400, &(0x7f0000000780)=[0x401, 0x9, 0x8, 0x8, 0x40, 0x9, 0x2], &(0x7f00000007c0)=[0x3]})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendmmsg$inet(r4, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r4, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

4.074365925s ago: executing program 0 (id=169):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendto$rose(r0, 0x0, 0x0, 0x40, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r4, 0x4068aea3, &(0x7f0000000140)={0x74, 0x0, 0x90accf24a4511d13})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x2}, 0x4050)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x20, 0x0, 0x0, 0xff}, {0x6, 0x0, 0x0, 0x6}]}, 0x8)
sendmsg$inet(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x20040000)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r8}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x1, 0x2ff}, &(0x7f0000000140), &(0x7f0000000280))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r10, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r10, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r10, &(0x7f0000000100)={0x2, 0xfc}, 0x2)
sendmsg$NFNL_MSG_CTHELPER_NEW(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x70, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7ff}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x70}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4.073594003s ago: executing program 3 (id=170):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), 0x0, 0x0, 0x8002, &(0x7f0000000700)=ANY=[@ANYBLOB])
rename(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x408)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
r5 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r4, 0x0, r5, 0x0, 0x10000000000016, 0x0)

3.687415515s ago: executing program 0 (id=171):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000100)="7a04", 0x0, 0x91eb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x82}, 0x50)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000"], 0xfdef)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x1c, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x200a00, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305615, &(0x7f0000000080)={0x0, {0x1, 0xffffffff}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCXONC(r4, 0x540a, 0x0)
ioctl$TCFLSH(r4, 0x400455c8, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = syz_open_pts(r4, 0x101000)
ioctl$KDDISABIO(r6, 0x4b37)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000012c"], 0x0)

3.267252555s ago: executing program 2 (id=172):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfffe, r5, 0x0}])
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b6e0987f70e06d038e7ff7fc6e5539b3248298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x14)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chown(&(0x7f00000003c0)='./cgroup\x00', 0x0, 0x0)
stat(&(0x7f0000000240)='./file0/file0\x00', 0x0)

3.072534344s ago: executing program 3 (id=173):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f00000034c0)={0x2020}, 0xcac)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000280)={0x3, 0x7}, 0x4)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, r5, 0x1}, 0x14}}, 0x0)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x2, @empty, 0x7}], 0x1c)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r6, &(0x7f0000000400)=""/4096, 0x1000)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x4048043)

2.396881317s ago: executing program 1 (id=174):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendto$rose(r0, 0x0, 0x0, 0x40, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x2090}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @local}]}}}, @IFLA_MTU={0x8, 0x4, 0x44}]}, 0x44}, 0x1, 0x2}, 0x4050)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000040)}, 0x8)
sendmsg$inet(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x20040000)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r9}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x1, 0x2ff}, &(0x7f0000000140), &(0x7f0000000280))
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_REGISTER(r11, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r11, &(0x7f0000000100)={0x2, 0xfc}, 0x2)
sendmsg$NFNL_MSG_CTHELPER_NEW(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x70, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7ff}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x70}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.448297267s ago: executing program 3 (id=175):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r4, 0x5607, 0x2c)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$TIOCL_SETVESABLANK(r6, 0x560e, &(0x7f0000000140))
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_ACTIVATE(r7, 0x5606, 0x4)
ioctl$TIOCL_BLANKSCREEN(r6, 0x541c, &(0x7f0000000040))
r8 = dup(r3)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_io_uring_setup(0x83b, &(0x7f00000000c0)={0x0, 0xc2f6, 0x0, 0x1, 0x319}, &(0x7f0000000500)=<r10=>0x0, &(0x7f0000000400)=<r11=>0x0)
r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x0, 0xfffffff9, 0x3, 0xca60, r8, 0x5, '\x00', 0x0, r8, 0x2, 0x3, 0x3, 0x0, @value=r8}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x17, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x31887ab3, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffa}, @jmp={0x5, 0x0, 0x5, 0x7, 0x9, 0x20, 0x999d1e2a512ef073}, @tail_call={{0x18, 0x2, 0x1, 0x0, r12}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x80000000, 0x68, &(0x7f0000000440)=""/104, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x10, 0x6, 0x76}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000003c0)=[r8, r8, r8, r8, r13, 0x1, r8], &(0x7f0000000600)=[{0x2, 0x4, 0x6, 0x6}, {0x1, 0x5, 0xa, 0x6}, {0x4, 0x4, 0xe, 0x9}, {0x5, 0x5, 0xf, 0xe}, {0x1, 0x1, 0x0, 0xa}], 0x10, 0x5}, 0x94)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f0000000040)=0x5)
ioctl$TIOCSTI(r12, 0x5412, &(0x7f0000000200)=0xc0)
prctl$PR_SET_SECUREBITS(0x1c, 0x73)
setuid(0xee01)
r14 = socket(0x1d, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r14, 0x1, 0x1a, &(0x7f0000000180)={0x0, &(0x7f0000000140)}, 0x8)
syz_io_uring_submit(r10, r11, 0x0)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

1.440392969s ago: executing program 0 (id=176):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@bridge_setlink={0x38, 0x13, 0xa2f, 0x70bd27, 0x0, {0x7, 0x0, 0x68, r2, 0x900, 0x62010}, [@IFLA_LINKINFO={0x18, 0x1a, 0x0, 0x1, @vlan={{0x9}, {0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_EGRESS_QOS={0x4}]}}}]}, 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x110)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$key(0xf, 0x3, 0x2)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r6=>0x0, &(0x7f00000006c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r5, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r5, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
syz_io_uring_setup(0x1765, &(0x7f0000000180)={0x0, 0x5792, 0x4, 0x2, 0x112}, &(0x7f0000000100), &(0x7f0000000240))
r8 = userfaultfd(0x80001)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
ioctl$UFFDIO_ZEROPAGE(r8, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}})

1.366332313s ago: executing program 1 (id=177):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x36b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xffffffff, 0x0, 0xb49, 0x9, 0xd, 0x0, 0x3}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0x40045010, &(0x7f0000000080)=0xd8eb)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, 0x0, 0x20044000)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac14140000000000000000000200010000000000"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
r6 = syz_open_dev$dri(0x0, 0x7, 0x220042)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[<r9=>0x0], &(0x7f0000000340), 0x0, 0x1, 0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r7, 0xc01064ab, &(0x7f0000000380)={0x3, r9, r8})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r6, 0xc01064ab, &(0x7f0000000440)={0x5, r9})
syz_io_uring_setup(0x7a72, &(0x7f0000000480)={0x0, 0x2d12, 0x1000, 0x2, 0x306}, &(0x7f0000000140), &(0x7f0000000280))
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="02090000020000000000000000006ed50d169fd1259a4008814b921f312bdff9490675285f56e698679723b433298a597a017f02c5d6eb"], 0x10}}, 0x0)

76.714674ms ago: executing program 0 (id=178):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x200, &(0x7f00000010c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfffe, r5, 0x0}])
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b6e0987f70e06d038e7ff7fc6e5539b3248298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x14)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chown(&(0x7f00000003c0)='./cgroup\x00', 0x0, 0x0)
stat(&(0x7f0000000240)='./file0/file0\x00', 0x0)

75.920768ms ago: executing program 1 (id=179):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
sendto$rose(r0, 0x0, 0x0, 0x40, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r4, 0x4068aea3, &(0x7f0000000140)={0x74, 0x0, 0x90accf24a4511d13})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x2}, 0x4050)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x20, 0x0, 0x0, 0xff}, {0x6, 0x0, 0x0, 0x6}]}, 0x8)
sendmsg$inet(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x20040000)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r8}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x1, 0x2ff}, &(0x7f0000000140), &(0x7f0000000280))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r10, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r10, &(0x7f00000000c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r10, &(0x7f0000000100)={0x2, 0xfc}, 0x2)
sendmsg$NFNL_MSG_CTHELPER_NEW(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000004c0)={0x70, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x7ff}}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x70}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

7.140577ms ago: executing program 2 (id=180):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = gettid()
ptrace$ARCH_SHSTK_STATUS(0x1e, r2, &(0x7f0000000740), 0x5005)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x5, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048880}, 0x10)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000840), 0x101040, 0x0)
setsockopt$inet_udp_int(r4, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x4c4201, 0x3c)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f00000006c0)={0x6, &(0x7f0000000680)=[{}, {}, {}, {<r7=>0x0}, {}, {}]})
ioctl$DRM_IOCTL_DMA(r5, 0xc0286429, &(0x7f0000000800)={r7, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0xfffffc01, 0x7, 0x2, 0x100], &(0x7f0000000740), 0x63, 0x7, 0x400, &(0x7f0000000780)=[0x401, 0x9, 0x8, 0x8, 0x40, 0x9, 0x2], &(0x7f00000007c0)=[0x3]})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
sendmmsg$inet(r4, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x2000c844)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendto$inet(r4, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440606769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x6000000000000000, 0x0, 0x0)

0s ago: executing program 3 (id=181):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
unlink(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000"], 0xfdef)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102400, 0x19000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x200a00, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305615, &(0x7f0000000080)={0x0, {0x1, 0xffffffff}})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$TCFLSH(r2, 0x400455c8, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37)
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="69e1629b6174391e7dd7a2d786dd60b6000000302c03cb697a653e336f000000500000000000ff0200000000000000000000000000012c"], 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:44329' (ED25519) to the list of known hosts.
[   57.378353][ T5934] cgroup: Unknown subsys name 'net'
[   57.522212][ T5934] cgroup: Unknown subsys name 'cpuset'
[   57.526797][ T5934] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.453325][ T5934] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   62.122843][ T5952] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.126672][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.131182][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.137190][ T5956] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.145959][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.148948][ T5958] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   62.152359][ T5958] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.155033][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   62.157582][ T5962] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   62.159231][ T5958] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.161278][ T5962] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.164277][ T5958] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.165478][ T5963] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   62.165826][ T5962] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   62.166300][ T5963] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   62.166779][ T5963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   62.167025][ T5963] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   62.169076][ T5958] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   62.183913][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   62.186490][ T5958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   62.484542][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   62.490596][ T5947] chnl_net:caif_netlink_parms(): no params data found
[   62.530392][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   62.613394][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   62.685726][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.688675][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.691738][ T5955] bridge_slave_0: entered allmulticast mode
[   62.694651][ T5955] bridge_slave_0: entered promiscuous mode
[   62.737932][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.740485][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.743043][ T5955] bridge_slave_1: entered allmulticast mode
[   62.745775][ T5955] bridge_slave_1: entered promiscuous mode
[   62.795109][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.797809][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.800975][ T5947] bridge_slave_0: entered allmulticast mode
[   62.803695][ T5947] bridge_slave_0: entered promiscuous mode
[   62.830566][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.833050][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.835500][ T5947] bridge_slave_1: entered allmulticast mode
[   62.838336][ T5947] bridge_slave_1: entered promiscuous mode
[   62.842061][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.844424][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.846974][ T5954] bridge_slave_0: entered allmulticast mode
[   62.850909][ T5954] bridge_slave_0: entered promiscuous mode
[   62.856980][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.860603][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.863082][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.865516][ T5949] bridge_slave_0: entered allmulticast mode
[   62.868353][ T5949] bridge_slave_0: entered promiscuous mode
[   62.879777][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.882234][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.884648][ T5954] bridge_slave_1: entered allmulticast mode
[   62.887828][ T5954] bridge_slave_1: entered promiscuous mode
[   62.892329][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.901108][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.903784][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.906405][ T5949] bridge_slave_1: entered allmulticast mode
[   62.909611][ T5949] bridge_slave_1: entered promiscuous mode
[   62.942392][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.946836][ T5955] team0: Port device team_slave_0 added
[   62.950026][ T5955] team0: Port device team_slave_1 added
[   62.965292][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.975334][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.980414][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.984123][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.986413][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   62.994981][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.000264][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.010463][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.014097][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.017175][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.026933][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.064525][ T5947] team0: Port device team_slave_0 added
[   63.068530][ T5954] team0: Port device team_slave_0 added
[   63.071564][ T5949] team0: Port device team_slave_0 added
[   63.082037][ T5947] team0: Port device team_slave_1 added
[   63.085114][ T5954] team0: Port device team_slave_1 added
[   63.088122][ T5949] team0: Port device team_slave_1 added
[   63.115396][ T5955] hsr_slave_0: entered promiscuous mode
[   63.117996][ T5955] hsr_slave_1: entered promiscuous mode
[   63.139861][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.142195][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.150718][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.154782][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.157181][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.166333][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.170649][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.172935][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.181571][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.186047][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.188394][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.199374][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.203477][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.205793][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.214326][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.223995][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.226685][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   63.236580][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.309683][ T5949] hsr_slave_0: entered promiscuous mode
[   63.312059][ T5949] hsr_slave_1: entered promiscuous mode
[   63.314284][ T5949] debugfs: 'hsr0' already exists in 'hsr'
[   63.316253][ T5949] Cannot create hsr debugfs directory
[   63.329893][ T5954] hsr_slave_0: entered promiscuous mode
[   63.332318][ T5954] hsr_slave_1: entered promiscuous mode
[   63.334529][ T5954] debugfs: 'hsr0' already exists in 'hsr'
[   63.336381][ T5954] Cannot create hsr debugfs directory
[   63.350104][ T5947] hsr_slave_0: entered promiscuous mode
[   63.352390][ T5947] hsr_slave_1: entered promiscuous mode
[   63.354609][ T5947] debugfs: 'hsr0' already exists in 'hsr'
[   63.356522][ T5947] Cannot create hsr debugfs directory
[   63.616183][ T5955] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   63.625303][ T5955] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   63.630832][ T5955] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   63.645514][ T5955] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   63.678436][ T5947] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.687271][ T5947] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.703805][ T5947] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.710725][ T5947] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.774183][ T5954] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   63.781432][ T5954] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   63.786913][ T5954] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   63.793692][ T5954] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   63.857594][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.865708][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.871130][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.877475][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.915689][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.948845][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   63.957811][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.964815][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.967996][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.982677][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.985482][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.006172][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.026889][ T5947] 8021q: adding VLAN 0 to HW filter on device team0
[   64.043206][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.045862][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.056611][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.059717][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.068307][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   64.087172][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.089608][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.096440][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.112642][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.115475][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.151169][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   64.170163][ T5958] Bluetooth: hci3: command tx timeout
[   64.176579][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.179410][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.194989][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.198222][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.249466][ T5958] Bluetooth: hci1: command tx timeout
[   64.249505][ T5950] Bluetooth: hci2: command tx timeout
[   64.249723][ T5963] Bluetooth: hci0: command tx timeout
[   64.273855][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.328522][ T5955] veth0_vlan: entered promiscuous mode
[   64.334677][ T5955] veth1_vlan: entered promiscuous mode
[   64.351263][ T5955] veth0_macvtap: entered promiscuous mode
[   64.356171][ T5955] veth1_macvtap: entered promiscuous mode
[   64.369139][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.376776][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.383512][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.401331][ T5268] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.407622][ T5268] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.412294][ T5268] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.420289][ T5268] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.445352][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.458082][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.492882][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.496612][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.503459][ T5954] veth0_vlan: entered promiscuous mode
[   64.525466][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.528164][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.531876][ T5954] veth1_vlan: entered promiscuous mode
[   64.538135][ T5949] veth0_vlan: entered promiscuous mode
[   64.558845][ T5949] veth1_vlan: entered promiscuous mode
[   64.567617][ T5955] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   64.574390][ T5947] veth0_vlan: entered promiscuous mode
[   64.579928][ T5947] veth1_vlan: entered promiscuous mode
[   64.626453][ T5954] veth0_macvtap: entered promiscuous mode
[   64.631151][ T5954] veth1_macvtap: entered promiscuous mode
[   64.640093][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.644519][ T5949] veth0_macvtap: entered promiscuous mode
[   64.652800][ T5949] veth1_macvtap: entered promiscuous mode
[   64.666427][ T5947] veth0_macvtap: entered promiscuous mode
[   64.671915][ T5947] veth1_macvtap: entered promiscuous mode
[   64.681488][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.690187][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.701592][ T1142] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.706616][ T1142] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.713544][ T1142] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.719168][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.723430][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.727109][ T1142] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.741003][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.749623][   T61] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.752813][   T61] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.764225][   T61] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.767275][   T61] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.784537][   T61] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.804967][   T61] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.809049][   T61] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.818476][   T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.853456][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.853489][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.900501][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.903365][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.936825][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.946081][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.972880][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.979727][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.985466][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.988579][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.060762][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.066504][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.414852][ T6054] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'.
[   65.423787][ T6053] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   65.426278][ T6053] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   65.431418][ T6053] vhci_hcd vhci_hcd.0: Device attached
[   65.487388][ T6050] evm: overlay not supported
[   65.719362][ T1467] usb 44-1: SetAddress Request (2) to port 0
[   65.721852][ T1467] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[   65.984422][ T6055] vhci_hcd: connection reset by peer
[   65.989457][   T13] vhci_hcd vhci_hcd.3: stop threads
[   65.995347][   T13] vhci_hcd vhci_hcd.3: release socket
[   66.010194][   T13] vhci_hcd vhci_hcd.3: disconnect device
[   66.260663][ T5950] Bluetooth: hci3: command tx timeout
[   66.329746][ T5950] Bluetooth: hci1: command tx timeout
[   66.330665][ T5958] Bluetooth: hci0: command tx timeout
[   66.330703][ T5963] Bluetooth: hci2: command tx timeout
[   66.370479][ T6072] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   66.372669][ T6072] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   66.376358][ T6072] vhci_hcd vhci_hcd.0: Device attached
[   66.440115][ T6076] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7'.
[   66.661913][   T29] usb 42-1: SetAddress Request (2) to port 0
[   66.664883][   T29] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[   66.870274][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   66.906323][ T6074] vhci_hcd: connection reset by peer
[   66.909498][ T5268] vhci_hcd vhci_hcd.2: stop threads
[   66.911272][ T5268] vhci_hcd vhci_hcd.2: release socket
[   66.913546][ T5268] vhci_hcd vhci_hcd.2: disconnect device
[   66.962653][ T6086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8'.
[   67.006923][ T6083] netlink: 'syz.1.9': attribute type 1 has an invalid length.
[   67.016255][ T6083] netlink: 'syz.1.9': attribute type 2 has an invalid length.
[   67.351706][ T6094] netlink: 'syz.0.10': attribute type 4 has an invalid length.
[   67.830690][ T6102] netlink: 'syz.3.13': attribute type 1 has an invalid length.
[   67.834574][ T6102] netlink: 'syz.3.13': attribute type 2 has an invalid length.
[   67.843137][ T6100] netlink: 'syz.2.12': attribute type 1 has an invalid length.
[   67.847231][ T6100] netlink: 'syz.2.12': attribute type 2 has an invalid length.
[   68.351007][ T5958] Bluetooth: hci3: command tx timeout
[   68.384820][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15'.
[   68.410282][ T5958] Bluetooth: hci2: command tx timeout
[   68.411632][ T5963] Bluetooth: hci0: command tx timeout
[   68.414216][ T5950] Bluetooth: hci1: command tx timeout
[   68.645806][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   68.803297][ T6126] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[   68.806231][ T6126] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   68.811148][ T6126] vhci_hcd vhci_hcd.0: Device attached
[   69.045248][   T60] cfg80211: failed to load regulatory.db
[   69.109342][   T34] usb 40-1: SetAddress Request (2) to port 0
[   69.111221][   T34] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[   69.128257][ T6127] vhci_hcd: connection closed
[   69.130115][   T92] vhci_hcd vhci_hcd.1: stop threads
[   69.135995][   T92] vhci_hcd vhci_hcd.1: release socket
[   69.138119][   T92] vhci_hcd vhci_hcd.1: disconnect device
[   69.179534][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   69.218911][ T6133] netlink: 'syz.2.19': attribute type 1 has an invalid length.
[   69.223979][ T6133] netlink: 'syz.2.19': attribute type 2 has an invalid length.
[   70.107463][ T6144] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   70.110159][ T6144] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   70.115439][ T6144] vhci_hcd vhci_hcd.0: Device attached
[   70.261730][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   70.264353][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   70.267533][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   70.391377][ T6145] vhci_hcd: connection closed
[   70.391981][  T167] vhci_hcd vhci_hcd.2: stop threads
[   70.396840][  T167] vhci_hcd vhci_hcd.2: release socket
[   70.400261][  T167] vhci_hcd vhci_hcd.2: disconnect device
[   70.409454][ T5963] Bluetooth: hci3: command tx timeout
[   70.499515][ T5963] Bluetooth: hci1: command tx timeout
[   70.500249][   T64] Bluetooth: hci2: command tx timeout
[   70.504135][ T5958] Bluetooth: hci0: command tx timeout
[   70.569479][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   70.570224][ T5958] Bluetooth: hci4: command 0x1003 tx timeout
[   70.593658][ T6150] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   70.596633][ T6150] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   70.608832][ T6150] vhci_hcd vhci_hcd.0: Device attached
[   70.714567][ T6154] netlink: 'syz.3.23': attribute type 1 has an invalid length.
[   70.809987][ T1467] usb 44-1: device descriptor read/8, error -110
[   70.890472][ T6035] usb 38-1: SetAddress Request (2) to port 0
[   70.893315][ T6035] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[   71.103354][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.106339][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.118322][ T6151] vhci_hcd: connection reset by peer
[   71.122223][   T92] vhci_hcd vhci_hcd.0: stop threads
[   71.124524][   T92] vhci_hcd vhci_hcd.0: release socket
[   71.126829][   T92] vhci_hcd vhci_hcd.0: disconnect device
[   71.201085][ T1467] usb usb44-port1: attempt power cycle
[   71.769462][   T29] usb 42-1: device descriptor read/8, error -110
[   71.771175][ T1467] usb usb44-port1: unable to enumerate USB device
[   71.804632][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.807535][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   71.873442][ T6171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27'.
[   72.179998][   T29] usb usb42-port1: attempt power cycle
[   72.280073][ T6182] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   72.282299][ T6182] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   72.285338][ T6182] vhci_hcd vhci_hcd.0: Device attached
[   72.417362][ T6185] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   72.419740][ T6185] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   72.423040][ T6185] vhci_hcd vhci_hcd.0: Device attached
[   72.549341][   T29] usb 42-1: SetAddress Request (4) to port 0
[   72.551372][   T29] usb 42-1: new SuperSpeed USB device number 4 using vhci_hcd
[   72.581540][ T6171] syz.1.27 (6171) used greatest stack depth: 17064 bytes left
[   72.602496][ T6191] validate_nla: 5 callbacks suppressed
[   72.602510][ T6191] netlink: 'syz.0.31': attribute type 1 has an invalid length.
[   72.607179][ T6191] netlink: 'syz.0.31': attribute type 2 has an invalid length.
[   72.699382][   T60] usb 44-1: SetAddress Request (6) to port 0
[   72.701834][   T60] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[   72.837057][ T6186] vhci_hcd: connection reset by peer
[   72.840843][   T61] vhci_hcd vhci_hcd.3: stop threads
[   72.842644][   T61] vhci_hcd vhci_hcd.3: release socket
[   72.845038][   T61] vhci_hcd vhci_hcd.3: disconnect device
[   72.914511][ T6183] vhci_hcd: connection reset by peer
[   72.917458][  T167] vhci_hcd vhci_hcd.2: stop threads
[   72.919840][  T167] vhci_hcd vhci_hcd.2: release socket
[   72.921694][  T167] vhci_hcd vhci_hcd.2: disconnect device
[   72.945148][ T6199] netlink: 'syz.0.33': attribute type 1 has an invalid length.
[   72.948721][ T6199] netlink: 'syz.0.33': attribute type 2 has an invalid length.
[   74.169573][   T34] usb 40-1: device descriptor read/8, error -110
[   74.377899][ T6219] netlink: 'syz.3.37': attribute type 4 has an invalid length.
[   74.580535][   T34] usb usb40-port1: attempt power cycle
[   74.599069][ T6226] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   74.601593][ T6226] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   74.676602][ T6224] netlink: 'syz.1.39': attribute type 1 has an invalid length.
[   74.678906][ T6226] vhci_hcd vhci_hcd.0: Device attached
[   74.679465][ T6224] netlink: 'syz.1.39': attribute type 2 has an invalid length.
[   75.042670][ T6227] vhci_hcd: connection closed
[   75.043843][ T5268] vhci_hcd vhci_hcd.0: stop threads
[   75.048467][ T5268] vhci_hcd vhci_hcd.0: release socket
[   75.053831][ T5268] vhci_hcd vhci_hcd.0: disconnect device
[   75.082592][ T6232] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.170485][   T34] usb usb40-port1: unable to enumerate USB device
[   75.945935][ T6035] usb 38-1: device descriptor read/8, error -110
[   76.016532][ T6248] netlink: 'syz.3.41': attribute type 1 has an invalid length.
[   76.020198][ T6248] netlink: 'syz.3.41': attribute type 2 has an invalid length.
[   76.096905][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[   76.099225][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[   76.340168][ T6035] usb usb38-port1: attempt power cycle
[   76.623342][ T6260] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   76.625678][ T6260] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   76.628592][ T6260] vhci_hcd vhci_hcd.0: Device attached
[   76.981955][ T6035] usb usb38-port1: unable to enumerate USB device
[   77.176446][ T6261] vhci_hcd: connection closed
[   77.176970][ T1173] vhci_hcd vhci_hcd.3: stop threads
[   77.180936][ T1173] vhci_hcd vhci_hcd.3: release socket
[   77.191384][ T1173] vhci_hcd vhci_hcd.3: disconnect device
[   77.507017][ T6274] netlink: 'syz.1.48': attribute type 1 has an invalid length.
[   77.609481][   T29] usb 42-1: device descriptor read/8, error -110
[   77.769345][   T60] usb 44-1: device descriptor read/8, error -110
[   78.010386][   T29] usb usb42-port1: unable to enumerate USB device
[   78.326117][ T6286] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   78.328431][ T6286] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   78.331495][ T6286] vhci_hcd vhci_hcd.0: Device attached
[   78.510318][   T60] usb usb44-port1: attempt power cycle
[   78.548290][ T6292] validate_nla: 1 callbacks suppressed
[   78.548301][ T6292] netlink: 'syz.2.53': attribute type 1 has an invalid length.
[   78.554096][ T6292] netlink: 'syz.2.53': attribute type 2 has an invalid length.
[   78.639563][ T1467] usb 38-1: SetAddress Request (6) to port 0
[   78.641999][ T1467] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[   78.981680][ T6287] vhci_hcd: connection reset by peer
[   78.983798][   T12] vhci_hcd vhci_hcd.0: stop threads
[   78.995033][   T12] vhci_hcd vhci_hcd.0: release socket
[   78.997259][   T12] vhci_hcd vhci_hcd.0: disconnect device
[   79.070090][   T60] usb usb44-port1: unable to enumerate USB device
[   79.148105][ T6303] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   79.150313][ T6303] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   79.153576][ T6303] vhci_hcd vhci_hcd.0: Device attached
[   79.339577][ T6304] vhci_hcd: connection closed
[   79.340148][   T13] vhci_hcd vhci_hcd.3: stop threads
[   79.343833][   T13] vhci_hcd vhci_hcd.3: release socket
[   79.346308][   T13] vhci_hcd vhci_hcd.3: disconnect device
[   80.826006][ T6329] netlink: 'syz.1.59': attribute type 4 has an invalid length.
[   81.342557][ T6332] netlink: 'syz.3.62': attribute type 1 has an invalid length.
[   81.345877][ T6332] netlink: 'syz.3.62': attribute type 2 has an invalid length.
[   81.889865][ T5958] Bluetooth: hci4: sending frame failed (-49)
[   81.892755][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -49
[   82.008972][ T6343] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   82.011169][ T6343] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   82.016410][ T6343] vhci_hcd vhci_hcd.0: Device attached
[   82.319965][ T6344] vhci_hcd: connection closed
[   82.321873][ T5268] vhci_hcd vhci_hcd.2: stop threads
[   82.326134][ T5268] vhci_hcd vhci_hcd.2: release socket
[   82.330491][   T29] usb 42-1: SetAddress Request (6) to port 0
[   82.333275][   T29] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[   82.336837][ T5268] vhci_hcd vhci_hcd.2: disconnect device
[   82.359405][   T29] usb 42-1: enqueue for inactive port 0
[   82.771171][   T29] usb usb42-port1: attempt power cycle
[   82.812370][ T6352] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   82.814540][ T6352] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   82.817464][ T6352] vhci_hcd vhci_hcd.0: Device attached
[   82.906931][ T6355] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[   82.909249][ T6355] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   82.912722][ T6355] vhci_hcd vhci_hcd.0: Device attached
[   83.004016][ T6353] vhci_hcd: connection closed
[   83.009445][   T61] vhci_hcd vhci_hcd.3: stop threads
[   83.009480][   T61] vhci_hcd vhci_hcd.3: release socket
[   83.010507][   T61] vhci_hcd vhci_hcd.3: disconnect device
[   83.189666][   T60] usb 40-1: SetAddress Request (6) to port 0
[   83.192528][   T60] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[   83.290721][ T6356] vhci_hcd: connection reset by peer
[   83.308547][   T13] vhci_hcd vhci_hcd.1: stop threads
[   83.313074][   T13] vhci_hcd vhci_hcd.1: release socket
[   83.319883][   T13] vhci_hcd vhci_hcd.1: disconnect device
[   83.339777][   T29] usb usb42-port1: unable to enumerate USB device
[   83.700078][ T1467] usb 38-1: device descriptor read/8, error -110
[   84.400398][ T6372] netlink: 'syz.3.68': attribute type 4 has an invalid length.
[   84.584158][ T6379] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   84.586443][ T6379] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   84.590383][ T6379] vhci_hcd vhci_hcd.0: Device attached
[   84.659951][ T1467] usb usb38-port1: attempt power cycle
[   84.861676][ T6386] netlink: 'syz.3.73': attribute type 1 has an invalid length.
[   84.869325][ T6386] netlink: 'syz.3.73': attribute type 2 has an invalid length.
[   84.897553][ T5959] usb 42-1: SetAddress Request (10) to port 0
[   84.899856][ T5959] usb 42-1: new SuperSpeed USB device number 10 using vhci_hcd
[   84.997136][ T6380] vhci_hcd: connection reset by peer
[   85.000112][ T1144] vhci_hcd vhci_hcd.2: stop threads
[   85.003123][ T1144] vhci_hcd vhci_hcd.2: release socket
[   85.005772][ T1144] vhci_hcd vhci_hcd.2: disconnect device
[   85.172464][ T6394] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   85.174788][ T6394] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   85.177675][ T6394] vhci_hcd vhci_hcd.0: Device attached
[   85.279404][ T1467] usb 38-1: SetAddress Request (9) to port 0
[   85.281817][ T1467] usb 38-1: new SuperSpeed USB device number 9 using vhci_hcd
[   85.556343][ T6395] vhci_hcd: connection reset by peer
[   85.559176][ T1144] vhci_hcd vhci_hcd.0: stop threads
[   85.563381][ T1144] vhci_hcd vhci_hcd.0: release socket
[   85.565838][ T1144] vhci_hcd vhci_hcd.0: disconnect device
[   85.945369][ T6402] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   85.948735][ T6402] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   85.953139][ T6402] vhci_hcd vhci_hcd.0: Device attached
[   86.211105][ T6403] vhci_hcd: connection closed
[   86.211430][ T1149] vhci_hcd vhci_hcd.3: stop threads
[   86.215687][ T1149] vhci_hcd vhci_hcd.3: release socket
[   86.224407][ T1149] vhci_hcd vhci_hcd.3: disconnect device
[   86.279961][ T6035] usb 44-1: enqueue for inactive port 0
[   86.800458][ T6035] usb usb44-port1: attempt power cycle
[   87.049574][ T6418] netlink: 12 bytes leftover after parsing attributes in process `syz.2.79'.
[   87.364866][ T6035] usb usb44-port1: unable to enumerate USB device
[   87.730711][ T6425] netlink: 'syz.0.81': attribute type 4 has an invalid length.
[   88.192830][ T6431] netlink: 'syz.3.83': attribute type 1 has an invalid length.
[   88.195474][ T6431] netlink: 'syz.3.83': attribute type 2 has an invalid length.
[   88.259981][   T60] usb 40-1: device descriptor read/8, error -110
[   88.579905][ T5950] Bluetooth: hci4: command 0x1003 tx timeout
[   88.590095][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   88.667020][   T60] usb usb40-port1: attempt power cycle
[   89.814873][   T60] usb usb40-port1: unable to enumerate USB device
[   89.929425][ T5959] usb 42-1: device descriptor read/8, error -110
[   90.166184][ T6462] netlink: 12 bytes leftover after parsing attributes in process `syz.1.90'.
[   90.339571][ T1467] usb 38-1: device descriptor read/8, error -110
[   90.449451][ T1467] usb usb38-port1: unable to enumerate USB device
[   90.451768][ T5959] usb usb42-port1: attempt power cycle
[   90.729402][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   90.729568][ T5950] Bluetooth: hci4: command 0x1003 tx timeout
[   91.023305][ T5959] usb usb42-port1: unable to enumerate USB device
[   91.036193][ T6474] netlink: 'syz.1.92': attribute type 1 has an invalid length.
[   91.038893][ T6474] netlink: 'syz.1.92': attribute type 2 has an invalid length.
[   91.068201][ T6476] netlink: 'syz.0.93': attribute type 4 has an invalid length.
[   92.472546][ T6489] misc userio: No port type given on /dev/userio
[   92.474971][ T6489] misc userio: The device must be registered before sending interrupts
[   92.478142][ T6489] netlink: 'syz.0.97': attribute type 1 has an invalid length.
[   92.481128][ T6489] netlink: 'syz.0.97': attribute type 2 has an invalid length.
[   93.290546][ T5950] Bluetooth: hci4: command 0x1003 tx timeout
[   93.294696][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   93.613943][ T6512] netlink: 12 bytes leftover after parsing attributes in process `syz.2.101'.
[   93.964459][ T6514] mkiss: ax0: crc mode is auto.
[   95.069849][ T6539] netlink: 12 bytes leftover after parsing attributes in process `syz.2.105'.
[   95.133947][ T6534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.106'.
[   95.206273][ T6542] misc userio: No port type given on /dev/userio
[   95.208548][ T6542] misc userio: The device must be registered before sending interrupts
[   95.212171][ T6542] netlink: 'syz.3.108': attribute type 1 has an invalid length.
[   95.214818][ T6542] netlink: 'syz.3.108': attribute type 2 has an invalid length.
[   95.935231][ T6554] netlink: 'syz.2.110': attribute type 4 has an invalid length.
[   96.355910][ T6563] netlink: 'syz.0.112': attribute type 4 has an invalid length.
[   96.920986][ T6567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.113'.
[   97.386033][ T6575] mkiss: ax0: crc mode is auto.
[   97.609518][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[   97.609544][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   97.894172][ T6582] misc userio: No port type given on /dev/userio
[   97.919592][ T6582] misc userio: The device must be registered before sending interrupts
[   97.927656][ T6582] netlink: 'syz.3.117': attribute type 1 has an invalid length.
[   97.932571][ T6582] netlink: 'syz.3.117': attribute type 2 has an invalid length.
[   98.540608][ T6599] mkiss: ax0: crc mode is auto.
[   99.085920][ T6600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.119'.
[   99.379395][ T5950] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   99.461767][ T6611] netlink: 'syz.3.121': attribute type 4 has an invalid length.
[   99.881762][ T6616] netlink: 'syz.1.122': attribute type 1 has an invalid length.
[   99.889377][ T6616] netlink: 'syz.1.122': attribute type 2 has an invalid length.
[  100.007361][ T6620] netlink: 'syz.0.123': attribute type 1 has an invalid length.
[  100.010502][ T6620] netlink: 'syz.0.123': attribute type 2 has an invalid length.
[  100.264107][ T6623] netlink: 'syz.3.124': attribute type 1 has an invalid length.
[  100.267067][ T6623] netlink: 'syz.3.124': attribute type 2 has an invalid length.
[  100.807738][ T6636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.126'.
[  100.914841][ T6639] mkiss: ax0: crc mode is auto.
[  101.209491][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  101.209506][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[  101.902968][ T6649] mkiss: ax0: crc mode is auto.
[  102.267335][ T6653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.130'.
[  102.655461][ T6663] netlink: 'syz.3.132': attribute type 4 has an invalid length.
[  102.730485][   T64] Bluetooth: hci5: command 0x1003 tx timeout
[  102.735322][ T5950] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  103.075891][ T6667] netlink: 'syz.0.134': attribute type 1 has an invalid length.
[  103.079883][ T6667] netlink: 'syz.0.134': attribute type 2 has an invalid length.
[  103.219185][ T6670] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  103.221397][ T6670] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  103.233158][ T6670] vhci_hcd vhci_hcd.0: Device attached
[  103.509371][ T6016] usb 40-1: SetAddress Request (10) to port 0
[  103.511809][ T6016] usb 40-1: new SuperSpeed USB device number 10 using vhci_hcd
[  103.520469][ T6674] netlink: 'syz.0.135': attribute type 1 has an invalid length.
[  103.524061][ T6674] netlink: 'syz.0.135': attribute type 2 has an invalid length.
[  103.674528][ T6671] vhci_hcd: connection reset by peer
[  103.677359][   T13] vhci_hcd vhci_hcd.1: stop threads
[  103.680102][   T13] vhci_hcd vhci_hcd.1: release socket
[  103.682221][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  104.167441][ T6684] netlink: 12 bytes leftover after parsing attributes in process `syz.0.137'.
[  104.329489][   T64] Bluetooth: hci4: command 0x1003 tx timeout
[  104.339493][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  104.946657][ T6693] mkiss: ax0: crc mode is auto.
[  105.609470][   T64] Bluetooth: hci5: command 0x1003 tx timeout
[  105.609621][ T5950] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  105.662623][ T6705] mkiss: ax0: crc mode is auto.
[  105.794147][ T6710] netlink: 'syz.3.143': attribute type 1 has an invalid length.
[  105.796733][ T6710] netlink: 'syz.3.143': attribute type 2 has an invalid length.
[  105.802706][ T6708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.142'.
[  106.457511][ T6718] netlink: 'syz.0.145': attribute type 1 has an invalid length.
[  106.460337][ T6718] netlink: 'syz.0.145': attribute type 2 has an invalid length.
[  106.792255][ T6723] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  106.794616][ T6723] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  106.797828][ T6723] vhci_hcd vhci_hcd.0: Device attached
[  107.059569][ T6731] netlink: 12 bytes leftover after parsing attributes in process `syz.0.147'.
[  107.137598][ T6733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.148'.
[  107.394843][ T6724] vhci_hcd: connection closed
[  107.395045][   T61] vhci_hcd vhci_hcd.1: stop threads
[  107.399715][   T61] vhci_hcd vhci_hcd.1: release socket
[  107.401798][   T61] vhci_hcd vhci_hcd.1: disconnect device
[  107.609445][ T5950] Bluetooth: hci4: command 0x1003 tx timeout
[  107.612778][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  108.165406][ T6747] mkiss: ax0: crc mode is auto.
[  108.310665][ T6750] netlink: 'syz.1.152': attribute type 1 has an invalid length.
[  108.313514][ T6750] netlink: 'syz.1.152': attribute type 2 has an invalid length.
[  108.569397][ T6016] usb 40-1: device descriptor read/8, error -110
[  108.935683][ T6762] netlink: 'syz.1.155': attribute type 1 has an invalid length.
[  108.938427][ T6762] netlink: 'syz.1.155': attribute type 2 has an invalid length.
[  108.970093][ T6016] usb usb40-port1: attempt power cycle
[  109.143603][ T6765] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  109.145997][ T6765] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  109.149401][ T6765] vhci_hcd vhci_hcd.0: Device attached
[  109.419432][   T59] usb 38-1: SetAddress Request (10) to port 0
[  109.422603][   T59] usb 38-1: new SuperSpeed USB device number 10 using vhci_hcd
[  109.549994][ T6016] usb usb40-port1: unable to enumerate USB device
[  109.636022][ T6766] vhci_hcd: connection reset by peer
[  109.640039][ T1149] vhci_hcd vhci_hcd.0: stop threads
[  109.642731][ T1149] vhci_hcd vhci_hcd.0: release socket
[  109.644753][ T1149] vhci_hcd vhci_hcd.0: disconnect device
[  110.089537][ T5958] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  110.499843][ T6785] netlink: 12 bytes leftover after parsing attributes in process `syz.1.159'.
[  110.833002][ T6787] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  110.835656][ T6787] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  110.839648][ T6787] vhci_hcd vhci_hcd.0: Device attached
[  111.282440][ T6788] vhci_hcd: connection closed
[  111.283539][ T1149] vhci_hcd vhci_hcd.0: stop threads
[  111.287750][ T1149] vhci_hcd vhci_hcd.0: release socket
[  111.291754][ T1149] vhci_hcd vhci_hcd.0: disconnect device
[  111.480642][ T6799] mkiss: ax0: crc mode is auto.
[  111.529364][ T5950] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  111.529527][   T64] Bluetooth: hci5: command 0x1003 tx timeout
[  111.674871][ T6801] netlink: 'syz.2.163': attribute type 1 has an invalid length.
[  111.679449][ T6801] netlink: 'syz.2.163': attribute type 2 has an invalid length.
[  112.082967][ T6810] netlink: 'syz.0.164': attribute type 4 has an invalid length.
[  112.085752][ T6811] netlink: 'syz.3.165': attribute type 4 has an invalid length.
[  112.911472][ T6825] netlink: 'syz.2.168': attribute type 4 has an invalid length.
[  112.964228][ T6828] netlink: 'syz.0.169': attribute type 1 has an invalid length.
[  114.176787][ T6842] =======================================================
[  114.176787][ T6842] WARNING: The mand mount option has been deprecated and
[  114.176787][ T6842]          and is ignored by this kernel. Remove the mand
[  114.176787][ T6842]          option from the mount to silence this warning.
[  114.176787][ T6842] =======================================================
[  114.204524][ T6842] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  114.346493][ T6842] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  114.364008][ T6842] overlayfs: failed to look up (tracing) for ino (-66)
[  114.489520][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  114.489625][   T59] usb 38-1: device descriptor read/8, error -110
[  114.632548][ T6846] misc userio: No port type given on /dev/userio
[  114.635404][ T6846] misc userio: The device must be registered before sending interrupts
[  114.638747][ T6846] validate_nla: 1 callbacks suppressed
[  114.638757][ T6846] netlink: 'syz.1.174': attribute type 1 has an invalid length.
[  114.644542][ T6846] netlink: 'syz.1.174': attribute type 2 has an invalid length.
[  114.880172][   T59] usb usb38-port1: attempt power cycle
[  115.440031][   T59] usb usb38-port1: unable to enumerate USB device
[  115.449513][ T5958] Bluetooth: hci5: command 0x1003 tx timeout
[  115.450102][   T64] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  115.511021][ T6838] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  115.513217][ T6838] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  115.518501][ T6838] vhci_hcd vhci_hcd.0: Device attached
[  115.673530][ T6848] vhci_hcd: connection closed
[  115.674285][   T13] vhci_hcd vhci_hcd.2: stop threads
[  115.682651][   T13] vhci_hcd vhci_hcd.2: release socket
[  115.687540][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  115.851109][ T6863] mkiss: ax0: crc mode is auto.
[  117.041750][ T6873] netlink: 'syz.1.179': attribute type 1 has an invalid length.
[  117.044296][ T6873] netlink: 'syz.1.179': attribute type 2 has an invalid length.
[  117.133914][ T6877] netlink: 'syz.2.180': attribute type 4 has an invalid length.
[  117.178744][ T6016] ==================================================================
[  117.181501][ T6016] BUG: KASAN: slab-use-after-free in hci_uart_write_work+0x82d/0x960
[  117.184190][ T6016] Read of size 4 at addr ffff888021010e30 by task kworker/0:4/6016
[  117.189820][ T6016] 
[  117.190670][ T6016] CPU: 0 UID: 0 PID: 6016 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  117.190685][ T6016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.190694][ T6016] Workqueue: events hci_uart_write_work
[  117.190712][ T6016] Call Trace:
[  117.190717][ T6016]  <TASK>
[  117.190722][ T6016]  dump_stack_lvl+0x116/0x1f0
[  117.190741][ T6016]  print_report+0xcd/0x630
[  117.190760][ T6016]  ? __virt_addr_valid+0x81/0x610
[  117.190778][ T6016]  ? __phys_addr+0xe8/0x180
[  117.190794][ T6016]  ? hci_uart_write_work+0x82d/0x960
[  117.190804][ T6016]  kasan_report+0xe0/0x110
[  117.190820][ T6016]  ? hci_uart_write_work+0x82d/0x960
[  117.190831][ T6016]  hci_uart_write_work+0x82d/0x960
[  117.190841][ T6016]  ? __pfx_pty_write+0x10/0x10
[  117.190857][ T6016]  process_one_work+0x9ba/0x1b20
[  117.190873][ T6016]  ? __pfx_process_one_work+0x10/0x10
[  117.190886][ T6016]  ? assign_work+0x1a0/0x250
[  117.190897][ T6016]  worker_thread+0x6c8/0xf10
[  117.190910][ T6016]  ? __kthread_parkme+0x19e/0x250
[  117.190926][ T6016]  ? __pfx_worker_thread+0x10/0x10
[  117.190944][ T6016]  kthread+0x3c5/0x780
[  117.190955][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.190966][ T6016]  ? rcu_is_watching+0x12/0xc0
[  117.190982][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.190992][ T6016]  ret_from_fork+0x983/0xb10
[  117.191004][ T6016]  ? __pfx_ret_from_fork+0x10/0x10
[  117.191015][ T6016]  ? native_load_gs_index+0x5b/0xd0
[  117.191030][ T6016]  ? __switch_to+0x7af/0x10d0
[  117.191043][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.191053][ T6016]  ret_from_fork_asm+0x1a/0x30
[  117.191074][ T6016]  </TASK>
[  117.191077][ T6016] 
[  117.248168][ T6016] Allocated by task 76:
[  117.249544][ T6016]  kasan_save_stack+0x33/0x60
[  117.251096][ T6016]  kasan_save_track+0x14/0x30
[  117.252671][ T6016]  __kasan_slab_alloc+0x89/0x90
[  117.254362][ T6016]  kmem_cache_alloc_node_noprof+0x298/0x800
[  117.256347][ T6016]  __alloc_skb+0x156/0x410
[  117.257827][ T6016]  bcsp_prepare_pkt+0xe0/0xae0
[  117.259399][ T6016]  bcsp_dequeue+0x237/0x4b0
[  117.260927][ T6016]  hci_uart_write_work+0x4e3/0x960
[  117.262616][ T6016]  process_one_work+0x9ba/0x1b20
[  117.264295][ T6016]  worker_thread+0x6c8/0xf10
[  117.265964][ T6016]  kthread+0x3c5/0x780
[  117.267396][ T6016]  ret_from_fork+0x983/0xb10
[  117.268993][ T6016]  ret_from_fork_asm+0x1a/0x30
[  117.270586][ T6016] 
[  117.271396][ T6016] The buggy address belongs to the object at ffff888021010dc0
[  117.271396][ T6016]  which belongs to the cache skbuff_head_cache of size 240
[  117.276305][ T6016] The buggy address is located 112 bytes inside of
[  117.276305][ T6016]  freed 240-byte region [ffff888021010dc0, ffff888021010eb0)
[  117.280879][ T6016] 
[  117.281722][ T6016] The buggy address belongs to the physical page:
[  117.284123][ T6016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21010
[  117.287034][ T6016] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  117.290016][ T6016] memcg:ffff888025a05e01
[  117.291515][ T6016] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  117.294340][ T6016] page_type: f5(slab)
[  117.295808][ T6016] raw: 00fff00000000040 ffff8880412be8c0 ffffea00008a3800 dead000000000003
[  117.298794][ T6016] raw: 0000000000000000 0000000000190019 00000000f5000000 ffff888025a05e01
[  117.301687][ T6016] head: 00fff00000000040 ffff8880412be8c0 ffffea00008a3800 dead000000000003
[  117.304938][ T6016] head: 0000000000000000 0000000000190019 00000000f5000000 ffff888025a05e01
[  117.307994][ T6016] head: 00fff00000000001 ffffea0000840401 00000000ffffffff 00000000ffffffff
[  117.310909][ T6016] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  117.313906][ T6016] page dumped because: kasan: bad access detected
[  117.316283][ T6016] page_owner tracks the page as allocated
[  117.318767][ T6016] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 0, tgid 0 (swapper/2), ts 60226498072, free_ts 60032184135
[  117.325864][ T6016]  post_alloc_hook+0x1af/0x220
[  117.327460][ T6016]  get_page_from_freelist+0xd0b/0x31a0
[  117.329269][ T6016]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  117.331290][ T6016]  alloc_pages_mpol+0x1fb/0x550
[  117.333007][ T6016]  new_slab+0x2c3/0x430
[  117.334386][ T6016]  ___slab_alloc+0xe18/0x1c90
[  117.335976][ T6016]  __kmem_cache_alloc_bulk+0x1fb/0x6c0
[  117.337775][ T6016]  kmem_cache_alloc_bulk_noprof+0x4e1/0x800
[  117.339714][ T6016]  napi_skb_cache_get+0x6ac/0x900
[  117.341390][ T6016]  __alloc_skb+0x2aa/0x410
[  117.342851][ T6016]  napi_alloc_skb+0x44b/0x820
[  117.344444][ T6016]  e1000_clean_rx_irq+0x2ae/0x1180
[  117.346132][ T6016]  e1000_clean+0x9cb/0x2670
[  117.347644][ T6016]  __napi_poll.constprop.0+0xb3/0x540
[  117.349423][ T6016]  net_rx_action+0x9f9/0xfa0
[  117.350924][ T6016]  handle_softirqs+0x219/0x950
[  117.352579][ T6016] page last free pid 5933 tgid 5933 stack trace:
[  117.354674][ T6016]  __free_frozen_pages+0x7df/0x1170
[  117.356435][ T6016]  qlist_free_all+0x4c/0xf0
[  117.357933][ T6016]  kasan_quarantine_reduce+0x195/0x1e0
[  117.359776][ T6016]  __kasan_slab_alloc+0x69/0x90
[  117.361460][ T6016]  kmem_cache_alloc_node_noprof+0x298/0x800
[  117.363443][ T6016]  __alloc_skb+0x156/0x410
[  117.364929][ T6016]  tcp_stream_alloc_skb+0x34/0x670
[  117.366644][ T6016]  tcp_sendmsg_locked+0x12de/0x42a0
[  117.368360][ T6016]  tcp_sendmsg+0x2e/0x50
[  117.369760][ T6016]  inet_sendmsg+0xb9/0x140
[  117.371238][ T6016]  sock_write_iter+0x509/0x610
[  117.372945][ T6016]  vfs_write+0x7d3/0x11d0
[  117.374660][ T6016]  ksys_write+0x1f8/0x250
[  117.376213][ T6016]  do_syscall_64+0xcd/0xf80
[  117.377943][ T6016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.379934][ T6016] 
[  117.380769][ T6016] Memory state around the buggy address:
[  117.382622][ T6016]  ffff888021010d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
[  117.385265][ T6016]  ffff888021010d80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  117.388629][ T6016] >ffff888021010e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.391953][ T6016]                                      ^
[  117.394042][ T6016]  ffff888021010e80: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  117.396844][ T6016]  ffff888021010f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  117.400000][ T6016] ==================================================================
[  117.430357][ T6016] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  117.432802][ T6016] CPU: 0 UID: 0 PID: 6016 Comm: kworker/0:4 Not tainted syzkaller #0 PREEMPT(full) 
[  117.436159][ T6016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.440792][ T6016] Workqueue: events hci_uart_write_work
[  117.442818][ T6016] Call Trace:
[  117.443958][ T6016]  <TASK>
[  117.444958][ T6016]  dump_stack_lvl+0x3d/0x1f0
[  117.446524][ T6016]  vpanic+0x640/0x6f0
[  117.448089][ T6016]  panic+0xca/0xd0
[  117.450104][ T6016]  ? __pfx_panic+0x10/0x10
[  117.452136][ T6016]  ? hci_uart_write_work+0x82d/0x960
[  117.454711][ T6016]  ? preempt_schedule_common+0x44/0xc0
[  117.456825][ T6016]  ? preempt_schedule_thunk+0x16/0x30
[  117.458640][ T6016]  ? check_panic_on_warn+0x1f/0xb0
[  117.460385][ T6016]  check_panic_on_warn+0xab/0xb0
[  117.462053][ T6016]  end_report+0x107/0x160
[  117.463530][ T6016]  kasan_report+0xee/0x110
[  117.465034][ T6016]  ? hci_uart_write_work+0x82d/0x960
[  117.467219][ T6016]  hci_uart_write_work+0x82d/0x960
[  117.468951][ T6016]  ? __pfx_pty_write+0x10/0x10
[  117.470556][ T6016]  process_one_work+0x9ba/0x1b20
[  117.472212][ T6016]  ? __pfx_process_one_work+0x10/0x10
[  117.474422][ T6016]  ? assign_work+0x1a0/0x250
[  117.476436][ T6016]  worker_thread+0x6c8/0xf10
[  117.477996][ T6016]  ? __kthread_parkme+0x19e/0x250
[  117.479688][ T6016]  ? __pfx_worker_thread+0x10/0x10
[  117.481471][ T6016]  kthread+0x3c5/0x780
[  117.482822][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.484760][ T6016]  ? rcu_is_watching+0x12/0xc0
[  117.486660][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.488611][ T6016]  ret_from_fork+0x983/0xb10
[  117.490576][ T6016]  ? __pfx_ret_from_fork+0x10/0x10
[  117.492880][ T6016]  ? native_load_gs_index+0x5b/0xd0
[  117.494844][ T6016]  ? __switch_to+0x7af/0x10d0
[  117.496831][ T6016]  ? __pfx_kthread+0x10/0x10
[  117.498390][ T6016]  ret_from_fork_asm+0x1a/0x30
[  117.500000][ T6016]  </TASK>
[  117.501939][ T6016] Kernel Offset: disabled
[  117.503497][ T6016] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:15:43  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85301b75 RDI=ffffffff9aed9260 RBP=ffffffff9aed9220 RSP=ffffc90004a575a0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666
R12=0000000000000000 R13=0000000000000066 R14=ffffffff9aed9220 R15=ffffffff85301b10
RIP=ffffffff85301b9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73c6288 CR3=000000006d357000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000002a8703 RBX=0000000000000001 RCX=ffffffff8b7576d9 RDX=0000000000000000
RSI=ffffffff8daca5cd RDI=ffffffff8bf2b580 RBP=ffffed1003adb498 RSP=ffffc9000046fde8
R8 =0000000000000001 R9 =ffffed100566673d R10=ffff88802b3339eb R11=ffff88801d6daff0
R12=0000000000000001 R13=ffff88801d6da4c0 R14=ffffffff9088e9d0 R15=0000000000000000
RIP=ffffffff8b755dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000008001c820 CR3=000000006d357000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000002 RBX=ffffffff8bf20060 RCX=ffffffff820a1e62 RDX=ffff8880235e0000
RSI=0000000000000000 RDI=0000000000000005 RBP=00000000000000a9 RSP=ffffc9000dfefa08
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffc9000dfefa80 R14=ffffc9000dfefb40 R15=00000000800b8780
RIP=ffffffff81be645b RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978fc000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000800b8018 CR3=0000000069dd7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001fe3cd RBX=0000000000000003 RCX=ffffffff8b7576d9 RDX=0000000000000000
RSI=ffffffff8daca5cd RDI=ffffffff8bf2b580 RBP=ffffed1003b56000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a673d R10=ffff88802b5339eb R11=ffff88801dab0b30
R12=0000000000000003 R13=ffff88801dab0000 R14=ffffffff9088e9d0 R15=0000000000000000
RIP=ffffffff8b755dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000008006a018 CR3=0000000069dd7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001b400000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000