last executing test programs:

37.054508119s ago: executing program 2 (id=148):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
socket$caif_stream(0x25, 0x1, 0x1)
ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000100))
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000004c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
recvfrom$inet6(r1, 0x0, 0x0, 0x2020, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x11, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a40)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in=@empty, @in=@multicast2, 0xfffd, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x80, 0x40000000000000}, 0x0, 0x0, 0x0, 0x0, 0x1}, [@offload={0xc, 0x1c, {0x0, 0x1}}]}, 0xc0}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000120800"/20, @ANYRES16=r0], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

36.899513012s ago: executing program 2 (id=149):
r0 = syz_open_dev$usbmon(&(0x7f0000000140), 0x4f3e, 0x6c0400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500000008000000"], &(0x7f00000002c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f00000000c0), 0x4)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setresgid(0x0, 0xee00, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000100)={0x2, 0x4, @multicast2}, 0x5d)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2c, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0x0, 0x5}, 0x2, 0x6e6bb1, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x27}, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x3503, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe4)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f00000000c0))

35.727723504s ago: executing program 2 (id=152):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
mount$cgroup(0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000300)={0x28, 0x0, 0xffffffff, @host}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x4161, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
sendfile(r2, r3, 0x0, 0x16500000)
write(0xffffffffffffffff, &(0x7f0000000340), 0x11000)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

34.82963923s ago: executing program 2 (id=158):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r1, 0x700}}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xfffffffc, 0x1000, 0x2, 0x3bd})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r3, 0x4)
recvmmsg(r3, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
close_range(r2, r3, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000001c40)=@raw={'raw\x00', 0x3c1, 0x3, 0x334, 0x180, 0x1170, 0x1398, 0x180, 0x1170, 0x26c, 0x1398, 0x1398, 0x26c, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], 'ip6tnl0\x00', 'veth0_to_hsr\x00', {}, {}, 0x1d}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}}, @inet=@rpfilter={{0x24}, {0x7}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x7fff, 0x3, 0x6, 'syz1\x00', 'syz1\x00', {0x4}}}}, {{@uncond, 0x0, 0xa4, 0xec}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x390)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/custom0\x00', 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000180)={0x5, 0x7ffffffd}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r6, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_io_uring_setup(0x496, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x2, 0x100288}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r6, 0x0, 0x0})

34.360292143s ago: executing program 2 (id=160):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f00000001c0)=0x3, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9", 0x1}], 0x1}}], 0x1, 0x20008000)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
r2 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
ppoll(&(0x7f0000000040)=[{r2, 0x20}], 0x1, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r2, &(0x7f000001d600)=""/102372, 0x18fe4, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x0, 0x3325, 0x4000000000001, 0x300, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f0000000100)={0x8, 0x4, 0x0, 0x0, 0x0, 0x400000000000000, 0x8}, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0xb8}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$kcm(0x10, 0x2, 0x0)
close(r0)

33.486200264s ago: executing program 2 (id=164):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)={0x17, 0x16, 0xa01, 0x0, 0x0, {0xa}, [@typed={0x4}, @typed={0xc, 0xb, 0x0, 0x0, @u64}]}, 0x24}, 0x1, 0xe0ffff}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e0600120c"], 0x9)

18.439373462s ago: executing program 32 (id=164):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004180)={0x2020}, 0x2020)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)={0x17, 0x16, 0xa01, 0x0, 0x0, {0xa}, [@typed={0x4}, @typed={0xc, 0xb, 0x0, 0x0, @u64}]}, 0x24}, 0x1, 0xe0ffff}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e0600120c"], 0x9)

8.854295773s ago: executing program 0 (id=249):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c00018006000600800a00000800028004007280080007"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
msgsnd(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYRES16=r0], 0x4, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001000010000004a4eecd47c575d32eb9a00"/30, @ANYRES32=0x0, @ANYBLOB="0131010000000000240012800e00010069703665727370616e00000010000280040012000500160003000000"], 0x44}}, 0x0)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000180)={0x3, 0x340, 0x300, &(0x7f0000000940)=[0x101, 0x1, 0x4, 0x2, 0x6, 0x800, 0xffffffff, 0x0, 0xffffffffffffffff, 0x276, 0x7, 0x8, 0x2, 0x2, 0x3, 0x1b9, 0xfffffffffffffff0, 0x3, 0x2, 0x5, 0x7, 0xffffffffffffffff, 0xffffffff, 0x0, 0x0, 0xc7, 0x0, 0x4, 0x7, 0x6, 0xfffffffffffffff8, 0x0, 0x80000001, 0xc08, 0x2, 0x2, 0x1, 0x400, 0x4, 0x4, 0x800, 0x7, 0xffffffffffffff44, 0x2278, 0x0, 0xfffffffffffffffa, 0x14b9, 0x3ff, 0x10001, 0xfff, 0xd6, 0x100000001, 0x6, 0x80000001, 0x5, 0x8, 0x0, 0x1, 0x4, 0xdb6, 0x7, 0xcc23, 0xd, 0x2, 0xffffffffffff8001, 0x6, 0x2, 0xff, 0x665, 0x3, 0xfffffffffffffffc, 0x100000001, 0x400, 0x9, 0x9, 0x3, 0x6, 0x23c, 0x6, 0xffffffffffffffff, 0x800, 0x2, 0x1, 0x7, 0x2, 0xd0, 0x23, 0x9, 0x1ff, 0x3, 0x4, 0x3, 0xff, 0x6, 0x9, 0x800, 0xf1f, 0x7, 0xffffffffffff5ef8, 0x6, 0x7, 0x6, 0x8000000000000000, 0x2e26, 0xa, 0x97, 0x4, 0xb81f, 0x710b, 0x80, 0x377b, 0x9, 0x712, 0x10000, 0x0, 0x8, 0xae, 0xc49e0000000000, 0x5, 0x40, 0x8000, 0x0, 0x26, 0x9, 0x5, 0x6, 0x7, 0x7]})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x893, 0x0, 0x0, &(0x7f00000001c0))
r4 = timerfd_create(0x8, 0x80000)
timerfd_settime(r4, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
readv(r4, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)

8.008915733s ago: executing program 0 (id=252):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, 0x0, &(0x7f0000000200))
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4], 0xeeee0000, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r3, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x1000000, 0x0})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="6400000002060108000000000000000000faffffffffffffff617368706f72742c6e657400000000050001000700000005000500020000000900020073797a300000000005000400000000001400078008000840000000d3080006400000008000"], 0x64}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_emit_ethernet(0x134, &(0x7f00000008c0)={@link_local, @local, @val={@void, {0x8100, 0x7, 0x0, 0x2}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xfa, 0x0, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], "3ed114fd348a6ae9bc2204e97595f90add99a57e8d8a57d4be5bdd649373bca5f3d7127b615faa1f74ef4ee64ee5a1d4b75a1a09557a2166dccae1d158e6d97a3dace11ffe8b8aa8efb20aef5c2c186b077d68e0332203833e0f4505de1797b9c5c714ef3b9385e0780c286808191f08920c05530f3cbf0604c351831b2ae675bc3e946dcfff970f07dcfd453f4669591506233f7a0ab4354f1f354357ffd39a671e2cc54c8b9b254dfe0ce2d0510234e8fa2503f79395761a545b6ef08b6a8bfbc27d5471c214aa54d36c5206d0058198f91d814546230a577839fbe13e3c54f8c4242c8399d4e4505b5f77b17b71a1f9e4d9e5e0d23e1edea1"}}}}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x19})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_targets\x00')
preadv(r7, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/66, 0x42}], 0x1, 0x85, 0xa)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x3fff, 0x0, 0x0, 0x0)
userfaultfd(0x80801)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}}, 0x44040)
syz_open_dev$vbi(0x0, 0x1, 0x2)

7.928485299s ago: executing program 1 (id=255):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x4, {0x9, 0x1001, 0xffff, 0x9}})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9b, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380), 0x4)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x1ff, [{0xb, 0x4, 0x5}, {0xb, 0x5, 0x800}]}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r2, 0x20, &(0x7f0000000100)={0x0, 0x0, <r3=>0x0, 0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r3, 0x4)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x910ec27568a00e35, 0x40000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b70300000000000085000000760000009500000000000000d36b59ac17a5"], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$cdrom(0xffffff9c, &(0x7f00000012c0), 0x42880, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usbip_server_init(0x3)
add_key$user(0x0, 0x0, &(0x7f0000000580), 0x0, 0xfffffffffffffffe)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x48)
landlock_create_ruleset(&(0x7f0000000140), 0x18, 0x0)

6.697299841s ago: executing program 0 (id=259):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r0, 0x400455c8, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x4, 0x10000001, 0x7fe}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, 0x0, 0x0)
write(r1, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000000)=0x67, 0x4)

5.079227718s ago: executing program 1 (id=262):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, 0x0, &(0x7f0000000200))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x1000000, 0x0})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_emit_ethernet(0x134, &(0x7f00000008c0)={@link_local, @local, @val={@void, {0x8100, 0x7, 0x0, 0x2}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xfa, 0x0, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], "3ed114fd348a6ae9bc2204e97595f90add99a57e8d8a57d4be5bdd649373bca5f3d7127b615faa1f74ef4ee64ee5a1d4b75a1a09557a2166dccae1d158e6d97a3dace11ffe8b8aa8efb20aef5c2c186b077d68e0332203833e0f4505de1797b9c5c714ef3b9385e0780c286808191f08920c05530f3cbf0604c351831b2ae675bc3e946dcfff970f07dcfd453f4669591506233f7a0ab4354f1f354357ffd39a671e2cc54c8b9b254dfe0ce2d0510234e8fa2503f79395761a545b6ef08b6a8bfbc27d5471c214aa54d36c5206d0058198f91d814546230a577839fbe13e3c54f8c4242c8399d4e4505b5f77b17b71a1f9e4d9e5e0d23e1edea1"}}}}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x19})
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_targets\x00')
preadv(r8, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/66, 0x42}], 0x1, 0x85, 0xa)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x3fff, 0x0, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}}, 0x44040)
syz_open_dev$vbi(0x0, 0x1, 0x2)

4.579006434s ago: executing program 3 (id=264):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x5, 0x36, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, r3, 0x0, {}, 0xfd}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101021800168014000300ff8000000000000000000000000000aa0600150004"], 0x4c}}, 0x0)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)='2', 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r3, 0x2, {0x0, 0xff}, 0xfe}, 0x18)
syz_usbip_server_init(0x1)
socket$netlink(0x10, 0x3, 0x15)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, 0x0, 0x8000000000000003}, 0x18)

4.309446458s ago: executing program 1 (id=265):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002340)=ANY=[], 0x48}}, 0x8000)
socket$inet_sctp(0x2, 0x5, 0x84)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14)
r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r7)
pipe2$watch_queue(&(0x7f00000003c0)={<r9=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r9, 0x1e)
r10 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r7)
r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r12}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
keyctl$KEYCTL_MOVE(0x1e, r10, r7, r8, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000140)={0x3, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0]})

3.989839788s ago: executing program 1 (id=266):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)=0x15)
ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x10, &(0x7f0000001180)=ANY=[@ANYRES64=r0, @ANYRESDEC=r0, @ANYRES8=r1, @ANYRESDEC=r1, @ANYRES64=r0, @ANYRES64=r0, @ANYRESHEX=r0, @ANYBLOB="11bf222839c4e072839750ebc687f2d06c7850a9019d1e6ed4df8efb689a8b731aefe583c8a1b1e4f9533147b77fca9fb2a93b4adde34a00952ea94624759103491820db3138e36fa91df8d86d53ef1ef358a3176397442f37223cf5a5c56b8c187877ff80e31ebb22737d7c4af30761fc6d610608987f6ba53342825cac967fda20d6d2350bf0561be627606b2d88c823f0ec3e78452bf69d7e826667d4a637299f7a775e2d1faff99376908449f97c324df434ba65cef9e4543e46d203e584b6c58a2de41eaea4ca261bdec401af86c2fcfa37a698e129c841bc09e9318aaa785afb864ae5b41a94fcf1a44dd93a9fa22a4405192fd9c6921f9ce1c8251eaa893360c74fab8f7091634f33783954cf715d32a2dd176ea5e29bf1c8a5a1d0d1df8a3f79e839c769c12976d41af796846a1f67f35cfec747660b3394ebc70374c22f9c38765d2245c97c118f5264e71dba857bfd2e3e42d325e2cfe8ba4906a9aa80a2a9ba240d5f9d661651a922435c907091de94bf6987a7abb19bb06773d1d6584bed748cabecc9e960a7170025c53e56061234c6989c61b38e28f5bab3d26cb83a57c26dc8f1b3e9a5eb89530d431208914d51cea9d5ed06f4a9ae9f8c33e117eaf810ea958bc77d5d074df4389171134908ae9f139396dd74b584f0fdfac2a798cf22426f0e8a2f27d99704909fea7733f95177a1f59c677e681baa2b7958b4f6d262bdee759ed171c4744ca178717da12cb74787afda1ca208fa0bae744b0012ad6253a30d601eac808fc69efda35c43f615d63f463b9053ffe16d93a34e3d400383bd42d0718f47f05a5f33a8bf032a5c8106a6b59954917f4add33f8ddddadb4c10fb0c56b75ce956fad1a7322fa29a446d892e23f2c627fec34955d4c76f45a8045a462dad8f3681a7a07267b12a229d0bf8c411b7330851da9036ede5f31374b183641b9598bfc7be5d8a62b0fd09def079d0013f0df4ab0f5df25bb89071230708acb496a833f9db50088a0431df2918f563abf09ffb9b3e37312b247e57e149ff62e79be3de0e30cb920ebaee611144e390c8c0d958fae3e3bb93f65ee912771279b8912f703b215265dc74ce9b03730b6d2c9dd1744c85ad0573efbab864a65eb52d6f5fa670aaa9171704538b845447c6b4e1c2896b11a7116579ee28edbc9f0d4422d34a0d81c0c35ce92425a325c83d5ef0e700f16790abcdb1fca790811763819e88809b99faca5560f7f8bcb30b493615c3e7437407ffafd617311dd0e41540bb5007c7783b9007db3695058478c0b6d0e6cde301eefca55174b1886f30556bd2c0283ea04c6bef3595d60768deb5c2488414546828f8226cdb88ac2fc663b662a42886cf45270964d689bd299f73176fa0633a61187d7e0ec30917f3d7b202420b117b9d8a9b268b85a1a45ac3b57e208e7339a96df25d92506a97fdd3fecf631f81fe3bb814dc2d1b24060d04614a17dbca5a23e480874b245f99bccbb7d4f27e4643800eb416a87045a265ef8822f4bab7f5707a5541909155bfbb552079b76f6bf9a41ba5c8e8b9833057cbf8d3bc196504b049564eac465a41721d122a661d3e55cb7f17b3a7d4c81c090c15054bbf182146713f8a568bde2df6e3d15b10eddce3ad53d2256415889e81d547de55eb4e2e90a27073ebdb7ec0e9b18fe9ab5fec63e63c6afcd8073cd1f2ca89eaa4fac4c601dfda39ba10e1e70265356d1f21eb1f360f5b17d5072ff6255dfa567c9aa2ebd02529ee68ba7e8e076fcd2096a6221adad3702ea831501500c7e969354a5cec0bd4787119af0a5327beef5b16d046319733d0a34a9c3f5b01ddd53ddd57ca914c2e03dd7c9e3e3b0ea9c907f24bc595ba3c7e84b91a4d789f1067b874ee09748ac129e89500618f91d8d72416d2b8e8c10289003ff1a2aa934c1de143006a5fed6fbfac17c1cbfa42c17489f32c4486572615db1d3759cd5cef39bffbda59c3f2c0f2f77e50397e7ace298464f23fc2ca6d9833dde2003265cda8c32daa48fe8acec95c138cf3353d9f197aa1aff8dfef640f59a8017ea489270080c0bc5153f481fa1ce98f97bde9564c187325865eb0dc353b21a2dd94f24b9b4b3106756f1725af313f0624f0ea4aaea5b684521b17702cf514fdb00306d816ae07649923f9d788d19359c9cf455623cc395d790d2867b3be16efb66331ed7137ef2b34ae6a9f664d8ed3386f21658447d1f5ee89e6633778a3f64b57da81c138a8558636ae37ba7d57b23241404112b9c38669a70f15e7b57e46b4bc535756f7a28a1c6256b3602b509a89a07e921b8100d4fe9608024bdcb74bd7c90eb41b9c55bd86787ad7ad60ff7cd1069914b43c2e322de9c2b6e7ab77b402af5df2e11e3f2ce7b03d2faf28d53391cb878637502289a3fd1a3097a20596cd5b012662c58406a4b91945b2abaff252f0b1ab41669e0f121cc31c45a1e1b1aba0ba0e6b97d78b46dcdff0568bb6ffc0c488c3a6bc390dea12b2f94b1346b7a4a6d63218f490f4a2f2bd87f418d083cea9b496b1c1fde3c87f6054c450d8d03bbc89df40c8b6fe237add02a16dcef8d6b8d8775a9069da4a6abdb5b73b44aed96dbd1bcbf0d274d1bebf0051a023228452c797a267deda60611a2e6652bea7d7430939ba47f42062657b7796f1547899ec7b42a26dc7f8cba3962766bab79ff59b7e53cfe8d8cb664ac41bdfb87af586e672c7bc0de82b5330b4e96c568b4ce5601700cd292a27b6b8aafc9f8cbbd9439488251707f0e815a8b2c62fef2a77de2507a5778a608ce9815cd9dcbf73d191002c85a065f1d89d0bdf2f10cfe2f9cfafdfeb5b3d40f7c314ddc613b4022b20167ed382d08a174e113a6834346dc73226922196c45671fc64e18c555ea049fcd245ffacca9499d48266bce19c1a5f2847c0b517828e4f37cd016a71bde0708e2512d5f7b3fe4d5ce447123dc310ac9dc8f473c28ba6df3961806cf6f64169afb3a86bc17275349ff93eec0566ade3259b2aee45a9cc680e5a38930009bc78772ca93d05f3a57d2d9add2f35bde10aebdbd9ec7a9188fca72642fc74e58dffff1700f29b91deb7554cbdfb8483bec65d516833f054636e6201786f66b418bd8e35b129ba80bf83deb5de92a20dc3708596fbdf1cc9820d4a6c5c22e18079b4284cc72326785f5f22e183a8b683fb4b9a9fc448120613784107d38c90003cb40058b49427796f7ed185cbc5618b6804da7e096ff1b1fd61c78b40e99109680f82b9bcc981b95dfa7f1695793e6ae56da4fe08b8c530d14942edc81968819e7d4fd9e3021ba581905c0ad9570c536f8c2148238e7ddf4f451a2ce4ad9de4c2d171169cab3ffb8980f1fc5adb704dbde61085e5b150627718374d8122f4d5fa6c8cea21ecb0339d94e76ebf0cf3e8d9e83500fbe9f5cce1d8f80a9d7e9d04a6b7b3c443248cd46bd35754dbfa37b994575dac32cce37e16a076045d0fabb7a6431914f90a9bcf3ec3df7c3fdeb2156beff0976f6b71aeb111f94a3d659406866d5cf0e9ae3ce4b24db0e093c2dda9106f4f9690870bff43c5a9e70d5361218982221d5770460a3176b8f5e14fe31b4d2214175981cd51a116278c826b422d54bb9952932067f2aa031a8a4170c8bb8136249a5f2453e246378bcbe07238a23c867dd173b91eb7096e45221cd8d94b7b5e1d1fc54e3f6c9d44a539c0ed0b0e8e8f92901bb65ef7e68d66549518d20bbbf5080348236f867d85f5d378b02a1097aac86675828be4fc4baa9e0a62bf1f2512b44daf396f3e82d551f8c920cad469680d57d6f39df40a3ecd4f1cdb41ada13470b83805a023a3a534e7c1d2e07923441af618044f68b2a6a9b4f06276499adbde43f33eb468373d2e081f3fd87e9dd30c99c4755f272bdebcc67963137511723926ed543fc5d15973f3ed08a86b991f8640893c28dab6991267e291e71fe7d6d39a4147d4b9789378216557f40bc8cb57c54104127cd58fdbf61f3479059dea528521bfe9f9fff47f76ad32f1426fa982fbbd75aca34169290f7496f623fdd716321995bf322f5a7618beace9160f7ba6d1b3fcc7aedb7eda70ff32787303590dac001d685c69ae18a74e36223a0b3ebec4dcd9eccd80ecac9b5ca71b1f8e3ca8c11f3ac35d2e4f2972a772e44d8c74fc974fcadee0deeed03b4fd5843a508aa030d654c2dd39246ba1ecbab0148f124b1d63680139b495919fb33210ae6f43c9f0b76866b680e9f42ad7e53860a617c5f030b37241fd1eabed150328b266d2d40883ca3240f013d94a351677ca2cd5368c5b7a28ab9938be4ffe14c24cb2f6cbb90d7caa3f8b3cad6f678e498d6300ebdca4ed17038d481fa800276d6ffbc952c730c2b2c39eceda096bb33b0f62eadb3c236e949c47b0e503397adc11a1bf401372c974f068fb402662d5b87fa61fe47da26fafe0a8d850576891b826381392f063714e78c4f2fb5cdc415fcd2eacbba0cc6800125f74286a1816e1a3703fd90df920bc22f50cb88d0d85595795fc1e2c8a3de1dccb7361365b80ce5faba984c1e58f277c357428a1284ad402c9f32acbe7254cb96a9f78f0caceb67c1997259330c2fe7ecfaa791a4fdd52a84937aa3f83435d63023b87fe8d96f46d835a6565299fe205175f07650defe7821a742abb0c11be3c8fbd52e61576c418fead8d6e920baddc40de107022ee9de580cdfcd3cd5ce56cd634e1adc1edc7e4693154ef0b59454e40bb502ee7d8960b430863273c9fe9de924b85437c8f285c71ac11c880632475e5bbb4c21be1e6752127ffd95f9ba43b997b5322c849f5a04689aa35c5772928842109b5af6c9d80f18fe8e40475ee13f890e91a915556eda77131ed50a6620016ceead59d1959515cf32b8673a5c40d8c1e1c2d2403b9472ebc2e37c239601127319c1fe33496cddb427b38bebd2df2fb0ff527e390cde76bc79f2ad95f71a6678346c726ecf8c1aac85bf26d1d807f6b6c35c5c16afcd0e4f208c97a46908ba23bae2f7161e480e28ff1a5200880b0f3f78a573a821a381ccaa4f10fdefee760eb6f3fa0d58b433b49baf0c693355261e26dd3a2338d0d394aceb43c34136646ca5fc9930a5e7e0c2f2185928dab426cec987532109afcde2700e6e16ee0d9e27b95ca69e4495521a8387d42b90ecdbe940ba2d6de2e997bece10d5609db2f6836eacab101d758a132565f12dc8aa66093d909dd1ccc994a545719a6b7497ce2c2aa54dddc54b9d882ad654bf542a9c0fbd22450793b0b00ad16ae5ff8963cf8cc447ef2ec736f671329d097622a18f98798f4b19b6aded17e42deb9fd25e2f5f66cd169436dfc8427686b92e971d12a8fed6ede1890790183c645132930858c13f9335b1ab292dcf31e82f75c135bff1371f9b03fc1802a6741e7244784c6351ca8a2a21e94d43b37869c265c886986d9ec29fe574194da60ecfbb3c512050cdafcbdb104dbd634e38a41f799971591cec8dd509777d1d861845b258482c291745196551992b560f8e20d089fab60974561bb312e0d47f2bf16ca78e0854fabcf142e9174c3af6768b0ae5a3b66a15459e4aca888f64089f62161a8682acb51c0b2c0e263181f91bd7b83b99095ebc8781626d3f628c665fa5b3dc8707b385575cdee0636ee6c2300766649f4242fa85bff0cc8f88cc9f91148ef57b08aae39f33d38515f1c6c6eba62475498112e83df10fe26b021156db604c901f4f988a015657a782779fd6c3d1a49eae726cca3a8311d370461e14f0b2ae0cc677d4a8d8b23553e56fda"], &(0x7f0000000300)='syzkaller\x00', 0x8, 0x9c, &(0x7f0000000140)=""/156, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x3, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c80)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYRES8=r5], 0xd)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0f0000000400000004000000120000000000", @ANYRES32, @ANYBLOB="0417220e38afaa91e7b27a40631a99f2b46d05000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x50)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r6 = io_uring_setup(0x2195, &(0x7f0000000440)={0x0, 0x7897, 0x400, 0x1, 0x15b})
io_uring_register$IORING_REGISTER_NAPI(r6, 0x1b, &(0x7f0000000240)={0x1ff, 0x2}, 0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$PNPIPE_HANDLE(r1, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r1, &(0x7f0000000000), 0x10)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61157800000000006113700000000000bfa000000000000007000000ee0016055e03010000000000640500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000040600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

3.584318875s ago: executing program 3 (id=267):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000800009502"])
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x34, r6, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1b}}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc00c4}, 0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r4, @ANYBLOB="793ad942a991a04d88083eca4fe6502c5f82133c897592a829db90cd99cfa955ecc66a198c239825b914232d7a64c5a761b5300209cfed4016bbdf1265fee465916d0515d9593631963ee89d1c6409c612c72d25acd1a010d4dfddaa9a69c894762339618abf4ee9c482324408d2e043438b133c6380c63a0d3306a248270e54c2000000008c52d2644a8ffdc96adaf481110209f2f84f1f07c9915a7df16bc9c7c85d6a6f7801e4e73acb1761e04c306139fd0e61425d192c"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r7], 0x5c}}, 0x40)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x14, 0x3, 0x1, 0x101}, 0x14}}, 0x0)
socket$unix(0x1, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r9)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r10 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x82000)
ioctl$SNDRV_PCM_IOCTL_RESUME(r10, 0x4147, 0x0)

3.544001273s ago: executing program 4 (id=268):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80680, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd28, 0x8020, {0x0, 0x0, 0x0, r3, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_IPV6_SRC={0x14, 0xe, @remote}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004) (fail_nth: 2)

3.502953109s ago: executing program 0 (id=269):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r1 = io_uring_setup(0x30bb, &(0x7f0000000100)={0x0, 0x9a0e, 0x10, 0x0, 0x16c})
io_uring_setup(0x2fb9, &(0x7f0000000180)={0x0, 0x979e, 0x8000, 0x2, 0x335, 0x0, r1})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x0, 0x0, 0x10, 0x0, 0x3, 0x80000001], 0xeeee8000, 0x2011c2})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f00000001c0)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000cd86eeb1d85cfa80079bf66ee2fdd1bd22df27e292ce6f9be2d13b205895c82c9113162c4bb08b067e7c4de4690b5b2623df00b774d00284b5e5b2a381164bca1805a6a8a9fe427a0ac22b85a304de6f9197aac965acd024ccfa31e2c286f3e4310ada4eba4337274d18fbc36252cd5daba52367f66cbf43d159eadd7ba6"], 0x18}}, 0x804)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xd, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x8, 0xda, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
dup(0xffffffffffffffff)

3.170991475s ago: executing program 4 (id=270):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002340)=ANY=[], 0x48}}, 0x8000)
socket$inet_sctp(0x2, 0x5, 0x84)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14)
r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r7)
pipe2$watch_queue(&(0x7f00000003c0)={<r9=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r9, 0x1e)
r10 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r7)
r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r12}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
keyctl$KEYCTL_MOVE(0x1e, r10, r7, r8, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000140)={0x3, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0]})

3.134245951s ago: executing program 3 (id=271):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x1a, 0x1, 0x0, 0x4000, {0xa, 0x0, 0x80, 0x0, 0x0, 0x2}, [@RTA_OIF={0x8}]}, 0x24}}, 0x0)

2.884282701s ago: executing program 1 (id=272):
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, 0x0, &(0x7f0000000200)=0x1e)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
close(r0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000000001004000014001a80100002800c000180080016000600000008001b00"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x8000000001)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8, &(0x7f00000002c0)=<r9=>0x0)
io_submit(r9, 0x1, &(0x7f0000000000)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r8, &(0x7f0000000040)="0300ffff0000", 0x6}])

2.82985008s ago: executing program 3 (id=273):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e000000040000000400000009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x200031f, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0xf000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.120524527s ago: executing program 4 (id=274):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002340)=ANY=[@ANYBLOB="4800000010000104feffffff0000000000000000", @ANYRES32=r5], 0x48}}, 0x8000)
socket$inet_sctp(0x2, 0x5, 0x84)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000003c0)=0x14)
r8 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r9 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r8)
pipe2$watch_queue(&(0x7f00000003c0)={<r10=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, r10, 0x1e)
r11 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r8)
r12 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r13}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
keyctl$KEYCTL_MOVE(0x1e, r11, r8, r9, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000140)={0x3, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0]})

1.809983681s ago: executing program 3 (id=275):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x5, 0x36, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, r3, 0x0, {}, 0xfd}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101021800168014000300ff8000000000000000000000000000aa0600150004"], 0x4c}}, 0x0)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)='2', 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r3, 0x2, {0x0, 0xff}, 0xfe}, 0x18)
syz_usbip_server_init(0x1)
socket$netlink(0x10, 0x3, 0x15)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, 0x0, 0x8000000000000003}, 0x18)

1.759645786s ago: executing program 0 (id=276):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@multicast, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr=0x64010100, @local}, {0x1f, 0x0, 0x0, @empty}}}}}, 0x0)
r1 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r1, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x18, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r2, 0xc018480b, &(0x7f0000000080)={0x2, 0x100})

1.380012729s ago: executing program 4 (id=277):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002600)={0x18, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x26, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000020000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002002000000004000100080004"], 0x44}}, 0x10)

1.329255226s ago: executing program 4 (id=278):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000122000/0x1000)=nil, 0x1000, &(0x7f0000000000))
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket$nl_crypto(0x10, 0x3, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=@newtaction={0x8ec, 0x30, 0x2, 0x0, 0x0, {}, [{0x8d8, 0x1, [@m_police={0x8d4, 0x8, 0x0, 0x0, {{0xb}, {0x870, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x7, 0x200, 0x9, 0x4, {0x9, 0x0, 0x7, 0x10, 0xc000, 0x2}, {0x8, 0x0, 0xb, 0x6, 0x1c2, 0x6}, 0x0, 0x7ff, 0x9}}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0xa72, 0x2, 0x6, 0x8001, 0x1, 0xfffffffe, 0xffffffff, 0x8001, 0x5, 0x4, 0x81, 0x7, 0x28f7, 0xd, 0xfffffff8, 0x6, 0x3ff, 0x8, 0x7, 0x6, 0x10001, 0x5, 0x40, 0x5, 0x80000001, 0x1, 0x8, 0x1, 0xa4, 0x8, 0x0, 0x2, 0x3, 0x1, 0x3ec, 0xfffffffd, 0x8, 0x4, 0x9f87, 0x1, 0x0, 0xfffffc82, 0x4, 0x6c9, 0xe0, 0x7, 0xe9d, 0xffff, 0x3ed35958, 0x0, 0x6, 0x0, 0x7, 0x6, 0x1ea, 0xffff0001, 0x1, 0x7fff, 0x2, 0x3, 0x2, 0x7, 0x9, 0x5, 0x7c7e, 0x3, 0x3, 0x9, 0x1, 0x2, 0x40, 0x2, 0x4, 0xf, 0x0, 0x7f, 0x4, 0x10001, 0x7, 0x100, 0x1, 0x1ff, 0x101, 0xd, 0xfffffffb, 0xfffffffd, 0x3, 0xfffffff6, 0xfffffffa, 0x40, 0x47e, 0x7, 0x2, 0x0, 0x31ee, 0x10001, 0x7ff, 0x7, 0xffffffff, 0x2, 0x5, 0x6, 0xffffffff, 0x0, 0x7, 0x2, 0x9, 0x7, 0xa9, 0x2, 0x6, 0x8, 0x3, 0x4, 0x9, 0x10000, 0xffff, 0xd44, 0xff, 0x5, 0x92, 0x4, 0x4, 0x4, 0xa, 0x7, 0x1ff, 0xfd, 0x7, 0x4, 0x0, 0x2, 0x7f, 0x8000, 0x4, 0x7, 0x81, 0x5, 0x4, 0x20, 0x9, 0x3, 0xc3, 0x7f, 0x74d, 0x820, 0x9abe, 0x4, 0x83f, 0x7, 0x6, 0x2, 0x45, 0x839e0000, 0x4, 0x5, 0x8, 0x7, 0x1c2, 0x7, 0x9, 0x24b4, 0x5, 0xc, 0x0, 0x2, 0x9, 0x24d9, 0x5, 0x6, 0x0, 0x8, 0x0, 0xffff, 0x7a6d, 0x80000000, 0x0, 0x9, 0x7, 0x6b, 0x41d9, 0x80000001, 0x1, 0xf, 0x1, 0x0, 0x9, 0x8000, 0x400, 0x8, 0x6, 0x501, 0x6, 0x9, 0xe, 0x9, 0xa8a, 0xfffffffe, 0x2, 0x8, 0xfff, 0x9, 0xaea, 0x43, 0x7, 0x9, 0x1, 0x5, 0x8, 0x10000, 0x61, 0x1, 0x1, 0x5, 0xffffffff, 0x2, 0x5, 0x9, 0x7ff, 0x7ff8000, 0x8, 0x5, 0x5, 0x3, 0x57e5a0d9, 0x2ad, 0x3, 0x4, 0x7, 0xfffffffc, 0x79, 0x80000000, 0x80, 0x2, 0x6, 0x2, 0x6, 0xfffffffa, 0x7d2, 0xd, 0x84e, 0x6, 0x5, 0x1, 0xfff, 0x8001, 0x0, 0x53e, 0x3dd00000, 0x6, 0x8, 0x0, 0x6, 0x6, 0x3]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xf}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x1000}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x6, 0x28, 0x0, 0xffffffff, 0xfffffe01, 0x9, 0x4, 0x8000, 0x5, 0x7, 0x9, 0x1, 0x100, 0xa8, 0x800, 0xc, 0x0, 0x9, 0x0, 0x7, 0x0, 0xfffffff9, 0xa, 0xb, 0x2, 0x800, 0x3ff, 0x3, 0x7, 0xa, 0x23e, 0x2, 0xab, 0x3, 0x100, 0x9, 0x9, 0x80000001, 0x10000, 0xf, 0xff, 0x700000, 0x8ca, 0x6, 0x0, 0xd, 0xdd7, 0x0, 0x400, 0x2, 0x1, 0x5, 0x3, 0x9, 0x3, 0xb1a, 0x1, 0x7, 0x1, 0x401, 0x54, 0x0, 0xbba4, 0x7, 0x9, 0x8, 0x1, 0xb98f, 0x32, 0xde6, 0x6, 0x9d, 0xc, 0x3, 0x9, 0x8, 0xd, 0xac8, 0x5, 0x7, 0x3, 0x9, 0xe, 0x1, 0x8, 0x7, 0x3, 0x5, 0x5, 0x8, 0x9, 0x200, 0x5, 0x1, 0x9, 0x5, 0x4, 0x0, 0x2, 0x7ba, 0x0, 0x3, 0x7, 0x3, 0x9, 0xffffff68, 0x40, 0x8, 0x7, 0x1, 0x2, 0x8, 0xff, 0x0, 0x3c, 0x0, 0x8, 0x2f6beceb, 0x3, 0x8, 0x8, 0x5, 0x8, 0x5, 0x9, 0x6, 0x0, 0x2f4d, 0x6ce0, 0x5, 0xfffffffb, 0xffffffff, 0x401, 0x6, 0x5, 0x0, 0x16d, 0x5, 0x5b, 0xba9, 0x2, 0x7, 0x1, 0x2, 0x10000, 0x1e, 0x6, 0x2, 0x1, 0x9, 0x15, 0x7, 0x0, 0x1, 0x9, 0x5d, 0x7, 0xc263, 0x3, 0x2, 0x7ff, 0x2, 0x6271, 0x10, 0x5, 0x9, 0x81, 0x2, 0xe8, 0x1, 0x5077, 0xfffffffd, 0x3, 0x10000000, 0x6, 0x1, 0x200, 0x3, 0xfffffff9, 0x26e, 0x6, 0x87, 0x47, 0xffff, 0x0, 0x4, 0x0, 0x1c1, 0x7fff, 0x473, 0x4, 0x0, 0x4039, 0xfffffc00, 0x100, 0x3, 0x10001, 0x22c, 0x0, 0x6, 0x3, 0x9, 0x7f, 0x7, 0xffff, 0x4498, 0x5, 0x4, 0xf4f, 0x800, 0xfff, 0x2, 0x2, 0x2582, 0xffff936a, 0x8001, 0x6, 0x81, 0x2, 0x6, 0x9, 0xda5, 0x80000000, 0x4, 0x5, 0x1, 0x0, 0x1, 0x0, 0x80000001, 0x5, 0xbaa, 0x40, 0x10001, 0x1af, 0x5, 0x5, 0x480, 0xc9, 0x3, 0xadef, 0x10, 0x8, 0x4, 0x46, 0x7, 0x8, 0x8, 0x4, 0x601144e9, 0x2, 0x9, 0x278, 0x0, 0x3]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}]]}, {0x39, 0x6, "ee129e1deb79911f3b6ff47582d1ec6fa8790678c77434c0586643410fbe11c24ee0494477e80a413bd8fbf46df89e83b8c21807dc"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x8ec}, 0x1, 0x0, 0x0, 0x40804}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040)=0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1e, 0x4, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r4, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r4, &(0x7f00000002c0), 0x220, 0x100, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

560.919474ms ago: executing program 3 (id=279):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002340)=ANY=[], 0x48}}, 0x8000)
socket$inet_sctp(0x2, 0x5, 0x84)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14)
r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r7)
pipe2$watch_queue(&(0x7f00000003c0)={<r9=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r9, 0x1e)
r10 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r7)
r11 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r12}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
keyctl$KEYCTL_MOVE(0x1e, r10, r7, r8, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
syz_io_uring_submit(r3, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000140)={0x3, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0]})

355.930232ms ago: executing program 1 (id=280):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x499f, 0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(0xffffffffffffffff, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

312.454998ms ago: executing program 4 (id=281):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
mount$cgroup(0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000300)={0x28, 0x0, 0xffffffff, @host}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x4161, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000340), 0x11000)
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

0s ago: executing program 0 (id=282):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180)
mount$cgroup(0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000300)={0x28, 0x0, 0xffffffff, @host}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x4161, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000340), 0x11000)
write$binfmt_misc(r5, &(0x7f0000000180)='5c', 0x2)
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:9445' (ED25519) to the list of known hosts.
[   41.999040][ T5884] cgroup: Unknown subsys name 'net'
[   42.122523][ T5884] cgroup: Unknown subsys name 'cpuset'
[   42.126645][ T5884] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.131457][ T5884] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.821198][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.824606][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.828161][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.832955][ T5946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.835704][ T5947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.836493][ T5947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.839020][ T5946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.841331][ T5953] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.841559][ T5947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.842233][ T5947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.842494][ T5947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.854396][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.856978][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.862162][ T5306] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.862305][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   46.864833][ T5306] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.867642][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   46.871757][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   46.874605][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   46.877501][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   47.162425][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   47.228263][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   47.376808][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   47.382696][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.385345][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.387707][ T5942] bridge_slave_0: entered allmulticast mode
[   47.390540][ T5942] bridge_slave_0: entered promiscuous mode
[   47.393927][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   47.461906][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.464234][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.466878][ T5942] bridge_slave_1: entered allmulticast mode
[   47.469656][ T5942] bridge_slave_1: entered promiscuous mode
[   47.478288][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.481173][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.483867][ T5941] bridge_slave_0: entered allmulticast mode
[   47.487573][ T5941] bridge_slave_0: entered promiscuous mode
[   47.543253][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.546300][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.549362][ T5941] bridge_slave_1: entered allmulticast mode
[   47.553638][ T5941] bridge_slave_1: entered promiscuous mode
[   47.595989][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.638771][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.650344][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.659564][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.747045][ T5941] team0: Port device team_slave_0 added
[   47.770107][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.772815][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.775274][ T5955] bridge_slave_0: entered allmulticast mode
[   47.777969][ T5955] bridge_slave_0: entered promiscuous mode
[   47.809316][ T5942] team0: Port device team_slave_0 added
[   47.831023][ T5941] team0: Port device team_slave_1 added
[   47.833361][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.835835][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.838232][ T5955] bridge_slave_1: entered allmulticast mode
[   47.841743][ T5955] bridge_slave_1: entered promiscuous mode
[   47.860482][ T5942] team0: Port device team_slave_1 added
[   47.880155][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.883132][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.886115][ T5949] bridge_slave_0: entered allmulticast mode
[   47.889878][ T5949] bridge_slave_0: entered promiscuous mode
[   47.988844][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.992427][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.994735][ T5949] bridge_slave_1: entered allmulticast mode
[   47.997324][ T5949] bridge_slave_1: entered promiscuous mode
[   48.023188][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.027983][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.030966][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.039114][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.043871][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.046060][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.054886][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.086621][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.088972][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.097242][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.103181][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   48.132100][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.134261][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.142833][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.176458][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.185627][ T5955] team0: Port device team_slave_0 added
[   48.188874][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   48.225978][ T5955] team0: Port device team_slave_1 added
[   48.275745][ T5942] hsr_slave_0: entered promiscuous mode
[   48.278364][ T5942] hsr_slave_1: entered promiscuous mode
[   48.315915][ T5949] team0: Port device team_slave_0 added
[   48.321033][ T5941] hsr_slave_0: entered promiscuous mode
[   48.324012][ T5941] hsr_slave_1: entered promiscuous mode
[   48.327149][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   48.330155][ T5941] Cannot create hsr debugfs directory
[   48.354268][ T5949] team0: Port device team_slave_1 added
[   48.387876][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.390392][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.398427][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.455999][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.458935][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.468950][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.518374][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   48.521599][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.533985][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   48.550304][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   48.552535][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   48.560502][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   48.658868][ T5955] hsr_slave_0: entered promiscuous mode
[   48.661652][ T5955] hsr_slave_1: entered promiscuous mode
[   48.663748][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   48.665963][ T5955] Cannot create hsr debugfs directory
[   48.728282][ T5949] hsr_slave_0: entered promiscuous mode
[   48.731395][ T5949] hsr_slave_1: entered promiscuous mode
[   48.733771][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   48.736140][ T5949] Cannot create hsr debugfs directory
[   48.880843][ T5953] Bluetooth: hci1: command tx timeout
[   48.880860][ T5946] Bluetooth: hci0: command tx timeout
[   48.890280][ T5946] Bluetooth: hci2: command tx timeout
[   48.950837][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   48.958948][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   48.970497][ T5946] Bluetooth: hci3: command tx timeout
[   48.986546][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   48.996589][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   49.053165][ T5941] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   49.061380][ T5941] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   49.068610][ T5941] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   49.082185][ T5941] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   49.108244][ T5955] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   49.113481][ T5955] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   49.117484][ T5955] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   49.121970][ T5955] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   49.181760][ T5949] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   49.186647][ T5949] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   49.196518][ T5949] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   49.201214][ T5949] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   49.270607][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.300760][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.304828][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   49.322453][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.330364][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.333589][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.349277][ T1200] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.352011][ T1200] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.360559][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   49.367249][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.378488][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.380911][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.388769][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   49.403374][ T1200] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.405653][ T1200] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.408928][ T1200] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.411264][ T1200] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.417811][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   49.430272][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.432576][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.439712][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.442050][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.458196][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.461362][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.541708][ T5949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   49.641764][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.679252][ T5942] veth0_vlan: entered promiscuous mode
[   49.687527][ T5942] veth1_vlan: entered promiscuous mode
[   49.698332][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.705824][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.712475][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.751140][ T5942] veth0_macvtap: entered promiscuous mode
[   49.766250][ T5942] veth1_macvtap: entered promiscuous mode
[   49.774300][ T5941] veth0_vlan: entered promiscuous mode
[   49.782623][ T5949] veth0_vlan: entered promiscuous mode
[   49.796695][ T5941] veth1_vlan: entered promiscuous mode
[   49.804946][ T5949] veth1_vlan: entered promiscuous mode
[   49.812948][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.816309][ T5955] veth0_vlan: entered promiscuous mode
[   49.826486][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.838477][ T5955] veth1_vlan: entered promiscuous mode
[   49.843959][ T5942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.847658][ T5942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.851676][ T5942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.855183][ T5942] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.885681][ T5941] veth0_macvtap: entered promiscuous mode
[   49.890976][ T5949] veth0_macvtap: entered promiscuous mode
[   49.901436][ T5949] veth1_macvtap: entered promiscuous mode
[   49.906098][ T5941] veth1_macvtap: entered promiscuous mode
[   49.934826][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.937632][ T5955] veth0_macvtap: entered promiscuous mode
[   49.945970][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.954208][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.957243][ T5955] veth1_macvtap: entered promiscuous mode
[   49.963553][ T1200] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.966035][ T1200] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.973159][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.982806][ T5949] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.985544][ T5949] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.988781][ T5949] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.992413][ T5949] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.010744][ T5941] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.013780][ T5941] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.017193][ T5941] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.020943][ T5941] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.035459][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   50.041370][ T1161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.044703][ T1161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.051162][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   50.064743][ T5955] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.068258][ T5955] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.072327][ T5955] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.075682][ T5955] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.108397][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   50.145998][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.149297][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.170612][   T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.173082][   T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.178965][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.182755][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.201408][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.204013][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.240441][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.274270][ T1161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.276724][ T1161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.279144][ T1161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   50.281917][ T1161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   50.360685][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.387772][ T6034] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.713877][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   50.721645][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   50.960496][ T5946] Bluetooth: hci2: command tx timeout
[   50.960600][ T5953] Bluetooth: hci0: command tx timeout
[   50.971515][ T5953] Bluetooth: hci1: command tx timeout
[   51.043220][ T5953] Bluetooth: hci3: command tx timeout
[   51.970516][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.991089][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   52.563698][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   52.973250][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   53.040441][ T5946] Bluetooth: hci2: command tx timeout
[   53.043337][ T5946] Bluetooth: hci1: command tx timeout
[   53.046097][ T5946] Bluetooth: hci0: command tx timeout
[   53.130459][ T5306] Bluetooth: hci3: command tx timeout
[   53.390183][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   53.392802][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   53.648336][ T6073] syzkaller1: entered promiscuous mode
[   53.650249][ T6073] syzkaller1: entered allmulticast mode
[   53.853883][ T6075] netlink: 80 bytes leftover after parsing attributes in process `syz.3.12'.
[   54.000736][ T5306] Bluetooth: hci4: command 0x1003 tx timeout
[   54.003213][ T5953] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   54.062246][ T6078] wg1: entered promiscuous mode
[   54.064153][ T6078] wg1: entered allmulticast mode
[   55.052325][ T6089] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   55.116758][ T6089] netlink: 80 bytes leftover after parsing attributes in process `syz.1.15'.
[   55.122267][ T5306] Bluetooth: hci0: command tx timeout
[   55.125744][ T5953] Bluetooth: hci1: command tx timeout
[   55.128138][ T5953] Bluetooth: hci2: command tx timeout
[   55.193319][ T6094] wg1: entered promiscuous mode
[   55.195745][ T6094] wg1: entered allmulticast mode
[   55.210182][ T5953] Bluetooth: hci3: command tx timeout
[   56.086019][ T6107] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   56.088189][ T6107] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   56.095855][ T6107] vhci_hcd vhci_hcd.0: Device attached
[   56.425853][ T3228] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[   57.126059][ T6121] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.21'.
[   57.130833][ T6121] openvswitch: netlink: Message has 5 unknown bytes.
[   57.480723][ T1161] Bluetooth: Error in BCSP hdr checksum
[   57.740843][   T81] Bluetooth: Error in BCSP hdr checksum
[   57.782220][ T6130] =======================================================
[   57.782220][ T6130] WARNING: The mand mount option has been deprecated and
[   57.782220][ T6130]          and is ignored by this kernel. Remove the mand
[   57.782220][ T6130]          option from the mount to silence this warning.
[   57.782220][ T6130] =======================================================
[   57.869613][ T6130] overlay: ./file0 is not a directory
[   57.940525][ T1200] Bluetooth: Error in BCSP hdr checksum
[   58.200304][ T1161] Bluetooth: Error in BCSP hdr checksum
[   58.676485][ T6108] vhci_hcd: connection reset by peer
[   58.679439][ T1200] vhci_hcd: stop threads
[   58.681701][ T1200] vhci_hcd: release socket
[   58.684757][ T1200] vhci_hcd: disconnect device
[   59.281386][ T5946] Bluetooth: hci4: command 0x1003 tx timeout
[   59.284204][ T5953] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   59.760767][ T5953] Bluetooth: hci5: command 0x1003 tx timeout
[   59.763618][ T5306] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   59.827285][ T6158] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   59.829405][ T6158] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   59.832395][ T6158] vhci_hcd vhci_hcd.0: Device attached
[   60.169808][   T29] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[   60.323105][ T6164] netlink: 80 bytes leftover after parsing attributes in process `syz.3.29'.
[   61.059513][ T6176] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   61.078403][ T6176] netlink: 80 bytes leftover after parsing attributes in process `syz.2.32'.
[   61.142237][ T6180] wg1: entered promiscuous mode
[   61.144655][ T6180] wg1: entered allmulticast mode
[   61.300319][   T13] Bluetooth: Error in BCSP hdr checksum
[   61.546316][ T3228] vhci_hcd: vhci_device speed not set
[   62.495176][ T6159] vhci_hcd: connection reset by peer
[   62.502656][   T13] vhci_hcd: stop threads
[   62.504092][   T13] vhci_hcd: release socket
[   62.513877][   T13] vhci_hcd: disconnect device
[   62.600527][ T6197] netlink: 80 bytes leftover after parsing attributes in process `syz.0.36'.
[   62.665205][ T6198] wg1: entered promiscuous mode
[   62.666801][ T6198] wg1: entered allmulticast mode
[   63.120240][ T5306] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   63.818503][ T6218] netlink: 28 bytes leftover after parsing attributes in process `syz.2.41'.
[   63.873379][ T6218] capability: warning: `syz.2.41' uses deprecated v2 capabilities in a way that may be insecure
[   63.876675][   T40] audit: type=1326 audit(1749481457.807:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   63.973452][   T40] audit: type=1326 audit(1749481457.807:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   63.980647][   T40] audit: type=1326 audit(1749481457.807:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.030148][   T40] audit: type=1326 audit(1749481457.807:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.037066][   T40] audit: type=1326 audit(1749481457.807:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.065208][   T40] audit: type=1326 audit(1749481457.807:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.089285][   T40] audit: type=1326 audit(1749481457.807:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.119779][   T40] audit: type=1326 audit(1749481457.807:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.138282][   T40] audit: type=1326 audit(1749481457.807:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.160157][   T40] audit: type=1326 audit(1749481457.807:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6216 comm="syz.2.41" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf7f27579 code=0x7ffc0000
[   64.404671][ T6228] netlink: 80 bytes leftover after parsing attributes in process `syz.3.42'.
[   64.446965][ T6231] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   64.458957][ T6231] netlink: 80 bytes leftover after parsing attributes in process `syz.2.43'.
[   65.345511][   T29] vhci_hcd: vhci_device speed not set
[   65.405237][ T6213] overlay: ./file0 is not a directory
[   66.391708][ T6260] overlayfs: failed to resolve './file1': -2
[   67.241246][ T6272] netlink: 28 bytes leftover after parsing attributes in process `syz.3.51'.
[   68.040407][   T81] Bluetooth: Error in BCSP hdr checksum
[   68.196200][ T6297] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   68.200917][ T6298] netlink: 80 bytes leftover after parsing attributes in process `syz.2.55'.
[   68.205281][ T6297] netlink: 80 bytes leftover after parsing attributes in process `syz.1.54'.
[   69.850153][ T5946] Bluetooth: hci4: command 0x1003 tx timeout
[   69.850187][ T5953] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   70.000180][ T5306] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   70.494280][ T6323] overlay: ./file0 is not a directory
[   70.883258][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[   70.886142][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[   71.937094][ T6350] futex_wake_op: syz.2.67 tries to shift op by 144; fix this program
[   73.036562][ T6362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.69'.
[   73.092561][ T6363] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   73.100104][   T40] kauditd_printk_skb: 22 callbacks suppressed
[   73.100119][   T40] audit: type=1326 audit(1749481467.027:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.121046][   T40] audit: type=1326 audit(1749481467.057:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.142565][   T40] audit: type=1326 audit(1749481467.057:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.158117][ T6363] netlink: 80 bytes leftover after parsing attributes in process `syz.0.71'.
[   73.173655][   T40] audit: type=1326 audit(1749481467.067:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.182622][   T40] audit: type=1326 audit(1749481467.067:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.190254][   T40] audit: type=1326 audit(1749481467.067:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.197945][   T40] audit: type=1326 audit(1749481467.067:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.207088][   T40] audit: type=1326 audit(1749481467.067:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.214760][   T40] audit: type=1326 audit(1749481467.067:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.221405][   T40] audit: type=1326 audit(1749481467.067:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6359 comm="syz.1.69" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf70be579 code=0x7ffc0000
[   73.997424][ T6381] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[   73.999569][ T6381] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   74.002537][ T6381] vhci_hcd vhci_hcd.0: Device attached
[   74.320080][   T29] usb 39-1: new low-speed USB device number 3 using vhci_hcd
[   75.342996][ T6402] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.429788][ T6404] Zero length message leads to an empty skb
[   75.599410][ T6403] netlink: 80 bytes leftover after parsing attributes in process `syz.0.76'.
[   75.773758][ T6411] netlink: 28 bytes leftover after parsing attributes in process `syz.2.77'.
[   76.484999][ T6416] Bluetooth: MGMT ver 1.23
[   76.813526][ T6382] vhci_hcd: connection reset by peer
[   76.926245][   T81] vhci_hcd: stop threads
[   76.928268][   T81] vhci_hcd: release socket
[   76.930401][   T81] vhci_hcd: disconnect device
[   77.102750][ T6455] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   77.164056][ T6455] netlink: 80 bytes leftover after parsing attributes in process `syz.3.81'.
[   77.704235][ T6466] netlink: 28 bytes leftover after parsing attributes in process `syz.1.83'.
[   77.932262][   T81] Bluetooth: Error in BCSP hdr checksum
[   78.524558][ T1142] Bluetooth: Error in BCSP hdr checksum
[   79.141432][ T6512] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   79.150577][ T6512] netlink: 80 bytes leftover after parsing attributes in process `syz.1.87'.
[   79.440087][   T29] vhci_hcd: vhci_device speed not set
[   79.680198][ T5953] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   79.680373][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[   80.320140][ T5306] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   80.320194][ T5953] Bluetooth: hci5: command 0x1003 tx timeout
[   80.490418][ T6531] lo speed is unknown, defaulting to 1000
[   80.493542][ T6531] lo speed is unknown, defaulting to 1000
[   80.496166][ T6531] lo speed is unknown, defaulting to 1000
[   80.541770][ T6532] netlink: 'syz.2.91': attribute type 4 has an invalid length.
[   80.547727][   T40] kauditd_printk_skb: 44 callbacks suppressed
[   80.547739][   T40] audit: type=1326 audit(1749481474.477:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.2.91" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f27579 code=0x0
[   80.560086][ T5946] Bluetooth: hci6: Opcode 0x1003 failed: -110
[   80.582239][ T6531] infiniband syz0: set active
[   80.584573][ T6531] infiniband syz0: added lo
[   80.584956][   T34] lo speed is unknown, defaulting to 1000
[   80.605071][ T6531] RDS/IB: syz0: added
[   80.606643][ T6531] smc: adding ib device syz0 with port count 1
[   80.608739][ T6531] smc:    ib device syz0 port 1 has pnetid 
[   80.612831][ T6024] lo speed is unknown, defaulting to 1000
[   80.614938][ T6531] lo speed is unknown, defaulting to 1000
[   80.706163][ T6531] lo speed is unknown, defaulting to 1000
[   80.790304][ T6531] lo speed is unknown, defaulting to 1000
[   80.878665][ T6531] lo speed is unknown, defaulting to 1000
[   81.046360][ T6538] netlink: 80 bytes leftover after parsing attributes in process `syz.3.92'.
[   81.122387][   T60] cfg80211: failed to load regulatory.db
[   81.373145][ T6543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.93'.
[   81.376453][ T6543] netlink: 'syz.0.93': attribute type 5 has an invalid length.
[   81.378918][ T6543] netlink: 20 bytes leftover after parsing attributes in process `syz.0.93'.
[   81.385195][ T6543] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[   81.391382][ T6543] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[   81.394741][ T6543] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[   81.398236][ T6543] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[   81.403036][ T6543] geneve2: entered promiscuous mode
[   81.404745][ T6543] geneve2: entered allmulticast mode
[   81.424142][ T6545] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   81.427554][ T6545] overlayfs: missing 'lowerdir'
[   81.788393][ T6548] overlay: ./file0 is not a directory
[   81.791969][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   81.990100][    T9] usb 5-1: Using ep0 maxpacket: 8
[   81.995186][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[   81.999458][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[   82.003613][    T9] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   82.006435][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.011935][    T9] usb 5-1: config 0 descriptor??
[   82.500638][    T9] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   82.773550][ T6562] netlink: 28 bytes leftover after parsing attributes in process `syz.1.97'.
[   82.807428][   T40] audit: type=1326 audit(1749481476.737:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.815126][   T40] audit: type=1326 audit(1749481476.737:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.821652][   T40] audit: type=1326 audit(1749481476.737:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.828152][   T40] audit: type=1326 audit(1749481476.747:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.836476][   T60] usb 5-1: USB disconnect, device number 2
[   82.837116][   T40] audit: type=1326 audit(1749481476.747:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.855103][   T40] audit: type=1326 audit(1749481476.747:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.880655][   T40] audit: type=1326 audit(1749481476.747:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.887066][   T40] audit: type=1326 audit(1749481476.747:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   82.895239][   T40] audit: type=1326 audit(1749481476.747:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.1.97" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.216618][ T6580] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   83.382375][ T6586] netlink: 80 bytes leftover after parsing attributes in process `syz.1.99'.
[   83.700199][ T6604] netlink: 28 bytes leftover after parsing attributes in process `syz.0.101'.
[   83.800404][ T6607] netlink: 28 bytes leftover after parsing attributes in process `syz.2.100'.
[   84.731402][ T6642] netlink: 28 bytes leftover after parsing attributes in process `syz.1.106'.
[   84.752164][ T6643] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[   84.754251][ T6643] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   84.757455][ T6643] vhci_hcd vhci_hcd.0: Device attached
[   85.069371][   T29] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[   85.775697][ T6677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.107'.
[   85.833990][   T40] kauditd_printk_skb: 63 callbacks suppressed
[   85.834002][   T40] audit: type=1326 audit(1749481479.767:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.850084][   T40] audit: type=1326 audit(1749481479.777:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.858895][   T40] audit: type=1326 audit(1749481479.777:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.867249][   T40] audit: type=1326 audit(1749481479.777:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.874764][   T40] audit: type=1326 audit(1749481479.777:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.883659][   T40] audit: type=1326 audit(1749481479.777:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.893400][   T40] audit: type=1326 audit(1749481479.777:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.901882][   T40] audit: type=1326 audit(1749481479.777:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.909781][   T40] audit: type=1326 audit(1749481479.777:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   85.919084][   T40] audit: type=1326 audit(1749481479.787:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.1.107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   87.399632][ T6644] vhci_hcd: connection reset by peer
[   87.402777][   T81] vhci_hcd: stop threads
[   87.404171][   T81] vhci_hcd: release socket
[   87.405639][   T81] vhci_hcd: disconnect device
[   89.065589][ T6750] netlink: 28 bytes leftover after parsing attributes in process `syz.1.119'.
[   89.516400][ T6760] netlink: 84 bytes leftover after parsing attributes in process `syz.3.120'.
[   89.545393][ T6760] smc: removing ib device syz0
[   89.772572][ T6784] random: crng reseeded on system resumption
[   90.330120][   T29] vhci_hcd: vhci_device speed not set
[   90.335520][ T6793] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   90.338254][ T6793] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.342534][ T6793] vhci_hcd vhci_hcd.0: Device attached
[   90.834054][   T54] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[   91.542438][ T6819] overlayfs: failed to resolve './file1': -2
[   91.799305][ T6829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.130'.
[   91.871395][   T40] kauditd_printk_skb: 25 callbacks suppressed
[   91.871474][   T40] audit: type=1326 audit(1749481485.787:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.913832][   T40] audit: type=1326 audit(1749481485.797:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.930409][   T40] audit: type=1326 audit(1749481485.797:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.946195][   T40] audit: type=1326 audit(1749481485.797:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.957488][   T40] audit: type=1326 audit(1749481485.797:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.967036][   T40] audit: type=1326 audit(1749481485.797:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.976298][   T40] audit: type=1326 audit(1749481485.797:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.985107][   T40] audit: type=1326 audit(1749481485.797:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   91.994015][   T40] audit: type=1326 audit(1749481485.797:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf70be579 code=0x7ffc0000
[   92.003114][   T40] audit: type=1326 audit(1749481485.797:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.1.130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   92.480836][ T6822] overlayfs: failed to resolve './file1': -2
[   92.640385][ T6794] vhci_hcd: connection reset by peer
[   92.650951][ T1140] vhci_hcd: stop threads
[   92.652531][ T1140] vhci_hcd: release socket
[   92.654661][ T1140] vhci_hcd: disconnect device
[   92.981537][ T6873] wlan1 speed is unknown, defaulting to 1000
[   92.984295][ T6873] wlan1 speed is unknown, defaulting to 1000
[   92.986914][ T6873] wlan1 speed is unknown, defaulting to 1000
[   92.991691][ T6873] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   92.994841][ T6870] netlink: 80 bytes leftover after parsing attributes in process `syz.2.136'.
[   92.998874][ T6856] overlayfs: failed to resolve './file1': -2
[   93.002903][ T6873] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   93.014349][ T6868] netlink: 'syz.1.134': attribute type 4 has an invalid length.
[   93.024384][ T6868] netlink: 'syz.1.134': attribute type 4 has an invalid length.
[   93.035580][ T6873] wlan1 speed is unknown, defaulting to 1000
[   93.041239][ T6873] wlan1 speed is unknown, defaulting to 1000
[   93.044338][ T6873] wlan1 speed is unknown, defaulting to 1000
[   93.048719][ T6873] wlan1 speed is unknown, defaulting to 1000
[   93.220350][ T6881] netlink: 32 bytes leftover after parsing attributes in process `syz.0.138'.
[   94.038824][ T6895] gfs2: path_lookup on  returned error -2
[   94.498115][ T6902] Bluetooth: MGMT ver 1.23
[   94.613019][ T6906] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[   94.615129][ T6906] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   94.630096][ T6906] vhci_hcd vhci_hcd.0: Device attached
[   94.768330][ T6910] fuse: Bad value for 'fd'
[   94.819315][ T6912] netlink: 'syz.0.146': attribute type 1 has an invalid length.
[   94.864361][ T6912] 8021q: adding VLAN 0 to HW filter on device bond2
[   94.869723][ T6912] bond1: (slave bond2): making interface the new active one
[   94.875418][ T6912] bond1: (slave bond2): Enslaving as an active interface with an up link
[   94.907951][ T6912] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[   94.965711][ T6912] 8021q: adding VLAN 0 to HW filter on device bond1
[   94.985352][   T29] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[   95.752551][ T6936] netlink: 80 bytes leftover after parsing attributes in process `syz.1.150'.
[   95.910102][   T54] vhci_hcd: vhci_device speed not set
[   97.015827][ T6975] fuse: Bad value for 'fd'
[   97.129614][ T6973] netlink: 'syz.1.153': attribute type 4 has an invalid length.
[   97.241753][ T6907] vhci_hcd: connection reset by peer
[   97.244714][ T1139] vhci_hcd: stop threads
[   97.246799][ T1139] vhci_hcd: release socket
[   97.249954][ T1139] vhci_hcd: disconnect device
[   97.454158][ T6982] netlink: 92 bytes leftover after parsing attributes in process `syz.1.157'.
[   97.510212][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.156'.
[   97.517056][ T6991] netlink: 'syz.0.156': attribute type 5 has an invalid length.
[   97.524472][ T6991] netlink: 20 bytes leftover after parsing attributes in process `syz.0.156'.
[   97.566385][ T6992] syzkaller1: entered promiscuous mode
[   97.568176][ T6992] syzkaller1: entered allmulticast mode
[   97.870161][   T54] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   97.885006][ T7001] nftables ruleset with unbound chain
[   97.983168][ T7003] binder: 7002:7003 ioctl c0046209 0 returned -22
[   98.140121][   T54] usb 5-1: Using ep0 maxpacket: 8
[   98.163819][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[   98.167677][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[   98.171233][   T54] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   98.174159][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.179173][   T54] usb 5-1: config 0 descriptor??
[   98.199576][ T7006] netlink: 80 bytes leftover after parsing attributes in process `syz.1.162'.
[   98.472076][ T3228] wlan1 speed is unknown, defaulting to 1000
[   98.499221][ T3228] IPVS: starting estimator thread 0...
[   98.552239][   T54] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   98.590205][ T7009] IPVS: using max 41 ests per chain, 98400 per kthread
[   98.801110][ T5946] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[   98.804065][ T5946] Bluetooth: hci3: Injecting HCI hardware error event
[   98.807769][ T5946] Bluetooth: hci3: hardware error 0x00
[   99.175140][   T40] kauditd_printk_skb: 6 callbacks suppressed
[   99.175151][   T40] audit: type=1326 audit(1749481493.107:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.186267][   T40] audit: type=1326 audit(1749481493.107:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.202023][   T40] audit: type=1326 audit(1749481493.107:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.211011][   T40] audit: type=1326 audit(1749481493.107:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.217544][   T40] audit: type=1326 audit(1749481493.107:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.224948][   T40] audit: type=1326 audit(1749481493.107:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.232747][   T40] audit: type=1326 audit(1749481493.107:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.239477][   T40] audit: type=1326 audit(1749481493.107:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.246103][   T40] audit: type=1326 audit(1749481493.107:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[   99.254293][   T40] audit: type=1326 audit(1749481493.107:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.3.165" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf707e579 code=0x7ffc0000
[  100.080228][   T29] vhci_hcd: vhci_device speed not set
[  100.214751][ T3228] usb 5-1: USB disconnect, device number 3
[  100.524266][ T7051] gfs2: path_lookup on  returned error -2
[  100.714717][ T7058] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  100.716908][ T7058] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  100.720511][ T7058] vhci_hcd vhci_hcd.0: Device attached
[  100.880151][ T5946] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  101.070115][   T29] usb 43-1: device descriptor read/64, error -110
[  101.107231][ T7065] netlink: 80 bytes leftover after parsing attributes in process `syz.1.171'.
[  101.330454][   T29] usb 43-1: new low-speed USB device number 4 using vhci_hcd
[  103.068047][ T7083] wlan1 speed is unknown, defaulting to 1000
[  103.639312][ T7059] vhci_hcd: connection reset by peer
[  103.650358][   T13] vhci_hcd: stop threads
[  103.652130][   T13] vhci_hcd: release socket
[  103.655923][   T13] vhci_hcd: disconnect device
[  104.131186][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.176'.
[  104.134386][ T7095] netlink: 'syz.3.176': attribute type 5 has an invalid length.
[  104.137123][ T7095] netlink: 20 bytes leftover after parsing attributes in process `syz.3.176'.
[  104.146693][ T7095] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  104.151579][ T7095] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  104.160300][ T7095] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  104.164143][ T7095] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  104.167735][ T7095] geneve2: entered promiscuous mode
[  104.170092][ T7095] geneve2: entered allmulticast mode
[  104.510146][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  104.670188][    T9] usb 8-1: Using ep0 maxpacket: 8
[  104.680819][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[  104.690058][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[  104.693588][    T9] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  104.701948][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.710495][    T9] usb 8-1: config 0 descriptor??
[  104.919216][    T9] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  104.942778][ T7104] netlink: 80 bytes leftover after parsing attributes in process `syz.0.180'.
[  105.424226][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.429047][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.431742][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.435530][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.437975][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.441547][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.444108][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.446657][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.449283][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.452594][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.455318][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.457822][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.460470][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.463264][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.465765][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.468276][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.471209][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.474055][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.476606][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.479546][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.482784][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.485541][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.488852][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.492901][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.496324][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.501295][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.505544][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.508904][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.512973][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.516338][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.519842][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.523463][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.527337][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.531021][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.534618][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.538361][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.541593][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.544993][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.548049][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.551267][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.554754][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.558073][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.570706][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  105.581529][ T6303] hid-generic 0000:007F:FFFFFFFE.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  105.633605][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  105.633615][   T40] audit: type=1326 audit(1749481499.567:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.647178][   T40] audit: type=1326 audit(1749481499.577:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.657142][   T40] audit: type=1326 audit(1749481499.577:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.694823][   T40] audit: type=1326 audit(1749481499.577:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.720042][   T40] audit: type=1326 audit(1749481499.577:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.729478][ T7113] fido_id[7113]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  105.736186][   T40] audit: type=1326 audit(1749481499.577:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.749925][   T40] audit: type=1326 audit(1749481499.577:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.758791][   T40] audit: type=1326 audit(1749481499.577:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.769217][   T40] audit: type=1326 audit(1749481499.577:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  105.777552][   T40] audit: type=1326 audit(1749481499.577:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7114 comm="syz.1.183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  106.520289][   T29] vhci_hcd: vhci_device speed not set
[  106.897184][  T839] usb 8-1: USB disconnect, device number 2
[  107.333401][ T7134] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  107.336202][ T7134] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  107.339006][ T7134] vhci_hcd vhci_hcd.0: Device attached
[  107.341190][ T7133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.187'.
[  107.391490][ T7127] vlan2: entered promiscuous mode
[  107.394252][ T7127] vlan2: entered allmulticast mode
[  107.396204][ T7127] hsr_slave_1: entered allmulticast mode
[  107.684821][ T3228] usb 39-1: new low-speed USB device number 4 using vhci_hcd
[  108.189287][ T7148] netlink: 'syz.3.191': attribute type 10 has an invalid length.
[  108.198585][ T7148] team0: Device ipvlan1 failed to register rx_handler
[  109.332848][ T7180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.194'.
[  109.344980][ T7180] netlink: 'syz.3.194': attribute type 5 has an invalid length.
[  109.351197][ T7180] netlink: 20 bytes leftover after parsing attributes in process `syz.3.194'.
[  109.770209][    T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  109.794276][ T7135] vhci_hcd: connection reset by peer
[  109.796781][   T52] vhci_hcd: stop threads
[  109.798326][   T52] vhci_hcd: release socket
[  109.800359][   T52] vhci_hcd: disconnect device
[  109.930075][    T9] usb 8-1: Using ep0 maxpacket: 8
[  109.935157][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[  109.942580][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[  109.947196][    T9] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  109.951181][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.960442][    T9] usb 8-1: config 0 descriptor??
[  110.177900][    T9] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  110.243215][ T7199] QAT: Stopping all acceleration devices.
[  110.329446][ T7202] netlink: 'syz.1.200': attribute type 10 has an invalid length.
[  110.336146][ T7202] team0: Device ipvlan1 failed to register rx_handler
[  112.021332][   T13] Bluetooth: Error in BCSP hdr checksum
[  112.037506][   T61] usb 8-1: USB disconnect, device number 3
[  112.793937][ T3228] vhci_hcd: vhci_device speed not set
[  113.208614][ T7244] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12)
[  113.211121][ T7244] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  113.214364][ T7244] vhci_hcd vhci_hcd.0: Device attached
[  113.329278][ T7246] vhci_hcd: connection closed
[  113.329452][   T81] vhci_hcd: stop threads
[  113.329471][   T81] vhci_hcd: release socket
[  113.329478][   T81] vhci_hcd: disconnect device
[  114.180443][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  114.182726][   T52] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.361368][ T5306] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  114.362159][ T5306] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  114.367434][ T5306] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  114.367978][ T5306] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  114.373235][ T5306] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  114.437385][   T52] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.473627][ T7258] wlan1 speed is unknown, defaulting to 1000
[  114.620862][   T52] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.771152][   T52] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.851025][ T7275] gfs2: path_lookup on  returned error -2
[  114.923411][ T7269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.214'.
[  114.934107][ T7269] netlink: 'syz.3.214': attribute type 5 has an invalid length.
[  114.937573][ T7269] netlink: 20 bytes leftover after parsing attributes in process `syz.3.214'.
[  115.073640][   T52] bridge_slave_1: left allmulticast mode
[  115.075786][   T52] bridge_slave_1: left promiscuous mode
[  115.078802][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.101609][   T52] bridge_slave_0: left allmulticast mode
[  115.103976][   T52] bridge_slave_0: left promiscuous mode
[  115.111328][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.370116][ T6173] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  115.378065][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.387895][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.396577][   T52] bond0 (unregistering): Released all slaves
[  115.426738][ T7258] chnl_net:caif_netlink_parms(): no params data found
[  115.530058][ T6173] usb 8-1: Using ep0 maxpacket: 8
[  115.543713][ T6173] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[  115.555771][ T6173] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[  115.581186][ T6173] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  115.584681][ T6173] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.604475][ T6173] usb 8-1: config 0 descriptor??
[  115.610381][ T7258] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.613244][ T7258] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.615586][ T7258] bridge_slave_0: entered allmulticast mode
[  115.621205][ T7258] bridge_slave_0: entered promiscuous mode
[  115.631520][ T7258] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.634137][ T7258] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.637277][ T7258] bridge_slave_1: entered allmulticast mode
[  115.647849][ T7258] bridge_slave_1: entered promiscuous mode
[  115.705747][ T7258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.716556][ T7258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.830100][ T7258] team0: Port device team_slave_0 added
[  115.844144][ T7258] team0: Port device team_slave_1 added
[  115.874697][ T6173] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  115.947640][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.950599][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.958855][ T7258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.969832][   T52] hsr_slave_0: left promiscuous mode
[  115.973127][   T52] hsr_slave_1: left promiscuous mode
[  115.975073][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.977388][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.981167][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.983594][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.019409][   T52] veth1_macvtap: left promiscuous mode
[  116.021763][   T52] veth0_macvtap: left promiscuous mode
[  116.023769][   T52] veth1_vlan: left promiscuous mode
[  116.025691][   T52] veth0_vlan: left promiscuous mode
[  116.053289][   T40] kauditd_printk_skb: 60 callbacks suppressed
[  116.053300][   T40] audit: type=1326 audit(1749481509.987:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.067350][   T40] audit: type=1326 audit(1749481509.997:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.074572][   T40] audit: type=1326 audit(1749481509.997:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.076053][ T6173] usb 8-1: USB disconnect, device number 4
[  116.082674][   T40] audit: type=1326 audit(1749481509.997:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.092866][   T40] audit: type=1326 audit(1749481509.997:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.099864][   T40] audit: type=1326 audit(1749481509.997:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.106745][   T40] audit: type=1326 audit(1749481509.997:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.113689][   T40] audit: type=1326 audit(1749481509.997:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.120506][   T40] audit: type=1326 audit(1749481509.997:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.127886][   T40] audit: type=1326 audit(1749481509.997:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7298 comm="syz.0.218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  116.412281][ T5306] Bluetooth: hci1: command tx timeout
[  116.636938][   T52] team0 (unregistering): Port device team_slave_1 removed
[  116.702209][   T52] team0 (unregistering): Port device team_slave_0 removed
[  116.922645][ T7304] overlay: ./file0 is not a directory
[  117.216285][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.218880][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.227562][ T7258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.320222][   T81] Bluetooth: Error in BCSP hdr checksum
[  117.328600][ T7258] hsr_slave_0: entered promiscuous mode
[  117.331323][ T7258] hsr_slave_1: entered promiscuous mode
[  117.483019][ T7258] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  117.488935][ T7258] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  117.495779][ T7258] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  117.502556][ T7258] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  117.572047][ T7258] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.579755][ T7258] 8021q: adding VLAN 0 to HW filter on device team0
[  117.581501][ T1140] Bluetooth: Error in BCSP hdr checksum
[  117.617167][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.620349][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.648137][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.651258][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.698570][ T7258] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  117.702628][ T7258] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  117.905907][ T7258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.063617][ T7258] veth0_vlan: entered promiscuous mode
[  118.074296][ T7258] veth1_vlan: entered promiscuous mode
[  118.095513][ T7258] veth0_macvtap: entered promiscuous mode
[  118.102065][ T7258] veth1_macvtap: entered promiscuous mode
[  118.118758][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.126060][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.131369][ T7258] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.134640][ T7258] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.137483][ T7258] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.141119][ T7258] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.191741][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.194189][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.226291][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.231664][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.391619][ T7374] syz.1.226 uses obsolete (PF_INET,SOCK_PACKET)
[  118.490342][ T5946] Bluetooth: hci1: command tx timeout
[  118.816829][ T7377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.227'.
[  118.823123][ T7377] netlink: 'syz.4.227': attribute type 5 has an invalid length.
[  118.826474][ T7377] netlink: 20 bytes leftover after parsing attributes in process `syz.4.227'.
[  118.839908][ T7377] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  118.843040][ T7377] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  118.846597][ T7377] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  118.851471][ T7377] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  118.857441][ T7377] geneve2: entered promiscuous mode
[  118.859818][ T7377] geneve2: entered allmulticast mode
[  119.045941][ T7389] overlay: ./file0 is not a directory
[  119.120127][ T5946] Bluetooth: hci4: command 0x1003 tx timeout
[  119.120334][ T5306] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  119.351080][ T3228] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  119.409341][ T7419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  119.660053][ T3228] usb 9-1: Using ep0 maxpacket: 8
[  119.662894][ T3228] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 201, changing to 11
[  119.666231][ T3228] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 49481, setting to 1024
[  119.669693][ T3228] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  119.680038][ T3228] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.685774][ T3228] usb 9-1: config 0 descriptor??
[  119.891698][ T3228] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  119.958443][ T7426] netlink: 284 bytes leftover after parsing attributes in process `syz.1.232'.
[  119.991873][ T7426] netlink: 'syz.1.232': attribute type 6 has an invalid length.
[  119.994386][ T7426] netlink: 32 bytes leftover after parsing attributes in process `syz.1.232'.
[  120.092118][   T10] usb 9-1: USB disconnect, device number 2
[  120.486707][ T7438] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  120.488819][ T7438] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  120.506139][ T7438] vhci_hcd vhci_hcd.0: Device attached
[  120.521169][ T7438] netdevsim netdevsim1: Direct firmware load for @ failed with error -2
[  120.524017][ T7438] netdevsim netdevsim1: Falling back to sysfs fallback for: @
[  120.560082][ T5306] Bluetooth: hci1: command tx timeout
[  121.164028][ T7466] macvlan0: entered allmulticast mode
[  121.165752][ T7466] veth1_vlan: entered allmulticast mode
[  121.193955][ T7466] netlink: 4 bytes leftover after parsing attributes in process `syz.0.236'.
[  121.374178][ T6173] usb 39-1: new low-speed USB device number 5 using vhci_hcd
[  121.407113][ T7439] vhci_hcd: connection closed
[  121.429577][ T1200] vhci_hcd: stop threads
[  121.432594][ T1200] vhci_hcd: release socket
[  121.434583][ T1200] vhci_hcd: disconnect device
[  122.167411][ T7494] warning: `syz.4.242' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  122.274196][ T7490] netlink: 'syz.4.242': attribute type 10 has an invalid length.
[  122.354563][ T7490] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  122.650080][ T5306] Bluetooth: hci1: command tx timeout
[  123.017524][ T7520] wg1: entered promiscuous mode
[  123.019238][ T7520] wg1: entered allmulticast mode
[  123.329840][ T7528] netlink: 36 bytes leftover after parsing attributes in process `syz.0.249'.
[  123.956716][ T7532] raw_sendmsg: syz.1.250 forgot to set AF_INET. Fix it!
[  124.073277][ T7536] netlink: 'syz.1.251': attribute type 1 has an invalid length.
[  124.127928][ T7539] netlink: 80 bytes leftover after parsing attributes in process `syz.0.252'.
[  124.130753][ T7536] 8021q: adding VLAN 0 to HW filter on device bond2
[  124.135444][ T7536] bond1: (slave bond2): making interface the new active one
[  124.137937][ T7536] bond1: (slave bond2): Enslaving as an active interface with an up link
[  124.163383][ T7536] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  124.316037][ T7550] netlink: 'syz.4.256': attribute type 3 has an invalid length.
[  124.577815][ T7556] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  124.580662][ T7556] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  124.593673][ T7556] vhci_hcd vhci_hcd.0: Device attached
[  124.829826][ T7558] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  124.832651][ T7558] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  124.837772][ T7558] vhci_hcd vhci_hcd.0: Device attached
[  125.160086][ T5950] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  125.165281][ T7560] vhci_hcd: connection reset by peer
[  125.178770][   T81] vhci_hcd: stop threads
[  125.180229][   T81] vhci_hcd: release socket
[  125.214162][   T81] vhci_hcd: disconnect device
[  125.225069][ T7563] vhci_hcd: connection reset by peer
[  125.227659][   T81] vhci_hcd: stop threads
[  125.229604][   T81] vhci_hcd: release socket
[  125.231752][   T81] vhci_hcd: disconnect device
[  126.408305][ T7586] openvswitch: netlink: Message has 24 unknown bytes.
[  126.410888][ T7586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  126.470837][ T6173] vhci_hcd: vhci_device speed not set
[  126.580200][ T1200] Bluetooth: Error in BCSP hdr checksum
[  127.600180][ T5953] Bluetooth: hci4: command 0x1003 tx timeout
[  127.600430][ T5306] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  127.742220][ T7598] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  127.744307][ T7598] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  127.747479][ T7598] vhci_hcd vhci_hcd.0: Device attached
[  127.859307][ T7599] vhci_hcd: connection closed
[  127.860945][ T1200] vhci_hcd: stop threads
[  127.864837][ T1200] vhci_hcd: release socket
[  127.866814][ T1200] vhci_hcd: disconnect device
[  127.922756][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  127.922768][   T40] audit: type=1326 audit(1749481521.857:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.930311][ T6173] vhci_hcd: vhci_device speed not set
[  127.933186][   T40] audit: type=1326 audit(1749481521.857:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.942481][   T40] audit: type=1326 audit(1749481521.857:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.949642][   T40] audit: type=1326 audit(1749481521.857:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.957643][   T40] audit: type=1326 audit(1749481521.857:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.965864][   T40] audit: type=1326 audit(1749481521.857:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.972994][   T40] audit: type=1326 audit(1749481521.857:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.980766][   T40] audit: type=1326 audit(1749481521.857:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.988481][   T40] audit: type=1326 audit(1749481521.857:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  127.996120][   T40] audit: type=1326 audit(1749481521.857:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7601 comm="syz.1.265" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  128.410287][ T5306] Bluetooth: hci5: command 0x1003 tx timeout
[  128.411289][ T5946] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  128.607403][ T7631] netlink: 'syz.3.267': attribute type 1 has an invalid length.
[  128.685844][ T7639] 8021q: adding VLAN 0 to HW filter on device bond2
[  128.691148][ T7639] bond1: (slave bond2): making interface the new active one
[  128.700673][ T7639] bond1: (slave bond2): Enslaving as an active interface with an up link
[  128.712258][ T7636] FAULT_INJECTION: forcing a failure.
[  128.712258][ T7636] name failslab, interval 1, probability 0, space 0, times 0
[  128.720312][ T7636] CPU: 3 UID: 0 PID: 7636 Comm: syz.4.268 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  128.720328][ T7636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.720334][ T7636] Call Trace:
[  128.720338][ T7636]  <TASK>
[  128.720343][ T7636]  dump_stack_lvl+0x16c/0x1f0
[  128.720363][ T7636]  should_fail_ex+0x512/0x640
[  128.720378][ T7636]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  128.720396][ T7636]  should_failslab+0xc2/0x120
[  128.720406][ T7636]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  128.720421][ T7636]  ? __alloc_skb+0x2b2/0x380
[  128.720437][ T7636]  ? trace_mm_page_alloc+0x11f/0x1a0
[  128.720449][ T7636]  __alloc_skb+0x2b2/0x380
[  128.720477][ T7636]  ? __pfx___alloc_skb+0x10/0x10
[  128.720498][ T7636]  netlink_alloc_large_skb+0x69/0x130
[  128.720521][ T7636]  netlink_sendmsg+0x6a1/0xdd0
[  128.720538][ T7636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.720550][ T7636]  ? __import_iovec+0x1dd/0x650
[  128.720563][ T7636]  ____sys_sendmsg+0xa95/0xc70
[  128.720586][ T7636]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.720598][ T7636]  ? get_compat_msghdr+0x11a/0x170
[  128.720614][ T7636]  ___sys_sendmsg+0x134/0x1d0
[  128.720632][ T7636]  ? __pfx____sys_sendmsg+0x10/0x10
[  128.720654][ T7636]  ? find_held_lock+0x2b/0x80
[  128.720674][ T7636]  __sys_sendmsg+0x16d/0x220
[  128.720683][ T7636]  ? __pfx___sys_sendmsg+0x10/0x10
[  128.720699][ T7636]  ? rcu_is_watching+0x12/0xc0
[  128.720711][ T7636]  __do_fast_syscall_32+0x7c/0x3a0
[  128.720722][ T7636]  do_fast_syscall_32+0x32/0x80
[  128.720732][ T7636]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  128.720745][ T7636] RIP: 0023:0xf708e579
[  128.720754][ T7636] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  128.720763][ T7636] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  128.720773][ T7636] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140
[  128.720779][ T7636] RDX: 0000000020000004 RSI: 0000000000000000 RDI: 0000000000000000
[  128.720785][ T7636] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  128.720790][ T7636] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  128.720795][ T7636] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  128.720808][ T7636]  </TASK>
[  128.935817][ T7631] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  129.357444][ T7660] Driver unsupported XDP return value 0 on prog  (id 70) dev N/A, expect packet loss!
[  129.861071][ T1142] Bluetooth: Error in BCSP hdr checksum
[  130.130612][ T7675] netlink: 40 bytes leftover after parsing attributes in process `syz.4.274'.
[  130.191615][ T7677] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  130.330581][ T5950] vhci_hcd: vhci_device speed not set
[  130.606505][ T7689] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  130.609303][ T7689] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  130.613255][ T7689] vhci_hcd vhci_hcd.0: Device attached
[  130.699753][ T6024] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  130.841662][ T7692] vhci_hcd: connection closed
[  130.841887][   T12] vhci_hcd: stop threads
[  130.845017][   T12] vhci_hcd: release socket
[  130.847984][   T12] vhci_hcd: disconnect device
[  130.853897][ T6024] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  130.857476][ T6024] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  130.862910][ T6024] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  130.866373][ T6024] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  130.871912][ T6024] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  130.874847][ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.880107][ T6173] usb 43-1: new low-speed USB device number 6 using vhci_hcd
[  130.880906][ T6024] usb 5-1: config 0 descriptor??
[  130.882629][ T6173] usb 43-1: enqueue for inactive port 0
[  130.887681][ T7686] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  130.970068][ T6173] vhci_hcd: vhci_device speed not set
[  131.530216][ T6024] usbhid 5-1:0.0: can't add hid device: -71
[  131.532547][ T6024] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  131.549542][ T6024] usb 5-1: USB disconnect, device number 4
[  131.600392][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  132.490816][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  132.493326][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  132.750175][ T1421] ==================================================================
[  132.752748][ T1421] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90
[  132.755197][ T1421] Read of size 8 at addr ffff888050f0d020 by task aoe_tx0/1421
[  132.758754][ T1421] 
[  132.759834][ T1421] CPU: 0 UID: 0 PID: 1421 Comm: aoe_tx0 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  132.759847][ T1421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.759855][ T1421] Call Trace:
[  132.759860][ T1421]  <TASK>
[  132.759865][ T1421]  dump_stack_lvl+0x116/0x1f0
[  132.759885][ T1421]  print_report+0xcd/0x680
[  132.759895][ T1421]  ? __virt_addr_valid+0x81/0x610
[  132.759905][ T1421]  ? __phys_addr+0xe8/0x180
[  132.759915][ T1421]  ? tty_write_room+0x7d/0x90
[  132.759928][ T1421]  kasan_report+0xe0/0x110
[  132.759937][ T1421]  ? tty_write_room+0x7d/0x90
[  132.759950][ T1421]  tty_write_room+0x7d/0x90
[  132.759962][ T1421]  handle_tx+0x14f/0x630
[  132.759975][ T1421]  dev_hard_start_xmit+0x94/0x740
[  132.759991][ T1421]  __dev_queue_xmit+0x7eb/0x43e0
[  132.760006][ T1421]  ? lockdep_hardirqs_on+0x7c/0x110
[  132.760021][ T1421]  ? finish_task_switch.isra.0+0x221/0xc10
[  132.760032][ T1421]  ? rcu_is_watching+0x12/0xc0
[  132.760042][ T1421]  ? __pfx___dev_queue_xmit+0x10/0x10
[  132.760057][ T1421]  ? __lock_acquire+0xb8a/0x1c90
[  132.760070][ T1421]  ? __lock_acquire+0xb8a/0x1c90
[  132.760084][ T1421]  ? do_raw_spin_lock+0x12c/0x2b0
[  132.760099][ T1421]  ? find_held_lock+0x2b/0x80
[  132.760109][ T1421]  ? skb_dequeue+0x126/0x180
[  132.760121][ T1421]  ? find_held_lock+0x2b/0x80
[  132.760130][ T1421]  ? rcu_is_watching+0x12/0xc0
[  132.760140][ T1421]  tx+0xcc/0x190
[  132.760151][ T1421]  ? __pfx_tx+0x10/0x10
[  132.760161][ T1421]  kthread+0x1e1/0x3e0
[  132.760170][ T1421]  ? find_held_lock+0x2b/0x80
[  132.760179][ T1421]  ? __pfx_kthread+0x10/0x10
[  132.760188][ T1421]  ? __pfx_default_wake_function+0x10/0x10
[  132.760198][ T1421]  ? lockdep_hardirqs_on+0x7c/0x110
[  132.760213][ T1421]  ? __kthread_parkme+0x19e/0x250
[  132.760225][ T1421]  ? __pfx_kthread+0x10/0x10
[  132.760233][ T1421]  kthread+0x3c2/0x780
[  132.760247][ T1421]  ? __pfx_kthread+0x10/0x10
[  132.760260][ T1421]  ? rcu_is_watching+0x12/0xc0
[  132.760270][ T1421]  ? __pfx_kthread+0x10/0x10
[  132.760283][ T1421]  ret_from_fork+0x5d4/0x6f0
[  132.760296][ T1421]  ? __pfx_kthread+0x10/0x10
[  132.760309][ T1421]  ret_from_fork_asm+0x1a/0x30
[  132.760323][ T1421]  </TASK>
[  132.760326][ T1421] 
[  132.828013][ T1421] Allocated by task 7738:
[  132.829389][ T1421]  kasan_save_stack+0x33/0x60
[  132.830936][ T1421]  kasan_save_track+0x14/0x30
[  132.832444][ T1421]  __kasan_kmalloc+0xaa/0xb0
[  132.834026][ T1421]  alloc_tty_struct+0x96/0x8c0
[  132.835668][ T1421]  tty_init_dev.part.0+0x1e/0x500
[  132.837285][ T1421]  tty_open+0xa50/0xf90
[  132.838636][ T1421]  chrdev_open+0x231/0x6a0
[  132.840058][ T1421]  do_dentry_open+0x744/0x1c10
[  132.841572][ T1421]  vfs_open+0x82/0x3f0
[  132.842867][ T1421]  path_openat+0x1de4/0x2cb0
[  132.844371][ T1421]  do_filp_open+0x20b/0x470
[  132.845912][ T1421]  do_sys_openat2+0x11b/0x1d0
[  132.847794][ T1421]  __ia32_compat_sys_openat+0x16d/0x210
[  132.849586][ T1421]  __do_fast_syscall_32+0x7c/0x3a0
[  132.851200][ T1421]  do_fast_syscall_32+0x32/0x80
[  132.852731][ T1421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.854718][ T1421] 
[  132.855491][ T1421] Freed by task 72:
[  132.856710][ T1421]  kasan_save_stack+0x33/0x60
[  132.858211][ T1421]  kasan_save_track+0x14/0x30
[  132.859703][ T1421]  kasan_save_free_info+0x3b/0x60
[  132.861276][ T1421]  __kasan_slab_free+0x51/0x70
[  132.862768][ T1421]  kfree+0x2b4/0x4d0
[  132.863971][ T1421]  process_one_work+0x9cf/0x1b70
[  132.865484][ T1421]  worker_thread+0x6c8/0xf10
[  132.866927][ T1421]  kthread+0x3c2/0x780
[  132.868201][ T1421]  ret_from_fork+0x5d4/0x6f0
[  132.869643][ T1421]  ret_from_fork_asm+0x1a/0x30
[  132.871138][ T1421] 
[  132.871900][ T1421] Last potentially related work creation:
[  132.873643][ T1421]  kasan_save_stack+0x33/0x60
[  132.875078][ T1421]  kasan_record_aux_stack+0xa7/0xc0
[  132.876723][ T1421]  insert_work+0x36/0x230
[  132.878097][ T1421]  __queue_work+0x97e/0x10f0
[  132.879538][ T1421]  queue_work_on+0x1a4/0x1f0
[  132.880981][ T1421]  release_tty+0x4de/0x5d0
[  132.882404][ T1421]  tty_release_struct+0xb7/0xe0
[  132.883976][ T1421]  tty_release+0xe2d/0x1430
[  132.885318][ T1421]  __fput+0x402/0xb70
[  132.886524][ T1421]  task_work_run+0x150/0x240
[  132.887880][ T1421]  exit_to_user_mode_loop+0xeb/0x110
[  132.889539][ T1421]  __do_fast_syscall_32+0x2ac/0x3a0
[  132.891200][ T1421]  do_fast_syscall_32+0x32/0x80
[  132.892733][ T1421]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.894723][ T1421] 
[  132.895494][ T1421] The buggy address belongs to the object at ffff888050f0d000
[  132.895494][ T1421]  which belongs to the cache kmalloc-cg-2k of size 2048
[  132.899891][ T1421] The buggy address is located 32 bytes inside of
[  132.899891][ T1421]  freed 2048-byte region [ffff888050f0d000, ffff888050f0d800)
[  132.904068][ T1421] 
[  132.904841][ T1421] The buggy address belongs to the physical page:
[  132.906867][ T1421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x50f08
[  132.909576][ T1421] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  132.912194][ T1421] memcg:ffff88806a097c01
[  132.913532][ T1421] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  132.915920][ T1421] page_type: f5(slab)
[  132.917181][ T1421] raw: 04fff00000000040 ffff88801b44c140 ffffea0001b45400 dead000000000002
[  132.919762][ T1421] raw: 0000000000000000 0000000080080008 00000000f5000000 ffff88806a097c01
[  132.922444][ T1421] head: 04fff00000000040 ffff88801b44c140 ffffea0001b45400 dead000000000002
[  132.925125][ T1421] head: 0000000000000000 0000000080080008 00000000f5000000 ffff88806a097c01
[  132.927830][ T1421] head: 04fff00000000003 ffffea000143c201 00000000ffffffff 00000000ffffffff
[  132.930540][ T1421] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  132.933227][ T1421] page dumped because: kasan: bad access detected
[  132.935235][ T1421] page_owner tracks the page as allocated
[  132.937037][ T1421] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5941, tgid 5941 (syz-executor), ts 47257496660, free_ts 46415545692
[  132.943604][ T1421]  post_alloc_hook+0x1c0/0x230
[  132.945120][ T1421]  get_page_from_freelist+0x1321/0x3890
[  132.946882][ T1421]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  132.948722][ T1421]  alloc_pages_mpol+0x1fb/0x550
[  132.950259][ T1421]  new_slab+0x23b/0x330
[  132.951603][ T1421]  ___slab_alloc+0xd9c/0x1940
[  132.953093][ T1421]  __slab_alloc.constprop.0+0x56/0xb0
[  132.954790][ T1421]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  132.956767][ T1421]  kmemdup_noprof+0x29/0x60
[  132.958197][ T1421]  __devinet_sysctl_register+0xbc/0x360
[  132.959919][ T1421]  devinet_sysctl_register+0x17b/0x200
[  132.961629][ T1421]  inetdev_init+0x2b8/0x5a0
[  132.963090][ T1421]  inetdev_event+0xc5f/0x18a0
[  132.964594][ T1421]  notifier_call_chain+0xbc/0x410
[  132.966198][ T1421]  call_netdevice_notifiers_info+0xbe/0x140
[  132.968117][ T1421]  register_netdevice+0x182e/0x2270
[  132.969769][ T1421] page last free pid 5882 tgid 5882 stack trace:
[  132.971775][ T1421]  __free_frozen_pages+0x7fe/0x1180
[  132.973419][ T1421]  page_frag_free+0x27f/0x2e0
[  132.974931][ T1421]  skb_free_head+0xa4/0x210
[  132.976390][ T1421]  skb_release_data+0x776/0x9c0
[  132.977934][ T1421]  skb_attempt_defer_free+0x1b0/0x620
[  132.979663][ T1421]  tcp_recvmsg_locked+0x1251/0x2880
[  132.981324][ T1421]  tcp_recvmsg+0x12f/0x680
[  132.982787][ T1421]  inet_recvmsg+0x12a/0x6a0
[  132.984242][ T1421]  sock_recvmsg+0x1b2/0x250
[  132.985697][ T1421]  sock_read_iter+0x2b9/0x3b0
[  132.987217][ T1421]  vfs_read+0xa98/0xc60
[  132.988564][ T1421]  ksys_read+0x1f8/0x250
[  132.989925][ T1421]  do_syscall_64+0xcd/0x490
[  132.991379][ T1421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.993243][ T1421] 
[  132.994025][ T1421] Memory state around the buggy address:
[  132.995799][ T1421]  ffff888050f0cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  132.998290][ T1421]  ffff888050f0cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  133.000803][ T1421] >ffff888050f0d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.003292][ T1421]                                ^
[  133.004914][ T1421]  ffff888050f0d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.007433][ T1421]  ffff888050f0d100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  133.009923][ T1421] ==================================================================
[  133.012461][    C0] vkms_vblank_simulate: vblank timer overrun
[  133.014430][ T1421] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  133.016700][ T1421] CPU: 0 UID: 0 PID: 1421 Comm: aoe_tx0 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[  133.019809][ T1421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.023125][ T1421] Call Trace:
[  133.024189][ T1421]  <TASK>
[  133.025129][ T1421]  dump_stack_lvl+0x3d/0x1f0
[  133.026645][ T1421]  panic+0x71c/0x800
[  133.027920][ T1421]  ? __pfx_panic+0x10/0x10
[  133.029421][ T1421]  ? irqentry_exit+0x3b/0x90
[  133.030954][ T1421]  ? lockdep_hardirqs_on+0x7c/0x110
[  133.032598][ T1421]  ? tty_write_room+0x7d/0x90
[  133.034088][ T1421]  ? check_panic_on_warn+0x1f/0xb0
[  133.035725][ T1421]  ? tty_write_room+0x7d/0x90
[  133.037227][ T1421]  check_panic_on_warn+0xab/0xb0
[  133.038827][ T1421]  end_report+0x107/0x170
[  133.040207][ T1421]  kasan_report+0xee/0x110
[  133.041621][ T1421]  ? tty_write_room+0x7d/0x90
[  133.043115][ T1421]  tty_write_room+0x7d/0x90
[  133.044554][ T1421]  handle_tx+0x14f/0x630
[  133.045917][ T1421]  dev_hard_start_xmit+0x94/0x740
[  133.047542][ T1421]  __dev_queue_xmit+0x7eb/0x43e0
[  133.049119][ T1421]  ? lockdep_hardirqs_on+0x7c/0x110
[  133.050684][ T1421]  ? finish_task_switch.isra.0+0x221/0xc10
[  133.052462][ T1421]  ? rcu_is_watching+0x12/0xc0
[  133.053960][ T1421]  ? __pfx___dev_queue_xmit+0x10/0x10
[  133.055622][ T1421]  ? __lock_acquire+0xb8a/0x1c90
[  133.057201][ T1421]  ? __lock_acquire+0xb8a/0x1c90
[  133.058773][ T1421]  ? do_raw_spin_lock+0x12c/0x2b0
[  133.060354][ T1421]  ? find_held_lock+0x2b/0x80
[  133.061831][ T1421]  ? skb_dequeue+0x126/0x180
[  133.063308][ T1421]  ? find_held_lock+0x2b/0x80
[  133.064796][ T1421]  ? rcu_is_watching+0x12/0xc0
[  133.066325][ T1421]  tx+0xcc/0x190
[  133.067484][ T1421]  ? __pfx_tx+0x10/0x10
[  133.068803][ T1421]  kthread+0x1e1/0x3e0
[  133.070099][ T1421]  ? find_held_lock+0x2b/0x80
[  133.071588][ T1421]  ? __pfx_kthread+0x10/0x10
[  133.073048][ T1421]  ? __pfx_default_wake_function+0x10/0x10
[  133.074838][ T1421]  ? lockdep_hardirqs_on+0x7c/0x110
[  133.076490][ T1421]  ? __kthread_parkme+0x19e/0x250
[  133.078088][ T1421]  ? __pfx_kthread+0x10/0x10
[  133.079550][ T1421]  kthread+0x3c2/0x780
[  133.080847][ T1421]  ? __pfx_kthread+0x10/0x10
[  133.082321][ T1421]  ? rcu_is_watching+0x12/0xc0
[  133.083840][ T1421]  ? __pfx_kthread+0x10/0x10
[  133.085189][ T1421]  ret_from_fork+0x5d4/0x6f0
[  133.086779][ T1421]  ? __pfx_kthread+0x10/0x10
[  133.088512][ T1421]  ret_from_fork_asm+0x1a/0x30
[  133.090424][ T1421]  </TASK>
[  133.092433][ T1421] Kernel Offset: disabled
[  133.093822][ T1421] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:05:26  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff8557d490 RDI=ffffffff9ae6ca80 RBP=ffffffff9ae6ca40 RSP=ffffc9000761f3e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35cd9a2 R15=dffffc0000000000
RIP=ffffffff8557d4b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097762000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000560b149c0330 CR3=000000000e182000 CR4=00352ef0
DR0=000003ffffffffff DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88804f3ae098 RCX=ffffc9000cc31000 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8dd04b15 RBP=1ffff920005eceeb RSP=ffffc90002f676e0
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000002 R11=0000000000000001
R12=ffffffff8a21e0d6 R13=0000000000000206 R14=ffff8880222b4880 R15=ffff88804f3ae030
RIP=ffffffff8b7bf510 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097862000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f2feffc CR3=000000006f9fb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000242400000000 0000000d00000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff888024998000
RSI=ffffffff8169e3e1 RDI=ffffffff8bf559e0 RBP=ffff88805eea0d40 RSP=ffffc900046f76a8
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90882757 R11=0000000000000001
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b43cd40 R15=ffffed100bdd41a8
RIP=ffffffff8b7bd7cf RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097962000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f5e6ffc CR3=0000000050fdd000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001d9675 RBX=0000000000000003 RCX=ffffffff8b7bec69 RDX=0000000000000000
RSI=ffffffff8dc12c9a RDI=ffffffff8bf559e0 RBP=ffffed10037e1000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6645 R10=ffff88802b53322b R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf08000 R14=ffffffff90882750 R15=0000000000000000
RIP=ffffffff8b7bd7cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a62000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000081000000 CR3=0000000050fdd000 CR4=00352ef0
DR0=000003ffffffffff DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000