last executing test programs:

8m3.103759519s ago: executing program 3 (id=1768):
tkill(0x0, 0x2a)
madvise(&(0x7f0000000000/0x12000)=nil, 0x12000, 0x65)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x6020400)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x88)
r2 = openat$cgroup_int(r1, &(0x7f0000000040)='pids.max\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f0000000100)=0x4, 0x12)

8m2.850135132s ago: executing program 3 (id=1774):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000001c0)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x70bd28, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x9}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x1}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400dc}, 0x800)

8m0.714886032s ago: executing program 3 (id=1782):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x1)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000140)={0x4, 0x0, 0x6257036f}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe020002000200000800040001000000", 0x24)

7m59.282670776s ago: executing program 3 (id=1789):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x88840, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40400c4}}], 0x1, 0x800)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000002c0)=[@text16={0x10, &(0x7f0000000080)="360f7883b81e2626660fc7350ff4650666b95c0300000f32f4656df30f09e3650f01efeff8000f0d35", 0x29}], 0x1, 0x2, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000fce000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x3, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x3, 0x0, 0x2080, {0x0, 0xffff1000}, {"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008bc584c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f6f38740000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a4900"}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m58.679631921s ago: executing program 3 (id=1793):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x7d, &(0x7f0000000080)={r1, 0x8000}, 0x8)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000080)="d3d0666d223e4686", 0x8)

7m58.294681696s ago: executing program 3 (id=1795):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad00"/16, 0x10)
recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)

7m42.982255408s ago: executing program 32 (id=1795):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="ad00"/16, 0x10)
recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)

6m36.60551365s ago: executing program 0 (id=2055):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x8015, 0x3, 'dh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

6m34.337182371s ago: executing program 0 (id=2058):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$inet(0x2, 0x4, 0x38000)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101840, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140)=0x4)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8003, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x9, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x28, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x1000, 0xffff, 0x0, 0x8000, 0x4, 0x8008, 0x400, 0xd, 0x3, 0x5, 0x800006, 0x8, 0x4, 0x3, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e5, 0xc488, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xffffffff, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x7, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7dff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x7, 0x3e7, 0xf, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa5, 0x5, 0x6, 0xac6, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x6, 0x7, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0xfffffffd, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff001, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x4, 0x8, 0x30b1d693, 0xa1f, 0x4, 0x400, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb3e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r4, 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r5, 0x40085112, &(0x7f0000000100)=@e={0xff, 0xa, 0x2, 0x4, @SEQ_CONTROLLER=0xfe, 0xff, 0x5, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)

6m28.936945521s ago: executing program 0 (id=2063):
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e61, 0x2, @loopback, 0x7fffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89c, 0xc000, 0x8, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff0}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)="581a17919cc7743151", 0x9}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "160200", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000e40)=[{&(0x7f0000000f40)=""/250, 0xff1}], 0x1)

6m28.685935861s ago: executing program 0 (id=2066):
socket$inet6(0xa, 0x3, 0x2f)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
set_mempolicy(0x1, &(0x7f0000000040)=0x100000000401, 0xe)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x4004)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000200)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34371113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x13ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0})
io_uring_setup(0x3297, 0x0)

6m26.930270986s ago: executing program 0 (id=2068):
r0 = inotify_init()
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0x1002, 0x5)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r5 = open$dir(0x0, 0x800, 0x41)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r7, 0x4040ae9e, 0x0)
getdents64(r5, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6m26.893777717s ago: executing program 0 (id=2069):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, 0x0, 0x8, 0x800)
pipe2(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10122, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001280)={0xffffffffffffffff, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xc, 0x1d, "fee8a2ab78fc179fd1f809000000aca7ca64c6a4b4e00d9683dda1af01000000deff1200100000000000000000000000000800", "2809e8dbe1b22d0000b420a1a93c7540f476779e0117613dd4070000ebff08000000000000000000020000000800000000faffffff00", "e7460000102000000019c7440000080000000000000000000000008bd02800", [0xe0]}})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)

6m10.998450677s ago: executing program 33 (id=2069):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = msgget$private(0x0, 0x0)
msgsnd(r0, 0x0, 0x8, 0x800)
pipe2(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10122, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001280)={0xffffffffffffffff, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xc, 0x1d, "fee8a2ab78fc179fd1f809000000aca7ca64c6a4b4e00d9683dda1af01000000deff1200100000000000000000000000000800", "2809e8dbe1b22d0000b420a1a93c7540f476779e0117613dd4070000ebff08000000000000000000020000000800000000faffffff00", "e7460000102000000019c7440000080000000000000000000000008bd02800", [0xe0]}})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)

4m1.200131652s ago: executing program 4 (id=3275):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="05022bbd7000fddbdf25120000001800018014000200626f6e645f736c6176655f3100000000080009"], 0x34}}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xcf50, 0x0, 0xffff, 0x99fe, 0x11, ')\x00'})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062007d82000000000000002240f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

4m0.226782936s ago: executing program 4 (id=3285):
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0), 0x48081, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004"], 0x50)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004084)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3m59.601982434s ago: executing program 4 (id=3291):
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe(&(0x7f0000000500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r1, 0x0, 0xf3a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
tee(r0, r4, 0xf3a, 0x4)
write$binfmt_elf64(r2, &(0x7f0000000380)=ANY=[], 0x18c6)

3m59.423209712s ago: executing program 4 (id=3292):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2042, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)

3m59.347992097s ago: executing program 4 (id=3294):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x44001}, 0x8010)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x2, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r1, &(0x7f00000015c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000054000147880000000000000007008209", @ANYRES32=r4, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00001000e000030000010001000000000000000008"], 0x38}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x2000000)

3m58.679645311s ago: executing program 4 (id=3301):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000d00)=@raw={'raw\x00', 0x41, 0x3, 0x1f8, 0x0, 0x50020000, 0x0, 0x0, 0x0, 0x160, 0x1f0, 0x1f0, 0x160, 0x1f0, 0x3, 0x0, {[{{@ip={@remote, @multicast2, 0xff, 0x0, 'wg2\x00', 'vlan1\x00', {}, {}, 0x6, 0x3, 0x35}, 0x0, 0x70, 0xd0, 0x0, {0x0, 0xffffffffa0028000}}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote, 0x0, 0xe, [0x1a, 0x14, 0x2e, 0x3e, 0x35, 0x3a, 0x2e, 0x1c, 0x15, 0x3a, 0x32, 0x3, 0x1d, 0x25, 0x1b, 0x24], 0x2, 0x2, 0x9}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x258)
r3 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r3, 0x40043d0d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000a00)={{0x0, 0x0, 0x40, 0x2, 0x5}, {&(0x7f0000000580)=[{0x8, 0x4}, {0x4, 0x100000001}, {0x8000, 0x9}, {0x7, 0x2}, {0x6, 0x1}, {0x4, 0x81}], 0x6, 0x10, 0x9, 0x8e}, {&(0x7f0000000600)=[0x0, 0x8, 0x6b244efd, 0x6c3a, 0x4, 0x101, 0x5, 0x5], 0x8, 0x8, 0x5, 0x81}, {&(0x7f0000000880)=[{0x63c, 0x8000, 0x80000001, 0x2, 0x7}, {0x4, 0x8000000000000001, 0x1, 0x7}, {0xbe4, 0x1, 0xffffffffffff301f, 0xac, 0x40}, {0x4, 0x3ff, 0x8000, 0x6, 0x7}, {0x322, 0x3ad, 0x18c0, 0x3}, {0x2, 0x7, 0x10001, 0x3, 0x7}, {0x9, 0x5, 0x2fe9, 0x8, 0x100}, {0x8, 0x1, 0x3ff, 0xfffffffffffffffe, 0x1}], 0x8, 0x28, 0xd, 0x4}, {&(0x7f00000009c0)=[0x5, 0xfff, 0x83], 0x3, 0x8, 0x0, 0xa745}})
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB, @ANYRESHEX=r4])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="7800000000010104000000000000000002000000240001801400018008000100ac1e000108000200ac1414000c00028005000100000000002c0002800c00028005000100000000001400018008000100ac1e01030800020000000000080007400000000014001880080001400000000005"], 0x78}}, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000380)={0x9, 0x4, {0xffffffffffffffff}, {<r7=>0xee01}, 0xfffffffffffffff7, 0x3})
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000480)=@v3={0x3000000, [{0x1e0b, 0x5f}, {0x2, 0x3}], r7}, 0x18, 0x1)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@dellink={0x34, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1020, 0x40000}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_vlan\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
write(r6, &(0x7f0000002400)="c25184b9eb34406ab77e97d5394b557cd03f620ee2b0473915f6e82d15af0f4b09f561b72a588d26ad778b3449d98b229e0a63411d0a30f33a70e7b26b40f04a36870f69a36c86db5da939bf7de16738927a40260649a407eafca77ba2cdcea7a34aed7d9eb42db1ea8128a884a6ca6ac8e5ead3231439891807fd4c9e428ee475eff27c87e2d469cc4591e4805c9d783e65ea30e9a425fc44c6ced14a17a91aa05427d0fb4fff34686bde54eae7bb528d02f466c8dbb721da27c4bdbb24c72639dc4124f2d3147d30997bc2e3ea59a270472647f0c5dfe98b459a9ad9d48c3e97ac5eedda9e5aecb9d32470b2e32b213adbec101722fd09b82cb12fb4fb020914bd5be68871eb80501238efa638ad77cc9fdc7f9f4660f8e57bb476ea7b170dc03b72e29c307750f29855a6a7882a26bd385491e05adf5756e04a0e8ff6a5c4db72e4311e88208faf2f0f6ed6b323b50315842aa7f4580a9bb605405c583a6b67bff50b8c745ef0e566ddaadc4ffdaa17a24cd5bfa6ba136413de20c7e331ee2a2875f525f22a18a65655235858e6f315c0ccac186399d13b781036519cc92164ca0868788249843b5ddf6bbe57f3c9b2906458549bded6adeca5481763ab2da844d415a5e6f179c98e23d9420d0c07bdd0409ab64a264f18e5597bfb5d9d2c9c04d8b10fd90aac5087ff5ea127ad1cfc989cba60029c448a7b79e9dba48ad972bbe92348b4d836e83dde1531bf74763af6245e47c60edcda9b97322b08cc825c671627942e72d5c34b462ddbffe0b9716ad55a685831f5130ac18a1ddafaa48558ba282c699d2cc1226d981ba5e4fa5ad471c5db18eda359f81b1054e648e60788cf6f5ee75f1088328b3e8cb2d50aaac9cdd7bcd3ae73e7cd94f259ec9a07a0785a772d4ccc688af04727fa5305cff98d6992ff55e564888d09c16349a21c7a242a70189f3ff67a74388e18b8d45c9ba5f00fb11d8a3381e2d882388cff9714a00e030c824cc857d59529efe1ce74129218f82ade6f0a80c6dbc21bd1f281f7b04cc77d8bb3f295aacad9d898d6db928734c25635d64f721e5949754b424d7124699809603705af69cf64d096f618dc6621b1fe00d5b25dadfb993af8e6ad537c1a17325c443f76555d7b1c85aa3dca82af07ed7318fd1a5ee62002683d7866cf57b0f9c344eac9377a746e48fb34807168d14b29735659735221931eaff9b7b6baf936c6993db692e8c249025d1486e3076eb6bfe0448c3ca976baa3bf95461dac69083324a00c3c733b7b8312573ff40a3ad10ca42348d5fed71ea018e142ddbf881b1fe5959498fce07586ffa532ff4fd26571a9daac80b594e753243b1b91b07c83100d6f9a5e8db5d13637163a6075cda9c795b0dc35f65c0d20d0f99c87873eeb54f61661d6e9331a02c50742c45c652b165cee6ba5e11b75a2b93aa69befad45a0b911ac528917a16914f5ddd57dbe33e836e4f154b2e6c87bc49f5cb17cc697f0799e4081873ea64600a37d9416d06158ac5c24cfd158d9b9b24742a234bfe1f81f688519bc8748af853a100389b8b29607cf6543215618f8226eef6995b18523605c93378883e10895eaefdb1502c045a273d84dc413ca1684b97c9d0b9c9c2894a490d26a84759a5d30001c7815c1392937abcdc69116752898aff91c37a46f396545b66d1a7d029a72b5b3a29aa008c33f8eb0a850c6bd6d062d016eaebac481320d38bf4146bc5ece05e9696d503284f43d2e51e6a16b3dd78e94d7a31a763020a0235df0b013f0c98705198794d1b97fa36a974d7dbc1f402c6d3574046b0dd763a334f9d34afe55df96aaa1cbcfd43af485d5c2a4a0012895ecd88a407fb18eb9867ea1c897efd73174aaa6a507fafa651b44a20f98c7f853ca5b945b144b4107eea9a9f1af9545cf77648af4b8479287de6332d28afdf65f7a9b9318ea9bb73935a7f1ec0f11fed4101a93b15bd5be0a8fd0c37cc7b6e96609f2475e048419c936c9e19975534f3b2ca4f90fb426af0277f36cecb213c40058cc71d80624f36f254235d912a9a80a18cb676118c592d998d701382cfb51296fadd9613a4579d27672f15223d2f3ea356f256d9a090d6fb6ae79e50652a4ecb15271a075d29030b06acc6ab4c37ccb99cfa9b0be9979f69efb7b91c8f433a6468e34a779674e18a04a0cd47c62513f7c3f9ae5ae45b95818381b4df88519e690132eb1d83e6f99813ba6f8dbb63b890ab98251d62f8dc4b0e38cc298908b5eb9b395fb9b1d5bd04f4f5ea5d5a009bcb02f87aab803b7e7e8091e4babea3be0be24aa2badc9f4e511f5059ce77fdbccdc38cf7c4ecf8d0beb1c6f6db0af6daf50d7b2832bfa163f91cd77097c6a337d7dda54a00b61a9e89a8fa29a4bbc95f16feb86f12f1dacc8bffe3b1c71ec24c88a107f07e0d68a36907c5b2efb8099119fca518ac17559c9621bb80ace17eb2c3e716d1f03ad1ec797893d07d7dd4f91f5d10c4e023f99e0d93b2314433753c164c614aacaac7e5ef7418041924c7376e8d07418e924df2f63b8787e2b3baae648e12f3d6ab9f5ffc0f010ca41829052ae2af95e66e153f217597fd8abc68a024ffd646136cd7b9eea67dc1235b245d060aed3f982f6d0b121a1949fb261179178404767b51bc1c5679ccc1bc415cd76f12434f2b790665b1be1dd684900c9d18b60ef7900e8be7abad39aa59d1015c7a566784e2edd89138a8de4065d87e0e25af77cb97e255f328434dc10d174befed8113669eb4c6897924380522f908c0c56fae03e39c2a48a2cf2d1c61a684c9e631d2869a2970fbfdd82686b3ffa55aa2c327cac607f80e89a25977fc0b77df41f85d071a31d7654907822b35b26187b35eee1c075b14110d34627d5280737ab8dd69e1bcfbd1ca4a02c1b92eb3b568b414f318cdd7bfd780665f1a57a7c65199421426982e38b6b71b243349d356dc6c2d398946874500aa0913f862b50b33b55c19ed934c6fe2c09b7d291d6b27edea0095e9293fbed6eac9d325d94e5075e20ade7c1ce033361107470497e16544ab68c0ae23871e87f94372ed5ee62e75ae5b912c8b76f823fb561cc755cd999208127b84e7ebba139f7164f7d97e8e69a95eff318d7d9f5af81e2d9b1b1db316e2d5fbcee6ca33450a1b08e2b3c6a714a3100268e082ea7b680318eb946f63428d6329a77392fa3fbdc4def191aadaaa581dfb6a7a776bf11b5122f14eaf434face7426dbd24d0511e333126e70f1188867bce010de217a010f0f6299c24ccfc1bc0cdd7ff159f3ad20fc5b1713844cf55692daf20236455f93bf6fc0bc65a9a38b01404617a1ab22f5afba1b11ecc66298ce229ad301542945c3a682be7e1117016a6b6886b225f66e89f864dd492866ae142148b6732a5027241c5d983ecc50404feb527ac302f451203fb1cb0e680374b0ea71c48b6400d8130fda9c796536574a1b4896330e6da792730128a2aaface55213a454e6cc3da8bb602deaf7a5fdadd56a834989f5d4b4efe9ec77f5223936252747fd3fe4f327e19d82c063cfcab217a2676c6a961891bd72bc95bbdd98f4f81c855c2432e88c0534ca1fb8f049dfd9834cc06a9434692220189a9f20d0c04dd11273be59754648542fffcfe6f8347fa1ad382aca6f3e1d67c010eea33dfe57680170119d02f89679a11682e7928d23f3a72821edf842b3f2f773959c9295b73e4638df63c9a186216422a68fc51798f974b1512286f6d99ce89f62a9eeea0853b25a356c523891ce39f34d56ab6e0a1ffc3b3eb30b619c996dafe58617282b86e35052f74a79555dce738d42bd70c4452e514950491179a3a2a4fb4baf7f6244f0f94601724792449b4a7804a032ce7b43532bc19610ce94ae8e60e9a0dc29e25ac67f9afd2bb977cb41cc908af9d458ae5675292866154083a136022b6bdea3296f9065fc255913405637c3f01479dff83f6fb3b44d83eeb35889525f490166f0ec2b52a261f43d4dcbb17206dc8f349b55b8c8648e38fc2ad70472f70a9d502487a382dd8819a1c733637c1667a5cafb0bafcf51d1fa38147bb0daf58de79e6b13194d4f1b4402923ac34283d4f374632699ed96fad86d2075ab2d0b8328a6db8c6162237d2075c1a59b8e6abcb1f7794185176c17ea12f67ec292bfd90d2a43608127ff026d985fb83a1e362b3c9cf0fe128242361b066c9ad9b6df9f9a718543a3edbc8379a58b83b67b625635eaa01348acea11cde0193dc0e2f5e25749d285f83e43e7d6a8288b5374eeaf91418e8ae5c4bd0116d638a1d1f3db89a0f09164a672ba6963bf081a049b86dd1068065a466aef13657b9d6af5d4a942381e34ef0bad5c7fbdb1d9ab0e870024b394a08ad1f017924be0b532edfab82bf3c721cb4abbe0562bbbbc8ea6df251eacf4cc9f2dbc248b0ad64783010c610e842b172f4e985b6716c447dd7c0abadf11346ed5b75da6614b5c9d316b9402d1a615f811701f33ef5f086ce06ca3617b34c5df0656d09030e4f096b058d97cb224c3678ade980002918b297956652fd3ccb442654e897aa2f5550bf554dcb3fd6972c5d051dc33c8678f39132a9ede68890f32d6762ad486105244ee3da5557ab9e844e57faad58bd007d356847c40f00243851139039fd07144480e016a9d1a2674a1e172303e125ee549c5f48f64afdedf41dab4ef84341d0663f355b41ae91201614c5bb8a2716800b6157f961777bd7b7150b0a1ce2b045c304a84bf632a070e5b2025cf2bc10a072271c378e49c74a22da6f47321f596af6cf280c23b03b1c6645cf519e18d9e4b2c7f470120daee8c6a86d2f2e5df45ca2cd12fcb43cc4612108a3859bfaaae89185eb362608216416bb0d9d49d6ceb89df615353adfedb595d72892458b9d2bc23fa2c7f41228d2fcf175a207a0a3ab5f6ea545be3076237d76bb29d94bea5879fdf37e8a1a761dc995fcdf8d71c3587f4d4302622071f649b943899a804fbe207e07c986207622339c9fcebb2bf9ed686a5f944454e2a45b4164928060d68d0fc822c3795c9a72762b463c4765928cb70237cc41eff115422f5b861630dd9989a2a6ec80a50d3c224a9f945ca7061713e86f865887ec19ff1799ef48994c32cd783bf735ef47b959940e4d2d032a732b8f4659f02958d0606c419aedc85b49eb9618e179f5b7bb820aac7d43d46f93ba62253f04358f9136b76343f6293812f752b683ffff750e6acf28a4fec0b8b53bc06496b8e6459480cb66cca3ac918a808863078724af3a7f87b3ebdaf63801a4f35068d7dc54da44f0dbfa59780de728372e51f3b044bd10d8eb958fed01b42c8fb634aba57cd59ee196ef1d836149268617791a156ccfe6ae264c8ca9cf5829260b9e95a86dad9be08620cee544ac85fed0b191812027cbb029fc3db0b6274d6515ed034ff4c6d07c480979cddd851deaac25b3ca80e442a99209cf783601e86c7cfc432b43918a79444ced1aa7834d7c2f339659ac246b13a7d3ec50ad90b2ad8fe5c8d85691d771b7112e53f27e0f8ad73ca4ee174cee0cba3add2e99c28921f15a8f0b16cdd048c637a559547af4125c87b6800c47a741c17f25a76efc16a09eacb6a0705ac06c2b1a610f602adc57f8f3df8030676eef1299ecfc168759a99487b8c24015804ed85203b4daebc99963627686c41a82b22009584dd5afb53b33e38db71266c5b45e878f3ad5933a17c6dc3dcc099390ac7fe0c6eb3bff403cbc515908cb02a70f416cd72ad49298cbed00b1bd7b699f10838d", 0xff8)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r8)

3m58.432880228s ago: executing program 34 (id=3301):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000d00)=@raw={'raw\x00', 0x41, 0x3, 0x1f8, 0x0, 0x50020000, 0x0, 0x0, 0x0, 0x160, 0x1f0, 0x1f0, 0x160, 0x1f0, 0x3, 0x0, {[{{@ip={@remote, @multicast2, 0xff, 0x0, 'wg2\x00', 'vlan1\x00', {}, {}, 0x6, 0x3, 0x35}, 0x0, 0x70, 0xd0, 0x0, {0x0, 0xffffffffa0028000}}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @remote, 0x0, 0xe, [0x1a, 0x14, 0x2e, 0x3e, 0x35, 0x3a, 0x2e, 0x1c, 0x15, 0x3a, 0x32, 0x3, 0x1d, 0x25, 0x1b, 0x24], 0x2, 0x2, 0x9}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x258)
r3 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r3, 0x40043d0d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(r0, 0x40786e88, &(0x7f0000000a00)={{0x0, 0x0, 0x40, 0x2, 0x5}, {&(0x7f0000000580)=[{0x8, 0x4}, {0x4, 0x100000001}, {0x8000, 0x9}, {0x7, 0x2}, {0x6, 0x1}, {0x4, 0x81}], 0x6, 0x10, 0x9, 0x8e}, {&(0x7f0000000600)=[0x0, 0x8, 0x6b244efd, 0x6c3a, 0x4, 0x101, 0x5, 0x5], 0x8, 0x8, 0x5, 0x81}, {&(0x7f0000000880)=[{0x63c, 0x8000, 0x80000001, 0x2, 0x7}, {0x4, 0x8000000000000001, 0x1, 0x7}, {0xbe4, 0x1, 0xffffffffffff301f, 0xac, 0x40}, {0x4, 0x3ff, 0x8000, 0x6, 0x7}, {0x322, 0x3ad, 0x18c0, 0x3}, {0x2, 0x7, 0x10001, 0x3, 0x7}, {0x9, 0x5, 0x2fe9, 0x8, 0x100}, {0x8, 0x1, 0x3ff, 0xfffffffffffffffe, 0x1}], 0x8, 0x28, 0xd, 0x4}, {&(0x7f00000009c0)=[0x5, 0xfff, 0x83], 0x3, 0x8, 0x0, 0xa745}})
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB, @ANYRESHEX=r4])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="7800000000010104000000000000000002000000240001801400018008000100ac1e000108000200ac1414000c00028005000100000000002c0002800c00028005000100000000001400018008000100ac1e01030800020000000000080007400000000014001880080001400000000005"], 0x78}}, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000380)={0x9, 0x4, {0xffffffffffffffff}, {<r7=>0xee01}, 0xfffffffffffffff7, 0x3})
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000480)=@v3={0x3000000, [{0x1e0b, 0x5f}, {0x2, 0x3}], r7}, 0x18, 0x1)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@dellink={0x34, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1020, 0x40000}, [@IFLA_IFNAME={0x14, 0x3, 'veth1_vlan\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
write(r6, &(0x7f0000002400)="c25184b9eb34406ab77e97d5394b557cd03f620ee2b0473915f6e82d15af0f4b09f561b72a588d26ad778b3449d98b229e0a63411d0a30f33a70e7b26b40f04a36870f69a36c86db5da939bf7de16738927a40260649a407eafca77ba2cdcea7a34aed7d9eb42db1ea8128a884a6ca6ac8e5ead3231439891807fd4c9e428ee475eff27c87e2d469cc4591e4805c9d783e65ea30e9a425fc44c6ced14a17a91aa05427d0fb4fff34686bde54eae7bb528d02f466c8dbb721da27c4bdbb24c72639dc4124f2d3147d30997bc2e3ea59a270472647f0c5dfe98b459a9ad9d48c3e97ac5eedda9e5aecb9d32470b2e32b213adbec101722fd09b82cb12fb4fb020914bd5be68871eb80501238efa638ad77cc9fdc7f9f4660f8e57bb476ea7b170dc03b72e29c307750f29855a6a7882a26bd385491e05adf5756e04a0e8ff6a5c4db72e4311e88208faf2f0f6ed6b323b50315842aa7f4580a9bb605405c583a6b67bff50b8c745ef0e566ddaadc4ffdaa17a24cd5bfa6ba136413de20c7e331ee2a2875f525f22a18a65655235858e6f315c0ccac186399d13b781036519cc92164ca0868788249843b5ddf6bbe57f3c9b2906458549bded6adeca5481763ab2da844d415a5e6f179c98e23d9420d0c07bdd0409ab64a264f18e5597bfb5d9d2c9c04d8b10fd90aac5087ff5ea127ad1cfc989cba60029c448a7b79e9dba48ad972bbe92348b4d836e83dde1531bf74763af6245e47c60edcda9b97322b08cc825c671627942e72d5c34b462ddbffe0b9716ad55a685831f5130ac18a1ddafaa48558ba282c699d2cc1226d981ba5e4fa5ad471c5db18eda359f81b1054e648e60788cf6f5ee75f1088328b3e8cb2d50aaac9cdd7bcd3ae73e7cd94f259ec9a07a0785a772d4ccc688af04727fa5305cff98d6992ff55e564888d09c16349a21c7a242a70189f3ff67a74388e18b8d45c9ba5f00fb11d8a3381e2d882388cff9714a00e030c824cc857d59529efe1ce74129218f82ade6f0a80c6dbc21bd1f281f7b04cc77d8bb3f295aacad9d898d6db928734c25635d64f721e5949754b424d7124699809603705af69cf64d096f618dc6621b1fe00d5b25dadfb993af8e6ad537c1a17325c443f76555d7b1c85aa3dca82af07ed7318fd1a5ee62002683d7866cf57b0f9c344eac9377a746e48fb34807168d14b29735659735221931eaff9b7b6baf936c6993db692e8c249025d1486e3076eb6bfe0448c3ca976baa3bf95461dac69083324a00c3c733b7b8312573ff40a3ad10ca42348d5fed71ea018e142ddbf881b1fe5959498fce07586ffa532ff4fd26571a9daac80b594e753243b1b91b07c83100d6f9a5e8db5d13637163a6075cda9c795b0dc35f65c0d20d0f99c87873eeb54f61661d6e9331a02c50742c45c652b165cee6ba5e11b75a2b93aa69befad45a0b911ac528917a16914f5ddd57dbe33e836e4f154b2e6c87bc49f5cb17cc697f0799e4081873ea64600a37d9416d06158ac5c24cfd158d9b9b24742a234bfe1f81f688519bc8748af853a100389b8b29607cf6543215618f8226eef6995b18523605c93378883e10895eaefdb1502c045a273d84dc413ca1684b97c9d0b9c9c2894a490d26a84759a5d30001c7815c1392937abcdc69116752898aff91c37a46f396545b66d1a7d029a72b5b3a29aa008c33f8eb0a850c6bd6d062d016eaebac481320d38bf4146bc5ece05e9696d503284f43d2e51e6a16b3dd78e94d7a31a763020a0235df0b013f0c98705198794d1b97fa36a974d7dbc1f402c6d3574046b0dd763a334f9d34afe55df96aaa1cbcfd43af485d5c2a4a0012895ecd88a407fb18eb9867ea1c897efd73174aaa6a507fafa651b44a20f98c7f853ca5b945b144b4107eea9a9f1af9545cf77648af4b8479287de6332d28afdf65f7a9b9318ea9bb73935a7f1ec0f11fed4101a93b15bd5be0a8fd0c37cc7b6e96609f2475e048419c936c9e19975534f3b2ca4f90fb426af0277f36cecb213c40058cc71d80624f36f254235d912a9a80a18cb676118c592d998d701382cfb51296fadd9613a4579d27672f15223d2f3ea356f256d9a090d6fb6ae79e50652a4ecb15271a075d29030b06acc6ab4c37ccb99cfa9b0be9979f69efb7b91c8f433a6468e34a779674e18a04a0cd47c62513f7c3f9ae5ae45b95818381b4df88519e690132eb1d83e6f99813ba6f8dbb63b890ab98251d62f8dc4b0e38cc298908b5eb9b395fb9b1d5bd04f4f5ea5d5a009bcb02f87aab803b7e7e8091e4babea3be0be24aa2badc9f4e511f5059ce77fdbccdc38cf7c4ecf8d0beb1c6f6db0af6daf50d7b2832bfa163f91cd77097c6a337d7dda54a00b61a9e89a8fa29a4bbc95f16feb86f12f1dacc8bffe3b1c71ec24c88a107f07e0d68a36907c5b2efb8099119fca518ac17559c9621bb80ace17eb2c3e716d1f03ad1ec797893d07d7dd4f91f5d10c4e023f99e0d93b2314433753c164c614aacaac7e5ef7418041924c7376e8d07418e924df2f63b8787e2b3baae648e12f3d6ab9f5ffc0f010ca41829052ae2af95e66e153f217597fd8abc68a024ffd646136cd7b9eea67dc1235b245d060aed3f982f6d0b121a1949fb261179178404767b51bc1c5679ccc1bc415cd76f12434f2b790665b1be1dd684900c9d18b60ef7900e8be7abad39aa59d1015c7a566784e2edd89138a8de4065d87e0e25af77cb97e255f328434dc10d174befed8113669eb4c6897924380522f908c0c56fae03e39c2a48a2cf2d1c61a684c9e631d2869a2970fbfdd82686b3ffa55aa2c327cac607f80e89a25977fc0b77df41f85d071a31d7654907822b35b26187b35eee1c075b14110d34627d5280737ab8dd69e1bcfbd1ca4a02c1b92eb3b568b414f318cdd7bfd780665f1a57a7c65199421426982e38b6b71b243349d356dc6c2d398946874500aa0913f862b50b33b55c19ed934c6fe2c09b7d291d6b27edea0095e9293fbed6eac9d325d94e5075e20ade7c1ce033361107470497e16544ab68c0ae23871e87f94372ed5ee62e75ae5b912c8b76f823fb561cc755cd999208127b84e7ebba139f7164f7d97e8e69a95eff318d7d9f5af81e2d9b1b1db316e2d5fbcee6ca33450a1b08e2b3c6a714a3100268e082ea7b680318eb946f63428d6329a77392fa3fbdc4def191aadaaa581dfb6a7a776bf11b5122f14eaf434face7426dbd24d0511e333126e70f1188867bce010de217a010f0f6299c24ccfc1bc0cdd7ff159f3ad20fc5b1713844cf55692daf20236455f93bf6fc0bc65a9a38b01404617a1ab22f5afba1b11ecc66298ce229ad301542945c3a682be7e1117016a6b6886b225f66e89f864dd492866ae142148b6732a5027241c5d983ecc50404feb527ac302f451203fb1cb0e680374b0ea71c48b6400d8130fda9c796536574a1b4896330e6da792730128a2aaface55213a454e6cc3da8bb602deaf7a5fdadd56a834989f5d4b4efe9ec77f5223936252747fd3fe4f327e19d82c063cfcab217a2676c6a961891bd72bc95bbdd98f4f81c855c2432e88c0534ca1fb8f049dfd9834cc06a9434692220189a9f20d0c04dd11273be59754648542fffcfe6f8347fa1ad382aca6f3e1d67c010eea33dfe57680170119d02f89679a11682e7928d23f3a72821edf842b3f2f773959c9295b73e4638df63c9a186216422a68fc51798f974b1512286f6d99ce89f62a9eeea0853b25a356c523891ce39f34d56ab6e0a1ffc3b3eb30b619c996dafe58617282b86e35052f74a79555dce738d42bd70c4452e514950491179a3a2a4fb4baf7f6244f0f94601724792449b4a7804a032ce7b43532bc19610ce94ae8e60e9a0dc29e25ac67f9afd2bb977cb41cc908af9d458ae5675292866154083a136022b6bdea3296f9065fc255913405637c3f01479dff83f6fb3b44d83eeb35889525f490166f0ec2b52a261f43d4dcbb17206dc8f349b55b8c8648e38fc2ad70472f70a9d502487a382dd8819a1c733637c1667a5cafb0bafcf51d1fa38147bb0daf58de79e6b13194d4f1b4402923ac34283d4f374632699ed96fad86d2075ab2d0b8328a6db8c6162237d2075c1a59b8e6abcb1f7794185176c17ea12f67ec292bfd90d2a43608127ff026d985fb83a1e362b3c9cf0fe128242361b066c9ad9b6df9f9a718543a3edbc8379a58b83b67b625635eaa01348acea11cde0193dc0e2f5e25749d285f83e43e7d6a8288b5374eeaf91418e8ae5c4bd0116d638a1d1f3db89a0f09164a672ba6963bf081a049b86dd1068065a466aef13657b9d6af5d4a942381e34ef0bad5c7fbdb1d9ab0e870024b394a08ad1f017924be0b532edfab82bf3c721cb4abbe0562bbbbc8ea6df251eacf4cc9f2dbc248b0ad64783010c610e842b172f4e985b6716c447dd7c0abadf11346ed5b75da6614b5c9d316b9402d1a615f811701f33ef5f086ce06ca3617b34c5df0656d09030e4f096b058d97cb224c3678ade980002918b297956652fd3ccb442654e897aa2f5550bf554dcb3fd6972c5d051dc33c8678f39132a9ede68890f32d6762ad486105244ee3da5557ab9e844e57faad58bd007d356847c40f00243851139039fd07144480e016a9d1a2674a1e172303e125ee549c5f48f64afdedf41dab4ef84341d0663f355b41ae91201614c5bb8a2716800b6157f961777bd7b7150b0a1ce2b045c304a84bf632a070e5b2025cf2bc10a072271c378e49c74a22da6f47321f596af6cf280c23b03b1c6645cf519e18d9e4b2c7f470120daee8c6a86d2f2e5df45ca2cd12fcb43cc4612108a3859bfaaae89185eb362608216416bb0d9d49d6ceb89df615353adfedb595d72892458b9d2bc23fa2c7f41228d2fcf175a207a0a3ab5f6ea545be3076237d76bb29d94bea5879fdf37e8a1a761dc995fcdf8d71c3587f4d4302622071f649b943899a804fbe207e07c986207622339c9fcebb2bf9ed686a5f944454e2a45b4164928060d68d0fc822c3795c9a72762b463c4765928cb70237cc41eff115422f5b861630dd9989a2a6ec80a50d3c224a9f945ca7061713e86f865887ec19ff1799ef48994c32cd783bf735ef47b959940e4d2d032a732b8f4659f02958d0606c419aedc85b49eb9618e179f5b7bb820aac7d43d46f93ba62253f04358f9136b76343f6293812f752b683ffff750e6acf28a4fec0b8b53bc06496b8e6459480cb66cca3ac918a808863078724af3a7f87b3ebdaf63801a4f35068d7dc54da44f0dbfa59780de728372e51f3b044bd10d8eb958fed01b42c8fb634aba57cd59ee196ef1d836149268617791a156ccfe6ae264c8ca9cf5829260b9e95a86dad9be08620cee544ac85fed0b191812027cbb029fc3db0b6274d6515ed034ff4c6d07c480979cddd851deaac25b3ca80e442a99209cf783601e86c7cfc432b43918a79444ced1aa7834d7c2f339659ac246b13a7d3ec50ad90b2ad8fe5c8d85691d771b7112e53f27e0f8ad73ca4ee174cee0cba3add2e99c28921f15a8f0b16cdd048c637a559547af4125c87b6800c47a741c17f25a76efc16a09eacb6a0705ac06c2b1a610f602adc57f8f3df8030676eef1299ecfc168759a99487b8c24015804ed85203b4daebc99963627686c41a82b22009584dd5afb53b33e38db71266c5b45e878f3ad5933a17c6dc3dcc099390ac7fe0c6eb3bff403cbc515908cb02a70f416cd72ad49298cbed00b1bd7b699f10838d", 0xff8)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r8)

3m14.74227868s ago: executing program 2 (id=3467):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0xfffc, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x0, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x3, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x8, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0xbe, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400004, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0x9, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x104, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ca, 0x4, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x1ff, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x8000, 0x8000003, 0x6, 0x89, 0x3, 0x3, 0x9, 0x0, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e59, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x7, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x203, 0x5, 0x1], [0xa772, 0x3, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000005, 0x1e, 0x7f, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5, 0x936, 0x106, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0x2, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x1, 0xfffffff9, 0xd, 0xc, 0x463f, 0x7fffffff, 0x7fffffff, 0x8006, 0x20008, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000380)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000080, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
r4 = socket(0x40000000015, 0x5, 0x0)
getsockopt$SO_TIMESTAMP(r4, 0x1, 0x1d, &(0x7f00000001c0), &(0x7f0000000240)=0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

3m10.242751836s ago: executing program 1 (id=3475):
socket$kcm(0x2, 0x4, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x3ec0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x25, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$netlink(r2, 0x10e, 0xfffffffe, 0x0, &(0x7f0000000100))
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0xd231c4f959ad4808)
syz_open_dev$dri(0x0, 0x1, 0x2200)
ioctl$SG_GET_COMMAND_Q(0xffffffffffffffff, 0x2270, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

3m5.04217571s ago: executing program 2 (id=3484):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)}, {0x0}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a4", 0x61}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2", 0x39}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6", 0xcb}, {&(0x7f0000000bc0)}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f39f", 0x1c}], 0x4, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x90}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f4caeeeb0b0c17aa464613c", 0xf}], 0x1}}], 0x3, 0x20000044)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3m4.074429315s ago: executing program 2 (id=3487):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x10000000005)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001a400)=""/102384, 0x18ff0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r4, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8b2b, &(0x7f0000000080)={'wlan1\x00', @random="02001c00004a"})

3m0.556582446s ago: executing program 2 (id=3490):
getdents64(0xffffffffffffffff, &(0x7f0000000000)=""/146, 0x92)
open(0x0, 0x1, 0x104)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xf32}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0xa, 0x0, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000780)}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0))

2m56.352308223s ago: executing program 1 (id=3496):
r0 = syz_open_dev$amidi(&(0x7f0000000180), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x6b4, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
semtimedop(0x0, &(0x7f0000000000)=[{0x3, 0xc}], 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[])
sendmsg$key(0xffffffffffffffff, 0x0, 0x20040010)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2, 0x0, 0xffffffff}, 0x7, 0x0, &(0x7f0000000040), 0x5, 0x0}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045731, &(0x7f0000000300))
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0xc004, &(0x7f0000000280)={0xa, 0x4e21, 0xe4, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)

2m55.006232018s ago: executing program 1 (id=3497):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$evdev(0x0, 0x40002, 0xa69c0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
io_uring_setup(0x2eff, &(0x7f0000000340)={0x0, 0xe8e5, 0x2, 0xfffffffd, 0x28f})
mkdir(0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000980)={0x2020}, 0x2020)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r3)
prlimit64(r0, 0xf, 0x0, &(0x7f0000000300))
getsockname$packet(r3, 0x0, &(0x7f0000000200))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x4, 0x0, 0xe2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev, 0x7, 0x0, 0xffffffff, 0x1}})

2m53.862576302s ago: executing program 1 (id=3498):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xffffffff, 0xbde, 0xb, 0x10000}})
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
r4 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'xchacha20\x00'}}}, 0xe0}}, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000400)={0x5, 0x2})
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x2)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000000040)={0xffff7fff, 0x317d})

2m52.548614058s ago: executing program 1 (id=3500):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000000)={0xc})
syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'wlan0\x00', &(0x7f0000000080)=@ethtool_gstrings={0x1b, 0x1}})
r1 = socket(0x25, 0x800, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe00000000850000000a000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
fcntl$lock(r2, 0x6, &(0x7f0000000e80)={0x1, 0x2, 0x10000, 0x7fffffffffffffff})
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec0000000109021200010000"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_io_uring_setup(0x7672, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_io_uring_submit(r5, r6, r7, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x40, 0x0, @fd, 0x0, 0x0, 0xb82b, 0x18})
r8 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xdac2, 0xc00, 0x0, 0x4}, &(0x7f0000000100)=<r9=>0x0, 0x0, &(0x7f0000000180)=<r10=>0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, 0x0, r10, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r11}})
syz_io_uring_submit(r5, 0x0, 0x0, 0x0)
r12 = syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000380)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x2, 0x80, 0xc9, "", [{{0x9, 0x4, 0x0, 0x3, 0x2, 0x2, 0x6, 0x0, 0x8, {{0x5}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x101, 0x49, 0x9, 0x37}}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0x5, 0x18, 0x3}}], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x4, 0x8, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x4, 0xf3, 0x7}}}}}]}}]}}, 0x0)
ioctl$USBDEVFS_DISCSIGNAL(r3, 0x8010550e, 0x0)
syz_usb_control_io$cdc_ecm(r12, 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x4040804}, 0x44010)

2m49.317615857s ago: executing program 1 (id=3502):
mlock2(&(0x7f00007a4000/0x2000)=nil, 0x2000, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1451c2, 0x0)
ftruncate(r2, 0x8800000)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x88000)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2m49.078398496s ago: executing program 2 (id=3503):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x892031, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
setfsgid(0xee00)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

2m47.783966783s ago: executing program 2 (id=3508):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @multicast})
mkdirat(r1, &(0x7f0000000180)='./file1\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000000100000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b5090800000000007baaf0ff00000000be9800000000000004080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf9100000000000076080000020000008500000084000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wg2\x00'})
landlock_restrict_self(0xffffffffffffffff, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)

2m32.073683352s ago: executing program 35 (id=3502):
mlock2(&(0x7f00007a4000/0x2000)=nil, 0x2000, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1451c2, 0x0)
ftruncate(r2, 0x8800000)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x40000)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x88000)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2m31.76148773s ago: executing program 36 (id=3508):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @multicast})
mkdirat(r1, &(0x7f0000000180)='./file1\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000000100000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b5090800000000007baaf0ff00000000be9800000000000004080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf9100000000000076080000020000008500000084000000b700000000000000950000000000"], &(0x7f0000000980)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wg2\x00'})
landlock_restrict_self(0xffffffffffffffff, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)

36.564303983s ago: executing program 5 (id=3642):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

28.896526018s ago: executing program 5 (id=3651):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

27.790803931s ago: executing program 8 (id=3653):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

22.857421169s ago: executing program 8 (id=3656):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

21.898304035s ago: executing program 6 (id=3657):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r2, 0x5000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfffffffffffffffe}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_aout(r2, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$key(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x2, 0x10, 0x3, 0x2, 0x25, 0x0, 0x70bd2b, 0x25dfdbfe, [@sadb_x_sa2={0x2, 0x13, 0xc, 0x0, 0x0, 0x70bd2a, 0x3500}, @sadb_x_filter={0x5, 0x1a, @in6=@mcast2, @in=@multicast2, 0x2b, 0x0, 0x24}, @sadb_x_sa2={0x2, 0x13, 0x24, 0x0, 0x0, 0x70bd2c, 0x3503}, @sadb_ident={0x2, 0xa, 0xfffd, 0x0, 0x6}, @sadb_ident={0x2, 0xa, 0x85f5, 0x0, 0x3}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x8, @private2, 0x6}}, @sadb_address={0x5, 0x6, 0x2b, 0x80, 0x0, @in6={0xa, 0x4e20, 0x40, @local, 0x45}}, @sadb_x_nat_t_type={0x1, 0x14, 0x8}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e22}, @sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x6e6bb5, 0x20e, {0x6, 0x3c, 0x5, 0xc, 0x0, 0x0, 0x0, @in6=@mcast1, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}}]}, 0x128}}, 0x804)

19.121659864s ago: executing program 6 (id=3660):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

17.711549714s ago: executing program 7 (id=3661):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

17.613864057s ago: executing program 9 (id=3662):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x7a)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000001100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd70000000000010000000180001801400020076657468315f746f5f626f6e6400000005000e"], 0x34}, 0x1, 0x0, 0x0, 0x20040804}, 0x4044890)
accept4(r3, 0x0, 0x0, 0x800)
r5 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_io_uring_setup(0x21c1, &(0x7f0000000340)={0x0, 0xca23, 0x82, 0xfffffff7, 0x182}, &(0x7f0000000300), 0x0, &(0x7f0000000000))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

16.581641366s ago: executing program 9 (id=3663):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

16.315879351s ago: executing program 8 (id=3664):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$keyring(0x0, &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, r3)
ioctl$FE_SET_TONE(0xffffffffffffffff, 0x6f42, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
bind$inet(r4, 0x0, 0x0)
connect$inet(r4, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendto(r4, &(0x7f0000000900)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3ae52a6b2cdb77ef9af2a603a3e78e0355c09f3bdec242443011f0101251bcef800000000000000006dd50205000000a335445845ad1eaedbe2a4242113527efa170af26f17", 0x5e, 0x4008044, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000)='i', 0x1)
sendto$inet(r4, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)

15.743682887s ago: executing program 5 (id=3665):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

14.920117636s ago: executing program 8 (id=3666):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r4}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

14.208168807s ago: executing program 6 (id=3667):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

13.15620006s ago: executing program 9 (id=3668):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

12.790606344s ago: executing program 7 (id=3669):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x7a)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000001100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd70000000000010000000180001801400020076657468315f746f5f626f6e6400000005000e"], 0x34}, 0x1, 0x0, 0x0, 0x20040804}, 0x4044890)
accept4(r3, 0x0, 0x0, 0x800)
r6 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
io_uring_enter(r6, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_io_uring_setup(0x21c1, &(0x7f0000000340)={0x0, 0xca23, 0x82, 0xfffffff7, 0x182}, &(0x7f0000000300), 0x0, &(0x7f0000000000))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

11.802442153s ago: executing program 7 (id=3670):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

11.501346243s ago: executing program 5 (id=3671):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$keyring(0x0, &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, r3)
ioctl$FE_SET_TONE(0xffffffffffffffff, 0x6f42, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendto(r4, &(0x7f0000000900)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3ae52a6b2cdb77ef9af2a603a3e78e0355c09f3bdec242443011f0101251bcef800000000000000006dd50205000000a335445845ad1eaedbe2a4242113527efa170af2", 0x5c, 0x4008044, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000)='i', 0x1)
sendto$inet(r4, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)

10.32159091s ago: executing program 5 (id=3672):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000002c00075000000000ffdbdf25037c"], 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r2, 0x5000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfffffffffffffffe}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_aout(r2, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$key(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x2, 0x10, 0x3, 0x2, 0x25, 0x0, 0x70bd2b, 0x25dfdbfe, [@sadb_x_sa2={0x2, 0x13, 0xc, 0x0, 0x0, 0x70bd2a, 0x3500}, @sadb_x_filter={0x5, 0x1a, @in6=@mcast2, @in=@multicast2, 0x2b, 0x0, 0x24}, @sadb_x_sa2={0x2, 0x13, 0x24, 0x0, 0x0, 0x70bd2c, 0x3503}, @sadb_ident={0x2, 0xa, 0xfffd, 0x0, 0x6}, @sadb_ident={0x2, 0xa, 0x85f5, 0x0, 0x3}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x8, @private2, 0x6}}, @sadb_address={0x5, 0x6, 0x2b, 0x80, 0x0, @in6={0xa, 0x4e20, 0x40, @local, 0x45}}, @sadb_x_nat_t_type={0x1, 0x14, 0x8}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e22}, @sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x6e6bb5, 0x20e, {0x6, 0x3c, 0x5, 0xc, 0x0, 0x0, 0x0, @in6=@mcast1, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}}]}, 0x128}}, 0x804)

8.60267637s ago: executing program 9 (id=3673):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

7.862803118s ago: executing program 7 (id=3674):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

7.476027629s ago: executing program 5 (id=3675):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

6.250006286s ago: executing program 8 (id=3676):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

5.770739454s ago: executing program 7 (id=3677):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

5.013306582s ago: executing program 9 (id=3678):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r4}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

4.821149602s ago: executing program 6 (id=3679):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

3.31056131s ago: executing program 8 (id=3680):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r4}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

3.285925485s ago: executing program 7 (id=3681):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000002c0)={0x0, 0x0, @ioapic={0x2000, 0x8000, 0x0, 0x1, 0x0, [{0x6, 0x1, 0x6, '\x00', 0x91}, {0x6a, 0xbc, 0x15, '\x00', 0xf}, {0x5, 0x83, 0x6, '\x00', 0x95}, {0x0, 0x9, 0x0, '\x00', 0xd7}, {0x3, 0x5, 0x7, '\x00', 0x2}, {0x5, 0xc0, 0x7f, '\x00', 0x89}, {0xb, 0x0, 0xb4, '\x00', 0x1}, {0x6, 0x0, 0x80, '\x00', 0x3}, {0x59, 0x4, 0x4, '\x00', 0xd}, {0x2, 0x5, 0x1, '\x00', 0x3a}, {0x5, 0xff, 0xc, '\x00', 0x5}, {0x3, 0xf6, 0x3, '\x00', 0x1e}, {0x8, 0x9, 0x8, '\x00', 0x3}, {0x2, 0x7, 0x1}, {0x3, 0x3f, 0x6, '\x00', 0x20}, {0xe, 0x5, 0xb, '\x00', 0x1}, {0x4d, 0xe, 0x6d}, {0xe, 0x8, 0x8, '\x00', 0xd3}, {0x0, 0x5, 0x2, '\x00', 0x2}, {0x7f, 0x0, 0x72, '\x00', 0x4}, {0x94, 0x4, 0x9, '\x00', 0x7}, {0x1, 0xe, 0x1, '\x00', 0x2}, {0x7, 0xe, 0x5, '\x00', 0x2}, {0x80, 0xd, 0x40}]}})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r4 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r4}], 0x20, 0x72)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

2.610171574s ago: executing program 9 (id=3682):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x4000095, 0xfffe)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x9, 0x8001], 0x1, 0x3c4250})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x904b, 0x3000})
msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
msgget$private(0x0, 0x7)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
msgrcv(0x0, 0x0, 0x0, 0x3, 0x0)
msgsnd(0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="0300000000000008"], 0x8, 0x0)
poll(&(0x7f0000009b00)=[{r5}], 0x20, 0x72)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x40, 0xff, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)

1.910340655s ago: executing program 6 (id=3683):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r2, 0x5000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfffffffffffffffe}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_aout(r2, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$key(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x2, 0x10, 0x3, 0x2, 0x25, 0x0, 0x70bd2b, 0x25dfdbfe, [@sadb_x_sa2={0x2, 0x13, 0xc, 0x0, 0x0, 0x70bd2a, 0x3500}, @sadb_x_filter={0x5, 0x1a, @in6=@mcast2, @in=@multicast2, 0x2b, 0x0, 0x24}, @sadb_x_sa2={0x2, 0x13, 0x24, 0x0, 0x0, 0x70bd2c, 0x3503}, @sadb_ident={0x2, 0xa, 0xfffd, 0x0, 0x6}, @sadb_ident={0x2, 0xa, 0x85f5, 0x0, 0x3}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x8, @private2, 0x6}}, @sadb_address={0x5, 0x6, 0x2b, 0x80, 0x0, @in6={0xa, 0x4e20, 0x40, @local, 0x45}}, @sadb_x_nat_t_type={0x1, 0x14, 0x8}, @sadb_x_nat_t_port={0x1, 0x16, 0x4e22}, @sadb_x_policy={0x8, 0x12, 0x0, 0x3, 0x0, 0x6e6bb5, 0x20e, {0x6, 0x3c, 0x5, 0xc, 0x0, 0x0, 0x0, @in6=@mcast1, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}}]}, 0x128}}, 0x804)

0s ago: executing program 6 (id=3684):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$keyring(0x0, &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, r3)
ioctl$FE_SET_TONE(0xffffffffffffffff, 0x6f42, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x6a, 0x4)
bind$inet(r4, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10)
sendto(r4, &(0x7f0000000900)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3ae52a6b2cdb77ef9af2a603a3e78e0355c09f3bdec242443011f0101251bcef800000000000000006dd50205000000a335445845ad1eaedbe2a4242113527efa170af26f17", 0x5e, 0x4008044, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000), 0x0)
sendto$inet(r4, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

etap1): Enslaving as an active interface with an up link
[  350.921771][T11176] bond2 (unregistering): (slave gretap1): Releasing active interface
[  351.011165][T11176] bond2 (unregistering): Released all slaves
[  351.344816][ T5868] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  351.424503][ T5868] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  352.215418][ T5868] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  352.215440][ T5868] em28xx 5-1:0.0: No AC97 audio processor
[  352.292366][T11204] netlink: 'syz.0.1991': attribute type 10 has an invalid length.
[  352.292388][T11204] netlink: 396 bytes leftover after parsing attributes in process `syz.0.1991'.
[  353.751590][ T5868] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  354.425485][ T5868] usb 3-1: Using ep0 maxpacket: 8
[  354.753874][ T5868] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  354.773109][ T5868] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  354.773140][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.773160][ T5868] usb 3-1: Product: syz
[  354.773173][ T5868] usb 3-1: Manufacturer: syz
[  354.773187][ T5868] usb 3-1: SerialNumber: syz
[  354.824495][ T5868] usb 3-1: config 0 descriptor??
[  354.840356][ T5868] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  354.840515][ T5868] usb 3-1: setting power ON
[  354.848364][ T5868] dvb-usb: bulk message failed: -22 (2/0)
[  354.893759][ T5868] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  354.895479][ T5868] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  354.895537][ T5868] usb 3-1: media controller created
[  354.971396][  T808] usb 5-1: USB disconnect, device number 24
[  354.972691][  T808] em28xx 5-1:0.0: Disconnecting em28xx
[  354.978575][ T5868] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  355.149251][  T808] em28xx 5-1:0.0: Freeing device
[  355.154909][ T5868] usb 3-1: selecting invalid altsetting 6
[  355.154930][ T5868] usb 3-1: digital interface selection failed (-22)
[  355.154945][ T5868] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  355.161492][ T5868] usb 3-1: setting power OFF
[  355.161791][ T5868] dvb-usb: bulk message failed: -22 (2/0)
[  355.161810][ T5868] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  355.161822][ T5868] (NULL device *): no alternate interface
[  355.410657][ T5868] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  355.430376][ T5868] usb 3-1: USB disconnect, device number 19
[  361.169418][T11290] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2007'.
[  361.169476][T11290] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2007'.
[  369.320931][T11352] batadv_slave_0: entered promiscuous mode
[  370.969461][T11349] batadv_slave_0: left promiscuous mode
[  372.455869][T11363] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  372.714599][T11367] random: crng reseeded on system resumption
[  373.207298][    C0] net_ratelimit: 10 callbacks suppressed
[  373.207322][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  373.440074][T11363] VFS: Can't find a romfs filesystem on dev nullb0.
[  373.440074][T11363] 
[  374.679254][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88802c1b7000: rx timeout, send abort
[  374.683913][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88802c1b7000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  374.900105][T11391] sctp: [Deprecated]: syz.0.2027 (pid 11391) Use of struct sctp_assoc_value in delayed_ack socket option.
[  374.900105][T11391] Use struct sctp_sack_info instead
[  375.923140][T11395] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2028'.
[  375.945183][   T36] audit: type=1326 audit(1775759794.489:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972100][   T36] audit: type=1326 audit(1775759794.509:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972163][   T36] audit: type=1326 audit(1775759794.509:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972203][   T36] audit: type=1326 audit(1775759794.509:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972240][   T36] audit: type=1326 audit(1775759794.509:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972277][   T36] audit: type=1326 audit(1775759794.509:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972316][   T36] audit: type=1326 audit(1775759794.509:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972353][   T36] audit: type=1326 audit(1775759794.509:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972390][   T36] audit: type=1326 audit(1775759794.509:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  375.972426][   T36] audit: type=1326 audit(1775759794.509:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11394 comm="syz.5.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  379.211065][T11436] netlink: 260 bytes leftover after parsing attributes in process `syz.0.2038'.
[  379.211210][T11436] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2038'.
[  379.211228][T11436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2038'.
[  384.900556][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  384.909798][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  385.338193][T11456] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2043'.
[  385.461508][   T36] kauditd_printk_skb: 49 callbacks suppressed
[  385.461526][   T36] audit: type=1326 audit(1775759804.009:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11457 comm="syz.5.2045" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x0
[  385.655331][T11467] dummy0: entered promiscuous mode
[  385.655556][T11467] vlan2: entered promiscuous mode
[  387.434303][ T5809] Bluetooth: hci1: command 0x0406 tx timeout
[  388.640376][  T808] IPVS: starting estimator thread 0...
[  390.439081][T11511] IPVS: using max 8 ests per chain, 19200 per kthread
[  390.790977][ T5800] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  391.127935][ T5800] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  391.127966][ T5800] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.313401][ T5800] usb 6-1: config 0 descriptor??
[  392.613307][   T31] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  393.736033][T11538] syz.5.2054: vmalloc error: size 70368744185856, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  393.736201][T11538] CPU: 0 UID: 0 PID: 11538 Comm: syz.5.2054 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  393.736231][T11538] Tainted: [L]=SOFTLOCKUP
[  393.736238][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  393.736260][T11538] Call Trace:
[  393.736268][T11538]  <TASK>
[  393.736277][T11538]  dump_stack_lvl+0xe8/0x150
[  393.736314][T11538]  warn_alloc+0x263/0x3e0
[  393.736334][T11538]  ? kasan_save_track+0x4f/0x80
[  393.736363][T11538]  ? kasan_save_track+0x3e/0x80
[  393.736389][T11538]  ? kasan_save_free_info+0x46/0x50
[  393.736413][T11538]  ? __kasan_slab_free+0x5c/0x80
[  393.736441][T11538]  ? tomoyo_path_number_perm+0x501/0x630
[  393.736461][T11538]  ? security_file_ioctl+0xc3/0x2a0
[  393.736479][T11538]  ? __se_sys_ioctl+0x47/0x170
[  393.736499][T11538]  ? __pfx_warn_alloc+0x10/0x10
[  393.736538][T11538]  __vmalloc_node_range_noprof+0x132/0x1730
[  393.736588][T11538]  ? look_up_lock_class+0x57/0x110
[  393.736612][T11538]  ? register_lock_class+0x31/0x2e0
[  393.736633][T11538]  ? __lock_acquire+0x6b5/0x2cf0
[  393.736669][T11538]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  393.736716][T11538]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  393.736748][T11538]  vmalloc_noprof+0xb2/0xe0
[  393.736779][T11538]  ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  393.736810][T11538]  dvb_dmxdev_set_buffer_size+0xbe/0x1f0
[  393.736836][T11538]  ? dvb_demux_do_ioctl+0x323/0x540
[  393.736878][T11538]  dvb_demux_do_ioctl+0x460/0x540
[  393.736910][T11538]  dvb_usercopy+0x199/0x2e0
[  393.736935][T11538]  ? __pfx_dvb_demux_do_ioctl+0x10/0x10
[  393.736963][T11538]  ? __pfx_dvb_usercopy+0x10/0x10
[  393.736999][T11538]  ? __fget_files+0x3a6/0x420
[  393.737024][T11538]  ? __fget_files+0x2a/0x420
[  393.737051][T11538]  ? __pfx_dvb_demux_ioctl+0x10/0x10
[  393.737079][T11538]  dvb_demux_ioctl+0x29/0x40
[  393.737107][T11538]  __se_sys_ioctl+0xff/0x170
[  393.737129][T11538]  do_syscall_64+0x14d/0xf80
[  393.737152][T11538]  ? trace_irq_disable+0x3b/0x150
[  393.737176][T11538]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.737198][T11538]  ? clear_bhb_loop+0x40/0x90
[  393.737224][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.737244][T11538] RIP: 0033:0x7fe5d60ac819
[  393.737271][T11538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  393.737289][T11538] RSP: 002b:00007fe5d42dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  393.737309][T11538] RAX: ffffffffffffffda RBX: 00007fe5d6326090 RCX: 00007fe5d60ac819
[  393.737324][T11538] RDX: 0000400000002000 RSI: 0000000000006f2d RDI: 0000000000000004
[  393.737336][T11538] RBP: 00007fe5d6142c91 R08: 0000000000000000 R09: 0000000000000000
[  393.737347][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  393.737358][T11538] R13: 00007fe5d6326128 R14: 00007fe5d6326090 R15: 00007ffc44de5488
[  393.737384][T11538]  </TASK>
[  393.737396][T11538] Mem-Info:
[  393.737406][T11538] active_anon:615 inactive_anon:6800 isolated_anon:0
[  393.737406][T11538]  active_file:18089 inactive_file:37168 isolated_file:0
[  393.737406][T11538]  unevictable:768 dirty:212 writeback:0
[  393.737406][T11538]  slab_reclaimable:12328 slab_unreclaimable:102921
[  393.737406][T11538]  mapped:31122 shmem:1714 pagetables:1268
[  393.737406][T11538]  sec_pagetables:3 bounce:0
[  393.737406][T11538]  kernel_misc_reclaimable:0
[  393.737406][T11538]  free:1292442 free_pcp:25256 free_cma:0
[  393.737459][T11538] Node 0 active_anon:2460kB inactive_anon:27200kB active_file:72144kB inactive_file:148672kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124488kB dirty:848kB writeback:0kB shmem:5320kB kernel_stack:13184kB pagetables:4924kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB
[  393.737503][T11538] Node 1 active_anon:0kB inactive_anon:0kB active_file:212kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:64kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  393.737548][T11538] Node 0 DMA free:15356kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  393.737606][T11538] lowmem_reserve[]: 0 2506 2506 2506 2506
[  393.737637][T11538] Node 0 DMA32 free:1223016kB boost:0kB min:3932kB low:6468kB high:9004kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2460kB inactive_anon:27200kB active_file:72144kB inactive_file:148672kB unevictable:1536kB writepending:840kB zspages:0kB present:3129332kB managed:2566416kB mlocked:0kB bounce:0kB free_pcp:101024kB local_pcp:72408kB free_cma:0kB
[  393.737693][T11538] lowmem_reserve[]: 0 0 0 0 0
[  393.737724][T11538] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:412kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  393.737779][T11538] lowmem_reserve[]: 0 0 0 0 0
[  393.737808][T11538] Node 1 Normal free:3931396kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:212kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  393.737871][T11538] lowmem_reserve[]: 0 0 0 0 0
[  393.737903][T11538] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB
[  393.738360][T11538] Node 0 DMA32: 1098*4kB (UME) 1812*8kB (UM) 994*16kB (UM) 137*32kB (UME) 48*64kB (UME) 25*128kB (UE) 20*256kB (UME) 24*512kB (UM) 23*1024kB (UM) 15*2048kB (UME) 270*4096kB (UM) = 1223048kB
[  393.738511][T11538] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  393.738605][T11538] Node 1 Normal: 1*4kB (M) 4*8kB (UM) 4*16kB (UM) 7*32kB (UM) 5*64kB (UM) 5*128kB (UM) 2*256kB (M) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (U) 958*4096kB (M) = 3931396kB
[  393.738759][T11538] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  393.738776][T11538] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  393.738797][T11538] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  393.738812][T11538] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  393.738828][T11538] 56967 total pagecache pages
[  393.738838][T11538] 0 pages in swap cache
[  393.738846][T11538] Free swap  = 124996kB
[  393.738853][T11538] Total swap = 124996kB
[  393.738868][T11538] 2097051 pages RAM
[  393.738875][T11538] 0 pages HighMem/MovableOnly
[  393.738883][T11538] 423729 pages reserved
[  393.738890][T11538] 0 pages cma reserved
[  395.028761][T11513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.028792][T11513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.233109][T11513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.233140][T11513] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.535735][T11556] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2062'.
[  395.536951][T11556] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2062'.
[  396.501249][ T5800] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  396.507289][ T5800] [drm:udl_init] *ERROR* Selecting channel failed
[  396.879304][ T5800] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[  396.879377][ T5800] [drm] Initialized udl on minor 2
[  397.013208][ T5800] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffe0
[  397.059727][ T5800] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  397.303891][   T43] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffe0
[  397.503477][   T43] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffe0
[  397.871552][   T43] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  398.576594][  T809] usb 6-1: USB disconnect, device number 2
[  405.590833][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  406.047280][T11634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2078'.
[  406.154220][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2079'.
[  406.154316][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2079'.
[  407.570832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  407.590839][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  407.600847][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  407.610844][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  407.620834][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  411.729689][T11679] overlayfs: failed to resolve './file0': -2
[  414.165044][T11673] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2087'.
[  414.214513][T11673] team_slave_0: entered promiscuous mode
[  414.214584][T11673] team_slave_1: entered promiscuous mode
[  414.222878][T11673] macvtap1: entered promiscuous mode
[  414.222899][T11673] team0: entered promiscuous mode
[  414.223491][T11673] macvtap1: entered allmulticast mode
[  414.223504][T11673] team0: entered allmulticast mode
[  414.223515][T11673] team_slave_0: entered allmulticast mode
[  414.223531][T11673] team_slave_1: entered allmulticast mode
[  414.232809][T11673] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  414.263872][T11676] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2087'.
[  414.570831][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  414.590846][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  415.805992][T11676] team0: left allmulticast mode
[  415.806012][T11676] team_slave_0: left allmulticast mode
[  415.806030][T11676] team_slave_1: left allmulticast mode
[  415.806066][T11676] team0: left promiscuous mode
[  415.806681][T11676] team_slave_0: left promiscuous mode
[  415.857497][T11676] team_slave_1: left promiscuous mode
[  416.016165][ T5809] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  416.040976][ T5815] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  416.061597][ T5809] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  416.076127][ T5809] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  416.083940][ T5809] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  416.118531][ T5809] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  416.431072][ T5815] usb 6-1: New USB device found, idVendor=041e, idProduct=3020, bcdDevice= 0.40
[  416.431101][ T5815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.431120][ T5815] usb 6-1: Product: syz
[  416.431133][ T5815] usb 6-1: Manufacturer: syz
[  416.431147][ T5815] usb 6-1: SerialNumber: syz
[  417.306270][ T5815] usb 6-1: 1:1: invalid format type 0x1001 is detected, processed as PCM
[  417.306299][ T5815] usb 6-1: 1:1 : sample bitwidth 9 in over sample bytes 1
[  417.306322][ T5815] usb 6-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  417.312615][ T5815] usb 6-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  417.674521][ T5815] usb 6-1: USB disconnect, device number 3
[  417.901731][T11716] udevd[11716]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  418.337467][ T5810] Bluetooth: hci4: command tx timeout
[  418.976985][T11727] bond_slave_0: entered promiscuous mode
[  418.977040][T11727] bond_slave_1: entered promiscuous mode
[  418.979914][T11727] vlan2: entered promiscuous mode
[  418.979933][T11727] bond0: entered promiscuous mode
[  420.341970][ T5810] Bluetooth: hci4: command tx timeout
[  421.174503][T11704] chnl_net:caif_netlink_parms(): no params data found
[  422.537328][ T5810] Bluetooth: hci4: command tx timeout
[  424.584303][ T5810] Bluetooth: hci4: command tx timeout
[  424.718374][T11773] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2108'.
[  425.976315][T11704] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.978085][T11704] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.978328][T11704] bridge_slave_0: entered allmulticast mode
[  425.979983][T11704] bridge_slave_0: entered promiscuous mode
[  426.012714][T11704] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.012847][T11785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2112'.
[  426.040464][T11704] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.040658][T11704] bridge_slave_1: entered allmulticast mode
[  426.055948][T11704] bridge_slave_1: entered promiscuous mode
[  426.805791][T11785] batadv0: entered promiscuous mode
[  426.806045][T11785] macvtap2: entered promiscuous mode
[  426.806237][T11785] macvtap2: entered allmulticast mode
[  426.806250][T11785] batadv0: entered allmulticast mode
[  426.807677][T11785] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  426.934170][T11795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2112'.
[  427.963532][T11795] batadv0: left allmulticast mode
[  427.963688][T11795] batadv0: left promiscuous mode
[  429.054821][T11704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  429.073140][T11704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  429.979520][T11704] team0: Port device team_slave_0 added
[  429.987768][T11704] team0: Port device team_slave_1 added
[  430.042950][T11704] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.042968][T11704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  430.042993][T11704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  430.045195][T11704] batman_adv: batadv0: Adding interface: batadv_slave_1
[  430.045210][T11704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  430.045236][T11704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.281515][T11818] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  431.420598][T11821] pim6reg: entered allmulticast mode
[  431.448431][T11821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2117'.
[  431.484311][T11824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2119'.
[  431.779913][T11704] hsr_slave_0: entered promiscuous mode
[  431.789306][T11704] hsr_slave_1: entered promiscuous mode
[  431.790244][T11704] debugfs: 'hsr0' already exists in 'hsr'
[  431.790268][T11704] Cannot create hsr debugfs directory
[  433.260923][  T809] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  434.660823][T11853] 9p: Bad value for 'rfdno'
[  434.753885][  T809] usb 5-1: Using ep0 maxpacket: 32
[  434.929106][  T809] usb 5-1: config 0 has an invalid interface number: 162 but max is 0
[  434.929132][  T809] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.929150][  T809] usb 5-1: config 0 has no interface number 0
[  435.036413][  T809] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  435.036442][  T809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.036462][  T809] usb 5-1: Product: syz
[  435.036476][  T809] usb 5-1: Manufacturer: syz
[  435.366961][  T809] usb 5-1: config 0 descriptor??
[  435.367553][  T809] usb 5-1: can't set config #0, error -71
[  435.624735][  T809] usb 5-1: USB disconnect, device number 25
[  437.138102][T11875] ptrace attach of "./syz-executor exec"[5798] was attempted by ""[11875]
[  438.437322][ T5810] Bluetooth: hci2: Malformed Event: 0x02
[  438.820019][T11897] affs: No valid root block on device nullb0
[  439.271142][T11896] ceph: No mds server is up or the cluster is laggy
[  439.491722][   T43] libceph: connect (1)[c::]:6789 error -101
[  439.491919][   T43] libceph: mon0 (1)[c::]:6789 connect error
[  439.691488][T11898] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  439.756946][  T809] libceph: connect (1)[c::]:6789 error -101
[  439.795973][  T809] libceph: mon0 (1)[c::]:6789 connect error
[  440.104625][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  440.104679][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  440.522917][T11704] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  441.255205][T11704] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  441.388193][T11704] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  441.541908][T11704] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  442.627611][T11704] 8021q: adding VLAN 0 to HW filter on device bond0
[  442.661705][T11704] 8021q: adding VLAN 0 to HW filter on device team0
[  442.683541][ T1446] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.690988][   T31] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  442.697998][ T1446] bridge0: port 1(bridge_slave_0) entered forwarding state
[  442.736373][ T6024] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.736515][ T6024] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.018096][   T31] usb 6-1: Using ep0 maxpacket: 16
[  443.629195][   T31] usb 6-1: config 8 has an invalid interface number: 206 but max is 0
[  443.629224][   T31] usb 6-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  443.629243][   T31] usb 6-1: config 8 has no interface number 0
[  443.629287][   T31] usb 6-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[  443.629312][   T31] usb 6-1: config 8 interface 206 altsetting 1 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  443.629339][   T31] usb 6-1: config 8 interface 206 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  443.629365][   T31] usb 6-1: config 8 interface 206 has no altsetting 0
[  443.704552][   T31] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  443.704581][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.704600][   T31] usb 6-1: Product: syz
[  443.704613][   T31] usb 6-1: Manufacturer: syz
[  443.704627][   T31] usb 6-1: SerialNumber: syz
[  444.028073][   T31] garmin_gps 6-1:8.206: Garmin GPS usb/tty converter detected
[  444.060330][   T31] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  444.075729][   T31] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  444.090031][   T31] usb 6-1: USB disconnect, device number 4
[  444.103409][   T31] garmin_gps 6-1:8.206: device disconnected
[  444.155309][T11977] futex_wake_op: syz.4.2157 tries to shift op by 32; fix this program
[  444.299814][T11984] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  444.544150][T11704] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.557998][T11997] wg1: entered promiscuous mode
[  444.558019][T11997] wg1: entered allmulticast mode
[  444.645009][T12002] netlink: 'syz.1.2167': attribute type 6 has an invalid length.
[  445.325570][T12026] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  445.814903][   T31] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  446.088732][   T31] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.088834][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  446.088875][   T31] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  446.088897][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.111245][T12032] 9p: Bad value for 'rfdno'
[  446.159433][   T31] usb 3-1: config 0 descriptor??
[  446.182510][   T31] hdpvr 3-1:0.0: Could not find bulk-in endpoint
[  446.182596][   T31] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[  446.632588][T11704] veth0_vlan: entered promiscuous mode
[  446.671262][T11704] veth1_vlan: entered promiscuous mode
[  446.719024][T11704] veth0_macvtap: entered promiscuous mode
[  446.885147][T11704] veth1_macvtap: entered promiscuous mode
[  446.947966][T11704] batman_adv: batadv0: Interface activated: batadv_slave_0
[  446.978849][T11704] batman_adv: batadv0: Interface activated: batadv_slave_1
[  447.165720][ T6024] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  447.166120][ T6024] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  447.166628][ T6024] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  447.166858][ T6024] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.691983][ T5883] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  447.789703][ T5810] Bluetooth: hci5: command 0x0406 tx timeout
[  448.032401][ T5883] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  448.032427][ T5883] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  448.032461][ T5883] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  448.032482][ T5883] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.058639][ T5883] usb 6-1: config 0 descriptor??
[  448.140585][ T5868] usb 3-1: USB disconnect, device number 21
[  448.424907][T11548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.424928][T11548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.509503][ T1363] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.509525][ T1363] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.361538][ T5868] usb 6-1: USB disconnect, device number 5
[  454.071637][  T809] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  454.712784][  T809] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  454.712811][  T809] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  454.712837][  T809] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  454.712848][  T809] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.760214][  T809] usb 3-1: config 0 descriptor??
[  455.163185][T12186] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  456.591809][ T5882] usb 3-1: USB disconnect, device number 22
[  457.909167][T12257] netlink: 'syz.6.2247': attribute type 1 has an invalid length.
[  457.912167][T12257] netlink: 'syz.6.2247': attribute type 1 has an invalid length.
[  458.530998][   T31] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  458.682833][   T31] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  458.682887][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  458.682925][   T31] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  458.682948][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.739650][   T31] usb 3-1: config 0 descriptor??
[  458.763927][   T31] hdpvr 3-1:0.0: Could not find bulk-in endpoint
[  458.764012][   T31] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[  458.896584][T12278] ieee802154 phy0 wpan0: encryption failed: -22
[  459.016418][T12286] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  460.781311][T12301] infiniband syz2: set active
[  460.781332][T12301] infiniband syz2: added bridge_slave_1
[  461.143714][   T43] usb 3-1: USB disconnect, device number 23
[  461.146047][T12301] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  461.154379][T12301] infiniband syz2: Couldn't open port 1
[  461.262812][T12301] RDS/IB: syz2: added
[  461.263383][T12301] smc: adding ib device syz2 with port count 1
[  461.263595][T12301] smc:    ib device syz2 port 1 has no pnetid
[  462.629471][T12310] netlink: 'syz.1.2270': attribute type 10 has an invalid length.
[  462.629496][T12310] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2270'.
[  462.666269][T12310] batman_adv: batadv0: Adding interface: virt_wifi0
[  462.666286][T12310] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  462.666313][T12310] batman_adv: batadv0: Interface activated: virt_wifi0
[  463.782155][T12326] netlink: 180 bytes leftover after parsing attributes in process `syz.4.2275'.
[  464.123275][T12341] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  464.343627][T12349] comedi comedi0: No hardware detected at I/O base 0x4f27
[  466.660915][ T5875] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  466.935482][ T5875] usb 3-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  466.935509][ T5875] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  466.935556][ T5875] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 248, using maximum allowed: 30
[  466.935593][ T5875] usb 3-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0x73, changing to 0x3
[  466.935617][ T5875] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 12335, setting to 1024
[  466.935643][ T5875] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  466.935665][ T5875] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 248
[  467.017232][ T5875] usb 3-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice= 0.40
[  467.017261][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.017276][ T5875] usb 3-1: Product: syz
[  467.017283][ T5875] usb 3-1: Manufacturer: syz
[  467.017291][ T5875] usb 3-1: SerialNumber: syz
[  467.293080][ T5875] usb 3-1: incorrect wMaxPacketSize 0x400 for BADD profile
[  467.410153][ T5875] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  467.441323][ T5875] usb 3-1: USB disconnect, device number 24
[  467.479626][T11843] udevd[11843]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  467.670907][   T31] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  467.826619][   T31] usb 6-1: unable to get BOS descriptor or descriptor too short
[  467.827226][   T31] usb 6-1: not running at top speed; connect to a high speed hub
[  467.829318][   T31] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  467.829333][   T31] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  467.880206][   T31] usb 6-1: string descriptor 0 read error: -22
[  467.880348][   T31] usb 6-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice= 0.40
[  467.880371][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.344829][ T5875] usb 6-1: USB disconnect, device number 6
[  469.220995][   T31] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  469.370908][   T31] usb 3-1: Using ep0 maxpacket: 32
[  469.372978][   T31] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  469.373010][   T31] usb 3-1: config 0 interface 0 has no altsetting 0
[  469.373042][   T31] usb 3-1: New USB device found, idVendor=046d, idProduct=c298, bcdDevice= 0.00
[  469.373064][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.396611][T12492] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2358'.
[  469.439362][   T31] usb 3-1: config 0 descriptor??
[  469.892411][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892449][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892475][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892502][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892528][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892554][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892580][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892608][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892634][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.892659][   T31] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[  469.982971][   T31] logitech 0003:046D:C298.000C: hidraw0: USB HID v0.04 Device [HID 046d:c298] on usb-dummy_hcd.2-1/input0
[  469.983014][   T31] logitech 0003:046D:C298.000C: no inputs found
[  470.075518][ T5868] usb 3-1: USB disconnect, device number 25
[  470.103187][T12517] fido_id[12517]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  473.209750][T12590] F2FS-fs: Conflicting test_dummy_encryption options
[  474.553787][T12617] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2411'.
[  474.553810][T12617] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2411'.
[  474.673707][T12623] delete_channel: no stack
[  474.675169][T12622] delete_channel: no stack
[  475.032667][T12643] block nbd6: not configured, cannot reconfigure
[  475.636959][T12669] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2438'.
[  475.683569][T12669] bond_slave_0: entered promiscuous mode
[  475.683616][T12669] bond_slave_1: entered promiscuous mode
[  475.684009][T12669] macvtap1: entered promiscuous mode
[  475.684020][T12669] bond0: entered promiscuous mode
[  475.684655][T12669] macvtap1: entered allmulticast mode
[  475.684672][T12669] bond0: entered allmulticast mode
[  475.684685][T12669] bond_slave_0: entered allmulticast mode
[  475.684702][T12669] bond_slave_1: entered allmulticast mode
[  475.686253][T12669] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  475.690110][T12669] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2438'.
[  475.805449][T12669] bond0: left allmulticast mode
[  475.805569][T12669] bond_slave_0: left allmulticast mode
[  475.805587][T12669] bond_slave_1: left allmulticast mode
[  475.805624][T12669] bond0: left promiscuous mode
[  475.806130][T12669] bond_slave_0: left promiscuous mode
[  475.806195][T12669] bond_slave_1: left promiscuous mode
[  476.887376][ T6006] IPVS: starting estimator thread 0...
[  476.980980][T12710] IPVS: using max 9 ests per chain, 21600 per kthread
[  477.623176][T12744] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2470'.
[  477.623204][T12744] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2470'.
[  480.501714][T12859] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2524'.
[  481.007361][T12886] netlink: 'syz.1.2537': attribute type 4 has an invalid length.
[  481.007378][T12886] netlink: 'syz.1.2537': attribute type 5 has an invalid length.
[  481.007385][T12886] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.2537'.
[  481.515938][ T6006] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  481.660934][ T6006] usb 6-1: Using ep0 maxpacket: 16
[  481.666084][ T6006] usb 6-1: unable to get BOS descriptor or descriptor too short
[  481.667712][ T6006] usb 6-1: config 1 has an invalid interface number: 62 but max is 0
[  481.667736][ T6006] usb 6-1: config 1 has no interface number 0
[  481.667766][ T6006] usb 6-1: config 1 interface 62 has no altsetting 0
[  481.708666][ T6006] usb 6-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=b6.61
[  481.708696][ T6006] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.708716][ T6006] usb 6-1: Product: syz
[  481.708730][ T6006] usb 6-1: Manufacturer: syz
[  481.708743][ T6006] usb 6-1: SerialNumber: syz
[  481.915904][T12929] syz.4.2557 (12929): /proc/12928/oom_adj is deprecated, please use /proc/12928/oom_score_adj instead.
[  481.973913][ T6006] visor 6-1:1.62: Sony Clie 3.5 converter detected
[  481.976053][ T6006] usb 6-1: clie_3_5_startup: get config number failed: -71
[  481.976212][ T6006] visor 6-1:1.62: probe with driver visor failed with error -71
[  482.003274][ T6006] usb 6-1: USB disconnect, device number 7
[  482.031026][T12931] xt_socket: unknown flags 0xe4
[  483.426628][T12980] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2578'.
[  483.470073][T12980] bond_slave_0: entered promiscuous mode
[  483.470128][T12980] bond_slave_1: entered promiscuous mode
[  483.470389][T12980] macvtap2: entered promiscuous mode
[  483.470403][T12980] bond0: entered promiscuous mode
[  483.486837][T12984] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2578'.
[  483.487158][T12980] macvtap2: entered allmulticast mode
[  483.487174][T12980] bond0: entered allmulticast mode
[  483.487185][T12980] bond_slave_0: entered allmulticast mode
[  483.487201][T12980] bond_slave_1: entered allmulticast mode
[  483.494637][T12980] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  483.630254][T12984] bond0: left allmulticast mode
[  483.630277][T12984] bond_slave_0: left allmulticast mode
[  483.630296][T12984] bond_slave_1: left allmulticast mode
[  483.630332][T12984] bond0: left promiscuous mode
[  483.631181][T12984] bond_slave_0: left promiscuous mode
[  483.631241][T12984] bond_slave_1: left promiscuous mode
[  483.750880][ T5868] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  483.758964][T12992] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2586'.
[  483.775890][T12992] ip6tnl1: entered allmulticast mode
[  483.909430][ T5868] usb 3-1: Using ep0 maxpacket: 16
[  483.911715][ T5868] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  483.911744][ T5868] usb 3-1: config 0 has no interface number 0
[  483.911785][ T5868] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  483.911819][ T5868] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  483.914442][ T5868] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  483.914469][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  483.914488][ T5868] usb 3-1: Product: syz
[  483.914500][ T5868] usb 3-1: SerialNumber: syz
[  483.936771][ T5868] usb 3-1: config 0 descriptor??
[  483.948623][ T5868] cm109 3-1:0.8: invalid payload size 0, expected 4
[  484.004732][ T5868] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input14
[  484.103589][T12999] Dead loop on virtual device ip6_vti0, fix it urgently!
[  484.252007][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.260564][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.261438][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.261685][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.261913][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.262142][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.262364][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.262588][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.262811][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.263030][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  484.345194][   T31] usb 3-1: USB disconnect, device number 26
[  484.346537][    C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  484.437618][   T31] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  484.961220][T13024] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  485.020898][T13029] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  485.145875][T13031] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2603'.
[  485.160946][T13036] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2607'.
[  485.201056][T13038] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2603'.
[  485.221712][T13031] bond_slave_0: entered promiscuous mode
[  485.221762][T13031] bond_slave_1: entered promiscuous mode
[  485.221979][T13031] macvtap1: entered promiscuous mode
[  485.221992][T13031] bond0: entered promiscuous mode
[  485.222557][T13031] macvtap1: entered allmulticast mode
[  485.222569][T13031] bond0: entered allmulticast mode
[  485.222581][T13031] bond_slave_0: entered allmulticast mode
[  485.222597][T13031] bond_slave_1: entered allmulticast mode
[  485.224615][T13031] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  485.357947][T13038] bond0: left allmulticast mode
[  485.357969][T13038] bond_slave_0: left allmulticast mode
[  485.357987][T13038] bond_slave_1: left allmulticast mode
[  485.358023][T13038] bond0: left promiscuous mode
[  485.358757][T13038] bond_slave_0: left promiscuous mode
[  485.358823][T13038] bond_slave_1: left promiscuous mode
[  485.442836][   T36] audit: type=1326 audit(1775759903.989:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13047 comm="syz.2.2612" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa66e51c819 code=0x0
[  485.448408][T13049] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  485.663290][T13062] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2619'.
[  485.663352][T13062] netlink: 136 bytes leftover after parsing attributes in process `syz.4.2619'.
[  485.663366][T13062] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2619'.
[  486.341018][ T5875] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  486.539901][ T5875] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[  486.539936][ T5875] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  486.539977][ T5875] usb 5-1: New USB device found, idVendor=04d9, idProduct=a04a, bcdDevice= 0.00
[  486.540000][ T5875] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.561634][ T5875] usb 5-1: config 0 descriptor??
[  487.002673][ T5875] hid_parser_main: 20 callbacks suppressed
[  487.002697][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002728][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002753][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002779][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002804][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002837][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002862][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002888][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002912][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.002943][ T5875] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0
[  487.113529][ T5875] holtek_mouse 0003:04D9:A04A.000D: hidraw0: USB HID v7f.fd Device [HID 04d9:a04a] on usb-dummy_hcd.4-1/input0
[  487.214547][ T5875] usb 5-1: USB disconnect, device number 26
[  487.264915][T13119] fido_id[13119]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  487.282076][T13120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2644'.
[  487.282159][T13120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2644'.
[  488.727293][T13174] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.427199][T13200] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  489.427227][T13200] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  489.558726][T13209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2687'.
[  489.622044][T13211] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2684'.
[  489.740052][T13215] Dead loop on virtual device ip6_vti0, fix it urgently!
[  489.827941][T12141] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  489.843232][T12141] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  489.843284][T12141] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  489.843320][T12141] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  490.065662][T13227] input: syz0 as /devices/virtual/input/input15
[  490.452712][T13249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2705'.
[  490.568534][ T5809] Bluetooth: hci3: unexpected event for opcode 0x040d
[  490.610916][ T6006] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  490.708347][T13263] netlink: 120 bytes leftover after parsing attributes in process `syz.6.2711'.
[  490.763102][ T6006] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  490.763160][ T6006] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  490.764589][ T6006] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  490.764617][ T6006] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  490.764636][ T6006] usb 6-1: Manufacturer: syz
[  490.815685][ T6006] usb 6-1: config 0 descriptor??
[  490.979256][T13274] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2716'.
[  491.030888][ T6006] rc_core: IR keymap rc-hauppauge not found
[  491.030908][ T6006] Registered IR keymap rc-empty
[  491.036806][ T6006] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  491.077178][ T6006] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input16
[  491.081014][ T5868] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  491.132546][ T6006] usb 6-1: USB disconnect, device number 8
[  491.245470][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  491.245502][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  491.245536][ T5868] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01
[  491.245547][ T5868] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.253553][ T5868] usb 5-1: config 0 descriptor??
[  491.706170][ T5868] arvo 0003:1E7D:30D4.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0
[  492.096524][ T5815] usb 5-1: USB disconnect, device number 27
[  492.855197][T13317] loop6: detected capacity change from 0 to 7
[  492.891172][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.891371][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.892049][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.892079][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.892252][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.892279][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.897694][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.897728][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.898000][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.898025][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.898254][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.898280][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.898490][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.898515][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.898596][T13317] ldm_validate_partition_table(): Disk read failed.
[  492.901888][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  492.901921][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  492.904193][T13319] bond0: option miimon: invalid value (18446744071562067968)
[  492.904215][T13319] bond0: option miimon: allowed values 0 - 2147483647
[  493.066591][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  493.066626][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  493.066879][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  493.066906][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  493.067167][T13317] Dev loop6: unable to read RDB block 0
[  493.067520][T13317]  loop6: unable to read partition table
[  493.067717][T13317] loop6: partition table beyond EOD, truncated
[  493.067749][T13317] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾-ý?‹ºÐ	œëÜ%õ«`Éæˆ{í©³­ô÷5FLQkÝŠA€) failed (rc=-5)
[  493.532520][ T5809] Bluetooth: hci2: unexpected event for opcode 0x040d
[  494.101502][T13363] netlink: 'syz.4.2757': attribute type 1 has an invalid length.
[  494.101595][T13363] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2757'.
[  494.634769][T13381] program syz.2.2766 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  495.281357][T13405] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2776'.
[  495.333593][T13406] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2776'.
[  497.063038][T13433] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2789'.
[  497.600862][T13444] netlink: 'syz.2.2793': attribute type 2 has an invalid length.
[  497.602661][T13444] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  500.234111][T13488] block nbd2: NBD_DISCONNECT
[  500.253123][T13488] block nbd2: Send disconnect failed -32
[  500.254452][T13487] block nbd2: Disconnected due to user request.
[  500.254472][T13487] block nbd2: shutting down sockets
[  500.431319][T13500] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2815'.
[  501.566120][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  501.566340][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  502.317543][  T132] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  502.318454][  T132] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  502.318497][  T132] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  502.318529][  T132] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  503.474450][T13559] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2842'.
[  503.474478][T13559] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  503.474501][T13559] batman_adv: batadv0: Removing interface: batadv_slave_0
[  503.534252][T13559] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  503.534281][T13559] batman_adv: batadv0: Removing interface: batadv_slave_1
[  503.602815][T13559] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  503.602842][T13559] batman_adv: batadv0: Removing interface: virt_wifi0
[  503.999838][T13571] macvlan0: entered promiscuous mode
[  504.000292][T13571] bond_slave_0: entered promiscuous mode
[  504.000340][T13571] bond_slave_1: entered promiscuous mode
[  504.000361][T13571] bond0: entered promiscuous mode
[  504.028251][T13571] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  504.102283][T13571] team0: Port device macvlan0 added
[  504.580988][ T5810] Bluetooth: hci4: command 0x0405 tx timeout
[  504.910255][T13599] pim6reg1: tun_chr_ioctl cmd 1074025675
[  504.910278][T13599] pim6reg1: persist disabled
[  505.094211][T13611] netlink: 'syz.1.2865': attribute type 11 has an invalid length.
[  505.240342][T13619] netem: change failed
[  506.310956][ T5868] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  506.460883][ T5868] usb 5-1: Using ep0 maxpacket: 8
[  506.463103][ T5868] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  506.493117][ T5868] usb 5-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice= d.68
[  506.493147][ T5868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.493166][ T5868] usb 5-1: Product: syz
[  506.493178][ T5868] usb 5-1: Manufacturer: syz
[  506.493191][ T5868] usb 5-1: SerialNumber: syz
[  506.770457][T13655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  506.775039][T13655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  506.782156][T13655] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  506.782652][T13655] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  506.789996][ T5868] kalmia 5-1:1.0 (unnamed net_device) (uninitialized): Error sending init packet. Status -71
[  506.790185][ T5868] kalmia 5-1:1.0: probe with driver kalmia failed with error -71
[  506.858857][ T5868] usb 5-1: USB disconnect, device number 28
[  507.202827][T13700] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2903'.
[  507.399648][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2905'.
[  507.453055][T13709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2905'.
[  507.497520][T13710] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2906'.
[  507.551242][T13715] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2906'.
[  507.740923][ T5867] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  507.893462][ T5867] usb 6-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  507.893492][ T5867] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.900491][ T5867] usb 6-1: config 0 descriptor??
[  507.935532][ T5867] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  508.118334][ T5867] gp8psk: usb in 128 operation failed.
[  508.132818][   T36] audit: type=1326 audit(1775759926.679:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.133578][   T36] audit: type=1326 audit(1775759926.679:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.134342][   T36] audit: type=1326 audit(1775759926.679:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.134849][   T36] audit: type=1326 audit(1775759926.679:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.135174][   T36] audit: type=1326 audit(1775759926.679:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.135648][   T36] audit: type=1326 audit(1775759926.679:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.136266][   T36] audit: type=1326 audit(1775759926.679:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.136711][   T36] audit: type=1326 audit(1775759926.679:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.137503][   T36] audit: type=1326 audit(1775759926.679:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe5d60ac4ab code=0x7ffc0000
[  508.137548][   T36] audit: type=1326 audit(1775759926.679:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13711 comm="syz.5.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5d60ac819 code=0x7ffc0000
[  508.364558][ T5867] gp8psk: usb in 137 operation failed.
[  508.364578][ T5867] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  508.364614][ T5867] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  508.400946][ T5867] usb 6-1: USB disconnect, device number 9
[  508.415205][T13737] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  508.651404][T13749] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2923'.
[  508.692576][T13749] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2923'.
[  510.949063][T13808] hugetlbfs: syz.2.2947 (13808): Using mlock ulimits for SHM_HUGETLB is obsolete
[  511.621020][ T5810] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  512.260985][ T5867] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  512.268028][ T5868] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  512.277522][T13842] kvm: user requested TSC rate below hardware speed
[  512.415501][ T5867] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[  512.415528][ T5867] usb 5-1: config 1 has no interface number 0
[  512.415570][ T5867] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  512.415596][ T5867] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1023
[  512.415622][ T5867] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.418207][ T5867] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  512.418235][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.418255][ T5867] usb 5-1: Product: syz
[  512.418268][ T5867] usb 5-1: Manufacturer: syz
[  512.418282][ T5867] usb 5-1: SerialNumber: syz
[  512.423941][ T5868] usb 3-1: Using ep0 maxpacket: 32
[  512.428303][ T5868] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  512.428329][ T5868] usb 3-1: config 0 has no interface number 0
[  512.439742][ T5868] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  512.439772][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.439789][ T5868] usb 3-1: Product: syz
[  512.439802][ T5868] usb 3-1: Manufacturer: syz
[  512.439816][ T5868] usb 3-1: SerialNumber: syz
[  512.477182][T13834] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  512.489929][ T5868] usb 3-1: config 0 descriptor??
[  512.549130][ T5868] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  512.669438][T13851] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2964'.
[  512.785131][ T5868] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  512.852643][ T5868] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  513.169496][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  513.185098][ T5868] usb 3-1: USB disconnect, device number 27
[  514.117462][ T5867] usb 5-1: Error in usbnet_get_endpoints (-71)
[  514.133819][ T5868] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  514.147626][ T5867] usb 5-1: USB disconnect, device number 29
[  514.154781][ T5868] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  514.155711][ T5868] quatech2 3-1:0.51: device disconnected
[  515.582590][T13895] macvtap0: entered promiscuous mode
[  515.601151][T13895] macvtap0: left promiscuous mode
[  515.773001][T13908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2983'.
[  515.812017][T13908] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2983'.
[  515.930683][T13915] netlink: 'syz.1.2987': attribute type 8 has an invalid length.
[  515.930703][T13915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2987'.
[  515.964622][T13915] gretap0: entered promiscuous mode
[  515.966052][T13915] hsr1: entered promiscuous mode
[  516.181031][ T5868] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  516.332992][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.333025][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.333061][ T5868] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  516.333083][ T5868] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.383448][ T5868] usb 5-1: config 0 descriptor??
[  517.282990][T13942] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2999'.
[  517.316963][T13942] ip6gretap0: entered promiscuous mode
[  517.317320][T13942] macvtap1: entered promiscuous mode
[  517.317486][T13942] macvtap1: entered allmulticast mode
[  517.317500][T13942] ip6gretap0: entered allmulticast mode
[  517.334888][T13942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2999'.
[  517.382153][ T5868] hid_parser_main: 229 callbacks suppressed
[  517.382178][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382209][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382234][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382258][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382290][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382317][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.382342][ T5868] pyra 0003:1E7D:2CF6.000F: unknown main item tag 0x0
[  517.422266][ T5868] pyra 0003:1E7D:2CF6.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  517.493925][T13942] ip6gretap0: left allmulticast mode
[  517.516230][T13942] ip6gretap0: left promiscuous mode
[  517.984344][ T5868] pyra 0003:1E7D:2CF6.000F: couldn't init struct pyra_device
[  517.984401][ T5868] pyra 0003:1E7D:2CF6.000F: couldn't install mouse
[  517.992932][ T5868] pyra 0003:1E7D:2CF6.000F: probe with driver pyra failed with error -71
[  518.020931][ T5868] usb 5-1: USB disconnect, device number 30
[  518.441134][  T809] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  518.566735][T13978] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  518.591173][  T809] usb 6-1: Using ep0 maxpacket: 32
[  518.593418][  T809] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  518.593449][  T809] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  518.593474][  T809] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid maxpacket 16384, setting to 1024
[  518.593501][  T809] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  518.593577][  T809] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  518.596547][  T809] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  518.596574][  T809] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.596593][  T809] usb 6-1: Product: syz
[  518.596607][  T809] usb 6-1: Manufacturer: syz
[  518.596621][  T809] usb 6-1: SerialNumber: syz
[  518.697927][  T809] usb 6-1: config 0 descriptor??
[  519.116791][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.116853][  T809] input input17: Device does not respond to id packet M
[  519.118221][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.118266][  T809] input input17: Device does not respond to id packet P
[  519.119264][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.119307][  T809] input input17: Device does not respond to id packet B
[  519.120190][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.120232][  T809] input input17: Device does not respond to id packet N
[  519.170897][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.180006][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.186970][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.188752][  T809] iforce 6-1:0.0: usb_submit_urb failed: -71
[  519.205857][  T809] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input17
[  519.256365][    C1] iforce 6-1:0.0: iforce_usb_irq - usb_submit_urb failed with result -1
[  519.277322][  T809] usb 6-1: USB disconnect, device number 10
[  520.170925][ T5815] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  520.320954][ T5815] usb 6-1: Using ep0 maxpacket: 32
[  520.326520][ T5815] usb 6-1: config 0 has an invalid interface number: 119 but max is 0
[  520.326549][ T5815] usb 6-1: config 0 has no interface number 0
[  520.326592][ T5815] usb 6-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  520.326612][ T5815] usb 6-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  520.326637][ T5815] usb 6-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27
[  520.326661][ T5815] usb 6-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  520.329058][ T5815] usb 6-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  520.329086][ T5815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.329106][ T5815] usb 6-1: Product: syz
[  520.329121][ T5815] usb 6-1: Manufacturer: syz
[  520.329134][ T5815] usb 6-1: SerialNumber: syz
[  520.343685][ T5815] usb 6-1: config 0 descriptor??
[  520.344665][T14013] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  520.368199][ T5815] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.119/input/input18
[  520.374966][ T5149] usb 6-1: BOGUS urb xfer, pipe 1 != type 3
[  520.484365][    C1] bcm5974 6-1:0.119: trackpad urb failed: -1
[  520.636053][ T5815] usb 6-1: USB disconnect, device number 11
[  521.005075][T14053] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 64993
[  521.277954][T14058] sctp: [Deprecated]: syz.5.3033 (pid 14058) Use of struct sctp_assoc_value in delayed_ack socket option.
[  521.277954][T14058] Use struct sctp_sack_info instead
[  521.874689][T14078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3042'.
[  521.920948][ T5883] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  522.088251][T14082] evm: overlay not supported
[  522.111005][ T5883] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  522.111033][ T5883] usb 3-1: config 0 has no interface number 0
[  522.111074][ T5883] usb 3-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  522.111107][ T5883] usb 3-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  522.111127][ T5883] usb 3-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  522.111152][ T5883] usb 3-1: config 0 interface 1 has no altsetting 0
[  522.111184][ T5883] usb 3-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  522.111205][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.119240][ T5883] usb 3-1: config 0 descriptor??
[  522.421046][T14088] fuse: Bad value for 'fd'
[  522.737956][ T5883] uclogic 0003:145F:0212.0010: pen parameters not found
[  522.737983][ T5883] uclogic 0003:145F:0212.0010: interface is invalid, ignoring
[  522.962248][ T5815] usb 3-1: USB disconnect, device number 28
[  524.217842][T14118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3059'.
[  524.266781][  T145] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  524.266905][T14118] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3059'.
[  524.267250][  T145] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  524.275508][  T145] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  524.587785][T14131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3066'.
[  524.635139][T14131] macvtap2: entered promiscuous mode
[  524.635238][T14131] macvtap2: entered allmulticast mode
[  524.663141][T14131] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3066'.
[  525.138328][ T5810] Bluetooth: hci4: link tx timeout
[  525.156698][ T5810] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  525.565473][T14166] netlink: 'syz.6.3080': attribute type 10 has an invalid length.
[  525.613160][T14166] team0: Device vxcan1 is of different type
[  526.773989][T14184] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  527.118639][T14207] netlink: 'syz.5.3094': attribute type 2 has an invalid length.
[  527.118667][T14207] netlink: 'syz.5.3094': attribute type 2 has an invalid length.
[  527.179717][T14210] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3099'.
[  527.179741][T14210] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3099'.
[  527.220864][ T5810] Bluetooth: hci4: command 0x0405 tx timeout
[  527.887511][T14193] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  527.887856][T14193] block device autoloading is deprecated and will be removed.
[  530.313926][ T5867] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  530.538471][ T5867] usb 3-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  530.538500][ T5867] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 253
[  530.543738][ T5867] usb 3-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  530.543768][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.543787][ T5867] usb 3-1: Product: syz
[  530.543801][ T5867] usb 3-1: Manufacturer: syz
[  530.543815][ T5867] usb 3-1: SerialNumber: syz
[  530.598700][ T5867] usb 3-1: config 0 descriptor??
[  530.627146][ T5867] gspca_main: sunplus-2.14.0 probing 055f:c630
[  531.586958][T14300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3136'.
[  531.638103][T14306] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3136'.
[  531.709103][T14300] macvtap3: entered promiscuous mode
[  531.709329][T14300] macvtap3: entered allmulticast mode
[  531.709344][T14300] bond0: entered allmulticast mode
[  531.709355][T14300] bond_slave_0: entered allmulticast mode
[  531.709371][T14300] bond_slave_1: entered allmulticast mode
[  531.741347][T14300] 8021q: adding VLAN 0 to HW filter on device macvtap3
[  531.835283][T14306] bond0: left allmulticast mode
[  531.835307][T14306] bond_slave_0: left allmulticast mode
[  531.835324][T14306] bond_slave_1: left allmulticast mode
[  531.964418][T14312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3140'.
[  532.019369][ T6006] usb 3-1: USB disconnect, device number 29
[  532.247977][ T5867] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  532.272754][ T5867] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  532.935026][T14336] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3147'.
[  533.060331][T14341] bridge_slave_0: left allmulticast mode
[  533.060362][T14341] bridge_slave_0: left promiscuous mode
[  533.077405][T14341] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.186731][T14341] bridge_slave_1: left allmulticast mode
[  533.186761][T14341] bridge_slave_1: left promiscuous mode
[  533.186994][T14341] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.291840][T14341] bond0: (slave bond_slave_0): Releasing backup interface
[  533.329008][T14341] bond_slave_0: left promiscuous mode
[  533.362592][T14341] bond0: (slave bond_slave_1): Releasing backup interface
[  533.404301][T14341] bond_slave_1: left promiscuous mode
[  533.454527][T14341] team0: Port device team_slave_0 removed
[  533.490317][T14341] team0: Port device team_slave_1 removed
[  533.497586][T14341] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.497606][T14341] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.556663][T14341] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.556693][T14341] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.598308][T14341] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  533.825605][T14369] fuse: Bad value for 'fd'
[  533.919750][T14377] fuse: Bad value for 'fd'
[  533.993086][T14380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3165'.
[  534.122071][ T5809] Bluetooth: hci5: SCO packet for unknown connection handle 201
[  534.256412][T14385] netlink: 'syz.1.3167': attribute type 4 has an invalid length.
[  534.299493][T14391] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3168'.
[  534.299518][T14391] openvswitch: netlink: Flow actions attr not present in new flow.
[  534.393294][ T5809] block nbd1: Receive control failed (result -32)
[  534.410063][T14393] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3170'.
[  534.438671][T14393] macvtap4: entered promiscuous mode
[  534.438773][T14393] macvtap4: entered allmulticast mode
[  534.438781][T14393] bond0: entered allmulticast mode
[  534.439086][T14393] 8021q: adding VLAN 0 to HW filter on device macvtap4
[  534.447928][T14393] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3170'.
[  534.524358][T14393] bond0: left allmulticast mode
[  534.582808][T14397] syz_tun: entered allmulticast mode
[  534.583784][T14397] syz_tun: left allmulticast mode
[  534.655114][T14400] input: syz0 as /devices/virtual/input/input19
[  535.257973][T14413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3179'.
[  535.300418][T14413] macvtap3: entered promiscuous mode
[  535.300606][T14413] macvtap3: entered allmulticast mode
[  535.313960][T14416] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3179'.
[  536.063268][   T36] kauditd_printk_skb: 11 callbacks suppressed
[  536.063285][   T36] audit: type=1326 audit(1775760210.612:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.064147][   T36] audit: type=1326 audit(1775760210.612:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.064401][   T36] audit: type=1326 audit(1775760210.612:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.064786][   T36] audit: type=1326 audit(1775760210.612:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.065197][   T36] audit: type=1326 audit(1775760210.612:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.065437][   T36] audit: type=1326 audit(1775760210.612:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.065838][   T36] audit: type=1326 audit(1775760210.612:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.066359][   T36] audit: type=1326 audit(1775760210.612:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.066625][   T36] audit: type=1326 audit(1775760210.612:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.067062][   T36] audit: type=1326 audit(1775760210.612:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.4.3192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  536.410549][T14453] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3194'.
[  536.468389][T14458] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3194'.
[  536.504731][T14453] bond_slave_0: entered promiscuous mode
[  536.504783][T14453] bond_slave_1: entered promiscuous mode
[  536.505030][T14453] macvtap2: entered promiscuous mode
[  536.505044][T14453] bond0: entered promiscuous mode
[  536.505639][T14453] macvtap2: entered allmulticast mode
[  536.505653][T14453] bond0: entered allmulticast mode
[  536.505665][T14453] bond_slave_0: entered allmulticast mode
[  536.505682][T14453] bond_slave_1: entered allmulticast mode
[  536.507188][T14453] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  536.599071][T14458] bond0: left allmulticast mode
[  536.599095][T14458] bond_slave_0: left allmulticast mode
[  536.599114][T14458] bond_slave_1: left allmulticast mode
[  536.599151][T14458] bond0: left promiscuous mode
[  536.599719][T14458] bond_slave_0: left promiscuous mode
[  536.599794][T14458] bond_slave_1: left promiscuous mode
[  536.723125][T14461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3199'.
[  538.899617][T14520] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3221'.
[  538.899649][T14520] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3221'.
[  538.919274][T14520] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  539.431545][T14541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3229'.
[  540.347099][T14573] syz.5.3241 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  541.760968][T14616] netlink: 'syz.2.3254': attribute type 4 has an invalid length.
[  541.822935][T14620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3255'.
[  541.882567][T14621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3255'.
[  541.970392][T14620] team1: entered promiscuous mode
[  541.970409][T14620] team1: entered allmulticast mode
[  541.995010][T14620] 8021q: adding VLAN 0 to HW filter on device team1
[  542.082143][T14621] team2: entered promiscuous mode
[  542.082172][T14621] team2: entered allmulticast mode
[  542.082887][T14621] 8021q: adding VLAN 0 to HW filter on device team2
[  543.330375][T14643] netlink: 200 bytes leftover after parsing attributes in process `syz.1.3263'.
[  543.330401][T14643] netlink: 'syz.1.3263': attribute type 2 has an invalid length.
[  543.777456][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3274'.
[  543.804858][T14666] macvtap4: entered promiscuous mode
[  543.805010][T14666] macvtap4: entered allmulticast mode
[  543.808128][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3274'.
[  544.939648][   T36] kauditd_printk_skb: 8 callbacks suppressed
[  544.939667][   T36] audit: type=1326 audit(1775760219.482:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.940246][   T36] audit: type=1326 audit(1775760219.482:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.940625][   T36] audit: type=1326 audit(1775760219.482:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.942337][   T36] audit: type=1326 audit(1775760219.492:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.942754][   T36] audit: type=1326 audit(1775760219.492:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.942798][   T36] audit: type=1326 audit(1775760219.492:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fcaebe4c819 code=0x7ffc0000
[  544.995997][   T36] audit: type=1326 audit(1775760219.542:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcaebe0d04e code=0x7ffc0000
[  544.997366][   T36] audit: type=1326 audit(1775760219.542:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcaebe0d04e code=0x7ffc0000
[  544.998731][   T36] audit: type=1326 audit(1775760219.542:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcaebe0d04e code=0x7ffc0000
[  545.000084][   T36] audit: type=1326 audit(1775760219.542:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14699 comm="syz.4.3285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcaebe0d04e code=0x7ffc0000
[  545.735150][T14724] netlink: 'syz.5.3293': attribute type 1 has an invalid length.
[  545.762547][T14724] bond1: entered promiscuous mode
[  545.762885][T14724] 8021q: adding VLAN 0 to HW filter on device bond1
[  545.767501][T14724] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3293'.
[  545.801794][T14724] bond1: entered allmulticast mode
[  545.884411][T14727] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3295'.
[  546.304398][T14741] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3300'.
[  546.322062][T14741] bond_slave_0: entered promiscuous mode
[  546.322835][T14741] bond_slave_1: entered promiscuous mode
[  546.322987][T14741] macvtap3: entered promiscuous mode
[  546.322996][T14741] bond0: entered promiscuous mode
[  546.323320][T14741] macvtap3: entered allmulticast mode
[  546.323328][T14741] bond0: entered allmulticast mode
[  546.323334][T14741] bond_slave_0: entered allmulticast mode
[  546.323343][T14741] bond_slave_1: entered allmulticast mode
[  546.326497][T14741] 8021q: adding VLAN 0 to HW filter on device macvtap3
[  546.328943][T14741] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3300'.
[  546.455137][T14741] bond0: left allmulticast mode
[  546.455159][T14741] bond_slave_0: left allmulticast mode
[  546.455177][T14741] bond_slave_1: left allmulticast mode
[  546.455215][T14741] bond0: left promiscuous mode
[  546.455824][T14741] bond_slave_0: left promiscuous mode
[  546.455888][T14741] bond_slave_1: left promiscuous mode
[  546.686806][T14744] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3303'.
[  546.914988][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  546.919609][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  546.945742][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  546.948078][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  546.982276][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  547.959933][T12058] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.010893][   T43] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  548.164451][   T43] usb 6-1: unable to get BOS descriptor or descriptor too short
[  548.165025][   T43] usb 6-1: not running at top speed; connect to a high speed hub
[  548.166168][   T43] usb 6-1: config 6 has an invalid interface number: 168 but max is 1
[  548.166191][   T43] usb 6-1: config 6 has an invalid interface number: 61 but max is 1
[  548.166210][   T43] usb 6-1: config 6 has no interface number 0
[  548.166225][   T43] usb 6-1: config 6 has no interface number 1
[  548.166283][   T43] usb 6-1: config 6 interface 61 has no altsetting 0
[  548.225820][   T43] usb 6-1: New USB device found, idVendor=2019, idProduct=4902, bcdDevice=94.7f
[  548.225848][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.225866][   T43] usb 6-1: Product: syz
[  548.225877][   T43] usb 6-1: Manufacturer: syz
[  548.225888][   T43] usb 6-1: SerialNumber: syz
[  548.621141][   T43] usb 6-1: USB disconnect, device number 12
[  548.653126][T12058] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.060894][ T5810] Bluetooth: hci0: command tx timeout
[  549.474493][T14803] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3325'.
[  550.103992][T12058] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.335977][T14814] netlink: 'syz.6.3330': attribute type 10 has an invalid length.
[  550.362108][ T5867] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  550.458062][T12058] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.511156][ T5867] usb 3-1: Using ep0 maxpacket: 8
[  550.514697][ T5867] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  550.514753][ T5867] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  550.514776][ T5867] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  550.514799][ T5867] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  550.514821][ T5867] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  550.514862][ T5867] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  550.514883][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.623949][T14814] syz_tun: entered promiscuous mode
[  550.692843][T14814] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  550.762772][ T5867] usb 3-1: usb_control_msg returned -32
[  550.762820][ T5867] usbtmc 3-1:16.0: can't read capabilities
[  551.143901][ T5810] Bluetooth: hci0: command tx timeout
[  551.169997][T14827] usbtmc 3-1:16.0: usb_control_msg returned -32
[  551.173887][ T5882] usb 3-1: USB disconnect, device number 30
[  552.801194][T12058] bond0 (unregistering): left promiscuous mode
[  552.865952][T12058] team0: Port device macvlan0 removed
[  553.044669][T12058] bond0 (unregistering): Released all slaves
[  553.217364][T14755] chnl_net:caif_netlink_parms(): no params data found
[  553.223075][ T5810] Bluetooth: hci0: command tx timeout
[  554.089665][T14867] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  555.307849][ T5810] Bluetooth: hci0: command tx timeout
[  557.837906][T14755] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.838025][T14755] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.838256][T14755] bridge_slave_0: entered allmulticast mode
[  557.840480][T14755] bridge_slave_0: entered promiscuous mode
[  557.892510][T14905] syzkaller0: entered promiscuous mode
[  557.892536][T14905] syzkaller0: entered allmulticast mode
[  557.899974][T14915] tipc: Started in network mode
[  557.900006][T14915] tipc: Node identity 5219c8fdd021, cluster identity 4711
[  557.905849][T14915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  557.970384][T14901] tipc: Resetting bearer <eth:syzkaller0>
[  558.132633][T14901] tipc: Disabling bearer <eth:syzkaller0>
[  558.274125][T14755] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.274222][T14755] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.274383][T14755] bridge_slave_1: entered allmulticast mode
[  558.276085][T14755] bridge_slave_1: entered promiscuous mode
[  561.601422][T12058] hsr_slave_0: left promiscuous mode
[  561.653429][T12058] hsr_slave_1: left promiscuous mode
[  561.726390][T12058] veth1_macvtap: left promiscuous mode
[  561.726476][T12058] veth0_macvtap: left promiscuous mode
[  561.824601][T14984] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  562.710614][T14755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  562.727346][T14755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  562.906595][T14755] team0: Port device team_slave_0 added
[  562.919776][T14755] team0: Port device team_slave_1 added
[  562.985582][T14755] batman_adv: batadv0: Adding interface: batadv_slave_0
[  562.985601][T14755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  562.985628][T14755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  562.989009][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  562.989051][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  563.382598][T14755] batman_adv: batadv0: Adding interface: batadv_slave_1
[  563.382614][T14755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  563.382640][T14755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  563.720587][T14755] hsr_slave_0: entered promiscuous mode
[  563.742866][T14755] hsr_slave_1: entered promiscuous mode
[  563.743763][T14755] debugfs: 'hsr0' already exists in 'hsr'
[  563.743786][T14755] Cannot create hsr debugfs directory
[  564.245547][T15014] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  565.549742][T15044] netlink: 'syz.2.3389': attribute type 39 has an invalid length.
[  567.067823][T14755] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  567.130983][T14755] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  567.185209][T14755] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  568.479118][T14755] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  570.035700][T14755] 8021q: adding VLAN 0 to HW filter on device bond0
[  570.088719][T14755] 8021q: adding VLAN 0 to HW filter on device team0
[  570.107734][T12141] bridge0: port 1(bridge_slave_0) entered blocking state
[  570.108796][T12141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  570.141975][T12141] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.142180][T12141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  571.322416][T15128] syzkaller0: entered promiscuous mode
[  571.322442][T15128] syzkaller0: entered allmulticast mode
[  572.904252][T14755] 8021q: adding VLAN 0 to HW filter on device batadv0
[  573.253445][T15158] tipc: Started in network mode
[  573.253475][T15158] tipc: Node identity fac8fb504884, cluster identity 4711
[  573.253926][T15158] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  573.258705][T15158] syzkaller0: entered promiscuous mode
[  573.258729][T15158] syzkaller0: entered allmulticast mode
[  573.520478][T15166] tipc: Resetting bearer <eth:syzkaller0>
[  573.592257][T15157] tipc: Resetting bearer <eth:syzkaller0>
[  574.082718][T15157] tipc: Disabling bearer <eth:syzkaller0>
[  574.157860][T15182] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3418'.
[  575.066474][T15189] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3421'.
[  575.113428][   T43] tipc: Node number set to 2991389520
[  575.335719][T15193] bond2 (unregistering): Released all slaves
[  575.623339][T15206] netlink: 'syz.5.3426': attribute type 1 has an invalid length.
[  575.706080][T14755] veth0_vlan: entered promiscuous mode
[  575.753384][T15206] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  575.754400][T15206] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  576.883277][T15210] bond2: (slave gretap2): making interface the new active one
[  576.885442][T15210] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  577.002484][T14755] veth1_vlan: entered promiscuous mode
[  577.105768][T14755] veth0_macvtap: entered promiscuous mode
[  577.141496][T14755] veth1_macvtap: entered promiscuous mode
[  577.223247][T14755] batman_adv: batadv0: Interface activated: batadv_slave_0
[  577.278285][T14755] batman_adv: batadv0: Interface activated: batadv_slave_1
[  577.304713][  T145] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  577.307094][ T3844] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  577.322015][ T3844] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  577.327149][  T145] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  577.877140][ T3844] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  577.877162][ T3844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.754864][ T3844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  579.754884][ T3844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  586.961948][T15322] netlink: 'syz.1.3449': attribute type 10 has an invalid length.
[  588.187319][T15322] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  588.212809][T15322] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  588.324195][T15331] overlayfs: missing 'lowerdir'
[  591.131708][T15353] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  598.090863][   T36] kauditd_printk_skb: 22 callbacks suppressed
[  598.090887][   T36] audit: type=1326 audit(1775760272.222:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15424 comm="syz.6.3480" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fde238fc819 code=0x0
[  608.832074][T15498] Bluetooth: MGMT ver 1.23
[  608.832127][T15498] Bluetooth: hci0: unsupported parameter 255
[  608.832145][T15498] Bluetooth: hci0: unsupported parameter 255
[  612.833904][T15531] 9p: Bad value for 'rfdno'
[  616.245606][T15558] lo: entered allmulticast mode
[  616.250179][T15558] lo: left allmulticast mode
[  624.685055][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  624.685127][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  628.762156][T15627] netlink: 'syz.5.3517': attribute type 6 has an invalid length.
[  632.567949][T15637] random: crng reseeded on system resumption
[  636.263578][ T5809] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  636.302030][ T5809] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  636.304504][ T5809] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  636.306073][ T5809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  636.307883][ T5809] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  636.394638][T15662] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  636.420715][ T5810] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  636.443395][ T5810] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  636.444608][ T5810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  636.448219][T15664] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  638.039428][T15676] bridge0: port 3(syz_tun) entered blocking state
[  638.039546][T15676] bridge0: port 3(syz_tun) entered disabled state
[  638.040926][T15676] syz_tun: entered allmulticast mode
[  638.050751][T15676] syz_tun: entered promiscuous mode
[  638.052304][T15676] bridge0: port 3(syz_tun) entered blocking state
[  638.052461][T15676] bridge0: port 3(syz_tun) entered forwarding state
[  638.500598][ T5809] Bluetooth: hci1: command tx timeout
[  639.172019][ T5809] Bluetooth: hci6: command tx timeout
[  640.677251][ T5809] Bluetooth: hci1: command tx timeout
[  641.049407][ T9108] syz_tun (unregistering): left allmulticast mode
[  641.954552][ T5809] Bluetooth: hci6: command tx timeout
[  642.741715][ T5809] Bluetooth: hci1: command tx timeout
[  644.037542][ T5809] Bluetooth: hci6: command tx timeout
[  644.821994][ T5809] Bluetooth: hci1: command tx timeout
[  647.451427][T15723] tipc: Enabled bearer <udp:syz0>, priority 10
[  648.231274][ T5809] Bluetooth: hci6: command tx timeout
[  650.963038][  T132] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  650.963061][  T132] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.574019][T15744] sd 0:0:1:0: device reset
[  653.813268][  T132] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  653.813289][  T132] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  654.120955][ T5883] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  654.283615][ T5883] usb 6-1: config 0 has an invalid descriptor of length 61, skipping remainder of the config
[  654.283663][ T5883] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  654.283700][ T5883] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  654.283729][ T5883] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.314906][ T5883] usb 6-1: config 0 descriptor??
[  654.448170][  T132] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  654.448192][  T132] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  654.781488][ T5883] ath6kl: Failed to submit usb control message: -71
[  654.781521][ T5883] ath6kl: unable to send the bmi data to the device: -71
[  654.781529][ T5883] ath6kl: Unable to send get target info: -71
[  654.820402][ T5883] ath6kl: Failed to init ath6kl core: -71
[  654.824617][ T5883] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[  654.833563][ T5883] usb 6-1: USB disconnect, device number 13
[  655.424865][T15661] chnl_net:caif_netlink_parms(): no params data found
[  655.635020][T15654] chnl_net:caif_netlink_parms(): no params data found
[  655.653915][T15661] bridge0: port 1(bridge_slave_0) entered blocking state
[  655.654126][T15661] bridge0: port 1(bridge_slave_0) entered disabled state
[  655.654357][T15661] bridge_slave_0: entered allmulticast mode
[  655.657416][T15661] bridge_slave_0: entered promiscuous mode
[  655.699797][T15661] bridge0: port 2(bridge_slave_1) entered blocking state
[  655.699960][T15661] bridge0: port 2(bridge_slave_1) entered disabled state
[  655.700519][T15661] bridge_slave_1: entered allmulticast mode
[  655.725875][T15661] bridge_slave_1: entered promiscuous mode
[  656.802160][T15661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  656.943170][T15661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.345127][T15654] bridge0: port 1(bridge_slave_0) entered blocking state
[  658.347040][T15654] bridge0: port 1(bridge_slave_0) entered disabled state
[  658.849445][T15654] bridge_slave_0: entered allmulticast mode
[  658.869548][T15654] bridge_slave_0: entered promiscuous mode
[  658.965988][T15654] bridge0: port 2(bridge_slave_1) entered blocking state
[  658.966111][T15654] bridge0: port 2(bridge_slave_1) entered disabled state
[  658.966477][T15654] bridge_slave_1: entered allmulticast mode
[  658.988595][T15654] bridge_slave_1: entered promiscuous mode
[  659.023515][T15661] team0: Port device team_slave_0 added
[  659.339325][T15792] qnx4: unable to read the superblock
[  660.022770][T15661] team0: Port device team_slave_1 added
[  660.242784][T15783] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  660.255689][T15654] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  660.344928][T15654] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  660.345811][  T132] bridge_slave_1: left allmulticast mode
[  660.345835][  T132] bridge_slave_1: left promiscuous mode
[  660.346058][  T132] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.065658][T15813] sd 0:0:1:0: device reset
[  662.086261][  T132] bridge_slave_0: left allmulticast mode
[  662.086293][  T132] bridge_slave_0: left promiscuous mode
[  662.087673][  T132] bridge0: port 1(bridge_slave_0) entered disabled state
[  662.717975][T15822] sd 0:0:1:0: device reset
[  666.307779][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.021590][T15832] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  669.261933][  T132] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  669.672872][  T132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  669.751719][  T132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  669.793293][  T132] bond0 (unregistering): Released all slaves
[  669.798631][  T132] bond1 (unregistering): Released all slaves
[  670.081727][T15661] batman_adv: batadv0: Adding interface: batadv_slave_0
[  670.081744][T15661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  670.081771][T15661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  670.350078][T15661] batman_adv: batadv0: Adding interface: batadv_slave_1
[  670.350096][T15661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  670.350123][T15661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  670.463364][T15654] team0: Port device team_slave_0 added
[  670.561925][  T132] tipc: Left network mode
[  670.582711][T15654] team0: Port device team_slave_1 added
[  670.634795][T15661] hsr_slave_0: entered promiscuous mode
[  670.636016][T15661] hsr_slave_1: entered promiscuous mode
[  670.636821][T15661] debugfs: 'hsr0' already exists in 'hsr'
[  670.636843][T15661] Cannot create hsr debugfs directory
[  672.240837][T15654] batman_adv: batadv0: Adding interface: batadv_slave_0
[  672.240856][T15654] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  672.240883][T15654] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  672.390615][T15849] sd 0:0:1:0: device reset
[  672.856301][T15664] Bluetooth: hci0: command 0x0406 tx timeout
[  674.842971][T15654] batman_adv: batadv0: Adding interface: batadv_slave_1
[  674.842986][T15654] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  674.843010][T15654] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.158359][T15654] hsr_slave_0: entered promiscuous mode
[  676.159587][T15654] hsr_slave_1: entered promiscuous mode
[  676.160383][T15654] debugfs: 'hsr0' already exists in 'hsr'
[  676.160405][T15654] Cannot create hsr debugfs directory
[  680.379354][T15908] sd 0:0:1:0: device reset
[  684.080806][T15661] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  684.304716][T15661] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  684.712114][  T132] hsr_slave_0: left promiscuous mode
[  684.737626][  T132] hsr_slave_1: left promiscuous mode
[  684.738445][  T132] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  684.738463][  T132] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.812804][  T132] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.812834][  T132] batman_adv: batadv0: Removing interface: batadv_slave_1
[  685.004321][  T132] veth1_macvtap: left promiscuous mode
[  685.004385][  T132] veth0_macvtap: left promiscuous mode
[  685.819974][T15953] sd 0:0:1:0: device reset
[  686.614540][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  686.614612][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  686.939438][  T132] pim6reg (unregistering): left allmulticast mode
[  688.391727][  T132] team0 (unregistering): Port device team_slave_1 removed
[  688.485240][  T132] team0 (unregistering): Port device team_slave_0 removed
[  688.741355][ T5809] Bluetooth: hci4: command 0x0405 tx timeout
[  688.986041][T15661] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  689.007975][T15946] netlink: 'syz.6.3574': attribute type 3 has an invalid length.
[  689.007991][T15946] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3574'.
[  689.150931][T15661] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  691.199641][T15654] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  691.347867][T15654] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  691.421930][T15654] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  691.469611][T15654] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  691.912840][T15661] 8021q: adding VLAN 0 to HW filter on device bond0
[  692.237210][T15661] 8021q: adding VLAN 0 to HW filter on device team0
[  692.308736][ T6024] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.308936][ T6024] bridge0: port 1(bridge_slave_0) entered forwarding state
[  692.433079][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  692.440958][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  692.611201][T15654] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.242651][ T5809] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  694.299976][ T5809] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  694.329463][ T5809] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  694.432829][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  694.438876][ T5809] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  695.030028][T15664] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  695.081465][T15664] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  695.086902][T15664] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  695.088121][T15664] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  695.088672][T15664] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  695.603430][  T132] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  695.603452][  T132] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.590905][ T5809] Bluetooth: hci2: command tx timeout
[  697.300858][ T5809] Bluetooth: hci3: command tx timeout
[  697.495045][  T132] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  697.495069][  T132] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.035617][  T132] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  698.035640][  T132] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.728104][ T5809] Bluetooth: hci2: command tx timeout
[  698.978377][  T132] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  698.978401][  T132] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.381528][ T5809] Bluetooth: hci3: command tx timeout
[  700.750291][ T5809] Bluetooth: hci2: command tx timeout
[  701.434601][  T132] bridge_slave_1: left allmulticast mode
[  701.434620][  T132] bridge_slave_1: left promiscuous mode
[  701.434768][  T132] bridge0: port 2(bridge_slave_1) entered disabled state
[  701.460921][ T5809] Bluetooth: hci3: command tx timeout
[  701.521914][  T132] bridge_slave_0: left allmulticast mode
[  701.521934][  T132] bridge_slave_0: left promiscuous mode
[  701.524817][  T132] bridge0: port 1(bridge_slave_0) entered disabled state
[  702.826990][ T5809] Bluetooth: hci2: command tx timeout
[  703.597446][ T5809] Bluetooth: hci3: command tx timeout
[  704.631236][  T132] gretap0 (unregistering): left promiscuous mode
[  705.621865][  T132] bond1 (unregistering): (slave gretap1): Releasing active interface
[  706.436805][  T132] bond2 (unregistering): (slave bridge1): Releasing active interface
[  706.731820][  T132] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  706.772236][  T132] bond_slave_0: left promiscuous mode
[  706.821918][  T132] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  706.851092][  T132] bond_slave_1: left promiscuous mode
[  706.898646][  T132] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  706.932569][  T132] mac80211_hwsim hwsim9 wlan1: left promiscuous mode
[  707.060798][  T132] bond0 (unregistering): Released all slaves
[  707.080317][  T132] bond1 (unregistering): Released all slaves
[  707.106832][  T132] bond2 (unregistering): Released all slaves
[  708.153170][T16029] chnl_net:caif_netlink_parms(): no params data found
[  708.626954][  T132] IPVS: stopping backup sync thread 15014 ...
[  709.303870][T16029] bridge0: port 1(bridge_slave_0) entered blocking state
[  709.303965][T16029] bridge0: port 1(bridge_slave_0) entered disabled state
[  709.304194][T16029] bridge_slave_0: entered allmulticast mode
[  709.374009][T16029] bridge_slave_0: entered promiscuous mode
[  709.375350][T16032] chnl_net:caif_netlink_parms(): no params data found
[  709.430292][T16029] bridge0: port 2(bridge_slave_1) entered blocking state
[  709.430361][T16029] bridge0: port 2(bridge_slave_1) entered disabled state
[  709.430559][T16029] bridge_slave_1: entered allmulticast mode
[  709.434955][T16029] bridge_slave_1: entered promiscuous mode
[  710.899596][T16029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  711.271997][T16029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  711.661652][T16029] team0: Port device team_slave_0 added
[  711.680263][T16029] team0: Port device team_slave_1 added
[  711.869661][T16032] bridge0: port 1(bridge_slave_0) entered blocking state
[  711.869767][T16032] bridge0: port 1(bridge_slave_0) entered disabled state
[  711.869897][T16032] bridge_slave_0: entered allmulticast mode
[  711.955737][T16032] bridge_slave_0: entered promiscuous mode
[  711.967270][T16029] batman_adv: batadv0: Adding interface: batadv_slave_0
[  711.967287][T16029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  711.967313][T16029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  712.016567][T16032] bridge0: port 2(bridge_slave_1) entered blocking state
[  712.016639][T16032] bridge0: port 2(bridge_slave_1) entered disabled state
[  712.016838][T16032] bridge_slave_1: entered allmulticast mode
[  712.047089][T16032] bridge_slave_1: entered promiscuous mode
[  712.237578][  T132] hsr_slave_0: left promiscuous mode
[  712.282034][  T132] hsr_slave_1: left promiscuous mode
[  712.334979][  T132] veth1_macvtap: left promiscuous mode
[  712.335042][  T132] veth0_macvtap: left promiscuous mode
[  714.082042][  T132] team0 (unregistering): Port device team_slave_1 removed
[  714.290773][  T132] team0 (unregistering): Port device team_slave_0 removed
[  714.382520][   T13] smc: removing ib device syz2
[  715.256004][T16029] batman_adv: batadv0: Adding interface: batadv_slave_1
[  715.256021][T16029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  715.256046][T16029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  715.375726][ T6006] syz2: Port: 1 Link DOWN
[  715.673477][T16032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.207652][T16032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  717.313397][T16029] hsr_slave_0: entered promiscuous mode
[  717.314148][T16029] hsr_slave_1: entered promiscuous mode
[  717.758398][T16032] team0: Port device team_slave_0 added
[  718.032293][T16032] team0: Port device team_slave_1 added
[  720.459375][T16032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  720.459393][T16032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  720.459416][T16032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  720.697369][T16032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  720.697383][T16032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  720.697397][T16032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  723.053018][T16032] hsr_slave_0: entered promiscuous mode
[  723.053810][T16032] hsr_slave_1: entered promiscuous mode
[  723.054327][T16032] debugfs: 'hsr0' already exists in 'hsr'
[  723.054343][T16032] Cannot create hsr debugfs directory
[  725.155381][  T132] IPVS: stop unused estimator thread 0...
[  732.692729][T16029] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  732.924585][T16029] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  732.953501][T16029] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  733.478775][T16029] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  734.124147][T16032] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  734.204203][T16032] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  734.247218][T16032] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  734.305271][T16032] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  735.363764][T16029] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.448607][T16029] 8021q: adding VLAN 0 to HW filter on device team0
[  735.533756][  T145] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.533879][  T145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  735.655956][T16032] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.678370][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  735.679003][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  736.025885][T16032] 8021q: adding VLAN 0 to HW filter on device team0
[  736.184642][T12061] bridge0: port 1(bridge_slave_0) entered blocking state
[  736.184863][T12061] bridge0: port 1(bridge_slave_0) entered forwarding state
[  736.288572][T12061] bridge0: port 2(bridge_slave_1) entered blocking state
[  736.288737][T12061] bridge0: port 2(bridge_slave_1) entered forwarding state
[  737.186246][T16032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  737.220879][ T5868] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  737.370907][ T5868] usb 6-1: Using ep0 maxpacket: 8
[  737.373049][ T5868] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  737.373076][ T5868] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  737.373095][ T5868] usb 6-1: config 0 has no interface number 0
[  737.373140][ T5868] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  737.373162][ T5868] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.462019][ T5868] usb 6-1: config 0 descriptor??
[  737.478066][ T5868] ldusb 6-1:0.55: Interrupt in endpoint not found
[  737.637039][T16029] 8021q: adding VLAN 0 to HW filter on device batadv0
[  738.059009][T16032] veth0_vlan: entered promiscuous mode
[  738.086185][T16032] veth1_vlan: entered promiscuous mode
[  738.218727][T16032] veth0_macvtap: entered promiscuous mode
[  738.242964][T16032] veth1_macvtap: entered promiscuous mode
[  738.328363][T16032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  738.391683][T16032] batman_adv: batadv0: Interface activated: batadv_slave_1
[  738.453038][T12061] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  738.474886][T12061] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  738.476858][T12061] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  738.477282][T12061] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  738.797396][T16029] veth0_vlan: entered promiscuous mode
[  739.003597][T16029] veth1_vlan: entered promiscuous mode
[  739.021084][T12061] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  739.021105][T12061] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  739.206950][T12141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  739.206969][T12141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  739.337069][T16029] veth0_macvtap: entered promiscuous mode
[  739.411480][T16029] veth1_macvtap: entered promiscuous mode
[  739.508445][T16029] batman_adv: batadv0: Interface activated: batadv_slave_0
[  739.559396][T16029] batman_adv: batadv0: Interface activated: batadv_slave_1
[  739.576623][ T3844] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  739.578654][ T3844] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  739.579548][ T3844] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  739.579591][ T3844] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  739.772516][ T5868] usb 6-1: USB disconnect, device number 14
[  744.239125][  T990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  744.239148][  T990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  744.571560][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  744.571583][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  747.311238][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  747.317680][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  751.262747][T16566] syz.6.3641 (16566) used greatest stack depth: 17688 bytes left
[  752.696929][T16574] sd 0:0:1:0: device reset
[  760.504949][T16689] sd 0:0:1:0: device reset
[  761.730797][ T5882] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  761.922986][ T5882] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  761.923038][ T5882] usb 10-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  761.923061][ T5882] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.963526][ T5882] usb 10-1: config 0 descriptor??
[  761.964547][T16693] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  762.658210][ T5882] hid (null): invalid report_size 812540268
[  762.706937][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.706973][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.706998][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707031][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707056][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707080][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707156][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707182][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707209][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.707236][ T5882] logitech-djreceiver 0003:046D:C71F.0012: unknown main item tag 0x0
[  762.798567][ T5882] logitech-djreceiver 0003:046D:C71F.0012: invalid report_size 812540268
[  762.798594][ T5882] logitech-djreceiver 0003:046D:C71F.0012: item 0 4 1 7 parsing failed
[  762.799452][ T5882] logitech-djreceiver 0003:046D:C71F.0012: logi_dj_probe: parse failed
[  762.799525][ T5882] logitech-djreceiver 0003:046D:C71F.0012: probe with driver logitech-djreceiver failed with error -22
[  774.915389][T16814] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3672'.
[  785.603011][  T132] ------------[ cut here ]------------
[  785.603026][  T132] conntrack cleanup blocked for 60s
[  785.603058][  T132] WARNING: net/netfilter/nf_conntrack_core.c:2512 at nf_conntrack_cleanup_net_list+0x234/0x340, CPU#1: kworker/u8:5/132
[  785.603111][  T132] Modules linked in:
[  785.603133][  T132] CPU: 1 UID: 0 PID: 132 Comm: kworker/u8:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  785.603161][  T132] Tainted: [L]=SOFTLOCKUP
[  785.603168][  T132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  785.603182][  T132] Workqueue: netns cleanup_net
[  785.603204][  T132] RIP: 0010:nf_conntrack_cleanup_net_list+0x234/0x340
[  785.603231][  T132] Code: 08 48 89 df e8 ed 46 e7 f8 4c 8b 3b 49 39 df 74 69 e8 b0 22 81 f8 45 31 e4 e9 8e fe ff ff e8 a3 22 81 f8 48 8d 3d bc 27 35 06 <67> 48 0f b9 3a eb c0 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c cd fe ff
[  785.603248][  T132] RSP: 0018:ffffc90003a178b0 EFLAGS: 00010293
[  785.603265][  T132] RAX: ffffffff89435f4d RBX: ffffc90003a17a50 RCX: ffff88801efc9e80
[  785.603280][  T132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f788710
[  785.603293][  T132] RBP: 0000000000000088 R08: 0000000000000000 R09: 0000000000000000
[  785.603305][  T132] R10: dffffc0000000000 R11: ffffed100b729981 R12: 0000000000000001
[  785.603319][  T132] R13: dffffc0000000000 R14: 000000010000bce5 R15: 000000010000bcf6
[  785.603333][  T132] FS:  0000000000000000(0000) GS:ffff888126432000(0000) knlGS:0000000000000000
[  785.603349][  T132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  785.603363][  T132] CR2: 00007fde21b2cff8 CR3: 0000000028824000 CR4: 00000000003526f0
[  785.603380][  T132] Call Trace:
[  785.603390][  T132]  <TASK>
[  785.603409][  T132]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[  785.603439][  T132]  ops_undo_list+0x52b/0x940
[  785.603463][  T132]  ? rt_spin_unlock+0x1f0/0x200
[  785.603494][  T132]  ? __pfx_ops_undo_list+0x10/0x10
[  785.603512][  T132]  ? rt_spin_unlock+0x14f/0x200
[  785.603542][  T132]  ? idr_destroy+0x21b/0x2a0
[  785.603561][  T132]  ? rt_spin_unlock+0x160/0x200
[  785.603592][  T132]  cleanup_net+0x56e/0x800
[  785.603615][  T132]  ? __pfx_cleanup_net+0x10/0x10
[  785.603642][  T132]  ? process_scheduled_works+0xa8d/0x18c0
[  785.603691][  T132]  ? process_scheduled_works+0xa8d/0x18c0
[  785.603722][  T132]  process_scheduled_works+0xb6e/0x18c0
[  785.603782][  T132]  ? __pfx_process_scheduled_works+0x10/0x10
[  785.603817][  T132]  ? assign_work+0x3d5/0x5e0
[  785.603850][  T132]  worker_thread+0xa53/0xfc0
[  785.603906][  T132]  kthread+0x388/0x470
[  785.603928][  T132]  ? __pfx_worker_thread+0x10/0x10
[  785.603954][  T132]  ? __pfx_kthread+0x10/0x10
[  785.603977][  T132]  ret_from_fork+0x51e/0xb90
[  785.604009][  T132]  ? __pfx_ret_from_fork+0x10/0x10
[  785.604035][  T132]  ? __switch_to+0xc7d/0x1450
[  785.604065][  T132]  ? __pfx_kthread+0x10/0x10
[  785.604087][  T132]  ret_from_fork_asm+0x1a/0x30
[  785.604125][  T132]  </TASK>
[  785.604145][  T132] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  785.604161][  T132] CPU: 1 UID: 0 PID: 132 Comm: kworker/u8:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  785.604187][  T132] Tainted: [L]=SOFTLOCKUP
[  785.604195][  T132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  785.604208][  T132] Workqueue: netns cleanup_net
[  785.604226][  T132] Call Trace:
[  785.604234][  T132]  <TASK>
[  785.604241][  T132]  vpanic+0x56c/0xa60
[  785.604272][  T132]  ? __pfx__printk+0x10/0x10
[  785.604293][  T132]  ? __pfx_vpanic+0x10/0x10
[  785.604321][  T132]  ? is_bpf_text_address+0x292/0x2b0
[  785.604349][  T132]  ? is_bpf_text_address+0x26/0x2b0
[  785.604386][  T132]  panic+0xc5/0xd0
[  785.604413][  T132]  ? __pfx_panic+0x10/0x10
[  785.604452][  T132]  ? ret_from_fork_asm+0x1a/0x30
[  785.604477][  T132]  __warn+0x315/0x4f0
[  785.604504][  T132]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604532][  T132]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604560][  T132]  __report_bug+0x29a/0x540
[  785.604589][  T132]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604616][  T132]  ? __pfx___report_bug+0x10/0x10
[  785.604635][  T132]  ? rcu_is_watching+0x15/0xb0
[  785.604674][  T132]  ? nf_conntrack_cleanup_net_list+0x239/0x340
[  785.604699][  T132]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604734][  T132]  report_bug_entry+0x19a/0x290
[  785.604756][  T132]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604781][  T132]  ? nf_conntrack_cleanup_net_list+0x239/0x340
[  785.604806][  T132]  handle_bug+0xce/0x200
[  785.604833][  T132]  exc_invalid_op+0x1a/0x50
[  785.604858][  T132]  asm_exc_invalid_op+0x1a/0x20
[  785.604877][  T132] RIP: 0010:nf_conntrack_cleanup_net_list+0x234/0x340
[  785.604904][  T132] Code: 08 48 89 df e8 ed 46 e7 f8 4c 8b 3b 49 39 df 74 69 e8 b0 22 81 f8 45 31 e4 e9 8e fe ff ff e8 a3 22 81 f8 48 8d 3d bc 27 35 06 <67> 48 0f b9 3a eb c0 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c cd fe ff
[  785.604921][  T132] RSP: 0018:ffffc90003a178b0 EFLAGS: 00010293
[  785.604936][  T132] RAX: ffffffff89435f4d RBX: ffffc90003a17a50 RCX: ffff88801efc9e80
[  785.604952][  T132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f788710
[  785.604964][  T132] RBP: 0000000000000088 R08: 0000000000000000 R09: 0000000000000000
[  785.604976][  T132] R10: dffffc0000000000 R11: ffffed100b729981 R12: 0000000000000001
[  785.604990][  T132] R13: dffffc0000000000 R14: 000000010000bce5 R15: 000000010000bcf6
[  785.605012][  T132]  ? nf_conntrack_cleanup_net_list+0x22d/0x340
[  785.605054][  T132]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[  785.605081][  T132]  ops_undo_list+0x52b/0x940
[  785.605105][  T132]  ? rt_spin_unlock+0x1f0/0x200
[  785.605133][  T132]  ? __pfx_ops_undo_list+0x10/0x10
[  785.605151][  T132]  ? rt_spin_unlock+0x14f/0x200
[  785.605182][  T132]  ? idr_destroy+0x21b/0x2a0
[  785.605201][  T132]  ? rt_spin_unlock+0x160/0x200
[  785.605233][  T132]  cleanup_net+0x56e/0x800
[  785.605255][  T132]  ? __pfx_cleanup_net+0x10/0x10
[  785.605282][  T132]  ? process_scheduled_works+0xa8d/0x18c0
[  785.605309][  T132]  ? process_scheduled_works+0xa8d/0x18c0
[  785.605338][  T132]  process_scheduled_works+0xb6e/0x18c0
[  785.605398][  T132]  ? __pfx_process_scheduled_works+0x10/0x10
[  785.605448][  T132]  ? assign_work+0x3d5/0x5e0
[  785.605481][  T132]  worker_thread+0xa53/0xfc0
[  785.605537][  T132]  kthread+0x388/0x470
[  785.605559][  T132]  ? __pfx_worker_thread+0x10/0x10
[  785.605586][  T132]  ? __pfx_kthread+0x10/0x10
[  785.605608][  T132]  ret_from_fork+0x51e/0xb90
[  785.605639][  T132]  ? __pfx_ret_from_fork+0x10/0x10
[  785.605672][  T132]  ? __switch_to+0xc7d/0x1450
[  785.605700][  T132]  ? __pfx_kthread+0x10/0x10
[  785.605723][  T132]  ret_from_fork_asm+0x1a/0x30
[  785.605759][  T132]  </TASK>
[  785.606191][  T132] Kernel Offset: disabled