last executing test programs:

8.196943514s ago: executing program 2 (id=475):
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000200)={0x1, 0x0, @ioapic={0xdddd0000, 0xfffffffd, 0xfffffff9, 0x800, 0x0, [{0x8, 0xa, 0x7, '\x00', 0x4}, {0x2, 0xe4, 0x5, '\x00', 0x7f}, {0x2, 0x40, 0x1, '\x00', 0x4}, {0x4, 0x4, 0x1, '\x00', 0x10}, {0x2, 0x6, 0x6, '\x00', 0xf4}, {0x3, 0x2, 0x9, '\x00', 0x1}, {0x48, 0x2, 0x10}, {0x0, 0x4, 0x6, '\x00', 0x1}, {0x5, 0x9, 0x4, '\x00', 0x8}, {0x5a, 0x7f, 0x8, '\x00', 0x5}, {0x1, 0x4, 0x6, '\x00', 0x26}, {0x80, 0x5, 0xa6}, {0x2e, 0x7, 0xbd, '\x00', 0x8}, {0x80, 0xa2, 0x2, '\x00', 0x79}, {0x5, 0x0, 0xf8, '\x00', 0x5}, {0x4, 0x7, 0x6, '\x00', 0x2}, {0x5, 0x5, 0x0, '\x00', 0x2}, {0x8, 0x6, 0x0, '\x00', 0x1}, {0x2, 0x1, 0x6, '\x00', 0x8}, {0xf, 0x37, 0xfe, '\x00', 0x5}, {0x2, 0xd, 0x87, '\x00', 0x6}, {0x80, 0x40, 0xac, '\x00', 0xcd}, {0x57, 0xfc, 0xf9, '\x00', 0x6}, {0xf8, 0x7, 0x7, '\x00', 0x10}]}})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$inet6(0xa, 0x1, 0x84)
add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, &(0x7f00000021c0)="305c0607e182087051667557c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b86400393d502b0cd490635d54cdf5bd0461690982b236949ab5e000000808ce41d86b9b949004fd8fe45b91e8fe7ec7c49750a1b0ade", 0x5e, 0xfffffffffffffffe)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="020f00001500000000000000000000000800120000000100000000000000000006000000000000000000020000000000e00000020000000000000000000000002001000000000000000000000000000205000600000000000a00000000000000fe8000000000000000000000000000bb0000000000000000010018000000000005000500000000000a00000000000000ff02000000000000000000000000000100000000000000"], 0xa8}}, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
bind$inet6(r3, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="0380c200468aaccb0aed2c69dee13f1b0000a4bbbbbbbbbb0800450000300000000000019078ac1e0001ac1414aa030090781200183f250000000000000000"], 0x0)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)
sendto$inet6(r3, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
close(r3)
r8 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000000180)={0x10, 0x0, 0x25dfdbfc, 0x4}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)

7.119052259s ago: executing program 2 (id=479):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
inotify_init1(0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512e72ce4e34ecdfdd7f1f465fefe585a9bf648fb5e334df14f514eba0f21a80004cbfafc028f589191f023c40ad4789a20ba3fa015c22b8bd3ef32dcfc1c8bc07eadf18b1f097ec0bf0adf68f94071291fd62b14e669398f1556c65224387dae27e2e57a90a44861eb8061058e536bd082da52223407261ce4ba3ed5e9b7838ae2791eb11923eff8fb2c2051ce889ae51f2eb1d9a7055c213adf114d58fb9429fb26c0a99f7980fe4cd5de05d59385cb04900d296207ab157f72f0d185d259371f189926ee5c84c114146995b3907030262e172f8ca7069a6c2146795c075f4ed569d8fd8c1c83caea4c2dfdba5275a0d1fe9a20f694055ba8b72507dafce6440434c25e4eb41fed2a567a7ae4108759bc93686e8848fd514ef0dc5c1890b5d30ce911830ad7d98d0387b15a8fed1e4c47e8f081c2e9ac08bda6826bd812779502112a2b0567c54439ef8a89d4eac603f65fc04ec6baf7c9b3990ad1fa89190217708ceaec6bcb3fcb29e770182e859341a0246541f578793cf399e711f8246e37bdd0afa46e8d0022499c9282176edbb00d13932415772850c067a56432751bdb177c269d08031e10e77a4ec85af9023886f2a1560866ff8ddb6b94f2d80ec4f357b8af1ba312c15bf9adb5cb600fae5fbc6f9a0396b78a048dabb34b0fe93bd5e0f0c5ff330f09471b396b8d2fcf872a381c78b2bbb4223979e65003c7fcf958f04363f7cd0d351d6713fdb2e9c4513ce36e5b877a56380bd192cb3ee27ace92f64d056be8e0997b691cb6bc26ef68b90b"}}, &(0x7f0000000040))
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlinkat(0x0, 0xffffffffffffffff, &(0x7f0000000340)='\x00')
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=""/65, 0x41)
ioctl$TCFLSH(0xffffffffffffffff, 0x80045438, 0x300000000000000)
timer_create(0x3, &(0x7f0000000240)={0x0, 0x12, 0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYINDEX(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x20000080)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001600)=ANY=[@ANYBLOB="0300000004006005389ede2ffad89c97e9e3a10000040000000a000000000000001c227cdd669411dd0b101d5cb55a2329489558e1d25346fbb30e5ca9af", @ANYRESHEX, @ANYBLOB="000000000000000000000000547896a208710227ce867c0f32fc275d5220a958b8652dc7644fc5952eff430cebb6230293fdbca5ca05c21f8ea2a4458b734782dba409002d71fac2f9b23ee2ffa61459a2a1b62dda641cc6f708495d3cdfd22e64bd0a4722557029e06bb31eb0fc1a49f5096bdb6bb1d3572c6d4d64c410dc5a73abde5d5adc5d057f88e76670687ea31ddd65aea8b8034d0ba53450281ddb1cd36ba9aeb54bc61dbb00692f10023270c7e3bc750d3879150c3a3b24c5e00baad926fbae9ddacf5d8ffbffb68f19159419b2c685f6ba37266595af5024ca030000000000000023183e4782007231b5e79c70e2ebda09e309cb5a136b713d1fe0c2cb6e9d7463c244a2ae06483b0959ce39b424cef0945c366980df9e8e7f5e48aa59e91cb98f62ee1276b9ab02312db279a4278113d73c172e1bb446050f4548a6219ccef920a5ce8c500ce857340b83dd385dca28a3866836d9d6ec59fa9a04bc8101551c295f1993fe9e07d915902642", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28, @ANYBLOB="c071379850c9667da8c3d14649247c5e2be9c87d2889b201af1bdffe55f8d54ed93a95c3e125706c3c71840e325e79c7d93ba213ddb47005467e154bb9bb35e63c396648bdd9f285aa538c344ddcc68c7ecbc0a2249b25002c59ceb39c950e9412e4d0883e4347b827ff7fb1a1740a05a5c11b658b7bb44aa1f0f99a1e828ebaf923e76905b1955ffb74db663b2acb55efb2e808e98158ed2465d9b9bb4af0c469", @ANYRESHEX=r2], 0x48)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x14ba82, 0x18)
write$cgroup_int(r6, &(0x7f0000000000)=0xfe8e, 0x12)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.836592508s ago: executing program 2 (id=484):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
getgroups(0x3, &(0x7f0000000c80)=[<r2=>0xee01, <r3=>0xee00, <r4=>0xffffffffffffffff])
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'bond0\x00'}}]}, 0x85}, 0x1, 0x0, 0x0, 0x4000840}, 0x24004000)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, [@sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}]}, 0x20}}, 0x140)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={<r9=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000), r9, 0x0, 0x1, 0x4}}, 0x20)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r10 = openat$nmem0(0xffffff9c, &(0x7f0000000440), 0x10000, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r10, 0xc0205710, &(0x7f0000000480)={0x1, 0x4, 0x2, 0x0, 0x3})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x2}}, 0x20)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000000414010026bd7000ffdbdf2508000100000000000800"], 0x20}, 0x1, 0x0, 0x0, 0x20048000}, 0x20000000)
r11 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
r12 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r12, &(0x7f0000000200)='V', 0x1)
syz_usb_disconnect(r11)
r13 = syz_open_dev$video(&(0x7f0000000040), 0x4, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r13, 0xc0185649, &(0x7f0000000140)={0x0, 0x200, 0x4001, 0xffffffffffffffff, 0x0, &(0x7f0000000580)={0xa10907, 0x0, '\x00', @p_u16=&(0x7f0000000540)=0xfbff}})
setresgid(r4, r2, r3)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r13], 0x28}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a", 0x5}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)
r14 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r14, 0xa02000000000000, 0x60, 0x0, 0x0)

4.796003707s ago: executing program 3 (id=487):
socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000480)=ANY=[@ANYBLOB="f8000000160000000000000000000000ac1414aa000000000000000000000000ff010000000000000000000000000001", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff000000000000000000000000080000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a948000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000080003f8ca39eecd57592a76f4a3b8dc264dc5fa32d2344ff18e3a36b687af6f18ff4a708ed1b6298d599c5ebe971e12a76a9390163e2fc1581f98c82c732b3e5"], 0xf8}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0xfffffffe)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000300)=@userptr={0x6, 0x9, 0x4, 0x400, 0xa, {}, {0x3, 0xc, 0xf3, 0x4, 0x2f, 0x4, "6dcdc988"}, 0x6, 0x2, {0x0}, 0xe})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x80047441, 0x20000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='smaps\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000140)='\n\x00\x00\x00', 0x4}, {&(0x7f00000003c0)='\v\x00\x00\x00', 0x4}], 0x2)
io_setup(0x6, &(0x7f0000001380))
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)

3.745981129s ago: executing program 0 (id=490):
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
io_setup(0x4082, &(0x7f0000000380))
landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x108, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x14, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2002, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close(0x3)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x6, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x4}}, {{0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x5}}}, 0x104)
socket(0x80000000000000a, 0x1, 0x0)

3.676427704s ago: executing program 1 (id=492):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "9dad82"}}}, 0xd)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x0, 0x2, 0x2, '\x00', 0xffffffffffffffe0})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0xfc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x1, 0x0, 0x13, 0x4, 0x0, 0x3, 0x0, 0x4, '\x00', 0xff, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x17, 0x0, 0x0})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r7 = io_uring_setup(0x2195, &(0x7f0000000080)={0x0, 0x7897, 0x400, 0x1, 0x232})
io_uring_register$IORING_REGISTER_NAPI(r7, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r8, 0x8940, &(0x7f00000002c0)=@buf)

3.616224345s ago: executing program 1 (id=493):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001500010300000000000000"], 0x14}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000000540)=[{0x4, 0x2, 0x0, 0x1}, {0x3, 0x5, 0x10}, {0x0, 0x1, 0xd, 0x9}, {0x4, 0x3, 0xb, 0xb}, {0x3, 0x3, 0x9, 0x2}], 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x804)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@uuid_off}]})
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000000000)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r4, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')

3.615760448s ago: executing program 3 (id=494):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "9dad82"}}}, 0xd)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x0, 0x2, 0x2, '\x00', 0xffffffffffffffe0})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0xfc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x1, 0x0, 0x13, 0x4, 0x0, 0x3, 0x0, 0x4, '\x00', 0xff, 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x17, 0x0, 0x0})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
io_uring_register$IORING_REGISTER_NAPI(0xffffffffffffffff, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r6, 0x8940, &(0x7f00000002c0)=@buf)

3.530973663s ago: executing program 2 (id=495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "9dad82"}}}, 0xd)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x0, 0x2, 0x2, '\x00', 0xffffffffffffffe0})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0xfc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x1, 0x0, 0x13, 0x4, 0x0, 0x3, 0x0, 0x4, '\x00', 0xff, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x17, 0x0, 0x0})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r7 = io_uring_setup(0x2195, &(0x7f0000000080)={0x0, 0x7897, 0x400, 0x1, 0x232})
io_uring_register$IORING_REGISTER_NAPI(r7, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r8, 0x8940, &(0x7f00000002c0)=@buf)

3.064645724s ago: executing program 3 (id=496):
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bond0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
getcwd(&(0x7f0000000000)=""/4096, 0x1000)
sendmsg$nl_route_sched(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@gettaction={0x18, 0x32, 0x301, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x4}]}, 0x18}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000440)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x6, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x58}}, 0x8000)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000100)={'wg0\x00'})
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0xc8}]}, &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32, @ANYBLOB="08001b"], 0x34}}, 0x4004010)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000016c0)={0x144, 0x0, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_EXPECT_TUPLE={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7f}, @CTA_EXPECT_TUPLE={0xb8, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_EXPECT_MASTER={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @broadcast}}}]}]}, 0x144}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040084)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r5, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa314, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x1, 0x400})
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8912, &(0x7f0000000040)={'bridge_slave_1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

2.643181541s ago: executing program 1 (id=497):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xa2, &(0x7f0000000140)=""/162, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x6}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}})
syz_init_net_socket$rose(0xb, 0x5, 0xf0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000002c0)={'filter\x00', 0x0, 0x0, 0x0, [0x1, 0xffffffffffffffff, 0x0, 0xae, 0x401, 0x8]}, &(0x7f0000000280)=0x50)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x509, 0x0, 0x0, {0x2, 0x1f, 0x0, 0x0, r8}, [@IFA_LOCAL={0x8, 0x2, @private=0xa010100}]}, 0x20}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)
r10 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$IP_VS_SO_GET_SERVICES(r10, 0x0, 0x482, &(0x7f0000002bc0)=""/46, &(0x7f0000002c00)=0x2e)
read$FUSE(r5, &(0x7f0000000400)={0x2020}, 0x2020)
getsockopt$inet6_udp_int(r5, 0x11, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)

2.642624612s ago: executing program 0 (id=498):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {}, {0xfffffffc}, {0x400000, 0xfffffffe}], 0x0, 0x4, 0x0, 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = openat$nmem0(0xffffff9c, &(0x7f0000000040), 0x101040, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x30)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000380)=""/132, 0x0, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
unshare(0x44040000)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="01"])
r3 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x40045731, &(0x7f0000000180))
r4 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0)
ftruncate(r4, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r4, 0x0)
lseek(r4, 0x1003ff, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
ioctl$TCFLSH(r5, 0x404c4701, 0x20000000)

2.586367814s ago: executing program 3 (id=499):
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000540)="1c0000005e001f2a7921c550334ef9f92b4525733814584707f9f4ff", 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$nullb(0xffffffffffffff9c, 0x0, 0x48882, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x4f565559, 0x0, 0xa, [{}, {0x10, 0x2}], 0x0, 0x80, 0x3, 0x0, 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001c00070f000000000000000007000000", @ANYRES32=r2, @ANYBLOB="800000000a00020027cf5a6d11eab20180"], 0x28}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000800)=@filter={'filter\x00', 0x4, 0x4, 0x324, 0xffffffff, 0x194, 0xc8, 0x0, 0xfeffffff, 0xffffffff, 0x25c, 0x25c, 0x25c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private2, [], [], 'batadv_slave_0\x00', 'team_slave_1\x00', {}, {}, 0x6, 0x0, 0x1}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@remote, @private0, [], [], 'hsr0\x00', 'veth0_macvtap\x00'}, 0x0, 0xa4, 0xcc}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x380)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x9, 0x13, r4, 0x7c2ee000)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000080)=0x10)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000100)='J', 0x1}], 0x1)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

1.936679901s ago: executing program 2 (id=500):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mkdir(0x0, 0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)

1.835665686s ago: executing program 1 (id=501):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "9dad82"}}}, 0xd)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x0, 0x2, 0x2, '\x00', 0xffffffffffffffe0})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0xfc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x1, 0x0, 0x13, 0x4, 0x0, 0x3, 0x0, 0x4, '\x00', 0xff, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x17, 0x0, 0x0})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r7 = io_uring_setup(0x2195, &(0x7f0000000080)={0x0, 0x7897, 0x400, 0x1, 0x232})
io_uring_register$IORING_REGISTER_NAPI(r7, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r8, 0x8940, &(0x7f00000002c0)=@buf)

1.496100305s ago: executing program 3 (id=502):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x12d803)
r4 = dup(r3)
r5 = syz_genetlink_get_family_id$smc(0x0, r4)
sendmsg$SMC_PNETID_ADD(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB='L\x00\x00', @ANYRES16=r5, @ANYBLOB="320429c77000ffdbdf25020000000900030073797a300100000014000200626f6e645f736c6176655f31000000000900030073797a2c000000000900030073797a30f9000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4001}, 0x40084)
sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000540)=ANY=[@ANYBLOB="50000000a00a81965390400a5ee28c113e798a32cc8e8c494494bc3954096ea9670099bd728e55e45bc355719f24cf62273852e71685e6d6a4d7386a93645c5bdd9dfb51487b13ea80042f", @ANYRES16=r5, @ANYBLOB="000328bd7000ffdbdf2504000000140002006361696630000000000000000000000005000400010000000900010073797a3200000000140002006261746164765f736c6176655f300000"], 0x50}, 0x1, 0x0, 0x0, 0xc840}, 0x2040884)
socket$xdp(0x2c, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r6, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c6ba6bef4a1c4e384d8c033ed7a80ffdfef0f000060000000a2bc5603ca00000f7f8900000008000000372471083ec6991778581acb6c01", 0x48}], 0x1)
bind$l2tp6(r4, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r7, 0x25, &(0x7f0000000140))
fcntl$lock(r7, 0x24, &(0x7f00000000c0)={0x2})
socket$tipc(0x1e, 0x5, 0x0)
r8 = socket(0x10, 0x400000000080803, 0x0)
sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x811)
unshare(0x62040600)

1.488762248s ago: executing program 1 (id=510):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = fsopen(&(0x7f0000000180)='ceph\x00', 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='smaps_rollup\x00')
read$FUSE(r5, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r6 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000080)=""/3, 0x3}], 0x1)
fchdir(r3)
ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
tkill(r6, 0xb)

1.295469514s ago: executing program 0 (id=503):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
munlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000100)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
read$nci(r6, &(0x7f00000019c0)=""/97, 0x61)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r8)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
openat$sysctl(0xffffff9c, 0x0, 0x1, 0x0)
pipe(&(0x7f0000000000))
splice(r10, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="62000000000001000000000000000000000002000c000300686173683a5570000900020073797a320000000013000300686173683a6e65742c696661636500"], 0x54}}, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f00000001c0)=0x2f)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x8000, @remote, 0x4}, 0x1c)
close(0xffffffffffffffff)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
syz_open_dev$usbmon(&(0x7f0000000000), 0x89c, 0x101000)

936.519259ms ago: executing program 2 (id=504):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_emit_vhci(&(0x7f0000000200)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "9dad82"}}}, 0xd)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x0, 0x2, 0x2, '\x00', 0xffffffffffffffe0})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0xfc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x6, 0x9, 0x1, 0x0, 0x13, 0x4, 0x0, 0x3, 0x0, 0x4, '\x00', 0xff, 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000040)={0x17, 0x0, 0x0})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
io_uring_register$IORING_REGISTER_NAPI(0xffffffffffffffff, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFCONF(r7, 0x8940, &(0x7f00000002c0)=@buf)

266.162466ms ago: executing program 1 (id=505):
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xd4\xc6\x90j\xac\xf9\xa4\xf9\xa5\x0f\x89\xdc\x80O\";\xae\xebA;X\x14\x97\xab\x86\xd1/\x84\x8a\x91$GY\xeb\x8f\xec\xb4\xf9\x1f\xb7\x04\xc2\xc0\xc6\x03\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2\x02\x00\x00\x00\x00\x00\x00\x006\x96\xffZ\\A@\x00\x00\x00\xc9\xdeY\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{x[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v2*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xb3\xbd\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KF\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9f\x80,y\xdf/\xaa\xe2i\x8cZ\x9c\xc3 \x90\xc6G\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\xc95\xcc\xb6\xf6\xe8o\xfd\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82]S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xd3\x84d\xf4\x134\x00\x00\x00\x00h\xaa\x15\x9a\xf7\x03\x00%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60k2\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x9b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x80\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xb35\x00\xfb\xac8wAph\xb4\x9d\x14\xf6\xec+f\x84\xde\x1b\x11\xe8\\}\xf81\xe6U3\xf9~\xdfD[\x1a\x02\x1f\xd2\x1as-\x9c\x01\x86\xa7\xb8\xc5\xeeOg\x99j\xedu\xafO@\x8e\xf24w\xad\x130Z&\xcb\x81\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Lo\x12\x00\xa2\xa5$9\x05O\xfe\x0e\xd2N\x98\x84\x10\x01\x89\xaa)\x118\xcd\xf8>\xab\xd9\xbd\xcfH\xa5\x8e\x14\x12\xb0OF\x80\xbb\xb6B\x80Q \x85\'w\xc8D\xf9\xfa\fq\x9e\x83I\xe5\n\xae8\xb7\f\xab#\x85Y\xeeH\x98\x84\x8cRv\xdcZ<\x80\xbd\x8d~\n\x88-\xa1\x97\xaf2e\xa6\'\x8aQ\x85}\xf1\rJF\f\x8c_\x01\xbe\'\v1\xccL\x0e\x05\xbdIa\x85\xb8\x14\xe0;}\xb7\x11\xb5\xfa\xeb\x13\xd3\x92\x8a\xe47\xf9\x12\xd9\xd5\x99\xf4\t\xdf\x058\xc4]\xf7\x16J\xf9\xce\xf0zG\xe6i\xf1~\xaaL\xa5\xd5\xe5L\xban?\'\x11B', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, 0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick=0x2f, {}, {}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x38)
syz_open_dev$rtc(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r6, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r7 = io_uring_setup(0xa10, &(0x7f0000000040)={0x0, 0x2c1, 0x800, 0x1, 0x307})
r8 = openat$null(0xffffffffffffff9c, &(0x7f0000002500), 0x1, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x7, &(0x7f0000000180)=r8, 0x1)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)

223.544899ms ago: executing program 3 (id=506):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r7, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x808)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r11, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0)
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r12, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

123.654798ms ago: executing program 0 (id=507):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000180)={{0x2, 0x4e21, @broadcast}, {0x6}, 0x92, {0x2, 0x4e23, @multicast1}, 'veth1_to_bridge\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x2000000015, 0x80005, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c0000000800124000000000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000000306010200000000000000000a000001050001"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0xb8d2, @loopback}, 0x1c)
sendto$inet6(r1, 0x0, 0xfff4, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
inotify_init()
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000008c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000540)={0x1, 0xfffffffe, 0x0, 0x0, 0xdad5b93ed836b82})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6(0xa, 0x40000080806, 0x0)

65.466497ms ago: executing program 0 (id=508):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000180)={{0x2, 0x4e21, @broadcast}, {0x6}, 0x92, {0x2, 0x4e23, @multicast1}, 'veth1_to_bridge\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x2000000015, 0x80005, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c0000000800124000000000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)

0s ago: executing program 0 (id=509):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x168, 0x24, 0x100, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}, {0xa, 0xfff3}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_red={{0x8}, {0x13c, 0x2, [@TCA_RED_PARMS={0x14, 0x1, {0xa88, 0x2, 0x7, 0xc, 0xa, 0x1a, 0x6}}, @TCA_RED_STAB={0xf6, 0x2, "45b3325ae2b81b29f6eaa12dcd07d86be9ea77734984533868067ddcb8b864dc0ff1ad975531992aeeaefcf6651fa388ec9fb5bd9cb7c7f973d28ab24db0a2372275853ee70ccf6dd02a3da1f03f93a6444cf27d7095d59cc65508e58660db4eed41fd52952b229bbe731848efc7af83f297a689abf6f18d285618a1d59ea8a6464ac43e4db77a8279e52eb8afc4d7d6ac64e5d2343731e46af1392049e9b9c67e1e1afe54da3eff1b6cbb8dac29c47fa09f682be47efa3536c110cb69347a117f8a75db4e3162c7e951884cafee92d5afbb715cc2fc4459f7375a71897fd59a08c653b5aeba118f5bba564964594ba061786397d0a58767d17e467a03710356"}, @TCA_RED_FLAGS={0xc, 0x4, {0xf}}, @TCA_RED_PARMS={0x14, 0x1, {0x1, 0x7, 0x3, 0x12, 0x8, 0x4a}}]}}]}, 0x168}, 0x1, 0x0, 0x0, 0x44040}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000280)={'ip_vti0\x00', <r2=>0x0, 0x8, 0x7, 0x1000, 0x8, {{0x12, 0x4, 0x3, 0xc, 0x48, 0x67, 0x0, 0x9, 0x29, 0x0, @rand_addr=0x64010100, @multicast2, {[@timestamp_prespec={0x44, 0x14, 0xf2, 0x3, 0x7, [{@local, 0x5}, {@loopback, 0x9}]}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x1b, 0xea, [@private=0xa010100, @local, @broadcast, @loopback, @rand_addr=0x64010101, @empty]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000380)={'erspan0\x00', &(0x7f0000000300)={'syztnl1\x00', r2, 0x1, 0x7, 0x8, 0x6, {{0xa, 0x4, 0x0, 0x4, 0x28, 0x67, 0x0, 0x7, 0x4, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x13}, {[@timestamp_addr={0x44, 0x14, 0x93, 0x1, 0x2, [{@rand_addr=0x64010102, 0x9}, {@private=0xa010100, 0x28e6}]}]}}}}})
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0)
close(r3)
r4 = accept4(r1, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r4)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000031c0)=ANY=[@ANYBLOB="14a54467", @ANYRES16=r5, @ANYBLOB="080029bd7000fedbdf250c000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x44040)
r6 = dup(r0)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
syz_io_uring_setup(0x239, 0x0, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r9, 0x3)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r10, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
recvmmsg(r10, &(0x7f0000003240)=[{{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001480)=""/232, 0xe8}], 0x1}, 0x9}], 0x1, 0x32, 0x0)
mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='btrfs\x00', 0x200000, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:42633' (ED25519) to the list of known hosts.
[   41.872180][ T5939] cgroup: Unknown subsys name 'net'
[   42.015749][ T5939] cgroup: Unknown subsys name 'cpuset'
[   42.020160][ T5939] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.028709][ T5939] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.912879][ T5953] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.917913][ T5964] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.920928][ T5964] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.923350][ T5964] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.925512][ T5964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.928170][ T5964] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.930639][ T5964] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.933094][ T5963] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.936371][ T5963] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.939508][ T5963] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.941360][ T5966] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.942146][ T5963] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.945619][ T5967] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.945955][ T5966] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.946109][ T5965] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.946267][ T5965] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   45.946773][ T5965] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.947298][ T5965] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.948526][ T5965] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   45.949361][ T5967] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   45.949563][ T5967] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.950593][ T5966] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   45.952587][ T5965] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.954506][ T5966] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.122255][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   46.129744][ T5958] chnl_net:caif_netlink_parms(): no params data found
[   46.151518][ T5957] chnl_net:caif_netlink_parms(): no params data found
[   46.294288][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   46.305250][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.307324][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.309357][ T5958] bridge_slave_0: entered allmulticast mode
[   46.312140][ T5958] bridge_slave_0: entered promiscuous mode
[   46.315642][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.317934][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.319988][ T5954] bridge_slave_0: entered allmulticast mode
[   46.322158][ T5954] bridge_slave_0: entered promiscuous mode
[   46.327077][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.329139][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.331149][ T5954] bridge_slave_1: entered allmulticast mode
[   46.333375][ T5954] bridge_slave_1: entered promiscuous mode
[   46.347099][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.349263][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.351382][ T5957] bridge_slave_0: entered allmulticast mode
[   46.353879][ T5957] bridge_slave_0: entered promiscuous mode
[   46.356253][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.358980][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.361892][ T5958] bridge_slave_1: entered allmulticast mode
[   46.364871][ T5958] bridge_slave_1: entered promiscuous mode
[   46.393735][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.395840][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.397925][ T5957] bridge_slave_1: entered allmulticast mode
[   46.400175][ T5957] bridge_slave_1: entered promiscuous mode
[   46.429414][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.468338][ T5958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.472886][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.476459][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.498179][ T5958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.510157][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.520688][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.522840][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.525369][ T5950] bridge_slave_0: entered allmulticast mode
[   46.527562][ T5950] bridge_slave_0: entered promiscuous mode
[   46.563174][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.565374][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.567596][ T5950] bridge_slave_1: entered allmulticast mode
[   46.570244][ T5950] bridge_slave_1: entered promiscuous mode
[   46.584134][ T5958] team0: Port device team_slave_0 added
[   46.587339][ T5954] team0: Port device team_slave_0 added
[   46.590249][ T5957] team0: Port device team_slave_0 added
[   46.594042][ T5957] team0: Port device team_slave_1 added
[   46.604423][ T5958] team0: Port device team_slave_1 added
[   46.606886][ T5954] team0: Port device team_slave_1 added
[   46.618775][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.646841][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.666737][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.668804][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.676620][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.688902][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.691313][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.699172][ T5958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.703045][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.705187][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.713177][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.716890][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.719525][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.729786][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.741657][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.743814][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.751283][ T5958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.755274][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.757438][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.766098][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.776009][ T5950] team0: Port device team_slave_0 added
[   46.780567][ T5950] team0: Port device team_slave_1 added
[   46.825818][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.828430][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.835839][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.865988][ T5957] hsr_slave_0: entered promiscuous mode
[   46.868116][ T5957] hsr_slave_1: entered promiscuous mode
[   46.871303][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.873874][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.884508][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.891083][ T5958] hsr_slave_0: entered promiscuous mode
[   46.894381][ T5958] hsr_slave_1: entered promiscuous mode
[   46.897155][ T5958] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.899511][ T5958] Cannot create hsr debugfs directory
[   46.902941][ T5954] hsr_slave_0: entered promiscuous mode
[   46.905006][ T5954] hsr_slave_1: entered promiscuous mode
[   46.906968][ T5954] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.909165][ T5954] Cannot create hsr debugfs directory
[   46.994296][ T5950] hsr_slave_0: entered promiscuous mode
[   46.996358][ T5950] hsr_slave_1: entered promiscuous mode
[   46.998221][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.000432][ T5950] Cannot create hsr debugfs directory
[   47.220265][ T5954] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.224880][ T5954] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.233970][ T5954] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.243204][ T5954] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.257959][ T5958] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.263211][ T5958] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.267400][ T5958] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.271356][ T5958] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.298623][ T5950] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.302551][ T5950] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.308680][ T5950] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.313905][ T5950] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.339153][ T5957] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.342968][ T5957] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.346090][ T5957] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.349412][ T5957] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.391027][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.397973][ T5958] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.415180][ T5958] 8021q: adding VLAN 0 to HW filter on device team0
[   47.421042][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   47.431168][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.433426][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.437482][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.439552][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.456317][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.458420][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.464380][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.466452][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.487717][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.496852][ T5958] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   47.499866][ T5958] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.508174][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.526555][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   47.537559][ T5957] 8021q: adding VLAN 0 to HW filter on device team0
[   47.545427][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.548204][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.552889][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.555580][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.559487][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.562322][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.579812][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.582774][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.600926][ T5958] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.614566][ T5957] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   47.656519][ T5958] veth0_vlan: entered promiscuous mode
[   47.665971][ T5958] veth1_vlan: entered promiscuous mode
[   47.670973][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.687212][ T5958] veth0_macvtap: entered promiscuous mode
[   47.694472][ T5958] veth1_macvtap: entered promiscuous mode
[   47.707696][ T5954] veth0_vlan: entered promiscuous mode
[   47.714918][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.718155][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.725459][ T5954] veth1_vlan: entered promiscuous mode
[   47.729434][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.736466][ T5958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.740086][ T5958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.743475][ T5958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.746070][ T5958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.775656][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.788957][ T5954] veth0_macvtap: entered promiscuous mode
[   47.799779][ T5954] veth1_macvtap: entered promiscuous mode
[   47.809422][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.815009][ T5957] veth0_vlan: entered promiscuous mode
[   47.815085][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.834278][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.837315][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.840679][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.848059][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.848078][ T5957] veth1_vlan: entered promiscuous mode
[   47.851007][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.858789][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.862395][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.865893][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.869333][ T5954] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.872332][ T5954] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.874956][ T5954] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.877567][ T5954] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.895998][ T5950] veth0_vlan: entered promiscuous mode
[   47.902090][ T5958] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   47.917439][ T5950] veth1_vlan: entered promiscuous mode
[   47.922992][ T5957] veth0_macvtap: entered promiscuous mode
[   47.927027][ T5957] veth1_macvtap: entered promiscuous mode
[   47.944929][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.947918][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.950686][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.954554][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.958252][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.966781][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.969842][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.973080][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.974938][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.976250][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.979192][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.979695][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.986802][ T5966] Bluetooth: hci1: command tx timeout
[   47.986875][ T5953] Bluetooth: hci2: command tx timeout
[   47.987192][   T65] Bluetooth: hci3: command tx timeout
[   47.989631][ T5957] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.996618][ T5957] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.999148][ T5957] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.001729][ T5957] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.012058][ T5950] veth0_macvtap: entered promiscuous mode
[   48.031090][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.040011][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.046955][ T5950] veth1_macvtap: entered promiscuous mode
[   48.056330][ T5966] Bluetooth: hci0: command tx timeout
[   48.063052][ T1162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.066234][ T1162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.069062][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.079000][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.082036][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.085216][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.087975][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.090896][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.098101][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.106098][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.109400][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.116127][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.119319][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.123062][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.126124][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.130615][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.145947][ T5950] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.148510][ T5950] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.150958][ T5950] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.154135][ T5950] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.158061][   T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.162249][   T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.253133][ T1162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.256118][ T1162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.290384][ T1162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.297788][ T1162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.311559][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   48.327579][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.338916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.342088][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.347484][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.356399][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.384611][ T6016] syz.1.2 (6016): drop_caches: 2
[   48.541601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.636823][ T5966] Bluetooth: Unexpected continuation frame (len 16)
[   48.644547][ T6031] Process accounting resumed
[   49.232317][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.251807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.254239][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.274944][ T6038] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[   49.490728][ T6042] random: crng reseeded on system resumption
[   49.524172][ T6047] warning: `syz.0.9' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   49.875164][ T6050] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.051723][ T5966] Bluetooth: hci1: command tx timeout
[   50.065000][ T5966] Bluetooth: hci3: command tx timeout
[   50.065012][   T65] Bluetooth: hci2: command tx timeout
[   50.135592][ T5966] Bluetooth: hci0: command tx timeout
[   50.445963][ T6063] tipc: Started in network mode
[   50.448104][ T6063] tipc: Node identity f7, cluster identity 4711
[   50.450631][ T6063] tipc: Node number set to 247
[   51.129086][ T6070] netlink: 24 bytes leftover after parsing attributes in process `syz.2.14'.
[   51.463777][ T6081] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   51.749278][ T6083] : entered promiscuous mode
[   51.787301][ T6078] futex_wake_op: syz.1.16 tries to shift op by -1; fix this program
[   51.798506][ T6078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16'.
[   51.801059][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16'.
[   52.132180][ T5966] Bluetooth: hci2: command tx timeout
[   52.134495][ T5966] Bluetooth: hci3: command tx timeout
[   52.211692][   T65] Bluetooth: hci0: command tx timeout
[   52.484752][ T6092] netlink: 24 bytes leftover after parsing attributes in process `syz.0.19'.
[   52.577879][ T6098] input: syz0 as /devices/virtual/input/input5
[   52.982149][ T6101] netlink: 32 bytes leftover after parsing attributes in process `syz.3.20'.
[   53.037459][ T6109] openvswitch: netlink: VXLAN extension 15883 out of range max 1
[   54.215853][   T65] Bluetooth: hci3: command tx timeout
[   54.217478][   T65] Bluetooth: hci2: command tx timeout
[   54.291546][   T65] Bluetooth: hci0: command tx timeout
[   54.369753][ T6112] [U] v�3
[   54.396239][ T6127] input: syz0 as /devices/virtual/input/input6
[   54.536394][ T5966] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   54.539882][ T5966] Bluetooth: hci1: Injecting HCI hardware error event
[   54.544987][   T65] Bluetooth: hci1: hardware error 0x00
[   55.343297][   T25] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0
[   55.346426][   T25] hid-generic 0000:0003:0000.0002: unknown main item tag 0x0
[   55.354493][   T25] hid-generic 0000:0003:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   56.314335][ T6161] can0: slcan on ptm0.
[   56.480045][ T6149] can0 (unregistered): slcan off ptm0.
[   56.611607][   T65] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   61.814801][ T6324] @: renamed from vlan0 (while UP)
[   62.188682][   T39] audit: type=1326 audit(1737571200.183:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.196111][   T39] audit: type=1326 audit(1737571200.183:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.202628][   T39] audit: type=1326 audit(1737571200.183:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.210925][   T39] audit: type=1326 audit(1737571200.193:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.219869][   T39] audit: type=1326 audit(1737571200.203:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.228447][   T39] audit: type=1326 audit(1737571200.203:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.235472][   T39] audit: type=1326 audit(1737571200.223:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.243074][   T39] audit: type=1326 audit(1737571200.223:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.244097][ T6341] process 'syz.2.57' launched './file0' with NULL argv: empty string added
[   62.249581][   T39] audit: type=1326 audit(1737571200.223:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   62.261368][   T39] audit: type=1326 audit(1737571200.233:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.2.57" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f00598 code=0x7ffc0000
[   62.682102][ T6350] sctp: [Deprecated]: syz.3.58 (pid 6350) Use of struct sctp_assoc_value in delayed_ack socket option.
[   62.682102][ T6350] Use struct sctp_sack_info instead
[   63.355180][ T6357] netlink: 56 bytes leftover after parsing attributes in process `syz.2.60'.
[   63.637278][ T6359] Zero length message leads to an empty skb
[   63.755993][   T63] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0
[   63.758193][   T63] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0
[   63.769906][   T63] hid-generic 0000:0003:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   64.259971][ T6378] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[   68.292139][   T65] Bluetooth: hci0: command tx timeout
[   69.064525][   T69] Bluetooth: hci4: Frame reassembly failed (-84)
[   69.371490][ T6093] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   69.521501][ T6093] usb 8-1: Using ep0 maxpacket: 8
[   69.526232][ T6093] usb 8-1: config 7 has an invalid interface number: 207 but max is 0
[   69.528699][ T6093] usb 8-1: config 7 has no interface number 0
[   69.530488][ T6093] usb 8-1: too many endpoints for config 7 interface 207 altsetting 80: 184, using maximum allowed: 30
[   69.535391][ T6093] usb 8-1: config 7 interface 207 altsetting 80 has 0 endpoint descriptors, different from the interface descriptor's value: 184
[   69.539219][ T6093] usb 8-1: config 7 interface 207 has no altsetting 0
[   69.546127][ T6093] usb 8-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59
[   69.548784][ T6093] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   69.551151][ T6093] usb 8-1: Product: syz
[   69.553065][ T6093] usb 8-1: Manufacturer: syz
[   69.554532][ T6093] usb 8-1: SerialNumber: syz
[   69.572997][ T6441] Process accounting resumed
[   70.530662][ T6468] can: request_module (can-proto-3) failed.
[   70.691677][ T5966] Bluetooth: hci2: command tx timeout
[   70.782668][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[   70.785460][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[   71.091603][ T5966] Bluetooth: hci4: command 0xfc11 tx timeout
[   71.091620][   T65] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   71.348911][ T6475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.86'.
[   71.408899][ T6475] netlink: 24 bytes leftover after parsing attributes in process `syz.1.86'.
[   71.416907][ T6475] bridge1: the hash_elasticity option has been deprecated and is always 16
[   71.529135][ T6478] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   71.536189][ T6478] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   71.559298][ T6478] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   71.907120][ T6093] cypress_m8 8-1:7.207: HID->COM RS232 Adapter converter detected
[   71.917698][ T6093] cyphidcom ttyUSB0: required endpoint is missing
[   71.930021][ T6093] usb 8-1: USB disconnect, device number 2
[   71.936152][ T6093] cypress_m8 8-1:7.207: device disconnected
[   72.481643][ T6093] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[   72.672856][ T6093] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[   72.675197][ T6093] usb 8-1: config 0 has no interface number 0
[   72.677060][ T6093] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   72.681290][ T6093] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   72.686024][ T6093] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[   72.691045][ T6093] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[   72.696412][ T6093] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   72.701882][ T6093] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   72.709425][ T6093] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.776186][   T65] Bluetooth: hci2: command tx timeout
[   73.066544][ T6093] usb 8-1: config 0 descriptor??
[   73.072137][ T6491] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   73.075675][ T6093] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   73.282070][ T5989] usb 8-1: USB disconnect, device number 3
[   73.282122][    C3] ldusb 8-1:0.55: usb_submit_urb failed (-19)
[   73.290109][ T5989] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[   73.487388][ T6491] fuse: Bad value for 'rootmode'
[   73.531337][ T6511] netlink: 24 bytes leftover after parsing attributes in process `syz.2.93'.
[   73.736544][   T65] Bluetooth: hci0: command tx timeout
[   73.767506][ T6509] can: request_module (can-proto-3) failed.
[   74.862458][   T65] Bluetooth: hci2: command tx timeout
[   76.671592][ T5989] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   76.900709][ T6607] netlink: 24 bytes leftover after parsing attributes in process `syz.1.103'.
[   77.023404][ T5989] usb 8-1: unable to get BOS descriptor or descriptor too short
[   77.031686][ T5989] usb 8-1: too many configurations: 255, using maximum allowed: 8
[   77.038915][ T5989] usb 8-1: unable to read config index 0 descriptor/start: -71
[   77.043298][ T5989] usb 8-1: can't read configurations, error -71
[   77.247857][ T6614] can: request_module (can-proto-3) failed.
[   77.971631][   T65] Bluetooth: hci0: command tx timeout
[   78.051705][   T65] Bluetooth: hci2: command tx timeout
[   80.462201][   T65] Bluetooth: hci2: command tx timeout
[   81.016795][  T833] cfg80211: failed to load regulatory.db
[   81.591601][ T6672] can: request_module (can-proto-3) failed.
[   82.134072][ T6684] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.118895][ T6697] syz.0.119 (6697): attempted to duplicate a private mapping with mremap.  This is not supported.
[   83.245413][ T6700] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   83.245413][ T6700]    program syz.1.121 not setting count and/or reply_len properly
[   83.271546][   T39] kauditd_printk_skb: 28 callbacks suppressed
[   83.271560][   T39] audit: type=1326 audit(1737571221.263:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.277803][ T6700] netlink: 76 bytes leftover after parsing attributes in process `syz.1.121'.
[   83.297947][   T39] audit: type=1326 audit(1737571221.273:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.330170][   T39] audit: type=1326 audit(1737571221.283:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.362774][   T39] audit: type=1326 audit(1737571221.303:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.375358][   T39] audit: type=1326 audit(1737571221.313:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.410356][   T39] audit: type=1326 audit(1737571221.313:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.460609][   T39] audit: type=1326 audit(1737571221.453:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.470925][   T39] audit: type=1326 audit(1737571221.453:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.482553][   T39] audit: type=1326 audit(1737571221.453:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   83.489438][   T39] audit: type=1326 audit(1737571221.453:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6701 comm="syz.3.123" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[   84.173914][ T6715] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   84.462022][ T5953] Bluetooth: hci2: command tx timeout
[   85.011775][ T5953] Bluetooth: hci3: command 0x0405 tx timeout
[   85.101488][    C0] vkms_vblank_simulate: vblank timer overrun
[   86.061494][    C0] vkms_vblank_simulate: vblank timer overrun
[   86.111474][    C0] vkms_vblank_simulate: vblank timer overrun
[   86.621591][   T35] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   86.792685][   T35] usb 6-1: unable to get BOS descriptor or descriptor too short
[   86.795804][   T35] usb 6-1: too many configurations: 255, using maximum allowed: 8
[   86.825868][   T35] usb 6-1: unable to read config index 0 descriptor/start: -71
[   86.828933][   T35] usb 6-1: can't read configurations, error -71
[   87.168534][ T6763] xt_CT: No such helper "syz1"
[   87.928738][ T6779] input: syz0 as /devices/virtual/input/input7
[   88.292721][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[   89.994860][ T6807] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   90.187729][ T6807] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   90.585572][ T6825] netlink: 'syz.1.143': attribute type 10 has an invalid length.
[   90.782727][ T6825] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   91.267993][ T6834] pimreg: entered allmulticast mode
[   92.334505][ T6850] netlink: 16 bytes leftover after parsing attributes in process `syz.1.150'.
[   92.444075][   T39] kauditd_printk_skb: 24 callbacks suppressed
[   92.444086][   T39] audit: type=1326 audit(1737571230.443:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6844 comm="syz.1.150" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0
[   92.935854][ T6862] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   92.942056][  T831] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   93.127547][  T831] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   93.161576][  T831] usb 7-1: config 0 has no interfaces?
[   93.163391][  T831] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   93.167585][  T831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.200093][  T831] usb 7-1: config 0 descriptor??
[   93.416474][   T25] usb 7-1: USB disconnect, device number 2
[   93.821576][   T65] Bluetooth: hci2: command tx timeout
[   95.703038][ T6898] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   95.713319][ T6898] batman_adv: batadv0: Adding interface: gretap1
[   95.715904][ T6898] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.724082][ T6898] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[   95.892606][   T65] Bluetooth: hci2: command tx timeout
[   96.036215][ T6906] can: request_module (can-proto-3) failed.
[   96.925652][ T6923] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   97.377540][   T39] audit: type=1326 audit(1737571235.373:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.385698][   T39] audit: type=1326 audit(1737571235.373:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.399061][   T39] audit: type=1326 audit(1737571235.373:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.408549][   T39] audit: type=1326 audit(1737571235.373:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.421388][   T39] audit: type=1326 audit(1737571235.373:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.430817][   T39] audit: type=1326 audit(1737571235.373:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.439174][   T39] audit: type=1326 audit(1737571235.373:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.446506][   T39] audit: type=1326 audit(1737571235.373:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.453338][   T39] audit: type=1326 audit(1737571235.373:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.459528][   T39] audit: type=1326 audit(1737571235.373:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.465932][   T39] audit: type=1326 audit(1737571235.373:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.472231][   T39] audit: type=1326 audit(1737571235.373:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.478504][   T39] audit: type=1326 audit(1737571235.373:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.484911][   T39] audit: type=1326 audit(1737571235.373:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.491190][   T39] audit: type=1326 audit(1737571235.373:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.497533][   T39] audit: type=1326 audit(1737571235.373:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.503851][   T39] audit: type=1326 audit(1737571235.373:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.509940][   T39] audit: type=1326 audit(1737571235.373:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.2.168" exe="/syz-executor" sig=0 arch=40000003 syscall=187 compat=1 ip=0xf7f00579 code=0x7ffc0000
[   97.713381][ T6935] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma?
[   97.971562][   T65] Bluetooth: hci2: command tx timeout
[   98.581215][ T6945] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   98.604630][ T6945] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   98.981556][ T5960] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   99.443845][ T5960] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.446997][ T5960] usb 5-1: config 0 has no interfaces?
[   99.448628][ T5960] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   99.451207][ T5960] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.456707][ T5960] usb 5-1: config 0 descriptor??
[   99.668695][ T5960] usb 5-1: USB disconnect, device number 2
[   99.844023][ T6968] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  103.202820][ T7022] netlink: 596 bytes leftover after parsing attributes in process `syz.0.187'.
[  103.286519][ T7023] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[  103.674375][ T7028] xt_CT: No such helper "syz1"
[  104.239144][ T7042] can: request_module (can-proto-3) failed.
[  105.181774][   T65] Bluetooth: hci2: command tx timeout
[  105.252712][   T65] Bluetooth: hci0: command tx timeout
[  107.448220][ T7104] xt_CT: No such helper "syz1"
[  107.546229][ T7096] netlink: 20 bytes leftover after parsing attributes in process `syz.3.202'.
[  107.691556][ T7096] can: request_module (can-proto-3) failed.
[  107.731542][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  107.789846][ T7115] /dev/nbd0: Can't open blockdev
[  109.431635][ T7133] netlink: 16 bytes leftover after parsing attributes in process `syz.3.209'.
[  109.517324][   T65] Bluetooth: hci2: command tx timeout
[  109.541226][   T39] kauditd_printk_skb: 45 callbacks suppressed
[  109.541243][   T39] audit: type=1326 audit(1737571247.533:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.3.209" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x0
[  109.570496][ T7127] ceph: No mds server is up or the cluster is laggy
[  110.726442][ T7158] overlayfs: failed to clone upperpath
[  112.058758][ T7182] syz.2.220 uses obsolete (PF_INET,SOCK_PACKET)
[  112.061514][   T65] Bluetooth: hci0: command tx timeout
[  112.168143][ T7185] 8021q: adding VLAN 0 to HW filter on device bond1
[  112.740706][ T7193] overlayfs: failed to clone upperpath
[  112.931522][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  113.351888][  T833] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  113.510448][  T833] usb 7-1: unable to get BOS descriptor or descriptor too short
[  113.518343][  T833] usb 7-1: too many configurations: 255, using maximum allowed: 8
[  113.522303][  T833] usb 7-1: unable to read config index 0 descriptor/start: -71
[  113.525371][  T833] usb 7-1: can't read configurations, error -71
[  114.057229][ T7211] overlayfs: failed to clone upperpath
[  117.012462][ T7242] ip6gretap0: entered promiscuous mode
[  117.171611][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  117.946112][   T39] audit: type=1326 audit(1737571255.943:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.2.236" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x0
[  118.344591][ T7273] netlink: 180 bytes leftover after parsing attributes in process `syz.0.238'.
[  118.348869][ T7273] netlink: 24 bytes leftover after parsing attributes in process `syz.0.238'.
[  118.354063][ T7273] netlink: 16 bytes leftover after parsing attributes in process `syz.0.238'.
[  118.357240][ T7273] netlink: 24 bytes leftover after parsing attributes in process `syz.0.238'.
[  118.778961][   T39] audit: type=1326 audit(1737571256.773:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.786388][   T39] audit: type=1326 audit(1737571256.773:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.793157][   T39] audit: type=1326 audit(1737571256.773:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.799410][   T39] audit: type=1326 audit(1737571256.773:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.808652][   T39] audit: type=1326 audit(1737571256.773:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.816569][   T39] audit: type=1326 audit(1737571256.783:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.824492][   T39] audit: type=1326 audit(1737571256.783:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.833087][   T39] audit: type=1326 audit(1737571256.783:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  118.839603][   T39] audit: type=1326 audit(1737571256.783:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7274 comm="syz.3.239" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb3579 code=0x7ffc0000
[  119.190919][ T7280] capability: warning: `syz.3.241' uses 32-bit capabilities (legacy support in use)
[  119.197033][ T7280] ucma_write: process 260 (syz.3.241) changed security contexts after opening file descriptor, this is not allowed.
[  120.681516][  T833] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  120.846312][  T833] usb 7-1: unable to get BOS descriptor or descriptor too short
[  120.848762][  T833] usb 7-1: too many configurations: 255, using maximum allowed: 8
[  120.851768][  T833] usb 7-1: unable to read config index 0 descriptor/start: -71
[  120.854049][  T833] usb 7-1: can't read configurations, error -71
[  121.345898][ T7321] netlink: 'syz.0.250': attribute type 12 has an invalid length.
[  123.110688][ T7340] batadv0: entered promiscuous mode
[  124.131567][   T65] Bluetooth: hci0: command tx timeout
[  124.168402][ T7357] overlayfs: failed to clone upperpath
[  124.875933][ T7365] ceph: No mds server is up or the cluster is laggy
[  125.271500][ T6093] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  125.447947][ T6093] usb 5-1: unable to get BOS descriptor or descriptor too short
[  125.450266][ T6093] usb 5-1: too many configurations: 255, using maximum allowed: 8
[  125.463411][ T7384] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  125.468096][ T7384] macvtap1: entered promiscuous mode
[  125.470306][ T7384] macvtap1: entered allmulticast mode
[  125.472640][ T7384] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  125.477850][ T6093] usb 5-1: unable to read config index 0 descriptor/start: -71
[  125.480272][ T6093] usb 5-1: can't read configurations, error -71
[  125.480715][ T7384] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  125.486486][ T7384] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[  126.051518][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  127.355826][   T65] Bluetooth: hci2: command tx timeout
[  127.437036][ T7421] overlayfs: failed to clone upperpath
[  129.421574][   T65] Bluetooth: hci2: command tx timeout
[  129.437703][ T7462] netlink: 164 bytes leftover after parsing attributes in process `syz.3.281'.
[  129.440401][ T7462] netlink: 164 bytes leftover after parsing attributes in process `syz.3.281'.
[  129.524515][ T7465] netlink: 'syz.2.282': attribute type 5 has an invalid length.
[  129.940634][ T7479] overlayfs: failed to clone upperpath
[  131.491966][   T65] Bluetooth: hci2: command tx timeout
[  132.225572][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  132.229728][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  132.612913][ T7538] openvswitch: netlink: Flow actions attr not present in new flow.
[  134.967851][ T7572] ceph: No mds server is up or the cluster is laggy
[  135.748786][ T5989] hid-generic 0000:0000:0000.0004: item fetching failed at offset 0/1
[  135.751893][ T5989] hid-generic 0000:0000:0000.0004: probe with driver hid-generic failed with error -22
[  137.061593][ T5996] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  137.375157][ T5996] usb 8-1: unable to get BOS descriptor or descriptor too short
[  137.381808][ T5996] usb 8-1: too many configurations: 255, using maximum allowed: 8
[  137.385945][ T5996] usb 8-1: unable to read config index 0 descriptor/start: -71
[  137.388321][ T5996] usb 8-1: can't read configurations, error -71
[  138.143717][ T7631] overlayfs: failed to clone upperpath
[  139.412234][   T65] Bluetooth: hci0: command tx timeout
[  139.920930][ T7661] can: request_module (can-proto-3) failed.
[  140.651358][ T7670] can: request_module (can-proto-3) failed.
[  141.346682][ T7678] netlink: zone id is out of range
[  141.348350][ T7678] netlink: zone id is out of range
[  141.350268][ T7678] netlink: zone id is out of range
[  141.351881][ T7678] netlink: zone id is out of range
[  141.491771][   T65] Bluetooth: hci0: command tx timeout
[  142.832833][ T7691] capability: warning: `syz.3.331' uses deprecated v2 capabilities in a way that may be insecure
[  142.931836][   T65] Bluetooth: hci2: command tx timeout
[  143.689974][ T7701] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  143.692403][ T7701] macvtap1: entered promiscuous mode
[  143.694216][ T7701] macvtap1: entered allmulticast mode
[  143.695872][ T7701] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  143.700589][ T7701] mac80211_hwsim hwsim8 wlan0: left allmulticast mode
[  143.703890][ T7701] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[  144.100322][ T7722] can: request_module (can-proto-3) failed.
[  144.151643][ T7707] uprobe: syz.1.336:7707 failed to unregister, leaking uprobe
[  144.227824][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  144.237970][   T39] audit: type=1326 audit(1737571282.223:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7707 comm="syz.1.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7fc00000
[  144.572632][ T7733] overlayfs: failed to clone upperpath
[  144.596664][ T7733] lo speed is unknown, defaulting to 1000
[  144.617014][ T7733] lo speed is unknown, defaulting to 1000
[  144.629329][ T7733] lo speed is unknown, defaulting to 1000
[  144.671977][ T7734] ������: renamed from lo (while UP)
[  144.908298][ T7733] infiniband s
z1: set active
[  144.909769][ T7733] infiniband s
z1: added ������
[  144.947528][  T831] ������ speed is unknown, defaulting to 1000
[  144.951515][ T7733] RDS/IB: s
z1: added
[  144.953624][ T7733] smc: adding ib device s
z1 with port count 1
[  144.955539][ T7733] smc:    ib device s
z1 port 1 has pnetid 
[  144.959714][ T7733] ������ speed is unknown, defaulting to 1000
[  145.012005][   T65] Bluetooth: hci2: command tx timeout
[  145.090146][ T7733] ������ speed is unknown, defaulting to 1000
[  145.131894][ T7733] ������ speed is unknown, defaulting to 1000
[  145.193657][ T7733] ������ speed is unknown, defaulting to 1000
[  145.722430][ T5995] ������ speed is unknown, defaulting to 1000
[  145.731655][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  146.183567][ T6013] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  146.361868][ T6013] usb 8-1: unable to get BOS descriptor or descriptor too short
[  146.365220][ T6013] usb 8-1: too many configurations: 255, using maximum allowed: 8
[  146.371070][ T6013] usb 8-1: unable to read config index 0 descriptor/start: -71
[  146.374403][ T6013] usb 8-1: can't read configurations, error -71
[  146.387492][    T9] libceph: connect (1)[c::]:6789 error -101
[  146.389484][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  146.596187][ T7755] ������ speed is unknown, defaulting to 1000
[  146.653110][    T9] libceph: connect (1)[c::]:6789 error -101
[  146.655345][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  146.838368][ T7757] batadv0: entered promiscuous mode
[  147.018097][ T7742] ceph: No mds server is up or the cluster is laggy
[  147.192075][ T7760] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  147.195015][ T7760] macvtap1: entered promiscuous mode
[  147.196877][ T7760] macvtap1: entered allmulticast mode
[  147.198533][ T7760] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  147.317118][ T7760] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  147.319243][ T7760] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  147.518013][ T7771] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  147.520723][ T7771] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0
[  147.811650][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  148.615307][ T7791] can: request_module (can-proto-3) failed.
[  149.457545][ T7816] evm: overlay not supported
[  149.463485][   T39] audit: type=1804 audit(1737571287.451:155): pid=7816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.358" name="/newroot/83/bus/bus" dev="overlay" ino=545 res=1 errno=0
[  149.491729][ T7816] fuse: Unknown parameter 'fg'
[  149.499960][   T39] audit: type=1804 audit(1737571287.491:156): pid=7816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.358" name="/newroot/83/bus/file0" dev="overlay" ino=546 res=1 errno=0
[  150.467472][ T7837] netlink: zone id is out of range
[  150.469507][ T7837] netlink: zone id is out of range
[  150.471854][ T7837] netlink: zone id is out of range
[  150.473871][ T7837] netlink: zone id is out of range
[  151.322733][  T833] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  151.482993][  T833] usb 8-1: not running at top speed; connect to a high speed hub
[  151.491849][  T833] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  151.507886][  T833] usb 8-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40
[  151.513530][  T833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.516701][  T833] usb 8-1: Product: Ф
[  151.518405][  T833] usb 8-1: Manufacturer: 轧ꥊ榬ṁ丞጗ῼ뗶耲⏵ꗓ脥穄蕗샵ﵿꑵ逗练蕱ዱ釬믌䜝픺≼앸䉀Ͳ㚑ﴂ鋪溙煯⦂鐖忰鐢쥏鸡洣㜅ਗ਼珫庤빟튃걨뾐
[  151.525799][  T833] usb 8-1: SerialNumber: ࠔ
[  151.535232][ T7842] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  151.661028][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  151.848019][  T833] usbhid 8-1:1.0: can't add hid device: -71
[  151.849861][  T833] usbhid 8-1:1.0: probe with driver usbhid failed with error -71
[  151.854502][  T833] usb 8-1: USB disconnect, device number 10
[  152.701045][ T7865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.367'.
[  152.772305][ T7866] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  154.623393][ T7891] ip6gretap0: entered promiscuous mode
[  154.742478][ T7896] can: request_module (can-proto-3) failed.
[  155.291677][ T7891] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  155.294689][ T7891] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  155.303436][ T7891] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  155.308799][ T7891] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  155.310664][ T7891] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  155.323002][ T7891] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  155.327933][ T7891] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  155.329910][ T7891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  155.335203][ T7891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  155.385514][ T7910] rdma_rxe: rxe_newlink: failed to add lo
[  155.391777][ T7910] ������: renamed from lo (while UP)
[  156.042602][ T7921] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  156.777104][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  156.947927][ T7929] can: request_module (can-proto-3) failed.
[  157.009287][ T7941] can: request_module (can-proto-3) failed.
[  157.341617][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  157.411517][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  157.930031][ T7956] netlink: 36 bytes leftover after parsing attributes in process `syz.1.390'.
[  157.935363][ T7956] netlink: 'syz.1.390': attribute type 4 has an invalid length.
[  157.938489][ T7956] netlink: 17 bytes leftover after parsing attributes in process `syz.1.390'.
[  157.950121][ T7956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.390'.
[  157.966154][ T7956] ������ speed is unknown, defaulting to 1000
[  158.823916][ T7973] can: request_module (can-proto-3) failed.
[  158.861697][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  159.441478][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  159.498990][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  159.556047][ T7999] can: request_module (can-proto-3) failed.
[  159.649497][ T8004] syz.0.398: attempt to access beyond end of device
[  159.649497][ T8004] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  159.654463][ T8004] XFS (nbd0): SB validate failed with error -5.
[  160.247122][ T8015] can: request_module (can-proto-3) failed.
[  160.933214][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  161.491643][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  161.582163][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  161.739461][ T8040] can: request_module (can-proto-3) failed.
[  161.831508][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  162.411431][    T9] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  162.415295][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.418870][    T9] usb 5-1: Product: syz
[  162.420964][    T9] usb 5-1: Manufacturer: syz
[  162.424105][    T9] usb 5-1: SerialNumber: syz
[  162.459480][    T9] usb 5-1: config 0 descriptor??
[  162.866719][    T9] usb 5-1: USB disconnect, device number 5
[  163.021617][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  163.067110][ T6287] udevd[6287]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  163.555950][ T8058] can: request_module (can-proto-3) failed.
[  163.574517][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  163.630950][ T8062] can: request_module (can-proto-3) failed.
[  163.651619][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  163.961082][ T8066] vivid-007: disconnect
[  164.906125][ T8064] vivid-007: reconnect
[  164.986324][ T8081] can: request_module (can-proto-3) failed.
[  165.653762][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  165.972291][ T8099] overlayfs: failed to clone upperpath
[  166.292964][ T8102] netlink: 36 bytes leftover after parsing attributes in process `syz.2.423'.
[  166.295631][ T8102] netlink: 16 bytes leftover after parsing attributes in process `syz.2.423'.
[  166.298264][ T8102] netlink: 36 bytes leftover after parsing attributes in process `syz.2.423'.
[  166.300851][ T8102] netlink: 36 bytes leftover after parsing attributes in process `syz.2.423'.
[  167.479737][ T8124] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.428'.
[  167.572658][   T39] audit: type=1326 audit(1737571305.571:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.589241][   T39] audit: type=1326 audit(1737571305.571:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.598272][   T39] audit: type=1326 audit(1737571305.571:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.610204][   T39] audit: type=1326 audit(1737571305.581:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.618668][   T39] audit: type=1326 audit(1737571305.581:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.625228][   T39] audit: type=1326 audit(1737571305.581:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.631366][   T39] audit: type=1326 audit(1737571305.581:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.637884][   T39] audit: type=1326 audit(1737571305.581:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.644036][   T39] audit: type=1326 audit(1737571305.581:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  167.648557][ T8126] program syz.3.428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.650102][   T39] audit: type=1326 audit(1737571305.581:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8127 comm="syz.0.429" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  168.537809][ T8147] ������ speed is unknown, defaulting to 1000
[  169.238796][ T8157] vivid-007: disconnect
[  169.597555][ T8151] ������ speed is unknown, defaulting to 1000
[  169.997676][ T8155] vivid-007: reconnect
[  170.956097][ T8176] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  171.160085][ T8185] can: request_module (can-proto-3) failed.
[  171.301572][ T8189] can: request_module (can-proto-3) failed.
[  171.650518][ T8194] IPVS: length: 46 != 8
[  171.731516][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.011563][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  173.313091][ T8262] can: request_module (can-proto-3) failed.
[  173.637354][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  173.637364][   T39] audit: type=1326 audit(1737571311.631:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.646030][   T39] audit: type=1326 audit(1737571311.641:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.652469][   T39] audit: type=1326 audit(1737571311.641:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.665635][   T39] audit: type=1326 audit(1737571311.641:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.673469][   T39] audit: type=1326 audit(1737571311.641:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.679726][   T39] audit: type=1326 audit(1737571311.651:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.687952][   T39] audit: type=1326 audit(1737571311.651:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.694937][   T39] audit: type=1326 audit(1737571311.651:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.700990][   T39] audit: type=1326 audit(1737571311.651:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.707680][   T39] audit: type=1326 audit(1737571311.651:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.1.456" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000
[  173.812123][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  174.759528][ T5995] libceph: connect (1)[c::]:6789 error -101
[  174.761553][ T5995] libceph: mon0 (1)[c::]:6789 connect error
[  175.021875][ T5995] libceph: connect (1)[c::]:6789 error -101
[  175.024202][ T5995] libceph: mon0 (1)[c::]:6789 connect error
[  175.107134][ T8286] ceph: No mds server is up or the cluster is laggy
[  175.519587][ T8299] can: request_module (can-proto-3) failed.
[  175.720159][ T8302] netlink: 'syz.3.463': attribute type 29 has an invalid length.
[  175.723778][ T8302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.463'.
[  175.892453][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  176.589557][ T8317] ieee802154 phy0 wpan0: encryption failed: -22
[  177.693470][   T65] Bluetooth: hci3: unexpected event for opcode 0x202a
[  177.974815][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  178.120909][ T8342] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[  178.124332][ T8342] PKCS7: Only support pkcs7_signedData type
[  178.711492][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  178.711505][   T39] audit: type=1326 audit(1737571316.691:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.719683][   T39] audit: type=1326 audit(1737571316.691:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.726200][   T39] audit: type=1326 audit(1737571316.691:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.735662][   T39] audit: type=1326 audit(1737571316.691:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.746088][   T39] audit: type=1326 audit(1737571316.691:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.755055][   T39] audit: type=1326 audit(1737571316.691:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.763025][   T39] audit: type=1326 audit(1737571316.691:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.769675][   T39] audit: type=1326 audit(1737571316.691:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.777398][   T39] audit: type=1326 audit(1737571316.691:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  178.784621][   T39] audit: type=1326 audit(1737571316.691:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.0.476" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  179.101515][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  179.972243][ T8365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.481'.
[  180.051564][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  180.573701][ T8373] infiniband syz0: set active
[  180.576401][ T8373] infiniband syz0: added bond0
[  180.619710][ T8373] RDS/IB: syz0: added
[  180.621199][ T8373] smc: adding ib device syz0 with port count 1
[  180.626373][ T8373] smc:    ib device syz0 port 1 has pnetid 
[  180.721543][  T833] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  180.884001][ T8384] IPVS: length: 46 != 8
[  181.342070][  T833] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  181.346429][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.349979][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.353780][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.358020][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.361280][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.364015][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.367290][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.370649][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.374356][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.376973][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.379922][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.383926][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.387664][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.390209][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.393729][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.398104][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.401011][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.404111][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.408234][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.411596][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.415145][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.417778][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.420986][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.424637][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.427316][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.429944][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.433349][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.436911][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.439705][  T833] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  181.442447][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 110, changing to 10
[  181.445724][  T833] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid maxpacket 26502, setting to 1024
[  181.449078][  T833] usb 7-1: config 0 interface 0 has no altsetting 0
[  181.455097][  T833] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  181.457737][  T833] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  181.460089][  T833] usb 7-1: Product: syz
[  181.461291][  T833] usb 7-1: Manufacturer: syz
[  181.463023][  T833] usb 7-1: SerialNumber: syz
[  181.465272][  T833] usb 7-1: config 0 descriptor??
[  181.467379][ T8377] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  181.472377][  T833] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  181.787163][    C3] usb 7-1: yurex_control_callback - control failed: -71
[  181.792616][  T833] usb 7-1: USB disconnect, device number 7
[  181.802608][  T833] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  182.131494][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  182.531928][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  183.060782][ T8423] overlayfs: failed to clone upperpath
[  183.395182][ T8425] tc_dump_action: action bad kind
[  183.400438][ T8425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.496'.
[  183.819107][ T8432] ������ speed is unknown, defaulting to 1000
[  184.002891][ T8436] IPVS: length: 46 != 8
[  184.542729][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  184.771604][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  185.069779][ T8452] ������ speed is unknown, defaulting to 1000
[  185.093814][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  185.537461][ T5995] libceph: connect (1)[c::]:6789 error -101
[  185.539373][ T5995] libceph: mon0 (1)[c::]:6789 connect error
[  185.543516][ T8455] ceph: No mds server is up or the cluster is laggy
[  186.088604][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  186.088619][   T39] audit: type=1326 audit(1737571324.081:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.099755][   T39] audit: type=1326 audit(1737571324.081:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.171553][   T39] audit: type=1326 audit(1737571324.081:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.177673][   T39] audit: type=1326 audit(1737571324.081:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.185110][   T39] audit: type=1326 audit(1737571324.081:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.191533][   T39] audit: type=1326 audit(1737571324.081:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.197660][   T39] audit: type=1326 audit(1737571324.081:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.207655][   T39] audit: type=1326 audit(1737571324.081:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.228030][   T39] audit: type=1326 audit(1737571324.081:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.237392][   T39] audit: type=1326 audit(1737571324.081:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8479 comm="syz.0.507" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  186.412999][ T8487] ------------[ cut here ]------------
[  186.414738][ T8487] WARNING: CPU: 1 PID: 8487 at kernel/kcov.c:872 kcov_remote_start+0xfd/0x6e0
[  186.417254][ T8487] Modules linked in:
[  186.418622][ T8487] CPU: 1 UID: 0 PID: 8487 Comm: syz.3.506 Not tainted 6.13.0-syzkaller-02526-gc4b9570cfb63 #0
[  186.423077][ T8487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.426134][ T8487] RIP: 0010:kcov_remote_start+0xfd/0x6e0
[  186.427782][ T8487] Code: 65 4c 8b 3d 65 b6 6a 7e 4d 89 7c 24 28 8b 95 f8 15 00 00 65 8b 05 5b b6 6a 7e a9 00 01 ff 00 75 53 81 e2 ff ff ff bf 74 4b 90 <0f> 0b 90 e8 ab e6 86 09 44 8b 1d 54 a4 e5 18 89 c0 48 03 1c c5 e0
[  186.433491][ T8487] RSP: 0018:ffffc90023706e00 EFLAGS: 00010002
[  186.435477][ T8487] RAX: 0000000080000200 RBX: 000000000002d328 RCX: 0000000000000001
[  186.437759][ T8487] RDX: 0000000000000002 RSI: ffffffff8b6cd5e0 RDI: ffffffff8bd24960
[  186.440051][ T8487] RBP: ffff888023954880 R08: 0000000000000000 R09: fffffbfff2dbe3a8
[  186.442397][ T8487] R10: ffffffff96df1d47 R11: 0000000000000036 R12: ffff88802b52d328
[  186.444635][ T8487] R13: 0000000000000200 R14: 0000000000000000 R15: ffff888023954880
[  186.446879][ T8487] FS:  0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f5094b40
[  186.449538][ T8487] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  186.451427][ T8487] CR2: 000000002fefdffc CR3: 00000000724c6000 CR4: 0000000000352ef0
[  186.453742][ T8487] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  186.455997][ T8487] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  186.458615][ T8487] Call Trace:
[  186.459575][ T8487]  <TASK>
[  186.460426][ T8487]  ? __warn+0xea/0x3c0
[  186.461592][ T8487]  ? kcov_remote_start+0xfd/0x6e0
[  186.463044][ T8487]  ? report_bug+0x3c0/0x580
[  186.464372][ T8487]  ? handle_bug+0x54/0xa0
[  186.465599][ T8487]  ? exc_invalid_op+0x17/0x50
[  186.466949][ T8487]  ? asm_exc_invalid_op+0x1a/0x20
[  186.468451][ T8487]  ? kcov_remote_start+0xfd/0x6e0
[  186.469915][ T8487]  ieee80211_rx_list+0x460/0x2990
[  186.471396][ T8487]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  186.473011][ T8487]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  186.474633][ T8487]  ? rcu_is_watching+0x12/0xc0
[  186.476003][ T8487]  ? trace_lock_acquire+0x14e/0x1f0
[  186.477494][ T8487]  ? ieee80211_rx_napi+0xa6/0x400
[  186.479131][ T8487]  ? lock_acquire+0x2f/0xb0
[  186.480442][ T8487]  ? ieee80211_rx_napi+0xa6/0x400
[  186.481939][ T8487]  ieee80211_rx_napi+0xdd/0x400
[  186.483335][ T8487]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  186.484887][ T8487]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.486383][ T8487]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  186.488102][ T8487]  ieee80211_handle_queued_frames+0xd5/0x130
[  186.489804][ T8487]  ? ieee80211_stop_device+0x22/0x110
[  186.491312][ T8487]  ieee80211_stop_device+0x32/0x110
[  186.492819][ T8487]  ieee80211_do_stop+0x1a2d/0x2520
[  186.494301][ T8487]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  186.495860][ T8487]  ? mark_held_locks+0x9f/0xe0
[  186.497240][ T8487]  ieee80211_stop+0x11e/0x6b0
[  186.498622][ T8487]  ? __pfx_ieee80211_stop+0x10/0x10
[  186.500123][ T8487]  __dev_close_many+0x1c5/0x310
[  186.501521][ T8487]  ? __pfx___dev_close_many+0x10/0x10
[  186.503118][ T8487]  dev_close_many+0x24c/0x6a0
[  186.504510][ T8487]  ? __pfx_dev_close_many+0x10/0x10
[  186.506000][ T8487]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  186.507605][ T8487]  dev_close+0x181/0x230
[  186.509244][ T8487]  ? __pfx_dev_close+0x10/0x10
[  186.511242][ T8487]  nl80211_del_interface+0xec/0x190
[  186.513324][ T8487]  genl_family_rcv_msg_doit+0x202/0x2f0
[  186.515371][ T8487]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  186.517580][ T8487]  ? genl_get_cmd+0x195/0x580
[  186.519392][ T8487]  ? bpf_lsm_capable+0x9/0x10
[  186.521198][ T8487]  ? security_capable+0x7e/0x260
[  186.523092][ T8487]  ? ns_capable+0xd7/0x110
[  186.524791][ T8487]  genl_rcv_msg+0x565/0x800
[  186.526540][ T8487]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.528453][ T8487]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  186.530487][ T8487]  ? __pfx_nl80211_del_interface+0x10/0x10
[  186.532691][ T8487]  ? __pfx_nl80211_post_doit+0x10/0x10
[  186.534780][ T8487]  netlink_rcv_skb+0x165/0x410
[  186.536580][ T8487]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.538471][ T8487]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.540490][ T8487]  ? down_read+0xc9/0x330
[  186.542156][ T8487]  ? __pfx_down_read+0x10/0x10
[  186.543978][ T8487]  ? rcu_is_watching+0x12/0xc0
[  186.545798][ T8487]  genl_rcv+0x28/0x40
[  186.547319][ T8487]  netlink_unicast+0x53c/0x7f0
[  186.549149][ T8487]  ? __pfx_netlink_unicast+0x10/0x10
[  186.551160][ T8487]  ? __phys_addr_symbol+0x30/0x80
[  186.553088][ T8487]  ? __check_object_size+0x488/0x710
[  186.555171][ T8487]  netlink_sendmsg+0x8b8/0xd70
[  186.556991][ T8487]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.559021][ T8487]  ____sys_sendmsg+0x9ae/0xb40
[  186.560842][ T8487]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.562841][ T8487]  ? get_compat_msghdr+0x11b/0x170
[  186.564781][ T8487]  ___sys_sendmsg+0x135/0x1e0
[  186.566366][ T8487]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.567920][ T8487]  ? __pfx_lock_release+0x10/0x10
[  186.569438][ T8487]  ? trace_lock_acquire+0x14e/0x1f0
[  186.570953][ T8487]  ? __fget_files+0x206/0x3a0
[  186.572319][ T8487]  __sys_sendmsg+0x16e/0x220
[  186.573647][ T8487]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.575128][ T8487]  ? __ia32_sys_futex_time32+0x1da/0x460
[  186.576783][ T8487]  __do_fast_syscall_32+0x73/0x120
[  186.578312][ T8487]  do_fast_syscall_32+0x32/0x80
[  186.579722][ T8487]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.581531][ T8487] RIP: 0023:0xf7fb3579
[  186.582715][ T8487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.588270][ T8487] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  186.590634][ T8487] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000200
[  186.593013][ T8487] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  186.595261][ T8487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.597517][ T8487] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  186.599859][ T8487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.602115][ T8487]  </TASK>
[  186.603010][ T8487] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  186.605063][ T8487] CPU: 1 UID: 0 PID: 8487 Comm: syz.3.506 Not tainted 6.13.0-syzkaller-02526-gc4b9570cfb63 #0
[  186.607966][ T8487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.611003][ T8487] Call Trace:
[  186.611976][ T8487]  <TASK>
[  186.612856][ T8487]  dump_stack_lvl+0x3d/0x1f0
[  186.614187][ T8487]  panic+0x71d/0x800
[  186.615319][ T8487]  ? __pfx_panic+0x10/0x10
[  186.616690][ T8487]  ? show_trace_log_lvl+0x29d/0x3d0
[  186.618554][ T8487]  ? kcov_remote_start+0xfd/0x6e0
[  186.620071][ T8487]  check_panic_on_warn+0xab/0xb0
[  186.621573][ T8487]  __warn+0xf6/0x3c0
[  186.622798][ T8487]  ? kcov_remote_start+0xfd/0x6e0
[  186.624295][ T8487]  report_bug+0x3c0/0x580
[  186.625604][ T8487]  handle_bug+0x54/0xa0
[  186.626847][ T8487]  exc_invalid_op+0x17/0x50
[  186.628323][ T8487]  asm_exc_invalid_op+0x1a/0x20
[  186.629810][ T8487] RIP: 0010:kcov_remote_start+0xfd/0x6e0
[  186.631533][ T8487] Code: 65 4c 8b 3d 65 b6 6a 7e 4d 89 7c 24 28 8b 95 f8 15 00 00 65 8b 05 5b b6 6a 7e a9 00 01 ff 00 75 53 81 e2 ff ff ff bf 74 4b 90 <0f> 0b 90 e8 ab e6 86 09 44 8b 1d 54 a4 e5 18 89 c0 48 03 1c c5 e0
[  186.637174][ T8487] RSP: 0018:ffffc90023706e00 EFLAGS: 00010002
[  186.639001][ T8487] RAX: 0000000080000200 RBX: 000000000002d328 RCX: 0000000000000001
[  186.641651][ T8487] RDX: 0000000000000002 RSI: ffffffff8b6cd5e0 RDI: ffffffff8bd24960
[  186.643981][ T8487] RBP: ffff888023954880 R08: 0000000000000000 R09: fffffbfff2dbe3a8
[  186.646209][ T8487] R10: ffffffff96df1d47 R11: 0000000000000036 R12: ffff88802b52d328
[  186.648477][ T8487] R13: 0000000000000200 R14: 0000000000000000 R15: ffff888023954880
[  186.650842][ T8487]  ieee80211_rx_list+0x460/0x2990
[  186.652406][ T8487]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  186.654009][ T8487]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  186.655673][ T8487]  ? rcu_is_watching+0x12/0xc0
[  186.657079][ T8487]  ? trace_lock_acquire+0x14e/0x1f0
[  186.658751][ T8487]  ? ieee80211_rx_napi+0xa6/0x400
[  186.660231][ T8487]  ? lock_acquire+0x2f/0xb0
[  186.661611][ T8487]  ? ieee80211_rx_napi+0xa6/0x400
[  186.663125][ T8487]  ieee80211_rx_napi+0xdd/0x400
[  186.664575][ T8487]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  186.666331][ T8487]  ? lockdep_hardirqs_on+0x7c/0x110
[  186.667943][ T8487]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  186.669659][ T8487]  ieee80211_handle_queued_frames+0xd5/0x130
[  186.671485][ T8487]  ? ieee80211_stop_device+0x22/0x110
[  186.673157][ T8487]  ieee80211_stop_device+0x32/0x110
[  186.674728][ T8487]  ieee80211_do_stop+0x1a2d/0x2520
[  186.676257][ T8487]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  186.677961][ T8487]  ? mark_held_locks+0x9f/0xe0
[  186.679372][ T8487]  ieee80211_stop+0x11e/0x6b0
[  186.680794][ T8487]  ? __pfx_ieee80211_stop+0x10/0x10
[  186.682385][ T8487]  __dev_close_many+0x1c5/0x310
[  186.683821][ T8487]  ? __pfx___dev_close_many+0x10/0x10
[  186.685419][ T8487]  dev_close_many+0x24c/0x6a0
[  186.686817][ T8487]  ? __pfx_dev_close_many+0x10/0x10
[  186.688356][ T8487]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  186.690097][ T8487]  dev_close+0x181/0x230
[  186.691352][ T8487]  ? __pfx_dev_close+0x10/0x10
[  186.692833][ T8487]  nl80211_del_interface+0xec/0x190
[  186.694359][ T8487]  genl_family_rcv_msg_doit+0x202/0x2f0
[  186.695989][ T8487]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  186.697873][ T8487]  ? genl_get_cmd+0x195/0x580
[  186.699334][ T8487]  ? bpf_lsm_capable+0x9/0x10
[  186.700797][ T8487]  ? security_capable+0x7e/0x260
[  186.702281][ T8487]  ? ns_capable+0xd7/0x110
[  186.703708][ T8487]  genl_rcv_msg+0x565/0x800
[  186.705078][ T8487]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.706581][ T8487]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  186.708279][ T8487]  ? __pfx_nl80211_del_interface+0x10/0x10
[  186.710021][ T8487]  ? __pfx_nl80211_post_doit+0x10/0x10
[  186.711650][ T8487]  netlink_rcv_skb+0x165/0x410
[  186.713093][ T8487]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.714628][ T8487]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.716201][ T8487]  ? down_read+0xc9/0x330
[  186.717474][ T8487]  ? __pfx_down_read+0x10/0x10
[  186.719104][ T8487]  ? rcu_is_watching+0x12/0xc0
[  186.720673][ T8487]  genl_rcv+0x28/0x40
[  186.721943][ T8487]  netlink_unicast+0x53c/0x7f0
[  186.723412][ T8487]  ? __pfx_netlink_unicast+0x10/0x10
[  186.724947][ T8487]  ? __phys_addr_symbol+0x30/0x80
[  186.726475][ T8487]  ? __check_object_size+0x488/0x710
[  186.728162][ T8487]  netlink_sendmsg+0x8b8/0xd70
[  186.729589][ T8487]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.731159][ T8487]  ____sys_sendmsg+0x9ae/0xb40
[  186.732606][ T8487]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.734187][ T8487]  ? get_compat_msghdr+0x11b/0x170
[  186.735701][ T8487]  ___sys_sendmsg+0x135/0x1e0
[  186.737111][ T8487]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.738692][ T8487]  ? __pfx_lock_release+0x10/0x10
[  186.740197][ T8487]  ? trace_lock_acquire+0x14e/0x1f0
[  186.741810][ T8487]  ? __fget_files+0x206/0x3a0
[  186.743265][ T8487]  __sys_sendmsg+0x16e/0x220
[  186.744566][ T8487]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.746024][ T8487]  ? __ia32_sys_futex_time32+0x1da/0x460
[  186.747971][ T8487]  __do_fast_syscall_32+0x73/0x120
[  186.749655][ T8487]  do_fast_syscall_32+0x32/0x80
[  186.751204][ T8487]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  186.753065][ T8487] RIP: 0023:0xf7fb3579
[  186.754296][ T8487] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  186.760268][ T8487] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  186.762732][ T8487] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000200
[  186.765036][ T8487] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  186.767357][ T8487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  186.769450][ T8487] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  186.771510][ T8487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  186.773599][ T8487]  </TASK>
[  186.775131][ T8487] Kernel Offset: disabled
[  186.776363][ T8487] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:42:04  Registers:
info registers vcpu 0

CPU#0
RAX=00000000006d0fcf RBX=0000000000000000 RCX=ffffffff8b200279 RDX=0000000000000000
RSI=ffffffff8b6cd2e0 RDI=ffffffff8bd24960 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed1005686f7d R10=ffff88802b437beb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905e7b90 R15=0000000000000000
RIP=ffffffff8b20165f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002ff18ffc CR3=0000000063c34000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff851733d0 RDI=ffffffff9aaa2480 RBP=ffffffff9aaa2440 RSP=ffffc90023706730
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000009
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35544e2 R15=dffffc0000000000
RIP=ffffffff851733f7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fefdffc CR3=00000000724c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88804d3c6028 RCX=ffffffff8b214175 RDX=ffffed1009a78c06
RSI=0000000000000008 RDI=ffffc9002294f738 RBP=1ffff92004529ee3 RSP=ffffc9002294f6e0
R8 =0000000000000001 R9 =ffffed1009a78c05 R10=ffff88804d3c602f R11=0000000000000000
R12=0000000000000003 R13=fffffbfff34fd914 R14=ffffc9002294f778 R15=ffffffff9a7ec8a0
RIP=ffffffff81fbaa40 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fc15ffc CR3=00000000724c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002303e3 RBX=0000000000000003 RCX=ffffffff8b200279 RDX=0000000000000000
RSI=ffffffff8b6cd2e0 RDI=ffffffff8bd24960 RBP=ffffed1003770488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6f7d R10=ffff88802b737beb R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb82440 R14=ffffffff905e7b90 R15=0000000000000000
RIP=ffffffff8b20165f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50c5528 CR3=0000000072766000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000