last executing test programs:

37.567926961s ago: executing program 3 (id=2788):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}, 0x1, 0x0, 0xfffffff4}, 0x0)

37.466889776s ago: executing program 3 (id=2794):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

37.466279282s ago: executing program 3 (id=2795):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, 0x0, 0x4004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000700000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x11e, 0x10, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)
sendto$inet6(r4, 0x0, 0x0, 0x20000002, 0x0, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000580)={0x58, 0xe, 0x6, 0x300, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4090}, 0x4004084)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

36.498722356s ago: executing program 3 (id=2805):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
r6 = dup(r5)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="700000000009010400000000000000000000010073797a31000000003c0002000c00028005000100000000002c000180140003002001000000000000000000000000000214000400fe8000000000000000000000000000aa0c0004803eff014000000000"], 0x70}}, 0x0)
write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0x40305828, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2})
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file1\x00')
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)

35.743985222s ago: executing program 3 (id=2814):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000086dd0000120000000000000060ec97000f982c00fe8000000000000000000000020000aaff02000000000000000000000000000189"], 0xfce)

35.448955082s ago: executing program 3 (id=2817):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, 0x0, 0x4004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000800000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x11e, 0x10, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)
sendto$inet6(r4, 0x0, 0x0, 0x20000002, 0x0, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000580)={0x58, 0xe, 0x6, 0x300, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4090}, 0x4004084)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

35.425674775s ago: executing program 32 (id=2817):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, 0x0, 0x4004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000800000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x11e, 0x10, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)
sendto$inet6(r4, 0x0, 0x0, 0x20000002, 0x0, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000580)={0x58, 0xe, 0x6, 0x300, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4090}, 0x4004084)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

4.828089395s ago: executing program 0 (id=3348):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_clone3(&(0x7f0000001280)={0x40580, &(0x7f0000000040), &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/4096, 0x1000, &(0x7f00000011c0)=""/68, &(0x7f0000001240)=[0xffffffffffffffff, 0x0, 0x0], 0x3}, 0x58)
sched_setscheduler(r1, 0x4, &(0x7f0000001300)=0x4)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x40580)
r6 = syz_io_uring_setup(0x60e8, &(0x7f0000000100)={0x0, 0x5213, 0x8, 0x0, 0x365}, &(0x7f0000000240)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4004, @fd=r5, 0x5, 0x0, 0x0, 0x27, 0x0, {0x1}})
io_uring_enter(r6, 0x47ba, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000003c0)={0x0, 0x4, &(0x7f0000000640)={&(0x7f0000000180)={0x14, 0x30, 0x319, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001340)=@bridge_newvlan={0x4c, 0x70, 0x1, 0x2, 0x0, {0x7, 0x0, 0x0, r3}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0xc, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x7}}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x3}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0x7}}, @BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_MCAST_ROUTER={0x5, 0x6, 0xd9}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000)
fcntl$getownex(r4, 0x10, &(0x7f0000000080))

4.678945986s ago: executing program 0 (id=3349):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000c8000/0x2000)=nil, 0x2000, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32, @ANYBLOB="08001b"], 0x34}}, 0x4004010)

3.658111604s ago: executing program 0 (id=3364):
pipe2$9p(0x0, 0x80080)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/95)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8003}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x11, r4, 0x0, 0x0, 0x0, 0x1, 0x1, {0x3}})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000017c0))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.533846108s ago: executing program 1 (id=3374):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x4, 0x5c0, 0xffffffff, 0xc8, 0x4f8, 0xc8, 0xfeffffff, 0xffffffff, 0x4f8, 0x4f8, 0x4f8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x220, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4, 0x0, 0x40, 0x0, 0x0, 0xf8e74ba, 0xfe8c}}}]}, @common=@unspec=@CONNSECMARK={0x24}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @empty, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, @local, @remote, @private1, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @common=@inet=@SET3={0x34}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x61c)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$can_bcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001ec0)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e6576650000340002800500090000000000050009000100000005000a000000000005000300f90000000500040040000000050004000800000008000a00", @ANYRESHEX], 0x6c}}, 0x0)

2.45656899s ago: executing program 4 (id=3376):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000a00)=@generic={0xa, "8ab77fa26849ff26650042e2dacd300000000000000100ad6f9fa9f3d7145e15dd9d6d2e19c211220940ad5def53b911ba5b9da13641f9826d7012a749f54b901ee80ea6132ca6e88c776553e1833052ca376304313c4b37780136a4b83857040000000060000000000000000000002000000000000000000000000070ed"}, 0x80, 0x0}, 0x4020800)

2.378928432s ago: executing program 4 (id=3377):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/ipv6_route\x00')
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = landlock_create_ruleset(&(0x7f0000000400)={0x810, 0x0, 0x1}, 0x46, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000c80)=[{0x20, 0xfc, 0x0, 0xfffff00c}]}, 0x8)
fcntl$dupfd(r1, 0x0, r2)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES16=r3], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='nfsd\x00', 0x700, 0x0)
r7 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x10)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000240)='./file0\x00', &(0x7f0000001200)=""/4096, 0x1000)
lseek(r7, 0x1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x121b01)
socket(0xf, 0x3, 0x20000)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000040)={0x1})
socket$tipc(0x1e, 0x2, 0x0)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000340)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x4}}, 0x10)

2.377335389s ago: executing program 1 (id=3378):
epoll_create(0x6)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x2a36, 0x10100, 0x4, 0x20000002}, &(0x7f0000000200)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x401}})
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
r6 = openat$vimc2(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_S_EDID(r6, 0xc0245629, &(0x7f0000000400)={0x0, 0x4, 0x5, '\x00', &(0x7f0000000240)=0x1})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000700000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
io_uring_enter(r0, 0x2def, 0x4000, 0x0, 0x0, 0x0)

1.928742551s ago: executing program 2 (id=3384):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
io_setup(0x1fc, &(0x7f0000000380)=<r0=>0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000002240)='m', 0x1, 0x100000001}])
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async)
syz_emit_ethernet(0x0, 0x0, 0x0) (async)
io_setup(0x1fc, &(0x7f0000000380)) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) (async)
io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000002240)='m', 0x1, 0x100000001}]) (async)

1.828410181s ago: executing program 4 (id=3385):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000004c0), 0x802, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r2=>0x0)
io_submit(r2, 0x3db, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
r3 = open(&(0x7f0000000500)='./file1\x00', 0x642000, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3])
pipe2(&(0x7f0000000000), 0x4800)
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000956b4b5d4a5d46ada80b3c51"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x867cf06f1360c6a2, 0x58, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='rxrpc_rx_done\x00', r4, 0x0, 0x2}, 0x18)
getxattr(0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_SEND_PRIO(r5, 0x6b, 0x3, &(0x7f00000002c0), 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000008500000023000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000080)=r6, 0xffffffffffffff42)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000009600000000000a20000000000a01040000000000000000010000000900010073797a300000000060000000030a01014000000000000000010000001c0008800c00024000000000000000000c00014000000000000000000900010073797a300000000008000a4000000002140004800800024000000000080001400000000008000b"], 0xa8}}, 0x0)
r8 = dup(0xffffffffffffffff)
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f00000000c0)=0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000c80)=[{0x20, 0xfc, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x8, 0x0, 0x2}]}, 0x8)
r11 = fcntl$dupfd(r9, 0x0, r10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r11)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000500)=@acquire={0x130, 0x17, 0x1, 0x0, 0x0, {{@in6=@loopback}, @in6=@remote, {@in=@remote, @in6=@ipv4={'\x00', '\xff\xff', @loopback}}, {{@in, @in=@private, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x6ee0}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x130}}, 0x0)
sendmsg$OSF_MSG_ADD(r3, &(0x7f00000006c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000680)={&(0x7f0000000cc0)={0xe0c, 0x0, 0x5, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [{{0x254, 0x1, {{0x1}, 0xc, 0x8, 0x3, 0x6, 0xd, 'syz1\x00', "74111f31608932ff99d583d300f5106e594173b100dd5e70f181a8290f7ce1c7", "fc2be7326c0703cf1d4c920cb9eee289aa59bab3b13464667053ea4a5344d41b", [{0xf6bd, 0xc53c, {0x0, 0x6}}, {0xf800, 0x217, {0x2, 0x3}}, {0xcc0, 0x3, {0x0, 0x8}}, {0x6, 0x6, {0x0, 0x2}}, {0x8000, 0x9, {0x2, 0x4}}, {0x1ff, 0x7, {0x1, 0x2800}}, {0x1, 0x9ab9, {0x2, 0xff}}, {0xd, 0x4}, {0x9, 0xe6d, {0x1, 0xa}}, {0x0, 0x9, {0x2, 0xfffffffe}}, {0x4, 0x7, {0x1, 0xd}}, {0xf, 0xe7, {0x2, 0x6}}, {0x9, 0x4, {0x0, 0x2069}}, {0x31c, 0xfe, {0x0, 0x4}}, {0x3, 0x1, {0x2, 0x8}}, {0xd9e, 0x4d, {0x3, 0x1}}, {0x101, 0x40, {0x0, 0x5}}, {0x8, 0x3, {0x2, 0x4}}, {0x3ff, 0x101, {0x0, 0x5}}, {0x7, 0x4b, {0x3, 0x8}}, {0x7, 0x1, {0x1, 0x5}}, {0x2, 0x6, {0x2, 0x2}}, {0x8001, 0xffff, {0x1, 0x2}}, {0xa, 0x7, {0x0, 0x3cc}}, {0x2, 0x7, {0x0, 0x7}}, {0x5191, 0x4, {0x3, 0x2}}, {0x4, 0xc, {0x2, 0xfff}}, {0x8001, 0x3, {0x1, 0x8}}, {0x1, 0x6, {0x3, 0x5}}, {0xf, 0x0, {0x3, 0xffffff7f}}, {0xff80, 0xffff, {0x3, 0x3}}, {0x5, 0x2, {0x3, 0xfffffffb}}, {0x40, 0xbe, {0x0, 0xc}}, {0x0, 0xfffb, {0x2, 0x2}}, {0x6, 0x1000, {0x0, 0x40}}, {0x3, 0x1, {0x2, 0xc}}, {0x2, 0x1, {0x3, 0x7}}, {0xbf2e, 0x7, {0xf75fdf2ed09effb2, 0x1}}, {0x897c, 0xf2b3, {0x1, 0x100}}, {0x1, 0x9, {0x0, 0xffffffff}}]}}}, {{0x254, 0x1, {{0x0, 0x2a3cd854}, 0xc, 0x2, 0x5, 0x8, 0xa, 'syz1\x00', "061d10f629bfed4b649951144063fa0df735e4dff0ba07566a017541e66b9dcf", "5d7c22d7951e2e2093eb2a6521ea9735ede0670460fa9e364b1b841fe3b52b7c", [{0x3, 0x4, {0x0, 0x8}}, {0x2, 0xfff}, {0x8072, 0xd, {0x2, 0x7}}, {0x0, 0xc76, {0x0, 0x10}}, {0x0, 0x8, {0x3, 0x62}}, {0x2, 0x1, {0xc1a91a75e2f433a6}}, {0x9, 0x4, {0x1, 0xdd}}, {0x7, 0xe84, {0x1, 0x9}}, {0xd570, 0x2, {0x2, 0x8}}, {0x1, 0x4, {0x0, 0x10000}}, {0x1, 0xf, {0x0, 0xad}}, {0x101, 0x1, {0x2, 0x101}}, {0x4c, 0x7f, {0x0, 0x6}}, {0x10c, 0x3, {0x3, 0x10000}}, {0xb9, 0x71b6, {0x1, 0x8}}, {0x8, 0x7e, {0x0, 0xfffffffc}}, {0x3ff, 0x1, {0x2, 0xe3}}, {0x0, 0x5291, {0x1, 0x200}}, {0x3, 0x5, {0x2, 0x9}}, {0x1, 0x400, {0x1, 0x7}}, {0xb, 0x6f, {0x1, 0x400}}, {0xd, 0x2, {0x0, 0x100}}, {0xb27, 0x7, {0x3, 0x2}}, {0xfffd, 0x6, {0x1, 0x3}}, {0x0, 0x5, {0x1, 0x4}}, {0xfc01, 0x6, {0x2, 0xffe00000}}, {0x3, 0x0, {0x3, 0x1}}, {0x3, 0x0, {0x3, 0x3}}, {0x8d, 0x0, {0x2, 0x1}}, {0x7, 0x9407, {0x2, 0xe}}, {0x54, 0xa48, {0x0, 0x3}}, {0x3, 0x3, {0x3, 0x8}}, {0x5, 0x8, {0x0, 0x10}}, {0x401, 0x4, {0x0, 0x8}}, {0xfffc, 0x8000, {0x3, 0xe3ad}}, {0x5, 0x800, {0x3}}, {0xa97b, 0x80, {0x0, 0xfffff41c}}, {0xe, 0x45, {0x1, 0x7fff}}, {0x8, 0xe6, {0x2, 0xfffffffe}}, {0x0, 0x100, {0x771ff6cd32ca60ba, 0x1}}]}}}, {{0x254, 0x1, {{0x2, 0x9}, 0xef, 0x5, 0x1, 0x7b2, 0x16, 'syz1\x00', "493ef84966d7f0f7d9f469f1d0d3407053ceb8c900134c4bd93a5a5834ec9d6e", "b1c0031aa7fae7240752caecc3db7a504872864ab7092338eb3f54eb49663caa", [{0x9, 0x101, {0x1, 0xff}}, {0x1, 0x1, {0x3, 0x200}}, {0x0, 0x101, {0x2}}, {0xf, 0xffff, {0x1}}, {0x4, 0x6, {0x0, 0x10001}}, {0x5, 0x6339, {0x0, 0xfffffff0}}, {0xb7, 0x6, {0x2, 0x637f}}, {0x1, 0x3, {0x2, 0x40}}, {0x6, 0x2, {0x2, 0x80000001}}, {0x80, 0x3, {0x3, 0x6000}}, {0x1f, 0x8, {0x0, 0x4}}, {0x3, 0x1ad, {0x3, 0x10000}}, {0x4, 0x6, {0x3}}, {0x81, 0x7, {0x1, 0x1ff}}, {0x7, 0x251, {0x3}}, {0x7, 0x2, {0x7, 0xffffff38}}, {0x9, 0x100, {0x1, 0x80000001}}, {0x9, 0x8, {0x1, 0x4}}, {0x4, 0x3, {0x3}}, {0x3ff, 0x0, {0x0, 0x2}}, {0x1, 0x7, {0x2, 0x7}}, {0x8000, 0x9, {0x1, 0xfff}}, {0xe4f, 0x7f, {0x2, 0x1}}, {0x2, 0x3ff, {0x0, 0x7}}, {0xf, 0x4d2c, {0x2, 0x3}}, {0x8, 0x883, {0x3, 0x5}}, {0x2, 0x3, {0x3, 0x387}}, {0x8000, 0x9, {0x2, 0x7ff}}, {0xfffb, 0x2, {0x3, 0xffffffff}}, {0x0, 0x1, {0x2, 0x6}}, {0x7f, 0x0, {0x2, 0x5}}, {0x5, 0x7d, {0x2, 0x7}}, {0x40, 0x1, {0x2, 0x8}}, {0x6, 0xa, {0x1, 0x8}}, {0xb890, 0xffff, {0x1, 0x8}}, {0x101, 0xa, {0x2, 0x17}}, {0x2b84, 0x6f1, {0x2, 0x6}}, {0x85c, 0x6, {0x3, 0x200}}, {0x7, 0x3ff, {0x3, 0xec2e}}, {0xc, 0x4, {0x81a3700b7059ef2f, 0x8}}]}}}, {{0x254, 0x1, {{0x2, 0x80}, 0x6, 0x9, 0x81, 0x8001, 0xa, 'syz1\x00', "c821a9e63e4946d11b86bb20a93d9c34c7a4a5272d976df96ae86089650dcfc3", "68936e99f9bb730ef42f412675d1fddf257bdd892b197a48484943311dc869a0", [{0xeff0, 0x7f, {0x0, 0x2}}, {0x1, 0xfffd, {0x2, 0x8000}}, {0x7, 0x7f, {0x1, 0x7}}, {0x0, 0x9, {0x3, 0xfff}}, {0xd, 0x4, {0x3, 0x4}}, {0x2, 0xfff, {0x3, 0x80}}, {0x8, 0x4, {0x1, 0xe}}, {0x8, 0x8, {0x1, 0x6}}, {0x3, 0x1, {0x0, 0x80}}, {0x6, 0x2, {0x1, 0x9714}}, {0x29, 0x6, {0x1, 0xb34}}, {0x4, 0xb, {0x2, 0xb}}, {0x1, 0x0, {0x1, 0x768}}, {0x8, 0x3, {0x0, 0x7}}, {0xfffc, 0x5, {0x2, 0x1}}, {0x8, 0xcac, {0x3, 0xbf}}, {0xe, 0x98, {0x0, 0xfffff800}}, {0x1, 0xfffe, {0x2, 0x8}}, {0x2, 0x4, {0x2, 0x9}}, {0x5, 0x1, {0x3, 0xf6e}}, {0x9, 0x6, {0x1, 0x7fff}}, {0x8, 0xfffe, {0x0, 0x4}}, {0x2, 0x7, {0x2, 0x7fffffff}}, {0x0, 0x4, {0x1}}, {0x100, 0x8, {0x1, 0x3}}, {0xfff, 0x52f7, {0x3, 0x9}}, {0x5, 0x79, {0x0, 0xa321}}, {0x8, 0xb7, {0x3, 0x8}}, {0xfffd, 0xfe00, {0x2, 0x10001}}, {0x1, 0x9, {0x3, 0x1}}, {0x5, 0x8c, {0x2, 0x10}}, {0x5, 0x9f1, {0x2, 0x7}}, {0x2, 0x88a6, {0x1, 0x9}}, {0x6, 0x5, {0x4, 0x7}}, {0x800, 0xf2, {0x3, 0xfffff800}}, {0x3, 0x7ff, {0x3, 0x7ff}}, {0xfff5, 0x3, {0x2, 0x8001}}, {0x5, 0x7, {0x3, 0x6}}, {0x3440, 0x5, {0x3, 0x200}}, {0x7, 0x101, {0x7, 0x4}}]}}}, {{0x254, 0x1, {{0x3, 0xb}, 0x6, 0x5, 0x0, 0x8, 0x21, 'syz1\x00', "056eca972b09c58f45b2254218c1b43351c2aec87a43d1dabe5352b70b421f0d", "180b85f21d23ac588ce8d73a3bc04f1ea42ff2cc0375e7d478aa05db5e00e182", [{0x1679, 0xfff, {0x1, 0x7}}, {0x800, 0xb, {0x2, 0x5}}, {0x6, 0x34, {0x2, 0x6}}, {0x4, 0x2, {0x1, 0xea}}, {0x8001, 0xd29, {0x2, 0x3}}, {0xb, 0x3826, {0x2f29a0f11e2f523b, 0x49}}, {0x10, 0x5, {0x1, 0x43}}, {0x3, 0x2, {0x3, 0x7fff}}, {0x8, 0x7fff, {0x2, 0x2}}, {0x1, 0x4, {0x2, 0x5b9}}, {0x9, 0xf, {0x2, 0x1}}, {0x1000, 0x5, {0x1, 0x10001}}, {0x9, 0x29a5, {0x1, 0x2}}, {0x8, 0x8, {0x3, 0x1670}}, {0x101, 0x5, {0x2, 0x7}}, {0x2, 0xfff, {0x3, 0x5}}, {0x7, 0x2, {0x1, 0xfffffffe}}, {0x4, 0x0, {0x1, 0x6}}, {0x80, 0x8, {0x1, 0x800}}, {}, {0x2, 0xc55a, {0x2, 0x1}}, {0x1, 0x0, {0x3, 0x4}}, {0x3ff, 0x4, {0x0, 0x6}}, {0x5, 0x6, {0x1, 0x13000000}}, {0x1, 0x4, {0x2, 0x5}}, {0x7, 0x200, {0x3, 0x1}}, {0x0, 0x4, {0x1, 0x8001}}, {0x2, 0x6, {0x1, 0x5}}, {0x5461, 0xfffb, {0x2, 0x2}}, {0x5, 0x5, {0x3, 0xc}}, {0x4, 0xfff5, {0x0, 0x5}}, {0x3, 0xe1, {0x3, 0x2e231a5b}}, {0x1, 0x401, {0x0, 0x80}}, {0xc, 0x9, {0x0, 0x7}}, {0x65a, 0x800, {0x0, 0x3}}, {0x7, 0x0, {0x0, 0x9}}, {0xb0ac, 0x0, {0x2, 0x2}}, {0x4, 0xb, {0x2, 0x4}}, {0x8, 0x85b, {0x1, 0x6}}, {0xc, 0x6, {0x0, 0xfff}}]}}}, {{0x254, 0x1, {{0x1, 0x141}, 0x4, 0xec, 0x39, 0x7ff, 0xb, 'syz0\x00', "d36fec2b3f43774f893e7d16e221465adbcc696a5dedc2eee71bd7f23dcd1d7b", "f90c4a1a03a0caebc763de71a5943542ae499b6d446bdeb2a29cc08cd46b35b8", [{0x1, 0xa019, {0x2, 0x59a4}}, {0xff, 0x9, {0x1, 0x796}}, {0x7, 0x2, {0x0, 0x2}}, {0x0, 0x9, {0x1, 0x5}}, {0x7, 0x8, {0x1, 0x5}}, {0x7f, 0x5, {0x3, 0x7}}, {0x200, 0x8, {0x3, 0x1}}, {0x9, 0x4, {0x3, 0x5}}, {0x1, 0xfffe, {0x1, 0x6}}, {0xc3, 0x631d, {0x0, 0x1ff}}, {0xfff, 0x1, {0x2, 0x9}}, {0x8, 0x5, {0x3, 0x4}}, {0x0, 0x8001, {0x0, 0xffff0000}}, {0x9, 0x8d1b, {0x2, 0x1}}, {0x7f, 0x0, {0x0, 0x6}}, {0x2a, 0x1}, {0x2, 0xb, {0x2}}, {0x8, 0x4, {0x2, 0xffffffff}}, {0x8, 0x58, {0x2, 0x2}}, {0x3, 0x5, {0x2, 0x5}}, {0x0, 0xffff, {0x0, 0x7fff}}, {0x6, 0x3, {0x2, 0x6}}, {0x1, 0x7, {0x1, 0x4482}}, {0x5, 0x2, {0x2, 0xfffffff7}}, {0x0, 0x4, {0x2, 0x3}}, {0xff, 0x4, {0x0, 0x9}}, {0x1ff, 0xf, {0x3}}, {0x4000, 0x3, {0xb0fb48be5dddbd52, 0x5}}, {0x40, 0x1000, {0x1, 0x9}}, {0x320, 0x87, {0x0, 0x101}}, {0xfff, 0x2, {0x0, 0xfff}}, {0x7fff, 0x5, {0x3, 0x1ff}}, {0x8, 0x0, {0x3, 0x3}}, {0x9, 0xb6, {0x2, 0xba}}, {0x0, 0x7, {0x1, 0x8}}, {0xc, 0xa, {0x2, 0x3}}, {0xace, 0x2, {0x1, 0xb}}, {0x7ff, 0xc48, {0x2}}, {0x5, 0x9d, {0x3, 0x7ff}}, {0xd47, 0x2621, {0x2, 0x8}}]}}}]}, 0xe0c}, 0x1, 0x0, 0x0, 0x24040000}, 0x20000000)
sendmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20008000}, 0x0)

1.825783337s ago: executing program 2 (id=3386):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/ipv6_route\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r1)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000c80)=[{0x20, 0xfc, 0x6, 0xfff7f00c}]}, 0x8)
fcntl$dupfd(r2, 0x0, r3)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES16], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x82602, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
syz_open_dev$dri(&(0x7f00000010c0), 0x1, 0x400400)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
lseek(r5, 0x342ec9eb, 0x1)
r7 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r8 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r7})
io_uring_enter(r8, 0x44fd, 0x3, 0x1, 0x0, 0x0)
gettid()
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000000)={0x0, 0x1c0, 0x3c0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x4, 0x10000, 0x100, 0x1004, 0x0, 0x8, 0x5, 0x5, 0x9, 0x9, 0x5, 0x2, 0x9, 0x8, 0x7, 0xc1, 0x3, 0x2, 0x2, 0x6, 0x9, 0x96, 0x7fffffff, 0xffffffff00000000, 0x4, 0x4, 0x5, 0x23b, 0x3, 0x2, 0x888f, 0x4, 0x8, 0x6, 0x6, 0x3, 0x4, 0x20000000006, 0x8, 0x9, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x5, 0x1, 0x9, 0xd, 0x6, 0xbbdc, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0x2, 0x6, 0x0, 0x3403, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x4, 0xff, 0x6, 0x28000000, 0x5, 0x61d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2b, 0x8, 0x2293332f, 0x4, 0x5, 0xe1, 0xd, 0x2, 0x80000001, 0x981, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x3]})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}}, 0x9c)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000140))
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r11, &(0x7f00000001c0)=ANY=[], 0x118)

1.713433256s ago: executing program 2 (id=3387):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e0080000000080211000000080211000001505050505050000000000000000c000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

1.713100011s ago: executing program 2 (id=3388):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb, [{}, {}, {}, {}, {}, {}, {0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4000001)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a00"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x9, &(0x7f0000000240)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000002f000000b709000000000000850000002300000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
sendmsg$unix(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000070300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unshare(0x4070780)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
unshare(0x22020600)
unshare(0x2a020480)

1.668559211s ago: executing program 1 (id=3389):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioprio_set$pid(0x3, 0x0, 0x4004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000e000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000280)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x11e, 0x10, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)
sendto$inet6(r4, 0x0, 0x0, 0x20000002, 0x0, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000680)={&(0x7f0000000580)={0x58, 0xe, 0x6, 0x300, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4090}, 0x4004084)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

918.768826ms ago: executing program 2 (id=3390):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[], 0x10}], 0x2000000000000312}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="50010000100013070000000000000000ff0200000000000000000000000000010000000000000018000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac1414170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c"], 0x150}}, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000000d08000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0xa1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
syz_open_dev$loop(0x0, 0x2, 0x40000)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r3)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x84)
fchown(r5, 0x0, 0x0)
mmap(&(0x7f0000b5f000/0x4000)=nil, 0x4000, 0x100000d, 0x2012, r1, 0x0)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000080)=0x3, 0x4)

916.786384ms ago: executing program 4 (id=3391):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000217100000001010000f50900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000016d8ce4db711d5e46c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e30000000000000000000000014000100677265e52ea619052f9c08000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a30"], 0x4b0}}, 0x0)

868.849502ms ago: executing program 4 (id=3392):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x18)
symlinkat(&(0x7f00000008c0)='./file0/../file0\x00', r1, &(0x7f0000000140)='./file0\x00')
r2 = openat2(r1, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x17, 0x1, 0x0, "9611e6d6ffc88885163200000080d2b400000000000800"})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f00000001c0)=<r4=>0x0)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0xffffffff80000501, r4, &(0x7f0000000280))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCADDDLCI(r8, 0x5452, &(0x7f0000000100)={'veth1\x00'})
bind$tipc(r7, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r9 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r9, 0x5412, &(0x7f0000000040)=0xd)
unshare(0x62040200)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)

618.735251ms ago: executing program 0 (id=3393):
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0xfdef}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r3 = gettid()
tkill(r3, 0x14)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10)
r5 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0x2245, 0x800})
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x84})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), r6)
sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="00f58408720f387010000000", @ANYRES16=r7, @ANYBLOB="01000000000000000000010000000800010000000000080002000100000004000480100008800c0007800800060022000100"], 0x38}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r9 = dup(r8)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x596a, &(0x7f0000000380)={0x0, 0x2cc0, 0x10, 0x3, 0x0, 0x0, r9}, &(0x7f00000005c0), &(0x7f00000001c0))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f00000004c0)=""/244, 0xf4, <r10=>0x0, &(0x7f00000000c0)=""/17, 0x11}}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000300)={r4, r9, 0x17, 0x0, @val=@target_btf_id=r10}, 0x14)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

478.148045ms ago: executing program 0 (id=3394):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000086dd0000120000000000000060ec97000f982c00fe8000000000000000000000400000aaff02000000000000000000000000000189"], 0xfce)

477.931634ms ago: executing program 1 (id=3395):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r1 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000a00)=@generic={0xa, "8ab77fa26849ff26650042e2dacd300000000000000100ad6f9fa9f3d7145e15dd9d6d2e19c211220940ad5def53b911ba5b9da13641f9826d7012a749f54b901ee80ea6132ca6e88c776553e1833052ca376304313c4b37780136a4b83857040000000068000000000000000000002000000000000000000000000070ed"}, 0x80, 0x0}, 0x4020800)

477.837169ms ago: executing program 1 (id=3396):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x9, &(0x7f0000000000)=@raw=[@printk={@lu={0x18, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb8}}, @exit], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xff0f, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

476.637799ms ago: executing program 1 (id=3397):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = fsopen(&(0x7f0000000400)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000340)='cgroup.stat\x00', 0x300, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@arm64={0x2, 0x4, 0x56, '\x00', 0x4})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, &(0x7f0000000280)={0x1e, 0x2})
r6 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x40, r9, 0x400, 0x70bd25, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x7a}}}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0xfffc}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="6e6dad8de86a"}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x0, 0x4f}}]}, 0x40}, 0x1, 0x0, 0x0, 0x48005}, 0x0)
socket$alg(0x26, 0x5, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x6000000b)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
io_uring_enter(r6, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

408.860471ms ago: executing program 0 (id=3398):
mkdirat(0xffffffffffffffff, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x92)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./file1\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000500)={"a0453822", 0x0, 0x6, 0x2, 0x0, 0x0, "33793e77df2a87ba315ab8da00", "0100", "acc28000", "1eb15fbb", ["d8085781ae0cff21223446fe", "51f3d17dc9ed6f291acb3a10", "2ce50f8a285d9500c522afe1", '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00']})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000580)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4000)
write$P9_RVERSION(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00F\x00'], 0x53)

268.100376ms ago: executing program 2 (id=3399):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x2000000, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {0x0, 0xffffffff}, {0x3}, {0x0, 0xfffffffb}, {0x2000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
getsockopt$sock_int(r0, 0x1, 0x8, 0x0, &(0x7f0000000180))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
clock_gettime(0x7, &(0x7f0000000000))
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_mreq(r6, 0x29, 0x1a, &(0x7f0000000cc0)={@initdev}, &(0x7f0000000d00)=0x14)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 4 (id=3400):
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r3=>0x0)
timer_gettime(r0, &(0x7f0000000000))
io_submit(r3, 0x1, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
rt_sigaction(0x3, &(0x7f0000000240)={0x0, 0x1, 0x0, {[0x6]}}, 0x0, 0x8, &(0x7f0000000380))
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) (async)
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) (async)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)) (async)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) (async)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) (async)
io_setup(0x206, &(0x7f0000000200)) (async)
timer_gettime(r0, &(0x7f0000000000)) (async)
io_submit(r3, 0x1, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}]) (async)
rt_sigaction(0x3, &(0x7f0000000240)={0x0, 0x1, 0x0, {[0x6]}}, 0x0, 0x8, &(0x7f0000000380)) (async)

kernel console output (not intermixed with test programs):

nnot spawn "ubi_bgt0d", error -4
[  707.421581][ T1458] usb 8-1: Using ep0 maxpacket: 32
[  707.441163][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  707.442647][ T1458] usb 8-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  707.446939][ T1458] usb 8-1: config 7 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  707.450038][ T1458] usb 8-1: config 7 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  707.453124][ T1458] usb 8-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  707.456868][ T1458] usb 8-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  707.459556][ T1458] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.536295][T16402] syzkaller0: entered promiscuous mode
[  707.538627][T16402] syzkaller0: entered allmulticast mode
[  707.740992][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  707.886659][T16366] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2293'.
[  707.908375][T16409] netlink: 'syz.1.2309': attribute type 10 has an invalid length.
[  708.247105][ T1458] usbhid 8-1:7.0: can't add hid device: -71
[  708.250193][ T1458] usbhid 8-1:7.0: probe with driver usbhid failed with error -71
[  708.253416][ T1458] usb 8-1: USB disconnect, device number 26
[  708.449353][T16366] hid-generic 0003:0627:0001.0001: pid 16366 passed too short report
[  708.570641][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  708.781258][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  708.790323][T16446] netlink: 'syz.0.2320': attribute type 4 has an invalid length.
[  708.864711][T16446] netlink: 'syz.0.2320': attribute type 4 has an invalid length.
[  709.072088][T16452] netlink: 'syz.3.2323': attribute type 10 has an invalid length.
[  709.074389][T16452] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2323'.
[  709.077107][T16452] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  709.321675][T16463] ip6gretap0: entered promiscuous mode
[  709.324172][T16463] ip6gretap0: left promiscuous mode
[  709.332113][   T39] audit: type=1326 audit(1736332778.099:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.338210][   T39] audit: type=1326 audit(1736332778.099:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=237 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.344684][   T39] audit: type=1326 audit(1736332778.099:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.352096][   T39] audit: type=1326 audit(1736332778.099:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.358146][   T39] audit: type=1326 audit(1736332778.099:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.364235][   T39] audit: type=1326 audit(1736332778.099:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.3.2328" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f25579 code=0x7ffc0000
[  709.403712][T16469] bond0: entered promiscuous mode
[  709.405202][T16469] bond_slave_0: entered promiscuous mode
[  709.406869][T16469] bond_slave_1: entered promiscuous mode
[  709.428905][T16481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2333'.
[  709.431008][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  709.670563][ T6075] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  709.700621][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  709.730586][ T1458] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  709.800585][ T6075] usb 8-1: device descriptor read/64, error -71
[  709.810862][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  709.890700][ T1458] usb 5-1: Using ep0 maxpacket: 8
[  709.895372][ T1458] usb 5-1: config 7 has an invalid interface number: 161 but max is 0
[  709.897960][ T1458] usb 5-1: config 7 has no interface number 0
[  709.899874][ T1458] usb 5-1: config 7 interface 161 has no altsetting 0
[  709.905425][ T1458] usb 5-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59
[  709.908296][ T1458] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.911011][ T1458] usb 5-1: Product: syz
[  709.912313][ T1458] usb 5-1: Manufacturer: syz
[  709.913707][ T1458] usb 5-1: SerialNumber: syz
[  710.050681][ T6075] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  710.128434][ T1458] hub 5-1:7.161: bad descriptor, ignoring hub
[  710.130974][ T1458] hub 5-1:7.161: probe with driver hub failed with error -5
[  710.133955][ T1458] cypress_m8 5-1:7.161: HID->COM RS232 Adapter converter detected
[  710.136404][ T1458] cyphidcom ttyUSB0: required endpoint is missing
[  710.160792][ T1458] usb 5-1: USB disconnect, device number 26
[  710.163117][ T1458] cypress_m8 5-1:7.161: device disconnected
[  710.180600][ T6075] usb 8-1: device descriptor read/64, error -71
[  710.241614][   T39] audit: type=1326 audit(1736332779.009:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16475 comm="syz.1.2331" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  710.248867][   T39] audit: type=1326 audit(1736332779.009:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16475 comm="syz.1.2331" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f58579 code=0x7fc00000
[  710.255002][   T39] audit: type=1326 audit(1736332779.009:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16475 comm="syz.1.2331" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  710.261117][   T39] audit: type=1326 audit(1736332779.009:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16475 comm="syz.1.2331" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x7fc00000
[  710.302701][ T6075] usb usb8-port1: attempt power cycle
[  710.309083][T16487] bio_check_eod: 3 callbacks suppressed
[  710.309098][T16487] syz.1.2334: attempt to access beyond end of device
[  710.309098][T16487] nbd1: rw=4096, sector=0, nr_sectors = 2 limit=0
[  710.316949][T16487] XFS (nbd1): SB validate failed with error -5.
[  710.320316][   T36] block nbd1: Attempted send on invalid socket
[  710.322815][   T36] I/O error, dev nbd1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[  710.330625][T16487] bridge0: port 3(syz_tun) entered disabled state
[  710.333596][T16487] syz_tun (unregistering): left allmulticast mode
[  710.335482][T16487] syz_tun (unregistering): left promiscuous mode
[  710.337317][T16487] bridge0: port 3(syz_tun) entered disabled state
[  710.650557][ T6075] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  710.670931][ T6075] usb 8-1: device descriptor read/8, error -71
[  710.678249][T16505] tipc: Started in network mode
[  710.679935][T16505] tipc: Node identity 4, cluster identity 4711
[  710.682099][T16505] tipc: Node number set to 4
[  710.840579][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  710.851326][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  710.889000][T16511] siw: device registration error -23
[  710.910750][ T6075] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  710.931021][ T6075] usb 8-1: device descriptor read/8, error -71
[  711.041208][ T6075] usb usb8-port1: unable to enumerate USB device
[  711.468851][T16514] netlink: 'syz.1.2340': attribute type 11 has an invalid length.
[  711.683601][T16522] syz.0.2341 (16522): drop_caches: 2
[  711.714549][T12732] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  711.900976][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  711.940685][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  712.041287][T16550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2346'.
[  712.930857][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.060712][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  713.973286][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  714.160697][ T1132] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  715.010964][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  715.260746][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  716.051255][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  716.360747][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  717.091026][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  717.480764][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  718.130955][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  718.401283][T16588] program syz.0.2356 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  718.486719][T16586] syzkaller0: entered promiscuous mode
[  718.491370][T16586] syzkaller0: entered allmulticast mode
[  718.501014][T12732] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  718.505154][T16608] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2359'.
[  718.509144][T16591] syz.2.2357: attempt to access beyond end of device
[  718.509144][T16591] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  718.510038][T16608] ALSA: mixer_oss: invalid index 80000
[  718.512974][T16591] XFS (nbd2): SB validate failed with error -5.
[  718.545534][T16614] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2360'.
[  718.581065][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  718.668233][T16627] can0: slcan on ttyS3.
[  718.834469][T16646] siw: device registration error -23
[  718.862373][T16643] can0 (unregistered): slcan off ttyS3.
[  719.170801][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.700763][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  719.730611][    C2] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  720.212280][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  720.800933][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  721.250688][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.900577][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  722.291540][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  723.000685][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  723.340770][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  724.100700][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  724.370811][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  725.200677][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  725.410712][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.330660][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  726.451151][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  727.430690][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  727.490842][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  728.530785][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  728.530984][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  728.979695][T16682] netlink: 'syz.2.2369': attribute type 10 has an invalid length.
[  729.029827][T16682] 8021q: adding VLAN 0 to HW filter on device team0
[  729.033653][T16682] bond0: (slave team0): Enslaving as an active interface with an up link
[  729.254366][T16686] syz.3.2367 (16686): drop_caches: 2
[  729.580605][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  729.651161][T16696] block nbd2: NBD_DISCONNECT
[  729.652869][T16696] block nbd2: Disconnected due to user request.
[  729.655282][T16696] block nbd2: shutting down sockets
[  729.657303][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  729.739985][T16702] syz.3.2371 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  729.891415][ T5957] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  729.894186][ T5957] CPU: 3 UID: 0 PID: 5957 Comm: kworker/u33:6 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  729.897142][ T5957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  729.900241][ T5957] Workqueue: hci4 hci_rx_work
[  729.902137][ T5957] Call Trace:
[  729.903167][ T5957]  <TASK>
[  729.904000][ T5957]  dump_stack_lvl+0x16c/0x1f0
[  729.905258][ T5957]  sysfs_warn_dup+0x7f/0xa0
[  729.906576][ T5957]  sysfs_create_dir_ns+0x24d/0x2b0
[  729.907976][ T5957]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  729.909532][ T5957]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  729.911097][ T5957]  ? kobject_add_internal+0x12d/0x990
[  729.912567][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  729.914051][ T5957]  kobject_add_internal+0x2c8/0x990
[  729.915473][ T5957]  kobject_add+0x16f/0x240
[  729.916745][ T5957]  ? __pfx_kobject_add+0x10/0x10
[  729.918109][ T5957]  ? class_to_subsys+0x3e/0x160
[  729.919415][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  729.920890][ T5957]  ? kobject_put+0xab/0x5a0
[  729.922141][ T5957]  device_add+0x289/0x1a70
[  729.923358][ T5957]  ? __pfx_dev_set_name+0x10/0x10
[  729.924770][ T5957]  ? __pfx_device_add+0x10/0x10
[  729.926173][ T5957]  ? mgmt_send_event_skb+0x2f2/0x460
[  729.927608][ T5957]  hci_conn_add_sysfs+0x17e/0x230
[  729.928981][ T5957]  le_conn_complete_evt+0xfce/0x1d10
[  729.930682][ T5957]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  729.932209][ T5957]  ? trace_contention_end+0xee/0x140
[  729.933634][ T5957]  ? __mutex_lock+0x1cc/0xa60
[  729.934977][ T5957]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  729.936676][ T5957]  ? skb_pull_data+0x166/0x210
[  729.938019][ T5957]  hci_le_meta_evt+0x2e2/0x5d0
[  729.939333][ T5957]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  729.941114][ T5957]  hci_event_packet+0x666/0x1190
[  729.942433][ T5957]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  729.943875][ T5957]  ? __pfx_hci_event_packet+0x10/0x10
[  729.945376][ T5957]  ? lock_acquire.part.0+0x2e0/0x380
[  729.946886][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  729.948533][ T5957]  hci_rx_work+0x2c5/0x16b0
[  729.949833][ T5957]  ? process_one_work+0x8bb/0x1b30
[  729.951232][ T5957]  process_one_work+0x958/0x1b30
[  729.952570][ T5957]  ? __pfx_process_one_work+0x10/0x10
[  729.954036][ T5957]  ? rcu_is_watching+0x12/0xc0
[  729.955374][ T5957]  ? assign_work+0x1a0/0x250
[  729.956700][ T5957]  worker_thread+0x6c8/0xf00
[  729.958355][ T5957]  ? __pfx_worker_thread+0x10/0x10
[  729.960025][ T5957]  kthread+0x2c1/0x3a0
[  729.961479][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  729.963547][ T5957]  ? __pfx_kthread+0x10/0x10
[  729.965146][ T5957]  ret_from_fork+0x45/0x80
[  729.966738][ T5957]  ? __pfx_kthread+0x10/0x10
[  729.968415][ T5957]  ret_from_fork_asm+0x1a/0x30
[  729.970169][ T5957]  </TASK>
[  729.973174][ T5957] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  729.976950][ T5957] Bluetooth: hci4: failed to register connection device
[  730.364654][T16717] syz.1.2374 (16717): drop_caches: 2
[  730.469378][T16720] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2375'.
[  730.476008][T16722] can0: slcan on ttyS3.
[  730.624082][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  730.664266][T16736] can0 (unregistered): slcan off ttyS3.
[  730.770575][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  731.660754][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  731.875557][T16773] syz.1.2385 (16773): drop_caches: 2
[  731.901349][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  732.079792][T16772] netlink: 'syz.3.2384': attribute type 4 has an invalid length.
[  732.105885][T16787] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2389'.
[  732.112872][T16772] netlink: 'syz.3.2384': attribute type 4 has an invalid length.
[  732.223009][T16793] capability: warning: `syz.2.2390' uses 32-bit capabilities (legacy support in use)
[  732.393734][T16799] sctp: [Deprecated]: syz.2.2392 (pid 16799) Use of int in max_burst socket option deprecated.
[  732.393734][T16799] Use struct sctp_assoc_value instead
[  732.402577][T16799] netlink: 'syz.2.2392': attribute type 10 has an invalid length.
[  732.690912][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.020605][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  733.022451][T16816] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2398'.
[  733.046511][T16820] 9pnet_fd: Insufficient options for proto=fd
[  733.256657][T16846] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2411'.
[  733.285304][T16849] securityfs: Unknown parameter 'grpqtota”‘ÍR¤(ÁÐÏY¡+~Üö|dê—]šEx·Æ¯1й~:´:'
[  733.319314][T16854] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2414'.
[  733.324211][T16854] overlayfs: failed to resolve './file1': -2
[  733.424722][T16860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2418'.
[  733.427360][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  733.430584][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  733.432752][ T5958] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  733.435032][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  733.435363][T16860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2418'.
[  733.440708][ T5958] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  733.442888][ T5958] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  733.559649][T16861] chnl_net:caif_netlink_parms(): no params data found
[  733.609580][T16861] bridge0: port 1(bridge_slave_0) entered blocking state
[  733.612463][T16861] bridge0: port 1(bridge_slave_0) entered disabled state
[  733.614451][T16861] bridge_slave_0: entered allmulticast mode
[  733.616748][T16861] bridge_slave_0: entered promiscuous mode
[  733.625465][T16861] bridge0: port 2(bridge_slave_1) entered blocking state
[  733.627566][T16861] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.629653][T16861] bridge_slave_1: entered allmulticast mode
[  733.631776][T16861] bridge_slave_1: entered promiscuous mode
[  733.649719][T16861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  733.654358][T16861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  733.682149][T16861] team0: Port device team_slave_0 added
[  733.684714][T16861] team0: Port device team_slave_1 added
[  733.701671][T16861] batman_adv: batadv0: Adding interface: batadv_slave_0
[  733.703618][T16861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  733.710931][T16861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  733.716129][T16861] batman_adv: batadv0: Adding interface: batadv_slave_1
[  733.718334][T16861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  733.727684][T16861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  733.732289][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.743811][T16878] syzkaller0: entered promiscuous mode
[  733.745492][T16878] syzkaller0: entered allmulticast mode
[  733.790579][T16861] hsr_slave_0: entered promiscuous mode
[  733.792669][T16861] hsr_slave_1: entered promiscuous mode
[  733.794510][T16861] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  733.797269][T16861] Cannot create hsr debugfs directory
[  733.834048][T16861] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.845776][T16883] can0: slcan on ttyS3.
[  733.919241][T16861] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.974811][T16861] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  734.102160][T16888] can0 (unregistered): slcan off ttyS3.
[  734.140808][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  734.162429][T16861] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  734.225525][T16861] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  734.228893][T16861] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  734.233025][T16861] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  734.235719][T16861] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  734.243249][T16861] bridge0: port 2(bridge_slave_1) entered blocking state
[  734.245253][T16861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  734.247313][T16861] bridge0: port 1(bridge_slave_0) entered blocking state
[  734.249249][T16861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  734.264829][T16861] 8021q: adding VLAN 0 to HW filter on device bond0
[  734.271111][  T220] bridge0: port 1(bridge_slave_0) entered disabled state
[  734.273964][  T220] bridge0: port 2(bridge_slave_1) entered disabled state
[  734.280232][T16861] 8021q: adding VLAN 0 to HW filter on device team0
[  734.284880][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  734.287000][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  734.293021][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  734.295014][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  734.356163][T16861] 8021q: adding VLAN 0 to HW filter on device batadv0
[  734.369657][T16861] veth0_vlan: entered promiscuous mode
[  734.378278][T16861] veth1_vlan: entered promiscuous mode
[  734.394495][T16861] veth0_macvtap: entered promiscuous mode
[  734.397096][T16861] veth1_macvtap: entered promiscuous mode
[  734.402086][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.404982][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.407662][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.411349][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.414165][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.417075][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.420423][T16861] batman_adv: batadv0: Interface activated: batadv_slave_0
[  734.421211][T16912] siw: device registration error -23
[  734.426706][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  734.429559][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.432316][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  734.435080][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.437708][T16861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  734.441195][T16861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.444428][T16861] batman_adv: batadv0: Interface activated: batadv_slave_1
[  734.451139][T16861] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  734.453544][T16861] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  734.455951][T16861] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  734.458924][T16861] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  734.493758][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  734.495962][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  734.507279][ T1177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  734.509521][ T1177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  734.532741][T16927] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2417'.
[  734.562458][ T5958] Bluetooth: hci3: unexpected event 0x2c length: 1 < 17
[  734.771923][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.261051][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  735.425862][T16968] netlink: 'syz.3.2448': attribute type 10 has an invalid length.
[  735.490631][ T5958] Bluetooth: hci3: command tx timeout
[  735.811627][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.872726][T16981] netlink: 'syz.1.2452': attribute type 4 has an invalid length.
[  735.885384][T16981] netlink: 'syz.1.2452': attribute type 4 has an invalid length.
[  736.381356][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  736.411075][T17003] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2458'.
[  736.442121][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2462'.
[  736.444745][T17011] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  736.447228][T17011] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (165)
[  736.450394][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2462'.
[  736.453617][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2462'.
[  736.525454][T17017] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2465'.
[  736.546612][T17023] could not allocate digest TFM handle md4
[  736.662079][T17032] syz.0.2469: attempt to access beyond end of device
[  736.662079][T17032] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  736.666832][T17032] XFS (nbd0): SB validate failed with error -5.
[  736.861229][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  736.885469][T17049] siw: device registration error -23
[  737.178203][T17056] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2475'.
[  737.281330][T17068] syzkaller0: entered promiscuous mode
[  737.283124][T17068] syzkaller0: entered allmulticast mode
[  737.490629][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  737.570615][ T5958] Bluetooth: hci3: command tx timeout
[  737.635512][T17072] 9pnet: Could not find request transport: xen
[  737.670292][T17077] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2483'.
[  737.890777][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  738.351139][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  738.590580][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  738.699021][T17126] ip6gretap0: entered promiscuous mode
[  738.701890][T17126] ip6gretap0: left promiscuous mode
[  738.783500][T17128] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2501'.
[  738.924120][T17137] serio: Serial port ptm0
[  738.931106][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.102232][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  739.650734][ T5958] Bluetooth: hci3: command tx timeout
[  739.730881][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  739.971936][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.136709][T17157] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2511'.
[  740.275931][T17162] syzkaller0: entered promiscuous mode
[  740.275997][T17162] syzkaller0: entered allmulticast mode
[  740.307143][T17162] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2514'.
[  740.356013][T17169] siw: device registration error -23
[  740.611205][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  740.860561][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  741.012108][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  741.091537][T17191] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  741.094862][T17191] overlayfs: missing 'lowerdir'
[  741.608734][T17201] can0: slcan on ttyS3.
[  741.740594][ T5958] Bluetooth: hci3: command tx timeout
[  741.935692][ T1458] IPVS: starting estimator thread 0...
[  741.980910][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  742.020608][T17236] IPVS: using max 60 ests per chain, 144000 per kthread
[  742.060847][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.101053][T17215] can0 (unregistered): slcan off ttyS3.
[  742.120009][T17237] bond0: entered promiscuous mode
[  742.121681][T17237] bond_slave_0: entered promiscuous mode
[  742.123477][T17237] bond_slave_1: entered promiscuous mode
[  742.125382][T17237] team0: entered promiscuous mode
[  742.126969][T17237] team_slave_0: entered promiscuous mode
[  742.128857][T17237] team_slave_1: entered promiscuous mode
[  742.131111][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  742.547401][T17258] netlink: 'syz.3.2534': attribute type 10 has an invalid length.
[  742.549829][T17258] __nla_validate_parse: 1 callbacks suppressed
[  742.549838][T17258] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2534'.
[  742.617365][T17256] syz.1.2538: attempt to access beyond end of device
[  742.617365][T17256] nbd1: rw=4096, sector=0, nr_sectors = 2 limit=0
[  742.623503][T17256] XFS (nbd1): SB validate failed with error -5.
[  742.632450][ T6190] block nbd1: Attempted send on invalid socket
[  742.634302][ T6190] I/O error, dev nbd1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[  743.090720][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  743.092276][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.134608][T17280] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2541'.
[  743.154336][T17284] 
: renamed from ipvlan1
[  743.232107][T17287] serio: Serial port ptm0
[  743.389995][T17288] netlink: 'syz.2.2542': attribute type 10 has an invalid length.
[  743.411804][T17288] bridge0: port 2(bridge_slave_1) entered disabled state
[  743.414821][T17288] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.419420][T17288] bridge0: port 2(bridge_slave_1) entered blocking state
[  743.422293][T17288] bridge0: port 2(bridge_slave_1) entered forwarding state
[  743.424522][T17288] bridge0: port 1(bridge_slave_0) entered blocking state
[  743.426623][T17288] bridge0: port 1(bridge_slave_0) entered forwarding state
[  743.430928][T17288] bridge0: entered promiscuous mode
[  743.432614][T17288] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  744.021026][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  744.031771][T17310] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2550'.
[  744.038219][T17310] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  744.079499][T17316] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2551'.
[  744.132655][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.158200][T17333] netlink: 'syz.3.2556': attribute type 2 has an invalid length.
[  744.211252][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  745.171434][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  745.320873][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  746.210575][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  746.420765][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  746.612388][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  747.251842][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.520716][   T11] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  748.290648][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  748.620746][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  749.331083][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  749.720894][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  750.372535][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  750.830589][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  750.847262][T17365] usb usb8: usbfs: process 17365 (syz.3.2563) did not claim interface 0 before use
[  751.100579][    C2] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  751.157088][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  751.321632][T17395] netlink: 'syz.2.2567': attribute type 11 has an invalid length.
[  751.385352][T17407] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2571'.
[  751.411175][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.040899][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  752.460561][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  753.171593][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  753.491225][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  754.270773][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  754.530707][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  755.380623][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  755.572304][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  756.480607][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  756.610658][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  757.600700][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  757.653162][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  758.147654][T17442] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.243585][T17442] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.360178][T17442] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.371144][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  758.427379][T17442] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.478769][T17469] netlink: 'syz.0.2585': attribute type 4 has an invalid length.
[  758.521455][T17469] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  758.523520][T17469] overlayfs: failed to set xattr on upper
[  758.531752][T17469] overlayfs: ...falling back to redirect_dir=nofollow.
[  758.533878][T17469] overlayfs: ...falling back to index=off.
[  758.535566][T17469] overlayfs: ...falling back to uuid=null.
[  758.619340][T17442] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.620899][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  758.623415][T17442] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  758.628267][T17442] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  758.632553][T17442] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  758.636251][T17474] ip6gretap0: entered promiscuous mode
[  758.638726][T17474] ip6gretap0: left promiscuous mode
[  758.690650][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  758.830627][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  759.656635][T17484] syzkaller0: entered promiscuous mode
[  759.658772][T17484] syzkaller0: entered allmulticast mode
[  759.731562][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.734455][T17491] syzkaller0: entered promiscuous mode
[  759.736146][T17491] syzkaller0: entered allmulticast mode
[  759.950775][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  760.396974][T17511] syz.2.2600: attempt to access beyond end of device
[  760.396974][T17511] nbd2: rw=4096, sector=0, nr_sectors = 2 limit=0
[  760.401899][T17511] XFS (nbd2): SB validate failed with error -5.
[  760.426282][T17529] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2603'.
[  760.432582][T17529] bond0: entered promiscuous mode
[  760.434107][T17529] bond_slave_0: entered promiscuous mode
[  760.435763][T17529] bond_slave_1: entered promiscuous mode
[  760.437863][T17529] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  760.440392][T17529] bond0: left promiscuous mode
[  760.442313][T17529] bond_slave_0: left promiscuous mode
[  760.444577][T17529] bond_slave_1: left promiscuous mode
[  760.643425][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  760.644546][T17537] ip6gretap0: entered promiscuous mode
[  760.650720][T17537] ip6gretap0: left promiscuous mode
[  760.780669][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  761.050726][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  761.074118][T17553] siw: device registration error -23
[  761.480926][ T6408] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  761.812097][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  762.151314][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  762.689305][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  762.692345][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  762.694410][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  762.696635][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  762.699188][ T5957] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  762.701443][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  762.747854][T17582] siw: device registration error -23
[  762.752665][T17578] chnl_net:caif_netlink_parms(): no params data found
[  762.851025][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  762.912180][T17578] bridge0: port 1(bridge_slave_0) entered blocking state
[  762.914198][T17578] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.916321][T17578] bridge_slave_0: entered allmulticast mode
[  762.918508][T17578] bridge_slave_0: entered promiscuous mode
[  762.921167][T17578] bridge0: port 2(bridge_slave_1) entered blocking state
[  762.923282][T17578] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.925396][T17578] bridge_slave_1: entered allmulticast mode
[  762.927490][T17578] bridge_slave_1: entered promiscuous mode
[  762.940599][T17592] bond0: entered promiscuous mode
[  762.940947][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  762.942074][T17592] bond_slave_0: entered promiscuous mode
[  762.946371][T17592] bond_slave_1: entered promiscuous mode
[  763.014372][T17578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  763.017953][T17578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.038907][T17578] team0: Port device team_slave_0 added
[  763.041370][T17578] team0: Port device team_slave_1 added
[  763.076059][T17578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  763.078158][T17578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  763.085740][T17578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  763.090120][T17578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  763.092291][T17578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  763.099787][T17578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  763.121736][T17578] hsr_slave_0: entered promiscuous mode
[  763.176918][T17578] hsr_slave_1: entered promiscuous mode
[  763.200619][T17578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  763.279316][T17578] Cannot create hsr debugfs directory
[  763.341425][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  763.348129][T17578] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.349039][T17595] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2621'.
[  763.403308][T17578] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.484431][T17578] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.604828][T17578] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.647538][T17607] block device autoloading is deprecated and will be removed.
[  763.728248][T17610] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2626'.
[  763.734775][T17610] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  763.743146][T17578] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  763.746142][T17578] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  763.749191][T17578] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  763.752812][T17578] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  763.776035][T17578] 8021q: adding VLAN 0 to HW filter on device bond0
[  763.781786][T17578] 8021q: adding VLAN 0 to HW filter on device team0
[  763.786306][ T3694] bridge0: port 1(bridge_slave_0) entered blocking state
[  763.788403][ T3694] bridge0: port 1(bridge_slave_0) entered forwarding state
[  763.792927][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  763.795101][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  763.835356][T17615] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2627'.
[  763.857201][T17578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  763.871093][T17578] veth0_vlan: entered promiscuous mode
[  763.874344][T17578] veth1_vlan: entered promiscuous mode
[  763.884883][T17578] veth0_macvtap: entered promiscuous mode
[  763.887695][T17578] veth1_macvtap: entered promiscuous mode
[  763.893232][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  763.896419][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.900264][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.903870][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.907972][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.911592][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.915929][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.919410][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.923196][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.927095][T17578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  763.931879][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.935668][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.939073][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.942695][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.946091][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.950070][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.954419][T17578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.958726][T17578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.962269][T17578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  763.967679][T17578] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  763.971480][T17578] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  763.975159][T17578] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  763.978618][T17578] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  764.002157][T17626] syzkaller0: entered promiscuous mode
[  764.003775][T17626] syzkaller0: entered allmulticast mode
[  764.016156][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  764.019343][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  764.027458][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  764.031397][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  764.442223][T17648] netlink: 'syz.2.2633': attribute type 10 has an invalid length.
[  764.444671][T17648] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2633'.
[  764.448472][T17648] batman_adv: batadv0: Adding interface: vlan1
[  764.450393][T17648] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.458266][T17648] batman_adv: batadv0: Interface activated: vlan1
[  764.482023][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  764.745508][T17654] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2635'.
[  764.812225][T17662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2639'.
[  764.814871][T17662] netlink: 'syz.1.2639': attribute type 7 has an invalid length.
[  764.817125][T17662] netlink: 'syz.1.2639': attribute type 8 has an invalid length.
[  764.819305][T17662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2639'.
[  764.903261][T17673] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2642'.
[  764.909422][T17673] bond0: (slave team0): Releasing backup interface
[  764.912073][T17673] team0: left promiscuous mode
[  764.913897][T17673] team_slave_0: left promiscuous mode
[  764.915735][T17673] team_slave_1: left promiscuous mode
[  764.918705][T17673] bridge_slave_0: left allmulticast mode
[  764.920717][T17673] bridge_slave_0: left promiscuous mode
[  764.922407][T17673] bridge0: port 1(bridge_slave_0) entered disabled state
[  764.941158][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  764.952373][T17673] bridge_slave_1: left allmulticast mode
[  764.954043][T17673] bridge_slave_1: left promiscuous mode
[  764.955907][T17673] bridge0: port 2(bridge_slave_1) entered disabled state
[  764.959772][T17673] bond0: (slave bond_slave_0): Releasing backup interface
[  764.962792][T17673] bond_slave_0: left promiscuous mode
[  764.966316][T17673] bond0: (slave bond_slave_1): Releasing backup interface
[  764.969464][T17673] bond_slave_1: left promiscuous mode
[  764.973953][T17673] team0: Port device team_slave_0 removed
[  764.978184][T17673] team0: Port device team_slave_1 removed
[  764.980049][T17673] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  764.982804][T17673] batman_adv: batadv0: Removing interface: batadv_slave_0
[  764.985613][T17673] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  764.987738][T17673] batman_adv: batadv0: Removing interface: batadv_slave_1
[  764.997798][T17677] siw: device registration error -23
[  765.000103][T17679] vlan0: entered promiscuous mode
[  765.003292][T17679] team0: Port device vlan0 added
[  765.036990][T17673] tipc: Started in network mode
[  765.038480][T17673] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  765.040726][T17673] tipc: Enabled bearer <eth:team0>, priority 0
[  765.065633][T17686] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2643'.
[  765.600757][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  765.862618][T17702] syz.0.2650: attempt to access beyond end of device
[  765.862618][T17702] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  765.866998][T17702] XFS (nbd0): SB validate failed with error -5.
[  765.892606][T17722] __nla_validate_parse: 2 callbacks suppressed
[  765.892621][T17722] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2653'.
[  765.922578][T17728] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2655'.
[  765.932104][T17728] bond0: entered promiscuous mode
[  765.933841][T17728] bond_slave_0: entered promiscuous mode
[  765.935920][T17728] bond_slave_1: entered promiscuous mode
[  765.938153][T17728] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  765.941946][T17728] bond0: left promiscuous mode
[  765.943380][T17728] bond_slave_0: left promiscuous mode
[  765.945353][T17728] bond_slave_1: left promiscuous mode
[  765.958669][T17732] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  765.971470][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  766.117757][T17746] siw: device registration error -23
[  766.170789][T11095] tipc: Node number set to 11578026
[  766.534904][T17755] NILFS (loop1): device size too small
[  766.730917][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  766.938368][T17770] netlink: 'syz.3.2668': attribute type 11 has an invalid length.
[  767.053633][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  767.055107][T17774] netlink: 'syz.2.2669': attribute type 4 has an invalid length.
[  767.119176][T17777] netlink: 'syz.2.2669': attribute type 4 has an invalid length.
[  767.584211][T17789] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  767.586799][T17789] Bluetooth: MGMT ver 1.23
[  767.601880][T17793] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2675'.
[  767.607284][T17793] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  767.653371][T17796] syzkaller0: entered promiscuous mode
[  767.654965][T17796] syzkaller0: entered allmulticast mode
[  767.718482][T17808] netlink: 'syz.1.2681': attribute type 11 has an invalid length.
[  767.859915][T17830] ip6gretap0: entered promiscuous mode
[  767.863249][T17830] ip6gretap0: left promiscuous mode
[  767.870739][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  767.982280][T17836] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2691'.
[  768.137384][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  768.141053][T17778] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  768.267648][T17857] can0: slcan on ttyS3.
[  768.371420][T17864] can0 (unregistered): slcan off ttyS3.
[  768.990752][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  769.144368][T17881] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2700'.
[  769.149189][T17881] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  769.162037][T17883] serio: Serial port ttynull
[  769.165917][T17888] netlink: 'syz.3.2705': attribute type 11 has an invalid length.
[  769.180620][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  769.206083][T17890] syzkaller0: entered promiscuous mode
[  769.207755][T17890] syzkaller0: entered allmulticast mode
[  769.432730][ T5957] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  769.435665][ T5957] CPU: 2 UID: 0 PID: 5957 Comm: kworker/u33:6 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  769.438807][ T5957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  769.441911][ T5957] Workqueue: hci3 hci_rx_work
[  769.443280][ T5957] Call Trace:
[  769.444248][ T5957]  <TASK>
[  769.445106][ T5957]  dump_stack_lvl+0x16c/0x1f0
[  769.446483][ T5957]  sysfs_warn_dup+0x7f/0xa0
[  769.447803][ T5957]  sysfs_create_dir_ns+0x24d/0x2b0
[  769.449300][ T5957]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  769.450958][ T5957]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  769.452502][ T5957]  ? kobject_add_internal+0x12d/0x990
[  769.454053][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  769.455557][ T5957]  kobject_add_internal+0x2c8/0x990
[  769.457057][ T5957]  kobject_add+0x16f/0x240
[  769.458385][ T5957]  ? __pfx_kobject_add+0x10/0x10
[  769.459834][ T5957]  ? class_to_subsys+0x3e/0x160
[  769.461274][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  769.462786][ T5957]  ? kobject_put+0xab/0x5a0
[  769.464105][ T5957]  device_add+0x289/0x1a70
[  769.465399][ T5957]  ? __pfx_dev_set_name+0x10/0x10
[  769.466851][ T5957]  ? __pfx_device_add+0x10/0x10
[  769.468266][ T5957]  ? mgmt_send_event_skb+0x2f2/0x460
[  769.469814][ T5957]  hci_conn_add_sysfs+0x17e/0x230
[  769.471303][ T5957]  le_conn_complete_evt+0xfce/0x1d10
[  769.472826][ T5957]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  769.474483][ T5957]  ? trace_contention_end+0xee/0x140
[  769.476009][ T5957]  ? __mutex_lock+0x1cc/0xa60
[  769.477389][ T5957]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  769.479124][ T5957]  ? skb_pull_data+0x166/0x210
[  769.480530][ T5957]  hci_le_meta_evt+0x2e2/0x5d0
[  769.481926][ T5957]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  769.483759][ T5957]  hci_event_packet+0x666/0x1190
[  769.485186][ T5957]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  769.486723][ T5957]  ? __pfx_hci_event_packet+0x10/0x10
[  769.488291][ T5957]  ? lock_acquire.part.0+0x2e0/0x380
[  769.489847][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  769.491599][ T5957]  hci_rx_work+0x2c5/0x16b0
[  769.492921][ T5957]  ? process_one_work+0x8bb/0x1b30
[  769.494419][ T5957]  process_one_work+0x958/0x1b30
[  769.495975][ T5957]  ? __pfx_process_one_work+0x10/0x10
[  769.497539][ T5957]  ? rcu_is_watching+0x12/0xc0
[  769.499085][ T5957]  ? assign_work+0x1a0/0x250
[  769.500467][ T5957]  worker_thread+0x6c8/0xf00
[  769.501812][ T5957]  ? __pfx_worker_thread+0x10/0x10
[  769.503288][ T5957]  kthread+0x2c1/0x3a0
[  769.504459][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  769.506175][ T5957]  ? __pfx_kthread+0x10/0x10
[  769.507505][ T5957]  ret_from_fork+0x45/0x80
[  769.508790][ T5957]  ? __pfx_kthread+0x10/0x10
[  769.510144][ T5957]  ret_from_fork_asm+0x1a/0x30
[  769.511537][ T5957]  </TASK>
[  769.514165][ T5957] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  769.518283][ T5957] Bluetooth: hci3: failed to register connection device
[  769.650586][ T5957] Bluetooth: hci0: command tx timeout
[  770.090622][T17676] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  770.212726][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  770.816858][T17940] siw: device registration error -23
[  770.840782][T17935] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2720'.
[  770.863438][T17935] batadv0: entered promiscuous mode
[  770.865518][T17935] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  770.868095][T17935] batadv0: left promiscuous mode
[  771.230735][ T1177] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  771.250847][ T1177] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.612305][T17950] syzkaller0: entered promiscuous mode
[  771.614414][T17950] syzkaller0: entered allmulticast mode
[  771.727390][T17957] ip6gretap0: entered promiscuous mode
[  771.729895][T17957] ip6gretap0: left promiscuous mode
[  771.736755][T17959] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  771.799808][T17964] can0: slcan on ttyS3.
[  771.920955][T17966] can0 (unregistered): slcan off ttyS3.
[  772.352608][ T1132] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  772.380666][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  772.492800][T17993] netlink: 'syz.0.2732': attribute type 10 has an invalid length.
[  772.495403][T17993] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2732'.
[  772.499615][T17993] batman_adv: batadv0: Adding interface: vlan1
[  772.502088][T17993] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  772.513535][T17993] batman_adv: batadv0: Interface activated: vlan1
[  772.559250][T17982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2729'.
[  772.562027][T17982] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[  772.750666][T18028] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2741'.
[  772.754650][T18028] bond0: entered promiscuous mode
[  772.756581][T18028] bond_slave_0: entered promiscuous mode
[  772.758397][T18028] bond_slave_1: entered promiscuous mode
[  772.760735][T18028] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  772.763488][T18028] bond0: left promiscuous mode
[  772.764880][T18028] bond_slave_0: left promiscuous mode
[  772.766501][T18028] bond_slave_1: left promiscuous mode
[  772.835787][T18042] input: syz1 as /devices/virtual/input/input14
[  772.861745][T18042] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  773.014539][T18089] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2765'.
[  773.018784][T18089] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  773.026284][T18091] loop2: detected capacity change from 0 to 7
[  773.028294][T18091] Dev loop2: unable to read RDB block 7
[  773.029911][T18091]  loop2: unable to read partition table
[  773.031930][T18091] loop2: partition table beyond EOD, truncated
[  773.033923][T18091] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  773.135055][T18108] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  773.350912][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  773.410655][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  773.450892][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  773.490898][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  773.682551][ T5957] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  773.686775][ T5957] CPU: 2 UID: 0 PID: 5957 Comm: kworker/u33:6 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  773.690609][ T5957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  773.694707][ T5957] Workqueue: hci2 hci_rx_work
[  773.696569][ T5957] Call Trace:
[  773.697902][ T5957]  <TASK>
[  773.698998][ T5957]  dump_stack_lvl+0x16c/0x1f0
[  773.700729][ T5957]  sysfs_warn_dup+0x7f/0xa0
[  773.702379][ T5957]  sysfs_create_dir_ns+0x24d/0x2b0
[  773.704290][ T5957]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  773.706391][ T5957]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  773.708397][ T5957]  ? kobject_add_internal+0x12d/0x990
[  773.710400][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  773.712336][ T5957]  kobject_add_internal+0x2c8/0x990
[  773.714450][ T5957]  kobject_add+0x16f/0x240
[  773.716142][ T5957]  ? __pfx_kobject_add+0x10/0x10
[  773.718016][ T5957]  ? class_to_subsys+0x3e/0x160
[  773.719827][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[  773.721788][ T5957]  ? kobject_put+0xab/0x5a0
[  773.723449][ T5957]  device_add+0x289/0x1a70
[  773.725104][ T5957]  ? __pfx_dev_set_name+0x10/0x10
[  773.726999][ T5957]  ? __pfx_device_add+0x10/0x10
[  773.728810][ T5957]  ? mgmt_send_event_skb+0x2f2/0x460
[  773.730799][ T5957]  hci_conn_add_sysfs+0x17e/0x230
[  773.732669][ T5957]  le_conn_complete_evt+0xfce/0x1d10
[  773.734483][ T5957]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  773.736290][ T5957]  ? trace_contention_end+0xee/0x140
[  773.737837][ T5957]  ? __mutex_lock+0x1cc/0xa60
[  773.739199][ T5957]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  773.740900][ T5957]  ? skb_pull_data+0x166/0x210
[  773.742302][ T5957]  hci_le_meta_evt+0x2e2/0x5d0
[  773.743686][ T5957]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  773.745520][ T5957]  hci_event_packet+0x666/0x1190
[  773.746938][ T5957]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  773.748460][ T5957]  ? __pfx_hci_event_packet+0x10/0x10
[  773.750149][ T5957]  ? lock_acquire.part.0+0x2e0/0x380
[  773.751813][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  773.753538][ T5957]  hci_rx_work+0x2c5/0x16b0
[  773.754858][ T5957]  ? process_one_work+0x8bb/0x1b30
[  773.756322][ T5957]  process_one_work+0x958/0x1b30
[  773.757760][ T5957]  ? __pfx_process_one_work+0x10/0x10
[  773.759452][ T5957]  ? rcu_is_watching+0x12/0xc0
[  773.760901][ T5957]  ? assign_work+0x1a0/0x250
[  773.762251][ T5957]  worker_thread+0x6c8/0xf00
[  773.763662][ T5957]  ? __pfx_worker_thread+0x10/0x10
[  773.765113][ T5957]  kthread+0x2c1/0x3a0
[  773.766293][ T5957]  ? trace_irq_enable.constprop.0+0xea/0x140
[  773.768005][ T5957]  ? __pfx_kthread+0x10/0x10
[  773.769367][ T5957]  ret_from_fork+0x45/0x80
[  773.770765][ T5957]  ? __pfx_kthread+0x10/0x10
[  773.772107][ T5957]  ret_from_fork_asm+0x1a/0x30
[  773.773500][ T5957]  </TASK>
[  773.774743][ T5957] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  773.778738][ T5957] Bluetooth: hci2: failed to register connection device
[  774.461785][T18005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  774.503612][T18163] netlink: 'syz.2.2790': attribute type 1 has an invalid length.
[  774.535752][T18167] netlink: 'syz.1.2786': attribute type 10 has an invalid length.
[  774.538266][T18167] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2786'.
[  774.542071][T18167] batman_adv: batadv0: Adding interface: vlan1
[  774.544445][T18167] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  774.560640][T18167] batman_adv: batadv0: Interface activated: vlan1
[  774.610608][T18004] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  774.658115][T18179] netlink: 'syz.2.2793': attribute type 10 has an invalid length.
[  774.660386][T18179] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2793'.
[  774.709567][T18180] siw: device registration error -23
[  774.818403][T18188] siw: device registration error -23
[  775.046637][T18194] netlink: 'syz.1.2799': attribute type 4 has an invalid length.
[  775.074277][T18194] netlink: 'syz.1.2799': attribute type 4 has an invalid length.
[  775.490727][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  775.604240][T18221] can0: slcan on ttyS3.
[  775.768639][T17676] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  775.799312][T18220] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2805'.
[  775.850922][T18230] can0 (unregistered): slcan off ttyS3.
[  776.047514][T18243] syzkaller0: entered promiscuous mode
[  776.049569][T18243] syzkaller0: entered allmulticast mode
[  776.533202][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  776.581306][ T3694] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.590151][T18255] syzkaller1: entered promiscuous mode
[  776.592495][T18255] syzkaller1: entered allmulticast mode
[  776.658727][ T3694] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.665201][T18258] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2819'.
[  776.710020][ T5958] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  776.715770][ T5958] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  776.718599][ T5958] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  776.721647][ T5958] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  776.723993][ T5958] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  776.726837][ T5958] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  776.733717][ T3694] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.773800][ T3694] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.780405][T18261] chnl_net:caif_netlink_parms(): no params data found
[  776.811173][T18261] bridge0: port 1(bridge_slave_0) entered blocking state
[  776.813998][T18261] bridge0: port 1(bridge_slave_0) entered disabled state
[  776.816792][T18261] bridge_slave_0: entered allmulticast mode
[  776.819682][T18261] bridge_slave_0: entered promiscuous mode
[  776.824217][T18261] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.826897][T18261] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.829713][T18261] bridge_slave_1: entered allmulticast mode
[  776.832816][T18261] bridge_slave_1: entered promiscuous mode
[  776.847177][T18261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  776.851502][T18261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  776.869124][T18261] team0: Port device team_slave_0 added
[  776.872858][T18261] team0: Port device team_slave_1 added
[  776.899197][ T3694] bridge_slave_1: left allmulticast mode
[  776.900582][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  776.901409][ T3694] bridge_slave_1: left promiscuous mode
[  776.905717][ T3694] bridge0: port 2(bridge_slave_1) entered disabled state
[  776.909346][ T3694] bridge_slave_0: left allmulticast mode
[  776.911881][ T3694] bridge_slave_0: left promiscuous mode
[  776.913670][ T3694] bridge0: port 1(bridge_slave_0) entered disabled state
[  777.014316][ T3694] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  777.019168][ T3694] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  777.023664][ T3694] bond0 (unregistering): Released all slaves
[  777.027498][T18261] batman_adv: batadv0: Adding interface: batadv_slave_0
[  777.030273][T18261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  777.040624][T18261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  777.047005][T18261] batman_adv: batadv0: Adding interface: batadv_slave_1
[  777.049042][T18261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  777.056774][T18261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  777.077664][T18261] hsr_slave_0: entered promiscuous mode
[  777.079535][T18261] hsr_slave_1: entered promiscuous mode
[  777.081571][T18261] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  777.083722][T18261] Cannot create hsr debugfs directory
[  777.127385][T18261] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  777.130425][T18261] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  777.134882][T18261] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  777.137924][T18261] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  777.163844][T18261] 8021q: adding VLAN 0 to HW filter on device bond0
[  777.169457][T18261] 8021q: adding VLAN 0 to HW filter on device team0
[  777.173603][T17676] bridge0: port 1(bridge_slave_0) entered blocking state
[  777.175635][T17676] bridge0: port 1(bridge_slave_0) entered forwarding state
[  777.179549][T18005] bridge0: port 2(bridge_slave_1) entered blocking state
[  777.181669][T18005] bridge0: port 2(bridge_slave_1) entered forwarding state
[  777.255729][T18261] 8021q: adding VLAN 0 to HW filter on device batadv0
[  777.274482][ T3694] hsr_slave_0: left promiscuous mode
[  777.276454][ T3694] hsr_slave_1: left promiscuous mode
[  777.278659][ T3694] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  777.282120][ T3694] batman_adv: batadv0: Removing interface: batadv_slave_0
[  777.285121][ T3694] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  777.287368][ T3694] batman_adv: batadv0: Removing interface: batadv_slave_1
[  777.292190][ T3694] veth1_macvtap: left promiscuous mode
[  777.293866][ T3694] veth0_macvtap: left promiscuous mode
[  777.295531][ T3694] veth1_vlan: left promiscuous mode
[  777.297052][ T3694] veth0_vlan: left promiscuous mode
[  777.372333][ T3694] team0 (unregistering): Port device team_slave_1 removed
[  777.378596][ T3694] team0 (unregistering): Port device team_slave_0 removed
[  777.467012][T18261] veth0_vlan: entered promiscuous mode
[  777.477294][T18261] veth1_vlan: entered promiscuous mode
[  777.485891][T18261] veth0_macvtap: entered promiscuous mode
[  777.488785][T18261] veth1_macvtap: entered promiscuous mode
[  777.495487][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  777.498643][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.501591][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  777.504558][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.508107][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  777.511547][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.514976][T18261] batman_adv: batadv0: Interface activated: batadv_slave_0
[  777.519187][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.521056][T18322] binder: BINDER_SET_CONTEXT_MGR already set
[  777.523592][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.524055][T18322] binder: 18308:18322 ioctl 4018620d 20000100 returned -16
[  777.526723][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.526734][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.534669][T18261] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  777.537625][T18261] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  777.541826][T18261] batman_adv: batadv0: Interface activated: batadv_slave_1
[  777.545560][T18261] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  777.548219][T18261] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  777.551119][T18261] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  777.553768][T18261] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  777.576544][T18009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  777.578973][T18009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  777.586592][T18004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  777.588569][T18005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  777.591887][T18005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  777.605562][T18326] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2828'.
[  777.719049][T18343] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2832'.
[  777.784340][T18353] kernel read not supported for file /rmdF¼ìýŸ�‹Z°™C‹Ç²AËT™ûc詨ot4wÈ&¹°Ö'_4ƒ%¼kS¨L¥Q+©�5©…u·ÎqaÈOåV9,¯Ñ
†éÙ=_¦$¾Ò»�IVÑÓ¦ÏÕÒáO>@6u®½­šwù\—-¿ÒGtÄÒ?¬ÇF%x±^àÜØ•<VÏU¬ (pid: 18353 comm: syz.0.2832)
[  777.802899][   T39] kauditd_printk_skb: 96 callbacks suppressed
[  777.802909][   T39] audit: type=1800 audit(1736332846.559:197): pid=18353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2832" name=726D64461716BCECFD9F7F8F8B5AB0991D438BC7B21641CB5499FB63E8A9A86F74173477C80B26B9B0D6275F348325BC6B5315A84C10A5512BA98F35A98575B7CE7161C84FE556392CAF1B11D10186E9D93D5FA6080D2406BED2BB03904956D111D3A6CFD5D2E14F3E4036751AAEBDAD9A77F95C97162DBFD24774C4D23FACC715462578B1075EE0DCD8953C5606CF55AC dev="mqueue" ino=65440 res=0 errno=0
[  777.989666][T18371] netlink: 'syz.4.2831': attribute type 4 has an invalid length.
[  778.032001][T18005] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  778.059147][T18371] netlink: 'syz.4.2831': attribute type 4 has an invalid length.
[  778.463081][T18394] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2837'.
[  778.611651][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  778.719505][T18420] syz.4.2847: attempt to access beyond end of device
[  778.719505][T18420] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  778.724407][T18420] XFS (nbd4): SB validate failed with error -5.
[  778.900724][T18443] syzkaller0: entered promiscuous mode
[  778.903012][T18443] syzkaller0: entered allmulticast mode
[  779.130630][T18005] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  779.262513][T18460] siw: device registration error -23
[  779.650891][T18004] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  779.842816][T18474] syz.1.2865 (18474): drop_caches: 2
[  780.060859][T18484] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap0
[  780.064136][T18484] ip6gretap0: entered promiscuous mode
[  780.066656][T18484] ip6gretap0: left promiscuous mode
[  780.198289][T18494] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2871'.
[  780.232129][T18005] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  780.351543][ T5957] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  780.692093][ T3694] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  780.748115][T18532] siw: device registration error -23
[  780.953999][T18540] ip6gretap0: entered promiscuous mode
[  780.956378][T18540] ip6gretap0: left promiscuous mode
[  781.239783][T18564] fuse: Unknown parameter ''
[  781.340631][T18005] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  781.356638][T18575] can0: slcan on ttyS3.
[  781.610565][T18585] can0 (unregistered): slcan off ttyS3.
[  781.730798][T18008] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  781.919755][T18593] bond0: entered promiscuous mode
[  781.921849][T18593] bond_slave_0: entered promiscuous mode
[  781.923569][T18593] bond_slave_1: entered promiscuous mode
[  781.930978][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  782.520805][ T3694] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  782.771323][T18005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  783.439626][T18666] syzkaller0: entered promiscuous mode
[  783.441821][T18666] syzkaller0: entered allmulticast mode
[  783.631218][T18008] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  783.632580][T18682] syzkaller0: entered promiscuous mode
[  783.635141][T18682] syzkaller0: entered allmulticast mode
[  783.810620][T18005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  783.965660][T18716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2943'.
[  784.320568][T11095] usb 6-1: new full-speed USB device number 39 using dummy_hcd
[  784.481661][T11095] usb 6-1: config index 0 descriptor too short (expected 31, got 27)
[  784.484017][T11095] usb 6-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0
[  784.486874][T11095] usb 6-1: config 1 interface 0 has no altsetting 0
[  784.490214][T11095] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[  784.493073][T11095] usb 6-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[  784.495423][T11095] usb 6-1: Product: syz
[  784.496641][T11095] usb 6-1: Manufacturer: syz
[  784.498078][T11095] usb 6-1: SerialNumber: syz
[  784.568063][T18777] can0: slcan on ttyS3.
[  784.750774][T18008] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  784.841195][T18782] can0 (unregistered): slcan off ttyS3.
[  784.866288][T18008] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  784.908905][T18804] syzkaller0: entered promiscuous mode
[  784.911164][T18804] syzkaller0: entered allmulticast mode
[  785.119139][T11095] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 39 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  785.314831][ T6408] usb 6-1: USB disconnect, device number 39
[  785.318674][ T6408] usblp0: removed
[  785.511745][T18829] netlink: 'syz.0.2971': attribute type 1 has an invalid length.
[  785.517425][T18829] 8021q: adding VLAN 0 to HW filter on device bond1
[  785.525372][T18829] bond1: (slave gretap1): making interface the new active one
[  785.528060][T18829] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  785.595792][T18829] syz.0.2971 (18829) used greatest stack depth: 20624 bytes left
[  785.806480][T18861] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  785.822534][T18862] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌ'
[  785.824866][T18862] CPU: 2 UID: 0 PID: 18862 Comm: syz.4.2978 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  785.827924][T18862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  785.830996][T18862] Call Trace:
[  785.831959][T18862]  <TASK>
[  785.832812][T18862]  dump_stack_lvl+0x16c/0x1f0
[  785.834184][T18862]  sysfs_warn_dup+0x7f/0xa0
[  785.835532][T18862]  sysfs_do_create_link_sd+0x124/0x140
[  785.837110][T18862]  sysfs_create_link+0x61/0xc0
[  785.838751][T18862]  device_add+0x62e/0x1a70
[  785.840585][T18862]  ? __pfx_device_add+0x10/0x10
[  785.842048][T18862]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  785.843747][T18862]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  785.845465][T18862]  wiphy_register+0x1c7a/0x2860
[  785.846870][T18862]  ? netdev_run_todo+0x837/0x12d0
[  785.848352][T18862]  ? __pfx_wiphy_register+0x10/0x10
[  785.849860][T18862]  ieee80211_register_hw+0x2951/0x3fa0
[  785.851438][T18862]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  785.853108][T18862]  ? net_generic+0xea/0x2a0
[  785.854449][T18862]  ? lockdep_init_map_type+0x16d/0x7d0
[  785.856009][T18862]  ? net_generic+0x30/0x2a0
[  785.857326][T18862]  ? rcu_is_watching+0x12/0xc0
[  785.859152][T18862]  ? trace_hrtimer_init+0x1a6/0x230
[  785.861082][T18862]  ? __hrtimer_init+0x106/0x2c0
[  785.862506][T18862]  mac80211_hwsim_new_radio+0x2c47/0x56c0
[  785.864144][T18862]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  785.865912][T18862]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  785.867437][T18862]  hwsim_new_radio_nl+0xb42/0x12b0
[  785.868911][T18862]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  785.870514][T18862]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  785.872618][T18862]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  785.874734][T18862]  genl_family_rcv_msg_doit+0x202/0x2f0
[  785.876331][T18862]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  785.878188][T18862]  ? genl_get_cmd+0x195/0x580
[  785.880124][T18862]  ? bpf_lsm_capable+0x9/0x10
[  785.881845][T18862]  ? security_capable+0x7e/0x260
[  785.883271][T18862]  ? ns_capable+0xd7/0x110
[  785.884573][T18862]  genl_rcv_msg+0x565/0x800
[  785.885904][T18862]  ? __pfx_genl_rcv_msg+0x10/0x10
[  785.887352][T18862]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  785.889112][T18862]  netlink_rcv_skb+0x165/0x410
[  785.890508][T18862]  ? __pfx_genl_rcv_msg+0x10/0x10
[  785.891961][T18862]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  785.893489][T18862]  ? down_read+0xc9/0x330
[  785.894749][T18862]  ? __pfx_down_read+0x10/0x10
[  785.896133][T18862]  ? netlink_deliver_tap+0x1ae/0xca0
[  785.897715][T18862]  genl_rcv+0x28/0x40
[  785.899349][T18862]  netlink_unicast+0x53c/0x7f0
[  785.901131][T18862]  ? __pfx_netlink_unicast+0x10/0x10
[  785.902661][T18862]  ? __phys_addr_symbol+0x30/0x80
[  785.903423][T18849] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  785.904103][T18862]  ? __check_object_size+0x488/0x710
[  785.904121][T18862]  netlink_sendmsg+0x8b8/0xd70
[  785.909316][T18862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  785.910889][T18862]  ____sys_sendmsg+0x9ae/0xb40
[  785.912273][T18862]  ? __pfx_____sys_sendmsg+0x10/0x10
[  785.913803][T18862]  ? get_compat_msghdr+0x11b/0x170
[  785.915282][T18862]  ? try_to_wake_up+0x953/0x1490
[  785.916710][T18862]  ? lock_release+0x4e2/0x6f0
[  785.918248][T18862]  ___sys_sendmsg+0x135/0x1e0
[  785.920179][T18862]  ? __pfx____sys_sendmsg+0x10/0x10
[  785.921812][T18862]  ? wake_up_q+0x9e/0x140
[  785.923062][T18862]  ? __pfx_lock_release+0x10/0x10
[  785.924512][T18862]  ? trace_lock_acquire+0x14e/0x1f0
[  785.926017][T18862]  ? __fget_files+0x206/0x3a0
[  785.927383][T18862]  __sys_sendmsg+0x16e/0x220
[  785.928778][T18862]  ? __pfx___sys_sendmsg+0x10/0x10
[  785.930263][T18862]  ? __pfx_lock_release+0x10/0x10
[  785.931712][T18862]  ? __might_fault+0xe3/0x190
[  785.933090][T18862]  ? rcu_is_watching+0x12/0xc0
[  785.934480][T18862]  __do_fast_syscall_32+0x73/0x120
[  785.935952][T18862]  do_fast_syscall_32+0x32/0x80
[  785.937359][T18862]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  785.939855][T18862] RIP: 0023:0xf70ee579
[  785.941254][T18862] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  785.946850][T18862] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  785.949550][T18862] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000040
[  785.951784][T18862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  785.954030][T18862] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  785.956274][T18862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  785.958762][T18862] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  785.961009][T18862]  </TASK>
[  785.974057][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  786.366853][T18872] Bluetooth: MGMT ver 1.23
[  786.410336][T18877] syzkaller0: entered promiscuous mode
[  786.411998][T18877] syzkaller0: entered allmulticast mode
[  786.507884][T18887] program syz.0.2988 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  786.589256][T18898] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !å¯?$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  787.022139][T18848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  787.054757][T18921] siw: device registration error -23
[  787.101170][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  787.145276][T18932] syzkaller1: entered promiscuous mode
[  787.146904][T18932] syzkaller1: entered allmulticast mode
[  787.312365][T18944] syzkaller0: entered promiscuous mode
[  787.313992][T18944] syzkaller0: entered allmulticast mode
[  788.061023][T18849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  788.200911][T17676] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  788.341854][T18999] can0: slcan on ttyS3.
[  788.451264][T19006] can0 (unregistered): slcan off ttyS3.
[  789.010563][T19067] netlink: 'syz.4.3038': attribute type 10 has an invalid length.
[  789.013636][T19067] bridge0: port 2(bridge_slave_1) entered disabled state
[  789.015827][T19067] bridge0: port 1(bridge_slave_0) entered disabled state
[  789.020150][T19067] bridge0: port 2(bridge_slave_1) entered blocking state
[  789.022228][T19067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  789.024346][T19067] bridge0: port 1(bridge_slave_0) entered blocking state
[  789.026382][T19067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  789.029201][T19067] bridge0: entered promiscuous mode
[  789.031032][T19067] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  789.068466][T19077] openvswitch: netlink: Duplicate or invalid key (type 0).
[  789.071257][T19077] openvswitch: netlink: Actions may not be safe on all matching packets
[  789.077177][T19079] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  789.085716][T19079] CIFS mount error: No usable UNC path provided in device string!
[  789.085716][T19079] 
[  789.088736][T19079] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  789.104537][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  789.320962][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  789.476419][T19105] siw: device registration error -23
[  790.090342][T19148] veth0_to_team: entered allmulticast mode
[  790.131496][T18849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  790.202294][T19147] veth0_to_team: left allmulticast mode
[  790.262222][T19150] QAT: failed to copy from user cfg_data.
[  790.307755][T19157] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3062'.
[  790.430718][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  791.171478][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  791.205685][T19188] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3071'.
[  791.213630][T19186] siw: device registration error -23
[  791.336971][T19211] overlayfs: failed to resolve './file1': -2
[  791.338963][T19211] overlayfs: failed to resolve './file1': -2
[  791.341063][T19211] overlayfs: failed to resolve './file1': -2
[  791.343023][T19211] overlayfs: failed to resolve './file1': -2
[  791.344933][T19211] overlayfs: failed to resolve './file1': -2
[  791.346877][T19211] overlayfs: failed to resolve './file1': -2
[  791.348801][T19211] overlayfs: failed to resolve './file1': -2
[  791.352015][T19211] overlayfs: failed to resolve './file1': -2
[  791.353975][T19211] overlayfs: failed to resolve './file1': -2
[  791.356006][T19211] overlayfs: failed to resolve './file1': -2
[  791.357997][T19211] overlayfs: failed to resolve './file1': -2
[  791.360026][T19211] overlayfs: failed to resolve './file1': -2
[  791.362393][T19211] overlayfs: failed to resolve './file1': -2
[  791.364405][T19211] overlayfs: failed to resolve './file1': -2
[  791.366685][T19211] overlayfs: failed to resolve './file1': -2
[  791.368731][T19211] overlayfs: failed to resolve './file1': -2
[  791.371070][T19211] overlayfs: failed to resolve './file1': -2
[  791.373043][T19211] overlayfs: failed to resolve './file1': -2
[  791.374996][T19211] overlayfs: failed to resolve './file1': -2
[  791.376943][T19211] overlayfs: failed to resolve './file1': -2
[  791.378894][T19211] overlayfs: failed to resolve './file1': -2
[  791.381050][T19211] overlayfs: failed to resolve './file1': -2
[  791.383056][T19211] overlayfs: failed to resolve './file1': -2
[  791.385082][T19211] overlayfs: failed to resolve './file1': -2
[  791.550707][T18849] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  791.658102][T19243] netlink: 'syz.4.3090': attribute type 9 has an invalid length.
[  792.021195][T19277] netlink: 'syz.2.3106': attribute type 10 has an invalid length.
[  792.026334][T19277] bridge0: port 3(wlan1) entered blocking state
[  792.028275][T19277] bridge0: port 3(wlan1) entered disabled state
[  792.030206][T19277] mac80211_hwsim hwsim64 wlan1: entered allmulticast mode
[  792.033045][T19277] mac80211_hwsim hwsim64 wlan1: entered promiscuous mode
[  792.210641][T18010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  792.263367][T19313] siw: device registration error -23
[  792.450525][T19322] xt_time: invalid argument - start or stop time greater than 23:59:59
[  792.456431][T19322] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  792.464995][T19322] batman_adv: batadv0: Removing interface: batadv_slave_1
[  792.560988][T19322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3119'.
[  792.563934][T19322] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3119'.
[  792.650611][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  793.129320][T19347] input input15: cannot allocate more than FF_MAX_EFFECTS effects
[  793.245363][T19351] netlink: 'syz.1.3131': attribute type 10 has an invalid length.
[  793.247738][T19351] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3131'.
[  793.251693][T18849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  793.432009][T19367] syzkaller0: entered promiscuous mode
[  793.433700][T19367] syzkaller0: entered allmulticast mode
[  793.572682][T19375] 9pnet: Could not find request transport: fQ
[  793.770638][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  793.854448][T19379] can0: slcan on ttyS3.
[  794.070773][T19383] can0 (unregistered): slcan off ttyS3.
[  794.290834][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  794.330833][T19401] siw: device registration error -23
[  794.390001][T19404] veth0_vlan: entered allmulticast mode
[  794.434033][T19414] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3147'.
[  794.437432][T19414] openvswitch: netlink: Unexpected mask (mask=8000040, allowed=10048)
[  794.459193][T19411] syz.2.3146: attempt to access beyond end of device
[  794.459193][T19411] nbd2: rw=4096, sector=0, nr_sectors = 2 limit=0
[  794.463989][T19411] XFS (nbd2): SB validate failed with error -5.
[  794.499375][T19430] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3151'.
[  794.514736][T19434] FAULT_INJECTION: forcing a failure.
[  794.514736][T19434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  794.518514][T19434] CPU: 1 UID: 0 PID: 19434 Comm: syz.4.3153 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  794.521585][T19434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  794.524636][T19434] Call Trace:
[  794.525615][T19434]  <TASK>
[  794.526472][T19434]  dump_stack_lvl+0x16c/0x1f0
[  794.527850][T19434]  should_fail_ex+0x497/0x5b0
[  794.529227][T19434]  _copy_from_user+0x2e/0xd0
[  794.530574][T19434]  get_compat_msghdr+0xa8/0x170
[  794.531982][T19434]  ? __pfx_get_compat_msghdr+0x10/0x10
[  794.533556][T19434]  ? rcu_is_watching+0x12/0xc0
[  794.534947][T19434]  ? lock_release+0x4e2/0x6f0
[  794.536307][T19434]  ? get_pid_task+0xfc/0x250
[  794.537680][T19434]  ___sys_sendmsg+0x1b0/0x1e0
[  794.539023][T19434]  ? get_pid_task+0x35/0x250
[  794.540366][T19434]  ? __pfx____sys_sendmsg+0x10/0x10
[  794.541870][T19434]  ? lock_release+0x4e2/0x6f0
[  794.543224][T19434]  ? __pfx_lock_release+0x10/0x10
[  794.544666][T19434]  ? trace_lock_acquire+0x14e/0x1f0
[  794.546180][T19434]  ? __fget_files+0x206/0x3a0
[  794.547639][T19434]  __sys_sendmsg+0x16e/0x220
[  794.548976][T19434]  ? __pfx___sys_sendmsg+0x10/0x10
[  794.550452][T19434]  ? __pfx_lock_release+0x10/0x10
[  794.552061][T19434]  ? __might_fault+0xe3/0x190
[  794.553439][T19434]  ? rcu_is_watching+0x12/0xc0
[  794.554830][T19434]  __do_fast_syscall_32+0x73/0x120
[  794.556289][T19434]  do_fast_syscall_32+0x32/0x80
[  794.557693][T19434]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  794.559501][T19434] RIP: 0023:0xf70ee579
[  794.560650][T19434] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  794.566105][T19434] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  794.568516][T19434] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[  794.570779][T19434] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  794.573030][T19434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  794.575289][T19434] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  794.577556][T19434] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  794.579814][T19434]  </TASK>
[  794.717674][T19449] devpts: called with bogus options
[  794.824274][T19454] netlink: 'syz.4.3159': attribute type 10 has an invalid length.
[  794.826677][T19454] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3159'.
[  794.830074][T19454] batman_adv: batadv0: Adding interface: vlan1
[  794.832182][T19454] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  794.841966][T19454] batman_adv: batadv0: Not using interface vlan1 (retrying later): interface not active
[  794.870602][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  794.941826][T19463] netlink: 'syz.4.3162': attribute type 4 has an invalid length.
[  794.944807][T19463] netlink: 17 bytes leftover after parsing attributes in process `syz.4.3162'.
[  795.101427][T19471] ip6gretap0: entered promiscuous mode
[  795.103760][T19471] ip6gretap0: left promiscuous mode
[  795.312280][T19480] netlink: 'syz.1.3166': attribute type 4 has an invalid length.
[  795.313219][T19486] tmpfs: Unknown parameter 'mp'
[  795.334109][T19480] netlink: 'syz.1.3166': attribute type 4 has an invalid length.
[  795.341539][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  795.535856][T19492] can0: slcan on ttyS3.
[  795.701010][T19502] can0 (unregistered): slcan off ttyS3.
[  795.980633][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  796.341203][T19525] FAULT_INJECTION: forcing a failure.
[  796.341203][T19525] name failslab, interval 1, probability 0, space 0, times 0
[  796.344818][T19525] CPU: 3 UID: 0 PID: 19525 Comm: syz.2.3178 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  796.347860][T19525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  796.351365][T19525] Call Trace:
[  796.352315][T19525]  <TASK>
[  796.353165][T19525]  dump_stack_lvl+0x16c/0x1f0
[  796.354519][T19525]  should_fail_ex+0x497/0x5b0
[  796.355858][T19525]  ? fs_reclaim_acquire+0xae/0x150
[  796.357340][T19525]  should_failslab+0xc2/0x120
[  796.358704][T19525]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  796.360753][T19525]  ? __alloc_skb+0x2b3/0x380
[  796.362204][T19525]  __alloc_skb+0x2b3/0x380
[  796.363507][T19525]  ? __pfx___alloc_skb+0x10/0x10
[  796.364930][T19525]  ? lock_acquire+0x2f/0xb0
[  796.366239][T19525]  netlink_alloc_large_skb+0x69/0x130
[  796.367771][T19525]  netlink_sendmsg+0x689/0xd70
[  796.369146][T19525]  ? __pfx_netlink_sendmsg+0x10/0x10
[  796.370718][T19525]  ____sys_sendmsg+0x9ae/0xb40
[  796.370872][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  796.372093][T19525]  ? __pfx_____sys_sendmsg+0x10/0x10
[  796.375914][T19525]  ? get_compat_msghdr+0x11b/0x170
[  796.377387][T19525]  ? rcu_is_watching+0x12/0xc0
[  796.378768][T19525]  ? lock_release+0x4e2/0x6f0
[  796.380406][T19525]  ? get_pid_task+0xfc/0x250
[  796.381909][T19525]  ___sys_sendmsg+0x135/0x1e0
[  796.383273][T19525]  ? get_pid_task+0x35/0x250
[  796.384611][T19525]  ? __pfx____sys_sendmsg+0x10/0x10
[  796.386094][T19525]  ? lock_release+0x4e2/0x6f0
[  796.387453][T19525]  ? __pfx_lock_release+0x10/0x10
[  796.388906][T19525]  ? trace_lock_acquire+0x14e/0x1f0
[  796.390764][T19525]  ? __fget_files+0x206/0x3a0
[  796.392407][T19525]  __sys_sendmsg+0x16e/0x220
[  796.393756][T19525]  ? __pfx___sys_sendmsg+0x10/0x10
[  796.395233][T19525]  ? __pfx_lock_release+0x10/0x10
[  796.396683][T19525]  ? __might_fault+0xe3/0x190
[  796.398056][T19525]  ? rcu_is_watching+0x12/0xc0
[  796.399434][T19525]  __do_fast_syscall_32+0x73/0x120
[  796.400961][T19525]  do_fast_syscall_32+0x32/0x80
[  796.402386][T19525]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  796.404209][T19525] RIP: 0023:0xf70ce579
[  796.405399][T19525] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  796.411494][T19525] RSP: 002b:00000000f50c055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  796.414378][T19525] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[  796.416659][T19525] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  796.418936][T19525] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  796.421207][T19525] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  796.423471][T19525] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  796.425740][T19525]  </TASK>
[  796.426696][    C3] vkms_vblank_simulate: vblank timer overrun
[  796.499639][T19527] syz.1.3179 (19527): drop_caches: 2
[  796.584885][T19546] siw: device registration error -23
[  796.690910][T19557] syzkaller0: entered promiscuous mode
[  796.692498][T19557] syzkaller0: entered allmulticast mode
[  797.091019][T17676] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  797.300158][T19569] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3191'.
[  797.406823][T19583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3193'.
[  797.408852][T19588] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3198'.
[  797.411145][T18849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  797.414980][T19588] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  797.417699][T19583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3193'.
[  797.461647][T19593] can0: slcan on ttyS3.
[  797.581593][T19601] can0 (unregistered): slcan off ttyS3.
[  798.105279][T19627] syz.1.3207 (19627): drop_caches: 2
[  798.217757][T19634] syz.0.3208 (19634): drop_caches: 2
[  798.231217][   T12] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  798.246691][T19638] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3212'.
[  798.370988][T19649] ip6gretap0: entered promiscuous mode
[  798.375274][T19649] ip6gretap0: left promiscuous mode
[  798.455254][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  798.466009][T19652] netlink: 'syz.0.3218': attribute type 10 has an invalid length.
[  798.761763][T19652] hsr0: entered promiscuous mode
[  798.765157][T19652] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  798.768206][T19652] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  798.772386][T19652] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  798.813512][T19655] syzkaller0: entered promiscuous mode
[  798.815140][T19655] syzkaller0: entered allmulticast mode
[  798.849533][T19657] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3220'.
[  799.089151][T19670] siw: device registration error -23
[  799.350860][T18008] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  799.493130][   T39] audit: type=1326 audit(1736332868.259:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.495034][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  799.499187][   T39] audit: type=1326 audit(1736332868.259:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.502166][   T39] audit: type=1326 audit(1736332868.269:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.513886][   T39] audit: type=1326 audit(1736332868.269:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.519982][   T39] audit: type=1326 audit(1736332868.269:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.527315][   T39] audit: type=1326 audit(1736332868.269:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.533676][   T39] audit: type=1326 audit(1736332868.269:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.539728][   T39] audit: type=1326 audit(1736332868.269:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.546245][   T39] audit: type=1326 audit(1736332868.269:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.552438][   T39] audit: type=1326 audit(1736332868.269:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19680 comm="syz.4.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  799.725488][T19683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3228'.
[  799.761855][T19685] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3229'.
[  799.766430][T19685] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  800.007647][T19699] can0: slcan on ttyS3.
[  800.171154][T19707] can0 (unregistered): slcan off ttyS3.
[  800.258914][T19714] sctp: [Deprecated]: syz.0.3235 (pid 19714) Use of struct sctp_assoc_value in delayed_ack socket option.
[  800.258914][T19714] Use struct sctp_sack_info instead
[  800.481017][T18008] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  800.531376][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  800.584337][T19728] devpts: called with bogus options
[  800.590986][ T1013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  800.614883][T19732] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3241'.
[  800.702448][T19737] FAULT_INJECTION: forcing a failure.
[  800.702448][T19737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  800.706179][T19737] CPU: 0 UID: 0 PID: 19737 Comm: syz.1.3243 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  800.709218][T19737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  800.710577][T17778] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  800.712213][T19737] Call Trace:
[  800.712220][T19737]  <TASK>
[  800.716155][T19737]  dump_stack_lvl+0x16c/0x1f0
[  800.717483][T19737]  should_fail_ex+0x497/0x5b0
[  800.718854][T19737]  _copy_from_user+0x2e/0xd0
[  800.720163][T19737]  memdup_user+0x71/0xd0
[  800.721321][T19737]  strndup_user+0x78/0xe0
[  800.722554][T19737]  __ia32_sys_mount+0x138/0x310
[  800.723972][T19737]  ? __pfx___ia32_sys_mount+0x10/0x10
[  800.725535][T19737]  ? __might_fault+0xe3/0x190
[  800.726901][T19737]  ? rcu_is_watching+0x12/0xc0
[  800.728292][T19737]  __do_fast_syscall_32+0x73/0x120
[  800.729779][T19737]  do_fast_syscall_32+0x32/0x80
[  800.731189][T19737]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  800.733000][T19737] RIP: 0023:0xf7f58579
[  800.734189][T19737] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  800.739478][T19737] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  800.741743][T19737] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000180
[  800.743932][T19737] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  800.746101][T19737] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  800.748280][T19737] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  800.750507][T19737] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  800.752781][T19737]  </TASK>
[  800.755601][T19736] syz.1.3243 (19736): drop_caches: 2
[  800.860523][T17778] usb 9-1: Using ep0 maxpacket: 8
[  800.863154][T17778] usb 9-1: config 0 has an invalid interface number: 52 but max is 0
[  800.865537][T17778] usb 9-1: config 0 has an invalid descriptor of length 204, skipping remainder of the config
[  800.868512][T17778] usb 9-1: config 0 has no interface number 0
[  800.870434][T17778] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 64, changing to 10
[  800.873620][T17778] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 16448, setting to 1024
[  800.876711][T17778] usb 9-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  800.880338][T17778] usb 9-1: config 0 interface 52 has no altsetting 0
[  800.883320][T17778] usb 9-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  800.885846][T17778] usb 9-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  800.888091][T17778] usb 9-1: Product: syz
[  800.889293][T17778] usb 9-1: SerialNumber: syz
[  800.891316][T17778] usb 9-1: config 0 descriptor??
[  801.099096][T17778] input: syz (Stick) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.52/input/input16
[  801.365231][T17778] usb 9-1: USB disconnect, device number 2
[  801.578782][T19749] devpts: called with bogus options
[  801.580133][T19750] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3247'.
[  801.580852][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  801.601004][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  801.630011][T19763] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  801.766643][T19779] devpts: called with bogus options
[  802.101472][T19792] netlink: 'syz.4.3263': attribute type 4 has an invalid length.
[  802.108700][T19792] netlink: 'syz.4.3263': attribute type 4 has an invalid length.
[  802.509148][T19796] __nla_validate_parse: 1 callbacks suppressed
[  802.509159][T19796] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3264'.
[  802.517206][T19799] FAULT_INJECTION: forcing a failure.
[  802.517206][T19799] name failslab, interval 1, probability 0, space 0, times 0
[  802.517209][T19796] bond4: entered promiscuous mode
[  802.517313][T19796] 8021q: adding VLAN 0 to HW filter on device bond4
[  802.521285][T19799] CPU: 2 UID: 0 PID: 19799 Comm: syz.4.3265 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  802.527459][T19799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  802.531314][T19799] Call Trace:
[  802.532630][T19799]  <TASK>
[  802.533759][T19799]  dump_stack_lvl+0x16c/0x1f0
[  802.535461][T19799]  should_fail_ex+0x497/0x5b0
[  802.537330][T19799]  should_failslab+0xc2/0x120
[  802.539164][T19799]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  802.541177][T19799]  ? skb_clone+0x190/0x3f0
[  802.542867][T19799]  skb_clone+0x190/0x3f0
[  802.545004][T19799]  netlink_deliver_tap+0xafd/0xca0
[  802.547061][T19799]  netlink_unicast+0x5e1/0x7f0
[  802.548971][T19799]  ? __pfx_netlink_unicast+0x10/0x10
[  802.551034][T19799]  ? __phys_addr_symbol+0x30/0x80
[  802.552456][T19799]  ? __check_object_size+0x488/0x710
[  802.553916][T19799]  netlink_sendmsg+0x8b8/0xd70
[  802.555291][T19799]  ? __pfx_netlink_sendmsg+0x10/0x10
[  802.556803][T19799]  ____sys_sendmsg+0x9ae/0xb40
[  802.558195][T19799]  ? __pfx_____sys_sendmsg+0x10/0x10
[  802.559719][T19799]  ? get_compat_msghdr+0x11b/0x170
[  802.561406][T19799]  ? rcu_is_watching+0x12/0xc0
[  802.563177][T19799]  ? lock_release+0x4e2/0x6f0
[  802.564529][T19799]  ? get_pid_task+0xfc/0x250
[  802.565869][T19799]  ___sys_sendmsg+0x135/0x1e0
[  802.567226][T19799]  ? get_pid_task+0x35/0x250
[  802.568554][T19799]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.570052][T19799]  ? lock_release+0x4e2/0x6f0
[  802.571448][T19799]  ? __pfx_lock_release+0x10/0x10
[  802.572898][T19799]  ? trace_lock_acquire+0x14e/0x1f0
[  802.574394][T19799]  ? __fget_files+0x206/0x3a0
[  802.575747][T19799]  __sys_sendmsg+0x16e/0x220
[  802.577080][T19799]  ? __pfx___sys_sendmsg+0x10/0x10
[  802.578565][T19799]  ? __pfx_lock_release+0x10/0x10
[  802.580066][T19799]  ? __might_fault+0xe3/0x190
[  802.581451][T19799]  ? rcu_is_watching+0x12/0xc0
[  802.582829][T19799]  __do_fast_syscall_32+0x73/0x120
[  802.584271][T19799]  do_fast_syscall_32+0x32/0x80
[  802.585653][T19799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.587440][T19799] RIP: 0023:0xf70ee579
[  802.588552][T19799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  802.593937][T19799] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  802.596283][T19799] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[  802.598477][T19799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  802.600743][T19799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  802.603009][T19799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  802.605260][T19799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  802.607591][T19799]  </TASK>
[  802.610081][T19799] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3265'.
[  802.613660][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  802.711596][T19816] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3272'.
[  802.742422][T19819] FAULT_INJECTION: forcing a failure.
[  802.742422][T19819] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  802.746036][T19819] CPU: 1 UID: 0 PID: 19819 Comm: syz.4.3273 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  802.748997][T19819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  802.751977][T19819] Call Trace:
[  802.752922][T19819]  <TASK>
[  802.753763][T19819]  dump_stack_lvl+0x16c/0x1f0
[  802.755101][T19819]  should_fail_ex+0x497/0x5b0
[  802.756437][T19819]  _copy_from_user+0x2e/0xd0
[  802.757753][T19819]  get_compat_msghdr+0xa8/0x170
[  802.759186][T19819]  ? __pfx_get_compat_msghdr+0x10/0x10
[  802.760734][T19819]  ? __pfx_lock_release+0x10/0x10
[  802.762135][T19819]  ? __pfx_sched_clock_cpu+0x10/0x10
[  802.763569][T19819]  ___sys_sendmsg+0x1b0/0x1e0
[  802.764867][T19819]  ? lock_release+0x4e2/0x6f0
[  802.766171][T19819]  ? __pfx____sys_sendmsg+0x10/0x10
[  802.767608][T19819]  ? trace_lock_acquire+0x14e/0x1f0
[  802.769013][T19819]  ? rcu_is_watching+0x12/0xc0
[  802.770350][T19819]  ? __pfx_lock_release+0x10/0x10
[  802.771742][T19819]  ? trace_lock_acquire+0x14e/0x1f0
[  802.773188][T19819]  ? __fget_files+0x206/0x3a0
[  802.774516][T19819]  __sys_sendmsg+0x16e/0x220
[  802.775790][T19819]  ? __pfx___sys_sendmsg+0x10/0x10
[  802.777249][T19819]  ? __pfx_lock_release+0x10/0x10
[  802.778706][T19819]  ? __might_fault+0xe3/0x190
[  802.780095][T19819]  ? rcu_is_watching+0x12/0xc0
[  802.781445][T19819]  __do_fast_syscall_32+0x73/0x120
[  802.782898][T19819]  do_fast_syscall_32+0x32/0x80
[  802.784257][T19819]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  802.785994][T19819] RIP: 0023:0xf70ee579
[  802.787123][T19819] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  802.792213][T19819] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  802.794525][T19819] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140
[  802.796751][T19819] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  802.799055][T19819] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  802.801317][T19819] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  802.803555][T19819] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  802.805799][T19819]  </TASK>
[  802.809821][T19821] devpts: called with bogus options
[  802.813670][T18848] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  802.855228][T19827] ip6gretap0: entered promiscuous mode
[  802.857614][T19827] ip6gretap0: left promiscuous mode
[  803.012536][ T2066] IPVS: starting estimator thread 0...
[  803.111819][T19835] IPVS: using max 60 ests per chain, 144000 per kthread
[  803.157703][T19847] QAT: failed to copy from user cfg_data.
[  803.637457][T19875] veth0_to_bridge: entered promiscuous mode
[  803.652246][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  803.661691][T19879] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3283'.
[  803.667544][T19879] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  803.935833][T19892] syz.2.3286 (19892): drop_caches: 2
[  803.941521][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  804.175141][T19896] tap0: tun_chr_ioctl cmd 1074025672
[  804.176931][T19896] tap0: ignored: set checksum enabled
[  804.424151][T19902] devpts: called with bogus options
[  804.540847][T19874] veth0_to_bridge: left promiscuous mode
[  804.594955][T19900] syz.2.3290 (19900): drop_caches: 2
[  804.608364][T19907] FAULT_INJECTION: forcing a failure.
[  804.608364][T19907] name failslab, interval 1, probability 0, space 0, times 0
[  804.611600][T19907] CPU: 0 UID: 0 PID: 19907 Comm: syz.0.3292 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  804.614300][T19907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  804.618124][T19907] Call Trace:
[  804.619261][T19907]  <TASK>
[  804.620040][T19907]  dump_stack_lvl+0x16c/0x1f0
[  804.621316][T19907]  should_fail_ex+0x497/0x5b0
[  804.622552][T19907]  ? fs_reclaim_acquire+0xae/0x150
[  804.623825][T19907]  should_failslab+0xc2/0x120
[  804.625025][T19907]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  804.626369][T19907]  ? skb_clone+0x190/0x3f0
[  804.627508][T19907]  skb_clone+0x190/0x3f0
[  804.628587][T19907]  nfnetlink_rcv_batch+0x1d9/0x24e0
[  804.629916][T19907]  ? trace_irq_enable.constprop.0+0xea/0x140
[  804.631411][T19907]  ? kmem_cache_free+0x152/0x4c0
[  804.632675][T19907]  ? kfree_skbmem+0x1a4/0x1f0
[  804.633882][T19907]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  804.635717][T19907]  ? __pfx_lock_release+0x10/0x10
[  804.637507][T19907]  ? rcu_is_watching+0x12/0xc0
[  804.638978][T19907]  ? trace_irq_enable.constprop.0+0xea/0x140
[  804.640491][T19907]  ? __pfx___dev_queue_xmit+0x10/0x10
[  804.641792][T19907]  ? __nla_validate_parse+0x605/0x2b10
[  804.643185][T19907]  ? __pfx_aa_get_newest_label+0x10/0x10
[  804.644703][T19907]  ? __pfx___nla_validate_parse+0x10/0x10
[  804.646377][T19907]  ? apparmor_capable+0x114/0x1d0
[  804.647625][T19907]  ? __nla_parse+0x40/0x60
[  804.648759][T19907]  nfnetlink_rcv+0x3c3/0x430
[  804.649924][T19907]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  804.651164][T19907]  netlink_unicast+0x53c/0x7f0
[  804.652366][T19907]  ? __pfx_netlink_unicast+0x10/0x10
[  804.653702][T19907]  ? __phys_addr_symbol+0x30/0x80
[  804.654995][T19907]  ? __check_object_size+0x488/0x710
[  804.656801][T19907]  netlink_sendmsg+0x8b8/0xd70
[  804.658501][T19907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  804.659898][T19907]  ____sys_sendmsg+0x9ae/0xb40
[  804.661059][T19907]  ? __pfx_____sys_sendmsg+0x10/0x10
[  804.662363][T19907]  ? get_compat_msghdr+0x11b/0x170
[  804.663629][T19907]  ? rcu_is_watching+0x12/0xc0
[  804.664829][T19907]  ? lock_release+0x4e2/0x6f0
[  804.666087][T19907]  ? get_pid_task+0xfc/0x250
[  804.667256][T19907]  ___sys_sendmsg+0x135/0x1e0
[  804.668441][T19907]  ? get_pid_task+0x35/0x250
[  804.669589][T19907]  ? __pfx____sys_sendmsg+0x10/0x10
[  804.670873][T19907]  ? lock_release+0x4e2/0x6f0
[  804.672044][T19907]  ? __pfx_lock_release+0x10/0x10
[  804.673272][T19907]  ? trace_lock_acquire+0x14e/0x1f0
[  804.674585][T19907]  ? __fget_files+0x206/0x3a0
[  804.676142][T19907]  __sys_sendmsg+0x16e/0x220
[  804.677722][T19907]  ? __pfx___sys_sendmsg+0x10/0x10
[  804.678979][T19907]  ? __pfx_lock_release+0x10/0x10
[  804.680223][T19907]  ? __might_fault+0xe3/0x190
[  804.681371][T19907]  ? rcu_is_watching+0x12/0xc0
[  804.682549][T19907]  __do_fast_syscall_32+0x73/0x120
[  804.683830][T19907]  do_fast_syscall_32+0x32/0x80
[  804.685065][T19907]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  804.686639][T19907] RIP: 0023:0xf7ff6579
[  804.687669][T19907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  804.687724][T19915] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3295'.
[  804.692419][T19907] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  804.692437][T19907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[  804.692443][T19907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  804.692449][T19907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  804.692455][T19907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  804.692460][T19907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  804.692469][T19907]  </TASK>
[  804.706013][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  804.809901][T19924] syz.2.3296 (19924): drop_caches: 2
[  804.834584][T19930] syz.0.3299 (19930): drop_caches: 2
[  804.994591][T19944] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3305'.
[  805.029757][T19949] netlink: zone id is out of range
[  805.061061][  T220] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  805.136225][T19950] syz.0.3303 (19950): drop_caches: 2
[  805.528042][T19968] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3313'.
[  805.532765][T19968] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  805.680296][T19981] FAULT_INJECTION: forcing a failure.
[  805.680296][T19981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  805.683494][T19978] syz.0.3317[19978] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  805.684003][T19978] syz.0.3317[19978] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  805.684171][T19981] CPU: 1 UID: 0 PID: 19981 Comm: syz.2.3315 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  805.693802][T19981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  805.696856][T19981] Call Trace:
[  805.697822][T19981]  <TASK>
[  805.698663][T19981]  dump_stack_lvl+0x16c/0x1f0
[  805.700098][T19981]  should_fail_ex+0x497/0x5b0
[  805.701454][T19981]  strncpy_from_user+0x3b/0x2d0
[  805.702972][T19981]  getname_flags.part.0+0x8f/0x550
[  805.704442][T19981]  getname_flags+0x93/0xf0
[  805.705721][T19981]  user_path_at+0x24/0x60
[  805.706920][T19981]  __ia32_sys_mount+0x1fb/0x310
[  805.708320][T19981]  ? __pfx___ia32_sys_mount+0x10/0x10
[  805.710029][T19981]  ? __might_fault+0xe3/0x190
[  805.711883][T19981]  ? rcu_is_watching+0x12/0xc0
[  805.713779][T19981]  __do_fast_syscall_32+0x73/0x120
[  805.715336][T19981]  do_fast_syscall_32+0x32/0x80
[  805.716686][T19981]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  805.718495][T19981] RIP: 0023:0xf70ce579
[  805.719686][T19981] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  805.725510][T19981] RSP: 002b:00000000f509f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  805.728011][T19981] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000180
[  805.730372][T19981] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  805.732615][T19981] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  805.734926][T19981] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  805.737228][T19981] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  805.739539][T19981]  </TASK>
[  805.740738][    C1] vkms_vblank_simulate: vblank timer overrun
[  805.744158][T18010] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  805.810597][T19984] syz.2.3315 (19984): drop_caches: 2
[  805.862760][T19990] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3321'.
[  805.922569][T19995] devpts: called with bogus options
[  806.190654][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  806.712091][T20004] syz.0.3324 (20004): drop_caches: 2
[  806.764842][T20006] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3326'.
[  806.784455][   T75] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  806.843559][T20019] syz.2.3327 (20019): drop_caches: 2
[  806.893870][T20022] netlink: 'syz.1.3331': attribute type 4 has an invalid length.
[  806.960358][T20029] netlink: 'syz.1.3331': attribute type 4 has an invalid length.
[  807.131638][T20048] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3343'.
[  807.310705][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  807.341160][T20060] xt_bpf: check failed: parse error
[  807.346036][T20060] mkiss: ax0: crc mode is auto.
[  807.399174][T20062] misc userio: No port type given on /dev/userio
[  807.407875][T20060] can0: slcan on ttyS3.
[  807.452455][T20060] misc userio: The device must be registered before sending interrupts
[  807.455297][T20060] misc userio: The device must be registered before sending interrupts
[  807.811982][T18848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  808.040969][T20052] can0 (unregistered): slcan off ttyS3.
[  808.049177][T20081] netlink: 'syz.1.3350': attribute type 10 has an invalid length.
[  808.052783][T20081] __nla_validate_parse: 1 callbacks suppressed
[  808.052882][T20081] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3350'.
[  808.062914][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  808.199365][T20107] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[  808.246535][T20111] syz.2.3355 (20111): drop_caches: 2
[  808.330426][T20121] pim6reg1: entered promiscuous mode
[  808.332065][T20121] pim6reg1: entered allmulticast mode
[  808.431046][   T75] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  808.439518][T20121] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  808.852339][T17676] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  808.918880][T20132] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3365'.
[  809.488956][T20166] netlink: 'syz.4.3372': attribute type 10 has an invalid length.
[  809.491960][T20166] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3372'.
[  809.495487][T20166] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check.
[  809.525696][T20168] xt_hashlimit: invalid interval
[  809.530781][T17676] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  809.539724][T20168] geneve2: entered promiscuous mode
[  809.543257][T20168] geneve2: entered allmulticast mode
[  809.654950][T20176] netlink: 'syz.2.3375': attribute type 10 has an invalid length.
[  809.657282][T20176] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3375'.
[  809.694133][T20178] can0: slcan on ttyS3.
[  809.715645][T20179] syz.4.3377 (20179): drop_caches: 2
[  809.900592][T17676] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  809.951685][T20189] can0 (unregistered): slcan off ttyS3.
[  810.213524][T20212] autofs: Bad value for 'fd'
[  810.255184][T20214] netlink: 'syz.2.3386': attribute type 21 has an invalid length.
[  810.547355][T20227] siw: device registration error -23
[  810.651259][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  810.931524][T18848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  811.119518][T20231] syzkaller0: entered promiscuous mode
[  811.121245][T20231] syzkaller0: entered allmulticast mode
[  811.148601][T20233] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3391'.
[  811.765357][T18010] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  811.811953][ T5957] Bluetooth: hci3: command 0x0406 tx timeout
[  811.970615][  T220] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  811.982166][T20264] netlink: 'syz.2.3399': attribute type 4 has an invalid length.
[  811.987860][T20264] netlink: 'syz.2.3399': attribute type 4 has an invalid length.
[  812.172339][    C3] ------------[ cut here ]------------
[  812.173958][    C3] WARNING: CPU: 3 PID: 0 at kernel/signal.c:2050 posixtimer_send_sigqueue+0xba8/0x1020
[  812.176661][    C3] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  812.177864][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  812.182649][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  812.186714][    C3] RIP: 0010:posixtimer_send_sigqueue+0xba8/0x1020
[  812.189253][    C3] Code: ff ff 4c 89 e7 e8 18 42 9d 00 e9 7e f8 ff ff 41 bf 02 00 00 00 e9 87 f8 ff ff 48 89 54 24 10 48 89 44 24 08 e8 09 db 3a 00 90 <0f> 0b 90 48 8d 7b 10 48 8b 44 24 08 48 b9 00 00 00 00 00 fc ff df
[  812.195540][    C3] RSP: 0018:ffffc900005f8d50 EFLAGS: 00010046
[  812.197444][    C3] RAX: 0000000080010003 RBX: ffff88806e7f0d20 RCX: 1ffff1100dcfe1a7
[  812.199728][    C3] RDX: ffff88801d29a440 RSI: ffffffff815e7767 RDI: 0000000000000001
[  812.202063][    C3] RBP: ffff888021a00000 R08: 0000000000000001 R09: 0000000000000000
[  812.204334][    C3] R10: 0000000000000001 R11: ffffc900005f8ff8 R12: ffff88806e7f0dc4
[  812.206628][    C3] R13: 1ffff920000bf1af R14: ffff88806e7f0df8 R15: ffff88806e7f0de0
[  812.208922][    C3] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  812.211468][    C3] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  812.213369][    C3] CR2: 000000002002a000 CR3: 000000005fd88000 CR4: 0000000000352ef0
[  812.215640][    C3] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  812.217910][    C3] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  812.220320][    C3] Call Trace:
[  812.221310][    C3]  <IRQ>
[  812.222146][    C3]  ? __warn+0xea/0x3c0
[  812.223329][    C3]  ? posixtimer_send_sigqueue+0xba8/0x1020
[  812.225006][    C3]  ? report_bug+0x3c0/0x580
[  812.226346][    C3]  ? handle_bug+0x54/0xa0
[  812.227581][    C3]  ? exc_invalid_op+0x17/0x50
[  812.228939][    C3]  ? asm_exc_invalid_op+0x1a/0x20
[  812.230395][    C3]  ? posixtimer_send_sigqueue+0xba7/0x1020
[  812.232068][    C3]  ? posixtimer_send_sigqueue+0xba8/0x1020
[  812.233767][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  812.235311][    C3]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  812.237053][    C3]  ? lock_acquire+0x2f/0xb0
[  812.238369][    C3]  ? posix_timer_fn+0x26/0x60
[  812.239736][    C3]  ? __pfx_posix_timer_fn+0x10/0x10
[  812.241226][    C3]  posix_timer_fn+0x31/0x60
[  812.242534][    C3]  __hrtimer_run_queues+0x20a/0xae0
[  812.244019][    C3]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  812.245660][    C3]  ? read_tsc+0x9/0x20
[  812.246791][    C3]  hrtimer_interrupt+0x392/0x8e0
[  812.248174][    C3]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  812.249898][    C3]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  812.251497][    C3]  </IRQ>
[  812.252350][    C3]  <TASK>
[  812.253216][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  812.254931][    C3] RIP: 0010:default_idle+0xf/0x20
[  812.256391][    C3] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 1f 2c 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  812.261912][    C3] RSP: 0018:ffffc9000049fe08 EFLAGS: 00000246
[  812.263643][    C3] RAX: 00000000008d68cc RBX: 0000000000000003 RCX: ffffffff8b1a6899
[  812.265918][    C3] RDX: ffffed10056e6fee RSI: ffffffff8bb16fc0 RDI: ffffffff81702ec9
[  812.268169][    C3] RBP: ffffed1003a53488 R08: 0000000000000000 R09: ffffed10056e6fed
[  812.270420][    C3] R10: ffff88802b737f6b R11: 0000000000000001 R12: 0000000000000003
[  812.272674][    C3] R13: ffff88801d29a440 R14: ffffffff901cead0 R15: 0000000000000000
[  812.274948][    C3]  ? ct_kernel_exit+0x139/0x190
[  812.276354][    C3]  ? do_idle+0x329/0x3f0
[  812.277624][    C3]  default_idle_call+0x6d/0xb0
[  812.279010][    C3]  do_idle+0x329/0x3f0
[  812.280196][    C3]  ? __pfx_do_idle+0x10/0x10
[  812.281537][    C3]  cpu_startup_entry+0x4f/0x60
[  812.282925][    C3]  start_secondary+0x222/0x2b0
[  812.284303][    C3]  ? __pfx_start_secondary+0x10/0x10
[  812.285841][    C3]  common_startup_64+0x13e/0x148
[  812.287265][    C3]  </TASK>
[  812.288175][    C3] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  812.290253][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
[  812.293173][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  812.296238][    C3] Call Trace:
[  812.297215][    C3]  <IRQ>
[  812.298080][    C3]  dump_stack_lvl+0x3d/0x1f0
[  812.299414][    C3]  panic+0x71d/0x800
[  812.300558][    C3]  ? __pfx_panic+0x10/0x10
[  812.301857][    C3]  ? show_trace_log_lvl+0x29d/0x3d0
[  812.303347][    C3]  ? check_panic_on_warn+0x1f/0xb0
[  812.304923][    C3]  ? posixtimer_send_sigqueue+0xba8/0x1020
[  812.306684][    C3]  check_panic_on_warn+0xab/0xb0
[  812.308154][    C3]  __warn+0xf6/0x3c0
[  812.309310][    C3]  ? posixtimer_send_sigqueue+0xba8/0x1020
[  812.310995][    C3]  report_bug+0x3c0/0x580
[  812.312255][    C3]  handle_bug+0x54/0xa0
[  812.313459][    C3]  exc_invalid_op+0x17/0x50
[  812.314769][    C3]  asm_exc_invalid_op+0x1a/0x20
[  812.316288][    C3] RIP: 0010:posixtimer_send_sigqueue+0xba8/0x1020
[  812.318184][    C3] Code: ff ff 4c 89 e7 e8 18 42 9d 00 e9 7e f8 ff ff 41 bf 02 00 00 00 e9 87 f8 ff ff 48 89 54 24 10 48 89 44 24 08 e8 09 db 3a 00 90 <0f> 0b 90 48 8d 7b 10 48 8b 44 24 08 48 b9 00 00 00 00 00 fc ff df
[  812.323789][    C3] RSP: 0018:ffffc900005f8d50 EFLAGS: 00010046
[  812.325571][    C3] RAX: 0000000080010003 RBX: ffff88806e7f0d20 RCX: 1ffff1100dcfe1a7
[  812.327878][    C3] RDX: ffff88801d29a440 RSI: ffffffff815e7767 RDI: 0000000000000001
[  812.330160][    C3] RBP: ffff888021a00000 R08: 0000000000000001 R09: 0000000000000000
[  812.332439][    C3] R10: 0000000000000001 R11: ffffc900005f8ff8 R12: ffff88806e7f0dc4
[  812.334622][    C3] R13: 1ffff920000bf1af R14: ffff88806e7f0df8 R15: ffff88806e7f0de0
[  812.336908][    C3]  ? posixtimer_send_sigqueue+0xba7/0x1020
[  812.338615][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  812.340169][    C3]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  812.341912][    C3]  ? lock_acquire+0x2f/0xb0
[  812.343214][    C3]  ? posix_timer_fn+0x26/0x60
[  812.344564][    C3]  ? __pfx_posix_timer_fn+0x10/0x10
[  812.346071][    C3]  posix_timer_fn+0x31/0x60
[  812.347410][    C3]  __hrtimer_run_queues+0x20a/0xae0
[  812.348885][    C3]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  812.350519][    C3]  ? read_tsc+0x9/0x20
[  812.351687][    C3]  hrtimer_interrupt+0x392/0x8e0
[  812.353070][    C3]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  812.354736][    C3]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  812.356281][    C3]  </IRQ>
[  812.357106][    C3]  <TASK>
[  812.357961][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  812.359681][    C3] RIP: 0010:default_idle+0xf/0x20
[  812.361145][    C3] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 1f 2c 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  812.366654][    C3] RSP: 0018:ffffc9000049fe08 EFLAGS: 00000246
[  812.368411][    C3] RAX: 00000000008d68cc RBX: 0000000000000003 RCX: ffffffff8b1a6899
[  812.370671][    C3] RDX: ffffed10056e6fee RSI: ffffffff8bb16fc0 RDI: ffffffff81702ec9
[  812.372933][    C3] RBP: ffffed1003a53488 R08: 0000000000000000 R09: ffffed10056e6fed
[  812.375211][    C3] R10: ffff88802b737f6b R11: 0000000000000001 R12: 0000000000000003
[  812.377486][    C3] R13: ffff88801d29a440 R14: ffffffff901cead0 R15: 0000000000000000
[  812.379756][    C3]  ? ct_kernel_exit+0x139/0x190
[  812.381176][    C3]  ? do_idle+0x329/0x3f0
[  812.382403][    C3]  default_idle_call+0x6d/0xb0
[  812.383781][    C3]  do_idle+0x329/0x3f0
[  812.384967][    C3]  ? __pfx_do_idle+0x10/0x10
[  812.386317][    C3]  cpu_startup_entry+0x4f/0x60
[  812.387703][    C3]  start_secondary+0x222/0x2b0
[  812.389083][    C3]  ? __pfx_start_secondary+0x10/0x10
[  812.390615][    C3]  common_startup_64+0x13e/0x148
[  812.392044][    C3]  </TASK>
[  813.459402][    C3] Shutting down cpus with NMI
[  813.461395][    C3] Kernel Offset: disabled
[  813.462641][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:41:21  Registers:
info registers vcpu 0

CPU#0
RAX=0000000001bb0474 RBX=0000000000000000 RCX=ffffffff8b1a6899 RDX=ffffed1005686fee
RSI=ffffffff8bb16fc0 RDI=ffffffff81702ec9 RBP=fffffbfff1b52ef8 RSP=ffffffff8da07e20
R8 =0000000000000000 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8da977c0 R14=ffffffff901cead0 R15=0000000000000000
RIP=ffffffff8b1a7c7f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020028000 CR3=000000005fd88000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000231a18c RBX=0000000000000001 RCX=ffffffff8b1a6899 RDX=ffffed10056a6fee
RSI=ffffffff8bb16fc0 RDI=ffffffff81702ec9 RBP=ffffed1003a50910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000001
R12=0000000000000001 R13=ffff88801d284880 R14=ffffffff901cead0 R15=0000000000000000
RIP=ffffffff8b1a7c7f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020029000 CR3=00000000560f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff849f2233 RDX=ffff888027adc880
RSI=0000000000000010 RDI=0000000000000001 RBP=ffffffff8bb215c0 RSP=ffffc9000376f290
R8 =0000000000000001 R9 =0000000000000010 R10=0000000000000040 R11=00000000000a2012
R12=0000000000000040 R13=0000000000000001 R14=0000000000000003 R15=0000000000000040
RIP=ffffffff81994bf2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fad470d6d00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005607ba13d000 CR3=000000004a33e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4 b421e4e4b421e4e4
ZMM22=3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1 3cf63be13cf63be1
ZMM23=ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6 ddce04f6ddce04f6
ZMM24=71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d 71f1ca8d71f1ca8d
ZMM25=3917884239178842 3917884239178842 3917884239178842 3917884239178842 3917884239178842 3917884239178842 3917884239178842 3917884239178842
ZMM26=731c2943731c2943 731c2943731c2943 731c2943731c2943 731c2943731c2943 731c2943731c2943 731c2943731c2943 731c2943731c2943 731c2943731c2943
ZMM27=653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba 653b15ba653b15ba
ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4015000040150000 4015000040150000 4015000040150000 4015000040150000 4015000040150000 4015000040150000 4015000040150000 4015000040150000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851449b5 RDI=ffffffff9a668200 RBP=ffffffff9a6681c0 RSP=ffffc900005f86b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=0000000000000033 R14=ffffffff85144950 R15=0000000000000000
RIP=ffffffff851449df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002002a000 CR3=000000005fd88000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000