last executing test programs:

8m42.86979448s ago: executing program 32 (id=182):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
writev(r0, &(0x7f0000000180), 0x0) (async, rerun: 32)
syz_open_dev$video(&(0x7f0000000000), 0x3fbffd, 0x670980) (rerun: 32)

8m3.828331699s ago: executing program 1 (id=381):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) (async)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=<r3=>r2, @ANYBLOB="010028bd7000000000003b00000008000300", @ANYRES32=r0, @ANYBLOB="46003300d0000000ffffffffffff080211000000505050505050"], 0x64}}, 0x0) (async)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000240)="0100000200373a4541062101a59ea940d2cb0b3692f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697a793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855bea1ce67fe118aa4acabb5bee7f082d23a16b010c92471eba59152e716af8776ab90ac47a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b410119873dd9827757d96c5e8aa4617cc54c5e67060a9266f416b78f774e53ca1f84e698d1fe3cee10a85882cbecb29f2a22535ac58e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e5cd664c169fa6c29", 0x12d, 0xffffffffffffffff) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r4 = getpid()
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902", @ANYRESOCT=r4, @ANYRES32=r0, @ANYRESOCT, @ANYRESHEX=r2, @ANYRES16=r3], 0x0)
syz_usb_control_io$uac1(r5, 0x0, &(0x7f0000000540)={0x44, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
mount(&(0x7f0000000580)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000005c0)='hostfs\x00', 0x207025, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000480)=ANY=[@ANYBLOB="080000000a00000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ae9d8cc000000000000020"], 0x5000) (async)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, &(0x7f0000000a40)={0x0, {{0xa, 0x4e21, 0xfefffffc, @remote}}, {{0xa, 0x4e21, 0x2, @remote, 0xfffffffb}}}, 0x104)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0xc0145b0d, &(0x7f0000000040)) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r6, &(0x7f0000000000), 0x0, 0x0) (async)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0) (async)
r7 = socket$inet_udp(0x2, 0x2, 0x0) (async)
rename(&(0x7f0000000380)='./file0\x00', &(0x7f0000000700)='./cgroup/cgroup.procs\x00')
bind$inet(r7, &(0x7f00000003c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$sock_int(r7, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) (async)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10) (async)
sendmmsg$inet(r7, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf1c)

8m2.692403589s ago: executing program 1 (id=387):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xfff1}, {0xf00}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x12, 0x2}, {0xfffd, 0x6, 0x2}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)

8m2.692177131s ago: executing program 1 (id=388):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881a1, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x218}}], 0x1, 0x0)

8m2.620384271s ago: executing program 1 (id=389):
rt_sigaction(0xd, &(0x7f0000000440)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x48000000, 0x0, {[0x2, 0x402]}}, 0x0, 0x8, &(0x7f00000003c0))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4a, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}], 0x1, 0x0)

8m2.542128169s ago: executing program 1 (id=390):
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={0xffffffffffffffff}, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd29, 0x25dfdbfd, 0x4000f2, [@XFRMA_SPD_IPV6_HTHRESH={0x6, 0x4, {0xff}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$BTRFS_IOC_SEND(r0, 0x40449426, &(0x7f0000000140)={{r1}, 0x1, &(0x7f0000000100)=[0x3], 0x9, 0x4})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=@newtaction={0x6c, 0x30, 0xb, 0x5, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000001, 0xfbf, 0x0, 0x0, 0x400}}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa010102}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x48890}, 0x40)
syz_emit_ethernet(0x24ae, &(0x7f00000049c0)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @dccp_packet={0xe, 0x6, "b430f1", 0x2478, 0x21, 0x0, @local, @dev={0xfe, 0x80, '\x00', 0x21}, {[@routing={0x5e, 0x6, 0x2, 0x6, 0x0, [@ipv4={'\x00', '\xff\xff', @private=0xa010100}, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @srh={0x21, 0xc, 0x4, 0x6, 0xb6, 0x8, 0x1, [@loopback, @loopback, @empty, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}, @hopopts={0x2d, 0x248, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x95, 0x1888, [0x2, 0x6]}}, @calipso={0x7, 0x48, {0x3, 0x10, 0x5, 0x1, [0x6cd7, 0x8000, 0x8, 0x8, 0x50, 0x6, 0x90c9, 0x6]}}, @pad1, @generic={0x2, 0xc7, "60e4755b1b4333d11f89354fc687dc8abc98da41e3189a7828a24382e830c4c32aed2c202924f00cbe179d407a2c8a18d5e563f1c485e9d69685b17dec4f0e42650202b27ef12b4b196296a7df58f523c798a48bede482a4c0b03cef3f77792310858f1dcf17f452ccaaa72ed1053203d884e57172a04ce7165c7bac3efbb3eb0579777ec7ede40df8f62c9cc56ddc249df3e291b174bf3ed3443af56d95354d937c30233022e79272a314979babd4fbc40b6eadc251341eb17cd7177a5b8a5fcdaf087c0fd131"}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x80}, @generic={0x9, 0x4c, "763c56c6f0c0860bca13cc9b11814a51d9bc456570171b76eee507044a40b68dac452a6180a4039d14a9b281d4609b75f7ca53a814b09bb498a77fa312e1d06ad3891c256520ce6cf06ee360"}, @padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x4}, @generic={0x2, 0x10a9, "bb7f5e8e927692ee23aab42d24b8b4b8762cfda391b23d3e8efcaa71d1b23079da6b8e432a58cc93d1c256ef2e62178bc0bf9266105111c093fc9e4fe6b34825986c637c3e0bf0284478a3a2bc7ed2b80876944866a2f52483aac28316c1f6cbc898f13c8b67b0297ac6766929463f348064bfccbb681346f9cf870f417bcc3065ec064e438cbb3088b76600ef2bc5d58ca4aa2b1d8098a3eb1e5f495a0e00016084ffd0196108676985ebe51c5bbe856d336b78e385df77ed62f27134cd350e8481aaea7ce7c0f0ac76173383f07e8b5aaa8a1fd9b3f0cb1a4f548adea793df1150ac03a2fa65b66dc1442a601bef990d6aa8451d30007b17c6aaca52dd4e9deeef89381b2fafc590b2335273550faadc80770ffb74fc75af435d1f160c0b29b04bc30fdd709b461667f7fac2981215ef3687d276fb7755c82088ddcbb91eaf6502a2aa01887ab40415e4ce13a9de3652b995886c4aca07c684f3d02cd553b81bfa3a1a323c397ad5019612915926f9ce7b17e368d68112c022a5cf5e4c0ed8d80b51a34e6028c483e90efe88658c52bf83bb1e42955865d8b6896b32f3034abbfe164b780496f51f985c5afc45147a78df4bedb4275aff93064b58c240f9b167fee4df38215924b2e2cf88a78161b23fa8b1cdd10f5964044311c2087fb589fa086cdb53f7656da231cab0143d7542e78e607e34ad50a54bf232aafc393482dc0920d692946d5642088730d51cf11b39ff71d489f5ecf42a01c94fc9613b17ae26c12d9ca8b926d72fe760bd2ab6beaa85ab5e84d53aefee2b1793af5a3f92b80117573d4984937a2d40564abc28020f183e0e5deaf04a5cf5e9f9351f9099b5b04827ffff38edb17ab21789e18ec9e4199dcccc707bc877807267c4c2d300655cbe423b346952d41611d43175d7ce976b7261f55f20bbc02138f5b2d18a25be22fff92932be9dde7c5945e905ab0cc04f467cee6e281a9fe11b731bf311dc126a1cd7546550d4c50a6f749f0174791526caa0484c6752f339f2110374b1c79e46f7f55a8c40e21b6a4401eecd54422da434895cec9b508b017b25be153fd5c7e75e79df3d14b92b36d84e06babea1b54782035c710b5ab93579bbfe0b2b769ce3eaeebb4ae5986a42354d4047ed96c139459ae18d73d3752bbac6085009c80e57884d58ea8ca7b1335577af9ef34dfc614635873dc59c5a25f79334995916f29951593e0cb081fc8f485c4e45c96c1a2cbf439cfb75e8310e9ac824940a3e14a7287b3c68b6912f6e7a34ffd7d7c236ec2f353db38931735df4dd8e50253dd03a1573e96f1324d0a4f04c9e9008dddf54ab6c44f33a8422d14d851b3dbdc706fa6a79b927e9fe1b35f3adcc41ecdf582a4d84add67710f76bd9cdc1add94c8566ca19007010eb3c02387b7690c6714a5a643a8bb2f21899a4d676f4f1170f4044f0ac8ef2e1bae9e85c786ad38fb7b512d413a0393ca7c0778f9a8e006c25a09a27bb25b595be3d89bd203d5fbd6a1e4eb1bbfd15aeeadc7c053dccf5d1e89e2d15999146fa150540dbcf037d93f1566ed5bdfaa88fd89ae3dd51b1e320d0561d37d8c9f59408a4e256cdb026b49216636dda4f2a01db82c5de11be8a5c7893db5a5ceb56214c18196f57f2db52b5c4c006ac517657a5bc4702298f3f698fc34e436c7ec246045eb4b43f9ab65235560e48725ddab96f1aba9e256c2f2abd8e277caa6c7de1ecffd4e9d666a906a2e0a4c736e934f0607e8e9cb86f9f42513c166c88b817284c2708400b43987b70b7f7c8bf78212cd10c75f7ea4c01b585944a548e6c4950d094f2eac07ca0fed85f87c0de1ab70d809b045b776b7cafa221d1ea2978f10e02b22fec2e9b0279824c6b3a6f078d0889f72f9ac194ef275cb116430b483ef8ca55207df30b2137ff8cd2b771852d97851781659ae443525ad8b4e8b5fa0e62ba0e7231e40b7085d617d921944ad54f4d3e1e9e55d8db9c50760152292535c36b1db7131e59ac201db1d8753ce95e2a9778d2df77a7fca3610c4c0e5f96de1e08d811bfb2c8838c66f00a83cbaa445fa12a5647e8d8f3cd44cea768867f0e5cb5ff6217ed6a369b45ea4e6a18a5e16512fb999c0e6b71e81b490820039ea0c51fcff9c39b8f4662783d6c4baa3b42489ba91be6ce5b68d64baacd6ab22e8c45fd75fcc2957b54de94d93fb79882a7ce72a2e27805fd3a6704d2c900790603b528b68eb227b9575b07cd6e5597fff002056d8bfdaddb744ffee816843be01878448b2faa10515b6071b71650cfbe3a56916e2b9772e5233078437c7f456466e7806e74f9d06d73fa076dacc889ee37b623319d0cc0e4789625703f944649e0938dd6fb3edbb59646bb9f27bd4f3fd31f9fe823f5e0142a94be4bc6710782e3742fd754a1e3f43aedf9d0e209080726b6b9ecb6637095e953e38328e34cc13f4d03848123f70e8c86e4a83b82b7b180e9de7bdd74d677c7ae2f2045aa566ec62e7e2b6af18fe9be27acdb50b5717af6468167d12252dbf9d626c781d9ca6c8247a74f5d5a8085ae9e2c59f340c78ce7fc60b814222ec4a6126dbc55e923156393cd468cb8dfaf04dc47a99affeaaef66434b7524621c7fba9981e3af70eae273c290eae96404557e506f6b1d6fd5c0ce984ba821af71107e0f5bb0ba5bd180e0beb8359ec1312e3fb8fff045b99fc71e78384c9ec644c1d161bd957d5417afd3969521dcba8c25efae290abae9bd452698bbc71bdd3cbdcf3f7d1e233058d379e74bf651600014b2a21910237f73419698cb03dee85264694c6adb89704176ae1c42b1d9b6ee11abf6bbca4bd2d22108d8b2222d6fcd2abddfde5fa65a7ec74ec07968ffccd8297e46008968193b4985ea6500ae1988b8c1f33f9e9af4b5098ff1e932683ead56760c7304a4d830fcb2471fe9746327452f36cd4c17abfd6e89dfbc3cf018c6560ebfcbb276e8e057b768e66e39b2450971f2650c99d9e8a7316332d7aeed6682974e70569e43351f7c3e645f57cf2a91ca290d460630489a20a5f817c18954cf09bba3472a42764e680adcdfc5fe94d79e8ce58ff7e619db29a9d1237f1a5bca825e38a2feed4317d02a7f450cba71c125de3f915e68eb34d97f5ba67810e2e2c4daa0e21b2f140e4c80ca056d8fc2331c36e9e10489c5e1c99d700aa0d5cf9204e02727642863bce8d126238de7fe7774030aa50eb060eb59e648761fe8b9319667c25a24aa47b0c13d42a8c6f10f7175630277a9e037729c836faf2edd5d37985ef1602f2b7720652ebd5f79719d4294ae4f013970ec35ccfa9f2218f55bffa379ba856792b40bfc718d837a57853148f0c42667ddd5533f9a1f8577284e27744fb76053b1794d0f57d044fccc9d03e4f3b68de3451b6999f1344a07502a04848fc831428f0ec8502c273a3abdd3b5e5d58101d96b98bf7b3c73a86db0fee2ac1916858e92c5701e651f05958b8a16641431d823d9dfc6da611558b9010fe02195394cf12429b9cd25177d55e92150f2109b6b3decaff4cd04c668c6aeadf1ec1c372f9aa440d469f1ea0ec0f5a7a103c275948b7bd837437e0302ee0a0dee159d0db58ecc05978415ad54434ca678610375f58a8d8db1981d33a418c705c2238e7335f71d31de0b57973e978141c683f33a8ae060a2153cb7d097066783493940689ad41ba1f50e8f2cbc91e61009df81c960dfe65a02dc65ea8d4042810387498a3c3fa3176b4d94aacdaf0fe1101ab3de425518bb094ef89a4883aa23030068086b662431ddb0b9dab8ad3e95594b51cbefed4fed88a80c592742f103e275b197f7eac9b3501861aaad5ab2ba60d50115a05f774a06d3513ccde2fc1e2154d46ad02b58f95c054ec06d27e3a2da192edb3f7d49ce4a5fb53cd906aaa82b1c9557c5ada42b180fa9e49c676b863c7ed1ac2f15a47f6a8e3b1559292cb029ff4c756481de83a861c2c30fbd6fdb33cc453e6c1e79f0df06dfcc1565363f6b5301e591149e9bda4262129123db0a22090d6f77bfbd0efb7b8b523814571346b6ab2aaea3442d8af662eb6e7ef4def74c33f5774b4506fbdb56f53ca54b17a66191dbee1b27972b401f1eb17e4fc3f67689b1241c6715b3fead43c9ab0c47797f1c140d7ddc392027fc4803ba20ecb7b14f6941ec425a0ed84fdbf3ae092e48c2f5d73372a15bda0a359fc37ed8324cd339d7ffc5b02ce2fa37f721d5a8da3eb08c716961d8b4596ea3a6399a800003250b524e1546c2834d4988c7cd41f82759e1602dce7c122e7676ff6786da609e009d9731214663a6547342524d564e225585573ac1eb149ddf9d40aae4b333143e3114994e51a56e19871b8c10cd4ffcc8f5822f803823cdf42e5d120e9687218bee7d137dc48358df18dae93fd1ccf64e302cfa1c009168fd559a233dbc0827193c3fa61a7b8b71090965c9788ce2e49459e9843350dc8b1188bb38894bc378b9e797567b98d93f3873c327788411e774e9cfb8315e45210b85ebdb4aecc2cb6cb997046e1fe165e808934e6b4d6a260829da3d6d8e47688df50c7dd9ce02fdca8c66b719dca4284ff4b2e0160fdbc9966d6607a2ed2b6a8794f59631b6b4314b28f4f28eded6821ce20341f8fc29e3bd93106b2d76b8725714733d17f235f6529b337925c14d7dac04ba3adf9e32689abce65f9895720ad4968c080f10ad0507c723336b35b6a21bf1f7ef0c5b33a702d487f899114ff247adaaacd9e4336fc397692b9434ff795e82738330f753ccb6c1a3b6d3a41ac7a8ec92f2b3a53244c61e4bc7ea5f429e9b7b1fa412beb34fede5f7638ea0c174ae13ed33dc19232943b0af29c2b607fe342fd35addae107eb8b7168aaf78bbf507732ba15b04e6f282a61ae4d4617f653049b0ac6dcdf0326e33897697583a489baae7d8c37702433a44a66a0d912582648a22cf7331a1b8e174649fa67a71deb107e4476ea6213fd9f642535781827eb8911a07db5ea09279203801168c5ca2bb4d1a0f8a0ca65ac075445fc46f530acc55ecb3191ba03f14ab6e39505943eed9861eefca931d0aaad7901027985b3237c780b40f20f645df3677bfa4d4979f666550ab9545f5b3b705f9934ae73686b4dafaf43591a18557eaf14a8bc1f37b8b7cf8fa72988e3e3d44c2415e14d5512b4f41064505e28892e863c12f15213db3394aace4bda366730214388817ef131a1c3d645f5829f0794079a4abf24630120223f1b7efacb6f5ea3304f7c2e670885042347c3444c8bf78f44b11de8d7ff6a947163680fbbc3a854cb5b63d72b5c40ca3f13e9cef9f261ed9005381c4765eef9bab7abbbafd8c6a2e4c270ce61ab7e030580a862ea541c17b3c130fc2d0b3e9ac9fe3b6a98d65449ce1a81afa6c9421252292d867f3c4f68d6e3a01ccd15234e3e1cf86e56e321275ea9017732092f1d60392bab91ce6646dfd863f3b385d925f25b99562acfed439069e7b56b47169a74997cf29a346c761270a03598dab280812f67b8804209b64270bd93faf7035b7c888b50128fb13946ad6d02fa9f7b7574026e21aea4fc61bcf06d5c73d2fab2847081864a63b0afaad49c80a36c0c4c9075892c7ed97e27c1dd9ab6b94c2959564f90bac5378a9a116b9128a9f6d1b5305d9ae890ad6fb40deaa647d18eb064d59c4f9d0e99231e8db5677b220d9b130800a61c6334fd538abb65b8008a6324a69599b2a73b492e4ddb4d2f1fd8dd3918b6cf178b15b5ca65f9d9275032a64860a6de3f907b0febb2449e25386077bf9f899a52ba2387b508b0f614c52420615fa73e34920ec4da82ef4d55f51d309c242a63b0a022751fbb5ad6eb6dabde62e8197cea5660f4fcc403fdd00cbc35c32449ce11a5235dbe37ffc5cbc43d401e8b4f7fc7ae012b103f09517802dfc409de8e9fb8be6377917d6098cdebe9e2bfedcc3074cddcccc1595aba8812baa7cdc234bf9ac59ddf5f8313d1aa2d5f1e234279912d5d128411866f13fd404d1b352ca64026d2a3199908c0e841d2b2df1f8b"}]}, @hopopts={0x8, 0x1f, '\x00', [@generic={0x0, 0xf1, "060254854ecee0a9cfd49319734f502e8753694e70864954c7ee5f7042e007d49a07a7254756486a85aed3936ae6262f4985e48a19e807aef3bafa8839089bfdd859604908531b386fec3720a0caa117194a239f90084c8ab056090b281832fa0bcb032170ab96b42b7509a5eaa7831daa7ffebf489a8f2a2f7f6e1671704e5f74a4502e058759f92e1774719fe06c2959f8b84e1524bc19e84b4b62b6d0fe6c6101bf1980f570bad514af794882ca16dcdea801b3d1afa89b0c8ee815b4b7db1c8666419951e8f3ab366950c729c0b10f06dc3ce1281da7d0edb502fae205d9308badb159f0bb6474346554e13ae2dc1d"}, @ra={0x5, 0x2, 0x5476}, @enc_lim={0x4, 0x1, 0xa}]}, @srh={0x5c, 0xa, 0x4, 0x5, 0x3, 0x20, 0x530, [@rand_addr=' \x01\x00', @rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @loopback}, @remote]}, @fragment={0x6c, 0x0, 0x1, 0x0, 0x0, 0x4, 0x65}, @dstopts={0x88, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x9c}]}], {{0x4e23, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x5, 0x6, "1a81bc", 0x9, "3cb922"}, "5b32217785043fba66a70e3459adc3d07258fd834524f73c979e4adfc9b920ada33f248f642205de7a7ec90ab537a4dd0180dcfb1ba382a4f97c82e2b126bac617acc9b69a0339d0da46161cc982782bb6d3885793441b1117ba41cc3e5e320f7107f12de6edc3100f2d9295b3cae1458ef43bae8793c548e64dac541e961dd76079de12de7ad107a188d5a8d47a23326be0c19be31dee0b6095147534e605ac779aab80404ecbf257964dbe3706b0afb92c83d14b2a6106e88c9fb3e6a6fe9d09e24fbd3ba26be59ce143bfa52e68749c9ee7ca6a112d31d5ba858edfdf9e709debf6a211e38bb4ca038d11f7c973cc98418cd0ea034fd3cb5b1cf5b385b6d35ee388a26b676e20ef9d345bb08b1db8a7ccb3a7c2e9b5ef653a438fd7c5b90f60e7e12a011ea21efd7538009915e37903f3d0df559cada0f0e50ff2b3ab095a0e5f1ac48cc81337b2e422c9b440d71e9cb4fc66c53326585d90ae913ed71d8c33b77aa5bac8426f9bd220f9cdc8c256b506a0a4d52236f15eeb7ac1b48ca81a5e44c353399d4990ade027d3a4513d663807581da25989bdb9e626fbe035f2e3d2f57a135506a4a413108c0db94a9d55f2e9d1c07dae7936141ee76c21798e244305c9c27b7c5ded82407d2b92243d7940b128f33af876d93a940ff5a0c5481f08b102c96a0d9be0a52e2156703e181d23b0d5614cdcdc77ff12088a9289226524befbe7caaa0c03108b8e3d1a2a9d3d89c5f55b210e73e67df9d71bad8ab32223809c90697dadffd4be82497bc7e2769e4a7883acffa734ef7a720a700b309b7a83cc457df0215b4fe39df52d1195ea748f1bdd374bfbc0feb220dbecb9633350bd2c816b05ee8dff6cc4073e01a88fe4313abfc9b205da0ee6b2e9b3ee766596da9605c7db00b16f27f530f95969aa9b3a40dff7bc42430d2fc2d8fa5e17551301bef220dc2a6403d002f07d5961a9b75b4d0e587117bb5f54ddca6beb590f5ce417b8ad40bf8863a6b39b3702bf1c187eb3505541c5433b2e959cc2b0fb9df21ec3066d0c0018610f3ce46fc4f8b4ffca4ce5e65818fb75b9a4553c76ea90b8cf3115b018ce330d4cd140904239db92a89047112cb0f48fb03e75e319c7a71fd98330fe8cf30fc7c0b97d4a16ff4fc00b4b07a297af82ba594d61281a387f6195ec896738b372377d8c6ad3e3d8c8dc0653b748cdc4ecb76cd8507be4e5f3cefd328644a56ceb5d320ed1670a710a000465ee6b20f454c743fb9ccdf8100977c65b3cde6bd1024f47e74cfe96687a5967baeca1747bf1967f19a9db02b47709b5ffcca80af3f5272ff97618d17db40a0f688326473487f4b26140c79be59560310008d79ae0b38e7f4daa932d410e15fd89ecdae4321d73de686827e01d1e61dcd2edee9fd17224630139edff1634a54a3c6660f7c9b9fe870b1d1a61a8cba97adda1ec8afc2b0c02c65d9fd9ccdd7a8a8fafc4294ee351f5b9f2b91e667ce15b6a0bc46f1933350cdbd1992092085847ccbe2974662ea4d7b5594392350800c3d4b5143e7754b1dbafbea041375c3037f7396543b0b38440071ef3f548fc87d8ee1e6154d0d47745a9f37b19216fb9c3585394b88ce9e5344dbc5b1a2c958b9c95cf6c1820c8134a8c7764af6eaf53ef4a083b86a0c07dc25157572f31e2fd25ac37dcc3d0cad4347547bb70ed290724933617a3caf1a7470be6307b05ce713691d48815d434f4b9b9a0426f2bcac79af1c9bbdc75ee99416800980993d8e8ac0250c7db95a245690e61c2908ab858a1bcc9a930e2dea2e63bfb9805552a36633d5d438a5bcd89017889767b0b5f26f689361203465b80e9cc3248f8e828c191433cef83b1b2890590f0f5793b7ffb95acc04c89b25561caa89d8195be85261c4d3aca298cc83ee0bb251d3c4635d24da8ba0e2c39ed0d5630ec348ad1f02b614da7513476be00558097602dd1dba5181f004a12496084b6ba8c0c43c041483cf457e088c754a99eb298d35a6aeda0d6a338661b9bda2161abb5919d2fd0454079b141eff8d73d092c253a30f80ee951dcf505a1b08737ac85f02ba064bc2639abd8dc838f2824b61972f0a28605d2d725fdf47d6a9c77f05587985279a29123d6d0358cdfc435808d66970083ec3fa398a4c543cc2c215f12ea647708936e586d64d49d25090e9b5d54cd15b95f399ee663a478124f7feb4140245c116b9126ff60d1f3b7d4dace935f608a07fe254a7e1e2122a12590f16db8d013979c5ccd829a5f1efbd7b86304959d98c963d06283ae3194e38b5049fed587c507efafb0ef94450a5845efd4b3d0c600674c7abb1011d09f17c7b4b9483ab6c7a9b3370f23e36f64457f6c608754ad9f4b188915fa1ecc47b66b2b5ff8f52a08636ab1758cb876de6f4db5d11f4cf6c9fa5f083c79dff4f1a37c184527201b832d7fe6d86f3e4ad67527cde09f010a4d101e807f8d3f90696d755d7272748c1d3712a168a6921514457de60467ba360702cc92db2b1256d54d5c8787d7e596c9e38112ebda7567950da16097a6cd5b52a00fb8018f84089f8fcd5119828dd0d2e32b96cb726f7978ac0609398b84af4f26d80683f0ba3d46e2501543cf2c69f463f0aa289a46f9b6c5e68e9f5330485accf03e18972ccb41fd9dbdf45e9d9bf3c2ffc60dc0c6388c616d8cc8d2745192252de638e601988c66d92fbc07fcc8af2929ddbdf700958251a1cd44aa3eb3f247a448e3d0706c22baa74a15fd09e96b247235d74fc548580ff54ce7841632703e35b859309ae4b0cb7da3e6bd53d6c8b925c055e4ca136bafa3d298dd874ded5ed29706d9ba519336fadd876dac44ca8e595b74d66dc857bd16130f0a45cff60bd8e845a10cadb1ee67df92b9f95766d8470d0c8d6c024fac8b65b3ac11158ed7cdd3eee1e016171c454de688d16ebf0fc64963d96c0897c7b3846a8b722f56d8b602bcc867ece31524f65fc024d729f2b8fbdd5425471c0a18d1a3aa662dede1a29343cc6089c6e3e645a089b8a751ee3a48ac7c6bc9f14b0b391b482cb25453fc9ead71643e4adce159ce08f7d163feb754e699b7f54f6141a7c21b6887cfad4f735cdb192237a7e2933afc7a514b8fa372cb7e308f67f9720a4eab9ba2b3cff4d5b88581592be45f3e4abd0bdc3960ede5a7ee75a53df6bb5257b684543e1434e0d167b56a2b33635d1bd3934ff6a095e1bbe9491f9613a35a65dc1a4b90e2176e5693a2b47fc3e9760c05344e3261bc4d75fd17eb1dffa439fedeb0c351c6e08486eb815ea6cbc5d08dd3c895420ebea5432d2bb68b3fe925ede7921f7ede8f45d6a36ad5750c2426f6de189067697a1fa84ede7c3261fb285e19f72bd9f5859327f0aafa9578919fa988402f106ef38e6eb833f59767437eec6de40b4860a63cd831840b58bf9c24bba819fe967feac7111ceaddeb50e51ae452b846f73b043a44a0d6fdd7a0778576ef845ceac058770ea2d5d0e71d3582e66b45d51d3ccdbb0af749728c05b76769eb468e64b39601957fbd0dbb99702711bf0e9e01664726cca987020c1625775a547f337e67f2f2d8d1fd37bccc00a807598686969be979b22c566bd93e5db8586ec6866f0218eebe1bdbfbc3740fd0fb2237a58c6819167d10e2c7b69aa38bf752b5787d7786366851feed0e4a9e5dad1420b5f314a6c47efd7ebfec861c71929a2b5cadd739041c446bc1938c2034303cae0f9c3f52bfc0b5fc8f6b99408ee257715d042102912094f3f9a720de454cbb9ecf07dd41e26f4ecf4b12dcb52906bedba41a0eaa0a1644391cd20c4306b02ed870d74d82a68f7809cdf20f4744db0929e139af36e28f6ae7f208f0721a2fdd1c713d8d539c436e2c9cb3ce63d50b9f1397c45885793876c03abd983ed2b0959e9be161514372f9be07ea9cf23e2f0890719cb9bb2dbf839ed7634ebee892c2dc4fe1cddb4ecdf1f434de9f5f3ba582abd215390eb4f7e2bcbe654c48ab64f310795563d7d1743f7507df23b35a8d07fe70057a4ec005f3b520be71edfb417ba6f38db158589e1dbb2a2072a7b9304164175589f662aec71c15d290e0824eade5bc3fc5468f97bff9ea857c032c39658be170588cc7bdd8a1198f0fd33e6c921ac323e5a5897ca2f299c56cf16b181450e1ddc583850f9a055a8afc01a31198dd5a82a95481ad801aaf29f7323ae5c8be3fd9516d2af56df43b2eee38a55ed23502d7be435ed339657d6b9a8f1ba3700c2de0311cc1557764c304f64d4f43f0aa5bf76a945daabd8119fa59bcf97bc994351acb2863605cd7a958d0b7d791e84f88ada1f4ffcd96817677dad334d7171ec70f3a45e9f1a3c1dc52142146a6eb58c90ee2f518ab415449c31db3b197aa81752cec656c50314d30a0504ac41a9ca5ffd74ca11a6a8cf5c236e3e9474fc1af245b7fa330299b5578f6201baf13b7c7fab33e02a98f0433f6532f4838f0143355be57b404ab73babd5e944cfe4e700b17498a6f0ad7a0a057b4329aca90220b973baa1b0eda7b9001e364ca9f8039c944f5848a02828d59f2e1a76e943d3df48a32bcad70c51842ad3b4a2b627693d75a7e2b112ee0f1fd60d56e7d1bfccf303924da4f64f2c6330c9d4adfdcd6413f140b22138b0f24c2769fba20530d1f95c469a275aaa1e4d953253d5f6c2753396b839c72b8db692ac9b9a01593e0bac98838e484836ab5898966eaf40212f4895c5562d689571e4074abb6e92ce6b9821c21935c2d8e6c7c11e102ef6346354563d67e2fd8660e3938cd938e7acdaa0e42b8927a609d08645910f4cc7c092c1090f236ce71221dd03317565cc131be8add34c2f3fa8b4bc299429cdbac2c018d89b996282844207a9ae011efda054ce11092974b75fd8dc05ec9a12ddc46371598499303b92c96a5b0738a1efbe1e4511fcdece638ca9fa22c82c129bc4123f93350784b4530be03c7293f7764c8017448b30bf2ce06810a8d6fa8adeaae1793541ec963cc07e45ff9798fb5f8f126231dd98fa72226157f4d73a15e32ebea79186ebe23222abb93034a57774535e69212bcf0c76726d0a559b8f145736515bda0467c4257bdcf32f424f60598731f226a8d71242b01bce1446bf8062d1d90157a87b5f107ea0f85766b9dfb6b2dda6b602fffe290353db89208846a1f621c33bbe4ac9247f71e7fdc33e329a39428f320ca3720c015e4fa2247389c02ac898899bf29da9f3be09486b6f54d7257ad77ba751e02795a91511beb2ad60976ab4cb95d33b1b502f34ff642b2e87d9df55c7118edc42c55810f9cd18e3a31b3a9df045ed095753cfe95f65bcafa1ad07478b78b047df7b8eb7b615c753dc5d5d319bed32315ca6ea6d9bebf0a733e0cb9afceff3ad83e4797e5425e442f3632bb6b19a163912ab0800760f4e1369b6fe075abd41c2fe83a6c69cf4d76baeed80c41113dcd1ea85823307ac7350d4243964fe17b96e1341df0dcd03e04d3dcdab2332d8da1fd344fc33281ff8c4b144cb2557f1dfc6093ebc463aab3ca0a23be6646eefca1b8bdfa5f0771321d174bda2ca56ca06830fdfd80a8e5c628e63b981d854883a1c178de5559a5d9316582bc2fa6a92d1c57690bb7f27588a65994a89d114e39a5f6698894c91eae79a5a3b485ed054cd8944fbe664c5feb0e2ff2a9ae854fa8e65fe64a25b526f22d506cf03d8613c752ca21c0ff97d8923677261b5efe314db42dc21733855c734b504312b7e4ac551e9813572e04a360ede7b9762252f96102f404d5ed4759cd7c40101a83da3805879b"}}}}}}, 0x0)

8m2.541704999s ago: executing program 1 (id=391):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0x4, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0xffd, 0x1, 0x4, 0x2, 0x5, 0x7c, 0xcf, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x80000000, 0xd, 0xe9c4, 0xcd8, 0x6c, 0x6, 0x4, 0xd, 0x8a, 0x4, 0x6, 0x3, 0x3, 0x0, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xfffff801, 0x2b, 0xa, 0x0, 0x7, 0x8, 0x5, 0x0, 0x6, 0x8, 0x23, 0xff, 0xf42, 0x10, 0x3, 0xffffffff, 0x400006, 0x6000003, 0xd4, 0xf, 0x4, 0xa, 0x0, 0x400, 0x0, 0x8000, 0x3, 0x5, 0x2, 0x0, 0x2, 0x8, 0x80, 0x6, 0x2, 0x0, 0xd, 0x6, 0x3, 0x8, 0x10, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x7, 0x2, 0xbde, 0x37, 0x9, 0x4, 0x1, 0x9, 0x6, 0x7fff, 0x1, 0x704, 0x33e4, 0x401, 0x5, 0x7fff, 0x8, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x6, 0x5, 0x8, 0x3, 0x1, 0xfffffffa]}})
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x40840)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x5a)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r2 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r3 = mmap$KVM_VCPU(&(0x7f00002cb000/0x13000)=nil, 0x930, 0x1000007, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')

7m47.207678926s ago: executing program 33 (id=391):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0x4, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0xffd, 0x1, 0x4, 0x2, 0x5, 0x7c, 0xcf, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x80000000, 0xd, 0xe9c4, 0xcd8, 0x6c, 0x6, 0x4, 0xd, 0x8a, 0x4, 0x6, 0x3, 0x3, 0x0, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xfffff801, 0x2b, 0xa, 0x0, 0x7, 0x8, 0x5, 0x0, 0x6, 0x8, 0x23, 0xff, 0xf42, 0x10, 0x3, 0xffffffff, 0x400006, 0x6000003, 0xd4, 0xf, 0x4, 0xa, 0x0, 0x400, 0x0, 0x8000, 0x3, 0x5, 0x2, 0x0, 0x2, 0x8, 0x80, 0x6, 0x2, 0x0, 0xd, 0x6, 0x3, 0x8, 0x10, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x7, 0x2, 0xbde, 0x37, 0x9, 0x4, 0x1, 0x9, 0x6, 0x7fff, 0x1, 0x704, 0x33e4, 0x401, 0x5, 0x7fff, 0x8, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x6, 0x5, 0x8, 0x3, 0x1, 0xfffffffa]}})
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x40840)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x5a)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r2 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r3 = mmap$KVM_VCPU(&(0x7f00002cb000/0x13000)=nil, 0x930, 0x1000007, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')

7m44.545509623s ago: executing program 4 (id=478):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xe160, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0x4, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0xffd, 0x1, 0x4, 0x2, 0x5, 0x7c, 0xcf, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x80000000, 0xd, 0xe9c4, 0xcd8, 0x6c, 0x6, 0x4, 0xd, 0x8a, 0x4, 0x6, 0x3, 0x3, 0x0, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xfffff801, 0x2b, 0xa, 0x0, 0x7, 0x8, 0x5, 0x0, 0x6, 0x8, 0x23, 0xff, 0xf42, 0x10, 0x3, 0xffffffff, 0x400006, 0x6000003, 0xd4, 0xf, 0x4, 0xa, 0x0, 0x400, 0x0, 0x8000, 0x3, 0x5, 0x2, 0x0, 0x2, 0x8, 0x80, 0x6, 0x2, 0x0, 0xd, 0x6, 0x3, 0x8, 0x10, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x7, 0x2, 0xbde, 0x37, 0x9, 0x4, 0x1, 0x9, 0x6, 0x7fff, 0x1, 0x704, 0x33e4, 0x401, 0x5, 0x7fff, 0x8, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x6, 0x5, 0x8, 0x3, 0x1, 0xfffffffa]}})
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x40840)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x5a)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000340)=ANY=[], 0xff2e)
r3 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')

7m42.672073001s ago: executing program 5 (id=480):
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x801}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185100})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x120, 0x30, 0x1, 0x0, 0x0, {}, [{0x10c, 0x1, [@m_ife={0xc0, 0x5, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @TCA_IFE_TYPE={0x6, 0x5, 0x6}]}, {0x81, 0x6, "1bd269129218ada79dbce572ae5bebc7c03861414daa2aeeee2f23d22807b2904336ae721bb9b87693d9eb09f938f01ead49499ec5eaaad42de7149db0fa0a2819b419404a9a10ff8b26c53047fc7eca223df3749618222fbe08fd10ec3e65b2ccaaa48b06b9b06f43f26e09ce29ea7a74d1a5df91e1f68da0e5eef227"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9}, 0x80}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
pipe(0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r7, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0xf9fdffff, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882)
io_uring_enter(r0, 0x7277, 0x40006, 0x43, 0x0, 0x0)

7m42.537717602s ago: executing program 4 (id=482):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_test\x00', [0x6, 0x7ff, 0x1, 0x0, 0x0, 0xccc, 0x8, 0xb, 0xa, 0xfc, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000007, 0x100, 0x2, 0xf27, 0x3, 0x8, 0x8, 0x5, 0x7, 0x4, 0x10000, 0x6]})
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000200)={0x0, 0x8d33, 0x800, 0x0, 0x300}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x2200}})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

7m42.462157424s ago: executing program 4 (id=484):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=<r1=>0x0)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x7, 0x4}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x5, 0x1, 0x401, 0x0, 0x0, {0x0, 0x0, 0x6}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20040005}, 0x40034)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f00000000c0)='sys_exit\x00'}, 0x18)
ioperm(0x1, 0x6, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000004c0)='erofs_readpages\x00', r0, 0x0, 0x400}, 0x18)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
pipe2(&(0x7f0000000400)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r7 = accept4$alg(r6, 0x0, 0x0, 0x0)
sendfile(r5, r7, 0x0, 0x10ffff)

7m40.561520275s ago: executing program 2 (id=486):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
setresuid(0xffffffffffffffff, 0xee01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x3}}, 0x10)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x3)
r2 = openat$audio1(0xffffffffffffff9c, 0x0, 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, 0x0)
sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0x101d0)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10)

7m40.468607214s ago: executing program 4 (id=487):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x20)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x100, 0x800, 0x0)
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000002300)="00e7a0633e8438bafa888b9b02144af32e296a0a01dc194d649b6fa26d6d5e63bac4a04baeeb8aacb22c6eec461b67db6a737737c6d2687acb00572f92e3fdb5d0cb2f11121c557a943020200755bcab77b39c406b733239e2bb1175b9322ba39dc7d67da8f77aed1714dae2e6c24c3ea96be9d151c6ab7b3c54bbe507b8b2461fb4be8dc90042184af6d48f8ace16abb5e3fc943cf61cdb75624a259bdb5f7829b9775820f85f2d1a6ee6c6c2af4fd41ab8a41ecb2612abf13cd2c6f9f3e6db505e4bbe68cc000cf5fa6d5636191a4b366ab59af52132a3f9678d4ed1bd577bacffb3b52850804005eebf3dfa4763168ff30490a11acdbbf4c3312a45f30139f6b72b1e7cdec185006bb30e0e8fa88da2cefc718cae7e9830f7ca101e4e23c6bd16bfacf4a9927fb13af4b79c86ab999beda4ad396abdda354a42fb4ef21d6749175dc21a0cf9191aa4f90d274b50370a580ad8dcd166d2b06c0d8b071973c3fde30f7e2bc371a51ca5866bf8b24eaac75bf482dd4436b214ff62d32e20df223b0b680ede28b3a49e66e330a8a3ecace0db9855d235d5ff23765e742d1a739c2ac8743f4c62664a3b347279da55a1a5b16e1e2828b584a013577d50f890e3894d9e8d6bfccdfb2b70221f12a7fac24b7a8818edce72b65f622c77bf1312771a2c0d805ec9a25c536c91868762032255be78903b77b2c1a773a03996fabba69214e76f5df6df0375b592692a2c3c86c75a3be56fe598ddaea0b9901d20db7e43e128e04e5509283f833c24c625887288459db5727210ba9a301fb8c934dd1d8dca68039fe5b2e1a8d7cdfc6d875e5851098100c3cd42544ed90bb55b58d20a501fabbc485d148c615a3b070fa0520da2ed68ee115a4411d5418b47f3d95616096f67a7a36d68f1e8df82eca8ef96fb4a96b3422fe046a37ea5f5967513a559bd770fecab7228b0692f439765c9e9c6ea4fc608e0b27f9b49064daa2bac06f83f6d87ebc61fa3a29bb5ed39641245ce8cf43770df32a84838802b0827ca5a40e2003915e2ed108a005637bb028d29bd2cfd28a1bd55e67ed1b6b7b72163c27c4b0e36d1b134d6dfdb165a66fb46498fc04bb8053b84098af5b18758631d1318d625a6fa4d3ce5a4d3a90e10c6363a26b5ae96c2d56f87ad21a6118af6847d041f88f852ddc3f250c088ef5cb31198f3ac81cff9a5bab26ed56c09f8416188974e08349f7da28fc754b98c1ac4ea0060ac1e1b1c49f7dbadbc59254b265dc418cab9ac14e2bbecc4c3103543e37984efb1f61315e10d2b422732217d3a9b0cfe4561f3765d3bda60be239e02bdc164dd631582e8c87dd8fa60d63dcf9e7f3dadc4ce5e4433a42425b8ee8cb8a2defab0bf9b6109c90b5655b79b18c06884f2670a985d454e08e54de69f645cb0cbb70620bd988ee717c310ae77b4abe81c01c6e7f47268ee20bc30b9062830917705682eba2c5ef966b877f33294aa5f8b29d3dd5ed92302087f34fa18d19a005de05f925e3e93c8c0f24507ff20cd23d9ae5452c32ff58c78ccdb1ab32c98edfaa6d2c3971934ca8f849ac360c286566eb72b0793f12cef84bd282368d533247ee750f18aeda484167f3d680e4aaa3aa0694441d4ff6a71531f1a30f87eeb71afd04c5d686e1f86f27586f4e2c8ff77c09612ba1af9b3fb93efd31af42f8e0498f35d07c662b743a08f2839cad8f95b90cbb4fc0ed2ca45dd093a549cde4c6ff08ce09a2cbc6f9f78b6f96643357f92f8f403202742057731fd3e343a87c0affe803cfdbddb8c2694ab63f2dc35da705624747e30a943000fc82c40f10e1975d2e2ec15aefd531b6dbc053606b054dc976f44d5b5a5f37e9c08532ce16cf8bca55ab6c814ceb855ab50b8b52620f8645a9dc25fcb732080d84bf39c3ebb235b4d96da527b64ec4b72f69e91d16a4efcaf76f2e1f968ca68a06f60b01ec7becc9ffd7877c0992cb0f80fb3daabc039513896bd7697843be06aba53e7761e11e075c61ef2d897d4d9f90041c14283746feeb3f0d456ba4be27843350fe43e7c1110b4439489139f6dae01c43f23ec71f08d3042663c65e059d368e4e2c6e49de45bf078d3182a1bc1208bc59379e705aa3309579947409f2a8b3d79099c8619f916e7a6fa333d2312a274247156b8c25cbcfcc59ef13339c700f56a8691dff39bd4338789001872c0d90929037dc0ad99b380a6ba73f331f73f9274f4c2bf5233d7482edf37bf6ffed4f2c0ee44a1d57cae0d644f25591dc03bf837571a82d0c31b61be7ff85a5b3843e8f96a50eaa43f5c137ecfc4e4530d08a2afa4ba02fcc50117a4ad0d5862302017639344c82749f673dbd650e49b35302d0acbab45c0973198291bb42b4cfcd3b0c272074341ea8eca19e122cd234da6d41bf5eedb706e16c17687ed8b84db67130796d26b94eac83bbcd785b603242bd6252c155711efd7dd22cc54e1eaf6d910d0f22c701f3d4da0314dd2829c6ee13bbcbd126558b47b8066bf0766c792a012315bd29bfeda8f28a2c1f4e638b701758e19a0e5bd5b4f19048b00a877d956292e345f8a3a8367892f955bcb5e50ca145ec5e2c9309e25941bd277e393aaad38f9b72a42514b27da6856223c37a1fc1327fa760551d3fdeb0b222ab180b16c9eea138cf4f327e88fdfee293c5b6b007028eb796a60772148282dcd17ffc1c90ed8b6540ede933545ed5a5301d6ff39734444ff3d85cda4ac3befa5083a4685e9e231eba4a91a35f4f7f48fd5ac2447c64c010e2a9f8e80691c95460e1995444466ec5f3cd71fe509a26ff0b7f3254bc8c3255e903834e841b37c70b267fb33deb0d1ed4ea84a869453ba508fc255b12cf847103d5195046c930ae4a75c956f22fcfe4186d547686b54bd7a534940d5d62216994eac0e8ed3bd2bd59354e6b9c6b5b10511d54a8b928040f1e1024a423b0cf519fc6e9673df5c48c0778c7edb8fa8d8ace77463a77d2d6313160e1ee72742953e433b6732ced59c93464fd91520847db238610ed0c289fc55647881a7d6257cf28090c75a6f19df079cfd35742a74a5ab270314f7c8039c20ff0f3f543d029b75a741b5dc6425241ac2ffabf1f96288e6d4ba34da09fb6049c2c8753fbd41fdb4bc68c57bf374ef4feb0df00c41319debb26afba2ff39e1799a1c2137f4e920ee5b02d93789b6b0c853e8143dae5b08ee85da2ea7c31803610ce797293ea95c16ade6dae2afb008e59d8b9505737f008b5227df5f1e4eb5d707f502698a17ead9b1f5ec09dff34248ff2fb153dc6df4812e39754a4baa42e1d8b77fbddef3ca091701ac28ae5fd422dbd8db5b122d3965383abc37a52d2fca5ce56eba974dba3d059cefe40e3c35c9daa8ae31198214303c1dcb90d58fc983ccfd504fa43925636f94b128d44e8aa5cd3ecfabd50a84062d03f7508a0575ab65ecc749d3ef566fdbc529a8139b7a7fb3a9bd784df52cddc6f2699044ba47615163fbbe19f3d88d38a8b71fe52b2611ca74341429d1cef1a7e350545be29d2caa560e60352cab074c298c44ca2c07f9795ce52f10aa3e2fcdef371f24e309b19e52218881f25a4674527edbe3b3bd0b9b536d810c6f9500c0c81bcfd9a440dd91c1d35c52758d2b2ae1a8497bb394c4f09d3947cf777727b0d1daf5ac4fe4fa3c247a791702cb84b96321b7fec81bf549d4eb5d6dafe019b26187417c68b064e4308908535a3e77b6cd3e28caaf12d726f15590b7958e40134d045a38cbb689131a7e85532f1c63dd4bac9e4d00645cd7b2b71704563f3738b92044a8153f6ba717800ab7cb238175c376d7add2c5ec38e4c856f1ab9c3ee33f6ca6d576ae908dd290e4bae23470182e253765e04e8eb02a791c4396a511ef467879a9e2818b8a4b1b0b39a6c44e816e3ebf6e3be93929dfcb38d5dad7d20b60215447674d0608b8b02331ac20e57083cb9b4449fecbb149441aea0ad82f00a82d87d743fc80d410922bc20923516885440f43c9f32beb81ce148def6140952583a7825c2d2fe012d52d30ef66d32a8a0864ac5c1737e2506228d41ff0515ee80be4cf012927dde0fd2a07cac68eff8c4437f2844d4df07936fd8753e5909f962c5c767f8719cc295bdfa8a16f3f36ff56e34d7b14b6b8c46d5af248b04a9c5396f84990e23d145670950bce5f5638e5e2cea37c371a4483729338f1305cbb32fa1c05dd9d21d2a69e5fa3abe9a2dad2237be20b4088393c04aa66cf13718de4bffac72f641a8c017a1d5568fa15a6a06e4dc833874ec95af6f115bdadf15179bfc8c4e3e64f26f1299e282c4ab397340934efc1e601afc630fe195e8ae7d8da1310568cab4f2fad085d0ec39710d8b7c812b3fd55c6f50925bcfc90fbcb35b8daa0f1e1f69d82fae2034039f7ad6921694ed48a55a68bc541e6d86f1e33c261a92d48b50eb58a03d8e31b2f6564a4ddc3ee988d0dc47b4b610a9a9dcb87571b5c1edb3362df0ec3d58872157e0f7247dfa8100b4478b705702a5620c9201010f40232327550db333e845dbecd6aadbd0a94c064862b1100b4dd45ece811b8c0275e3753e11b4bcd8bc5ed7668e72afa5bc5cc17b4c313273755f532ecfdefdf2d5c47999453a3b7c158d98332f0bd3a820cfb2c8c3bcd43197e7395a032cec6e41662079f2f654965aebc393e22b5c8516d9b8ad01e33ee481a4ac46a2df304dadeaa9e5274d340aaebe14dcea315fe1279f1a41a5c7aa8c94bf4b3d48757503171f53488e01210145e62c0de7c39737848dbdb1b207d4d33b8de180b020e8a76b1b521905e5e3ce97292f8558fb68efdee774681bfffcf1dc3eef35f660dd1659a32950de2d50e762313beee330d9c2a9fe8ce5e4e61ddd86378d3551335f6ef62053d3b248a8c33a11abdf3f3aa1975a15f4a6957a13d5b12a44d0f2b52b9a2d996e98c630c0f2abca80c7ae89efcf81ae284a0d19582cb1319d207077e5657d245533181ed6e07e0f7647123fc46c37bd75b4f4d181112b4a08acdcf445332cb9dde69a0923dd9244dd2ecd818b19588939922e3b2d8dd9d9fed95fa55b0e4564b38aca2c4d24eebc634664400177fbdeaeb278bb1d8eb11baf4be5c87d4f8d9a855bfa75df4c51fb4eec87a27c59df9a47d82523b08022a1c0fb22ff6f93c3d2cc22a4111a6ec5be428cba33617be65739c2240248f3a02d01ddf2d6aca9e537a2296b16d082d2b868504371dd5e41898885b03ebfaca73b40e8924ece83c1c80de6ce14943e1199c6f81bf359f44c3ed5ae3c6eacb730b1039f0b6555347bd566dfff45a7a2176420ab2b40916a73b66a3ad07af6e1ac5597393d203fa1ad34d4564af956a0a3e2997e27a4e5eff67dd89cce8875d995e00c1858234f149f6ad4cac2b8056966f726df57b8c4ee8f22f23097ba1471b1f1036e3a499400fccdb75b56eb13e9eca1407d5bff4b075b06d00fcbfcafc28431eb33156232e73c6577e3eca437330c494ede57b9609e1f40634918dea767338b5542197410cdc000143ace89ca0b7bf645b3267f74767d7c7fce05d2f59c137204e56bfa711f66903c511f681cf7a1b4f9fc0f42b7c438ff8957e1059375321df5b0c5c884f46d94c21686e1300582d34928bc398653118f79bfeea2e7cfbbf31a7718f4aab50fae57db94203d43e060365c9a7455241be03d82dffc3783d0f6aa170c0866eb0dad07485831526922d8348a7a16e2e9903a2ac93c58c6dce83127fab17703ec004a519ae5675baffb31bf4b52f9ca992a84017a44d68dc693abd829947342f277fdcbc87168bcc03c32b8b1e81a1915af2517c464af07d52b79d1b0e53164c82ba049f81e92ed1dc20a88fd72e9ce7aa4b22a7cc57dc5527d14f62bc29cfc9d57ed26fd523cac39ac00ba12d3a49d694709924275fc0793d56acf9558818dc9eb210749fa5307d45886b879257d627cee0542b51c2ce6ce134100efb47c92456ece5b73cdc051f570810a8d534222649eb56cf73a377162b753de6c282bcd4a25dda21dd10901bd8dfe8fd4ba8a70811c39707beded23dd60f23e2933372e3a6bce099899b07f0a4c4956fd98e956a8649622c77717de099463c0c6c9389ab4a1ae10f8ddd086d876af2943ee0b6b402ae5f89e09922e8c510ec0caa0a83e366e916400bfec88a52ab457037a35ddc6a8e2289c33684a5915c37bf5d227cbc65a737b52bdcb4fbbb7b4e7f965db116b46044d0870846c730dce12e120b1fe6dd5798ced24cad72c59a3f44de4978b8bc05a1dbeb766be6e2abf6ef46c67a58a370e54e92d89e5f44525e82b94a388d8d0cb20c3469a258c1633c9dddb6854aee255f93f59435ff317622f6899250aa185c207644275278580c5d32401741fe264a2e03b80f442ed58fd0704ebac923ac6a5abb7f0c695252f82e3fbcf2b99d721589a8fe3fad4d5926aee3d7bfafb6739e525faae3d25b12841fa2cc61dddc44d36acb9a8b72d60ecdd9c8cf04f9bac341b5e0f9bc59042db8126324888b07afe72b18cce36d61eec975b6b4ef5dc4a16ac14440cf770599bd4db630bd110eb63a03a80cd95c16d314a4de60cc5115bf0754cb7ab84a827ecefafa96069c721a5979f227fdc2467b4cd1975dafb5b28e1d6f3c1c3a2816ad831dd98c1378a03798c128f176426eaa0e361571e758d54bf4ec2c988355f016e16d6cd5cf97bb4891ab33f5623b7e796af313cc7a9e2f9510cd2bead1ea5dd080d9de1f595b2629ebccf69a0feaed3963ae8a6c89edd66fbf6e566379898185828925f8669668d6bddff961b08aaedbbe7fc196931a887ec740da6bcdab8f826a34aa2aa1e406a258558f3baf022a64222df4d6ee8726c79ba3dd6e11a19e4b4bb49b4a8cd99c189e6392f08ad731e415b65d0ccb919dca46efe9f79e21437111ab09e926d3038182044ae047bf1cc92e2d2644c528985719667a1a8abaf65d0f211172ea789b2fa016e1a88325d1ed706239da4dbb9e2079e3598b4ae5885667587ba1e0921c9ba55d7a3be4c47bc2f2f3547ce9efe32e5a22855f761bd4cbe1cd9337eda4bd7d82a918084d7e116b656104ca87e64b1b8c62323c3c296c5b5b98051feb607b872edf9f789744aff710c4b7279711182bcac6b76c05f5cd982f52f451e7e29046550e012e01d8cdd3e305427030f4247488c9136303084c12175c5c781cdd08aede5a356ea0ccdd05a460be3c7b4bfd62c3ce9ab68e285a36c1546d0b18edad71f69f5bedb340772e1bbb035514b085067259e39f59dc292a12557350c66904b253efee29a5eb7a6920f583c899dc46a1d3e2af2db3a3d1a0e8d1f98722a16c6cc1e401058d60c8c436d8f1166ba53bdde5810f9d0288528affd486c266546a864c92af3df8abd451cc1e0d6bfea534865cea9d49b3ea5e390fa823118df8a61e31022f5fbb8ceee870bf2e60890263c4d14e24d053d0fddf665ff80a66fa00a5957f8a30fe82a4b82cf2f6b4d49def98f66bfcdaa0aef13314e950ca9f3849b1edf3b82eaf74a0dbcf45c3dba9bd2d853281a78484f1efaf4150da1207ec3cb61fbcbf759f8182b7052b28d7164b73197b0a440759fe9d5ddf827f1897a174e82fb968a9a07c61bee44bc1f7f9ee5c6de04c02d57735c5fab741b36aec7c8642e56cba932a08b8e8a9d3eb066a4ee7cbf22e5abbd4346de59eca1f24ad9f7f9ff7621e5f30dd08f4cddda8e80e496908109f5212a72bab1378d1237def07bdda4178719975346c68405de15153031fb17535894e5e3c1de6fdd507333f0226b78ba7cae509cfb48d6735ede9392650bf85ac1db919b1e9fe0a823119d8253204dbb2f7a8f524be6d419f3a45c5051a7a88ef0bd41586d90c11a894d647f03895f671a6e19f1c70e32668653aba8366a3d372522f49844081a9637db080663ab02f4a8af502955d5411461b62f85308c91852f8fb9f0bdddd500b4a133791d3a2f91a82dc4b09f5ad2196a9172ab0cd3fafe7266e9f6d159110d99ca8da8a34b17be17a04ad4509a9fffab1e45e10f10e0cf9cfbd9c761ad044064c07e473fdc626289cfb88b13a11455c069b70aa02426d9119ac878a14c9483be9c0d5bcbb5fa76c8d06531f59c7cf7c26372e750e2f332418ca769e5e7fbeb3ada7bb58b573a0635e2e3ad9a53ddb809ea01086a3fa993ad57e89da6f9c5e61bd0f8ba69212a386b2aa1ae17520d7fb989dbe14021885eb50fa3048aebd42c861a09a308b660d382c0480ead8a52a1e14927c7c77957f94bb59ccfd557f8c4a7af23360a298a603d20ebc386db041d8c306b3e32b0bff541bdec5ff75c3b40950815cf9f89d48a382f67e44c409d046c01fb1262aca0df6f5238a3c3c09977261494f7361ba326815d6e23f49e4d6d4b54665081067332265fff59cf54af9da0db9d19bc611cbcb6e6f3f1e2e1ffb6cdd6253578d78d06a2ff5f9250f1994c5749e3ce49231fbd63bba28e948f9150933e3ae31299babaa41043b181a100882e613b4b4b8f49ceeb742d22f860853a9b917f5a323a8a1fb1f3363a7be4407fba44b408f259b5db79a055b92ce3d7a0649cc59f4afa2b1f69959d5c6f5eef1fa7987a47bee4491f685c52e9db1ee1a231ab5a4bae1019c97868a409dd0d57b32525394a233023c4a7ac429808bbcb57a34b41883202744c3bdebc0a637773273f19c2be6e806bef7fc1002846db762ee4e16867773808c5477987d5851d5b1641d070feabc203cb3d7943ffb206272fcac1bccb616352d85975f5a22c0f247548535ad9fb83fb2be17689453f10691143c060cd964df63c3c70e7b1cfc7e2b468015f327f9869353477bfeeed330b03ddd9e4e0a2441182244da283d7a59d2b2b20e6de3e3a47c26aeef4944c1190bba674523a6c3c4ed6bac53b9edffcb0e9fb19d8bf36949d03ef6a7e59eb903a00d9614f642d1932c766421906f5b177963c71e881453560e3ffcec792e8dc46b1832a8fcb2ab2268a9c1fb648d1c6fa1c8cbd50d5a2d8264fbc6c063e6daac5519d362da389dcd3d12c8039f991de91e728abf5bab95c3aef66dd8cc36c60e73cb10afb02eff6df20ff12c59b142b07fc48fe94612de80b8b958f78256fd7cf3c6f79a83867f3bb5f70da392957badadecefdf7b6e4ebd39ff945397c7d302ca0a5a3918d8abb893cd9cdd680916a50fe19699ff0476ad82e6ba46523f26ccc5eb65313c1df1077c8876d2b73bf86ba311862d12b0c557a92ef827197121512e87f817167d4b17c7e225a48b3f8fbbf4187438e0e9b78e905cdbeb72e80dfb37ec0104f5186b39b4ff34f0cdf4b74dc915acd3f98874cd6a67308d0ad9697121ac477550b1affe004f433705933f9647522be65cb5a7471120ec942aeb956f195be0c1783102cf7d842f2968222ae1a7fa6513f200d3fa85d71724956ed697f0673ee3b40a4d46ba4850439ec125b708ed52b52b9f72906477d520c90a9f5dd49a7a33a328137a183f439895532b78ae451a8c3db789bc862fbc37241d523027e1a008629c969380f6eb55f9cf3f0675bca6851f00df6aaf90de9f62d5c179945ef81d1073850301f97e379ea415d830e3f3751cf83e2dba541cb6cdd89e6b674f2c53e329e5f3dd418d534ada6469a5b3bca5b7cfbdfdd6df4abaf77d4520d0311e801145c91b52586a56086e663841b702f52cef9fff8cfb7b33dfa125688ba6b4fadd1dca8defaf4259ca85323b23d3bbb45933562c25af3e8d7bc6ad4a50ae974f8d207994b3bd74a6812ab6a40fcaf96bb4e17bd20d742b14c72226caef3e0f5c56c4930071e9f9a894f18650fbb785c6f707605c86b634c9722c8690cf3a954f68d7c2db3a257339ade67a41259f6f878dd0ab7876deffa77f6f00819282a8f4c4da84c6cf4f335cd0410770a2b1a1fbb3f85f4489eeceb78bbfddb2d1866c57b41f6ed179a0bc3750a486403d23473f2feef43ebc5af1018d9c20089e277d77fb9c34f425c8f8af4c49864b57572fa8c232e61ef37194251a1ddc2f73ffecd57e638751cb72bcb2c40d22540166ca1e8588f24b010c9fbd962e3a2c23a7e93f131df61b8703ce326ed80cc87912d3c6aaa27574bbe8d65bcaecd660c31cead132a44b1d0e4a53cacc0b82a263c4e7783944af0af08ea9e68e8e25ed9111cfef841f1b2fd24164f9097f70efe09b1109e5cb91fe68a2760381fd63a7fd422dd578a60661abc9ee3a5db1c2cde2fb21f2040f1ed3fc27b99e254256949d0560e8b98fa028fca50768caa951a87bf8969af498d50a9ee773c9caa7d9f7d8e1955506013f198cda316d79b177e59f233b98f727afd2494fc18642f0015adab756ea6742690c7d00f28655b915ce4eb8b3ba2e8559ba23e1ff1ccc9f79ae2df85f924459c56715dec78ef4592352eb1a850cd65ecd36e1a9121e888586b7b2fa84da920b8cf44480433e61ab076b10171c0537524bb170a4b99b0b0c437418a665b7ef909652b6483b20362e557c1480c2a2a0efa221fc59054a48122b52d38245f9bd026001635be5b155f5c766a59306fbde231fa72b4d74449a2fe8fb969496ee26af5881adaafb4189b439877ab8f78709cfd32c10ea576a010bfc137b7a4aae137ea3d29070ce3bc8dbe6655e967115ca3461ad9d28b9cf8af07441e68a54ec5e889846f3978f07ba51f7d5af5da78c5c675dc5d0c1a4a399ff4247203573a46fb903eaf7bc886e6cbd3126fa4a3fe3bb13bbdfea7da871f6563aa750f6ad7895b34b2809563dcf5ed30f1c60cef4138aa49d4f55e396534ed10cf4d857723a2b442f47d79de162c30ec6c4daf939b4c88649494e3682d1da81b4a5928d8e18a16c46707a685305e592589acb484e28e9d5af89c44b6e563d125ec97c0155410527406d94b90bc9576a662db99da1cb82b04d610d02187ce08f22ea0e8fd31919d53fa6aaf980e31ca7f8610e695a41919c24136a8406c62d5f15fca36507002b54ece17664b5247583ad60d863f283f3c288946139575dcaedc978762e85f534e56334ef0221c34ffae054ddf79339b8f08701e9699b11041df8f518dd33203363c8098fbefb01555bcc2542422777b38d8dff11b15aadb0c251ce2c5b32f8735b3cb784f2e5731b48feb5a0e791a1106abdea0f7d1f087737cbe7fdf523fa14c9be2a2987511004c5b7ac1814ef6961db16799698242452c469a07c30e4a1f73193c74a41bdd88aef50035e4648bc9dfa276951798420a45e4085932bdb9381af3cc4678bd962af616549e4020d2c9fd25e2117a6d8934fde2218273d7833d60ea492e251417a27e7fb32012a940a6b6487af4b64958bf05f1b1107732149d227eeda5ca5a43cf583dc297d66072a1acd75e93a7caefd36a0d581e21d5cb08654c4ecef46ebac5391546e0b7d2a6418548d8f816446bcf237f676e873e6bae9107234abe5ab24c53ea472ad10653cef068fd9f4e729fc0d526e489f8df13af5575f1e70e0ec22899728b0659d70fc2dd509d9df3ec170638f89e540f4d3f02aa9b1b1819f84da596e0d7b45a5818061728f8eeccd2bea0f460dd7e18cb95f2364c50e351f0690e184eb63ebbb14a0b4b2117e44f3b2b3", 0x2000, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x130, 0x0, 0x401, {0x3, 0x6, 0x0, '\x00', {0x1, 0xad7, 0x40008, 0x808, r2, 0x0, 0x8000, '\x00', 0x3, 0x8, 0x10000f500, 0x7, {0x6, 0x2}, {0x22000000000000, 0x4000000}, {0x100000003, 0xe23}, {0x10000, 0xa06}, 0x36, 0x5, 0xaac8, 0x9}}}})
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x0, 0x6}}, 0x50)

7m40.46118223s ago: executing program 5 (id=489):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r0, r2, 0x25, 0x4}, 0x14)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r3}, 0x8)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r6, r0})
ioctl$NS_GET_OWNER_UID(r5, 0xb704, &(0x7f0000000080))
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r3, r4, 0x4, r0}, 0x6)

7m39.972358278s ago: executing program 5 (id=490):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3}) (fail_nth: 4)

7m39.596367822s ago: executing program 4 (id=491):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020200007d00420005f0000000000000000000000000000000000000000000000000000000000000000000000000006465"], 0x232)

7m39.551044528s ago: executing program 2 (id=492):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x17, 0x8, 0x40, 0x42, 0x1}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002f00)=ANY=[@ANYBLOB="281600002c0007012bbd7000ffdbdf25057c00000c00018008001600", @ANYRES32=r6, @ANYBLOB="08160380041601"], 0x1628}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r7 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xc8701, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

7m39.524870597s ago: executing program 4 (id=493):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000080)={0x4, &(0x7f0000000440)=[{0xe53, 0x8, 0x3, 0x77ff0000}, {0xfffb, 0x10, 0x0, 0xfffffffd}, {0x9, 0xf9, 0x6, 0x8}, {0x2, 0x80, 0x2, 0x2}]})
r2 = getpgid(0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x21, 0x0, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r5, &(0x7f0000000140)=[{0x21, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @connect={{0x0, 0x3}}}], 0x1c)
ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000380)=0x3)
r6 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r6, &(0x7f0000000140)=[{0x0, 0x40, 0x7, 0x2, @time={0x3, 0x2}, {0xee, 0x1}, {0x0, 0xfd}, @connect={{0x6, 0xa}, {0xd, 0x4}}}, {0xfb, 0x0, 0x1, 0x81, @time={0x10, 0x8}, {0x8, 0x30}, {0x2}, @raw8={"fc82b01d8000228d65e81d78"}}], 0x38)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x7fff, 0x4)
r7 = socket(0x2, 0x80805, 0x0)
pread64(r7, 0x0, 0x0, 0xe0ffff000000)
r8 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$SO_COOKIE(r7, 0x1, 0x39, &(0x7f00000003c0), &(0x7f0000000400)=0x8)
sendmsg$DEVLINK_CMD_RATE_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000680)=ANY=[@ANYRESHEX, @ANYRES16, @ANYRES8=r6, @ANYRESHEX=0x0], 0x34}, 0x1, 0x0, 0x0, 0x4045}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r7, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r1, @ANYBLOB="20002dbd7000ffdbdf25170000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000100000008000b0006000000060016000000000005001200000000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b004000000006001600080000000500120000000000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000700000006001600949200000500120000000000080001007063690011000200303030303a30303a31302e3000000000080003000300000008000b000700000006001600030000000500120000000000"], 0x10c}, 0x1, 0x0, 0x0, 0x10}, 0x8080)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x1000}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x5, 0x1, 0x0, &(0x7f0000000000)="f7", 0x0, 0x149c, 0x503, 0x4, 0x0, 0x0, 0x0, 0x4, 0xffff80fe, 0x18e6}, 0x4c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xdc)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x7ff, 0x8, 0xffffffff, 0x8, 0xba4, 0xffffffffffffffff, 0xfffffffffffffff8}, 0x0, 0x0, 0x0, 0x0)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)

7m39.101798083s ago: executing program 5 (id=496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x201, 0x0, 0xf5ff, {0x0, 0x0, 0x5}}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x8}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x0)

7m39.101491384s ago: executing program 5 (id=497):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
clock_adjtime(0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
setfsuid(0xee01)
io_setup(0xf, &(0x7f0000000000)=<r1=>0x0)
r2 = syz_open_dev$vcsn(&(0x7f0000000080), 0x3, 0x40)
r3 = syz_open_procfs(0x0, &(0x7f0000000400)='ns\x00')
readlinkat(r3, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3)
io_submit(r1, 0x4, &(0x7f0000000600)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x2, 0xa8, r0, &(0x7f0000000100)="10f6e4e5708e28a3cbed6c724f5a8debf54d3f88bca964efd68ecda7ad47dfb5c18a482c2555bf501d889a3f1b6c4eaf08d9f704bcf27a0df9a246528fea021bc5d7aff71af51f6aad189257256f2433bb237c8f36a90c80604197c3c8cc64102bec755806ac010244ce473d5aa0c2fa15ba4b1f5ef03accd009a341a887e0f903c5fd26d6ea7932c31ce3acb87f5be93dbb8b7c15bad08d2cef3d05a92574dd405f1c594b709c04880de18c0d466e2b8525e29747ba946e3c8c03d20a616981a72f1fa57f8ae31b730fed4cac686c3fc94b76f31732ff8c4305ef71d9dd3beb92f3a81e25e716261846de11cbb6b361bf7b7b18ba", 0xf5, 0x42698ad5, 0x0, 0x3}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x8, r0, &(0x7f0000000200)="1acb11c09a3de4f8ea9f943639d4ad4db2cd1894855114b69a105fd9651b37fbcc5bc3e6bc20662983966e8cdb730d41fcec308fd71fb86691409fd370b005a69e05e6e8e302f825539558d9b9cbbbb6eddcf4f649454b4cfa881021d7133dacb85412c6cbad4b7fa6d3fa19d9123a98b0352e50d8e50de3dedcf19bda677dde8c218e4f67cbbe917f3ea847fc8d7b34b35042da415be1b445424611fbc882864774ecf0f37a0d21b5483317d3b495f3ece104722879d54d11c9199baa7d439710168d2cd56c35e3", 0xc8, 0x0, 0x0, 0x3, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0xd, r0, &(0x7f0000000380)="6b5ab9d71dedea2e9f97e816d0d3ae165e7494baaa5f870b9f55f0b5f33d9880480d15362f266be1da6d9e3731166508c9e62996e14085bc0429f4bae36ac0dc2354012cf0dc36228ab4ceb8842f67867369fecd91b580917170a2b9d82daa7152581806031b9fc3b1087221e1f3bb1f64c982b251f42887dc27d8fe469fb46dbea34db0544972e45bf43b8bbf09899351440118616dc6b6b3e86146458ae04305dc26096e02ab3f996b11f014032177f63e7bccda0738259fab378bfcddb78d2afb176c00cae7", 0xc7, 0xfc2, 0x0, 0x4, r3}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3, 0x5f0f, r0, &(0x7f0000000540)="2d641c115e2ead4eb06d118b5c53a715fd7a5a294f8e8054c0264b582f510ae40782c5e97955c060cae328c1cac470f03af95e38c8c280dad4d97287d101bce75d1b03770ef90bfbdf83fe6509086b54d736cd457d83c0eb82ef9908cdb0af5c9716b9aaa1a2847a27056be82889dbb45047292f71b364d537ce850635d346e7a223d85344cfc0fb9759cb01dc7bca3489", 0x91, 0xe08, 0x0, 0x1}])

7m39.022163388s ago: executing program 0 (id=498):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="140100002f0001fffd000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

7m39.017459891s ago: executing program 0 (id=499):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001200)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x13c7200, 0x6, 0x8c, 0x0, 0x7ffe, 0x34d, 0xfff, 0x4, 0x6}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x55}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x2f9, 0x543, &(0x7f0000000040)="b90103600040f000009e0ff086dd1fffffe100004000632177fb7f0200017f020001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7", &(0x7f0000000000), 0xeb02}, 0x28)

7m38.880788865s ago: executing program 0 (id=500):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r2, 0x40187014, &(0x7f0000000180))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="3000000021000100000000000000000a80"], 0x30}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r4, &(0x7f0000000140), 0x4924b68, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d14bdbbb49ac0f9426e9def9d793f6576e407e91d85d9193aa80709753e8cb2fe11ea19b8ac214eaca7c21eb66fb528dba236e5c131de42f16a32caa41ba5abd07ce49e6d529cff4a87b595a8c846466fc2dde12d6886216a86072beeea59183cd73a2c9c22f82ce9c87c8b", @ANYRESHEX=r0, @ANYBLOB="2c776e6f3d0000c63066106345eb343e1e97ee3cfe5a899d7a4739b56efbf85a2178f9918c66729d8d893311ebc231bc0dcf0eb53b107c005ed5be064fe6e937101522d9", @ANYRESHEX=r1, @ANYBLOB=',cache=fscache,posixacl,\x00'])

7m38.880596916s ago: executing program 0 (id=501):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x1fd}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0xf4}, {{0x0, 0xffffffffffffffb8, &(0x7f0000000200)=[{&(0x7f00000008c0)=""/223, 0xdf}, {&(0x7f0000000840)=""/127, 0x7f}, {&(0x7f0000000600)=""/134, 0x86}, {&(0x7f0000000480)=""/18, 0x15}, {&(0x7f00000006c0)=""/21, 0x15}], 0x5}, 0x4}], 0x2, 0x61, 0x0)

7m38.801678155s ago: executing program 0 (id=502):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBSENT(r0, 0x5602, &(0x7f0000000000)={0x0, "96d3e9659db3f50cb3c4e683f4fae026a3b284dd56630882be4bc0f34042227a71f06b95d73e34c8ecf3325e43f75f16f13d8905d3bdce627dc6ae0b14840f4c8bebc40872293c61ddd293631a22c6d5c8c9b16b987f4326874ddc5e2610c5505cea115e51bf6feb3e93cf89b8f44394fa2ac7f6cf757a9416c7545c5e5caa34450f0397d179f2225b57f644ce8ad31b15547b9364daef8e784f2036a75c3c5cfd124cdd424a558ea90d054d36c0d1d0db92e5e7f668dadcbfaed92c7cf3204be0c4904d308feba3447d7f41a58bc2fd4682e306a592696e4de9427d87c008d3e172cf162cc35f00915fe9fc9ea84e28838940e4bb2fda4c55a34abdf6db63d547c91a17211a1ce43a2933f8227e8b6767ab70bc9223e62a2d3ad9b13f74e2000961e62eaea005088d6d74a19eb0c56ce314323143fcfe27e410e10bd21a2140783385bdb1a7d33038427e336829ccfb63c04e537ca51ddae5fdf29505fca04fc4b2a13d6dad7db2eace60e9589712719a49a2d2d44587465037851b1fe93a0ed46822294671098fd53e79fe428bf6ae3846299ab1d238ad07be6cc01b5fcaacfce829c209e67d5548a38b637f3b44905b8be24dfba30e1b6d074b43e53fcded14a4190a585949baa43fef6c70ce7b1612299d734c07feed23252886a1317358cf5ecaf0186d2dbdb3eab8a9c3c21d4828ef8a9dd89207f2884a57679fcd495a"})
mkdir(&(0x7f0000000080)='./bus\x00', 0x3)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000006c0)='./bus\x00', 0x490082, 0x8)
fsetxattr$security_ima(r1, &(0x7f00000000c0), &(0x7f0000000300)=ANY=[@ANYBLOB="0410239679cc7f9b51e6b3b698b17c063c075ee9730bea66c5b820c58d53456cc65c21dba771bfc4dcca7ad229786345254a02fe288feb8a71b4598ef5be1391615887d8217fa7379359af2464f73d759d21b13ca6d88448421ed2baad203d655ce629d752762f6537a988d2a907b30da10af915928be38214dd70b026044b0f95a51b16ce6e93391a62be6726c2a8e9c727d5a51e6e496dc5a1f0dca0f2cf51"], 0x2, 0x1)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r2 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
unshare(0x6e060000)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x1)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6092c01f00082f00fe8000000000000000000000000000bb00000000000000000000070000000000242065580000000000000021000086dd080088be4305400f100000"], 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r3, 0x7ac, &(0x7f0000000040)={0x0, 0x0, 0x9})
utime(&(0x7f00000003c0)='./file2\x00', &(0x7f0000000400)={0xf, 0x5})
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x1)
mount$cgroup(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x8000, &(0x7f0000000480)={[{@name={'name', 0x3d, 'nfs\x00'}}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8b07, &(0x7f0000000440)={'wlan1\x00', @random="8dffffffebff"})
syz_emit_ethernet(0x82, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000000000800450000740000000000019078ac1e0001ac1414aa05009078e00000e04600000000000000001100007f000001ac1414000703000703fe443c00030a01012f00000000e0000001000000007f00000100000200ac1414aa000000000000000000000000ac1414000000000000000000000000000000c408c8f06e575c9ab6ccf8ee68a84a296ad4e7a0bcb198ee9167bbdc"], 0x0)

7m38.630984478s ago: executing program 5 (id=503):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(0x0, &(0x7f0000000140))
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
dup(0xffffffffffffffff)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r7, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{0x0}], 0x1}, 0x4048043)
dup(0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'comedi_bond\x00', [0x2f, 0x80, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x4, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x89, 0x6, 0x0, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x8, 0x6, 0x401, 0xfffffffd]})
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r8, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x503, 0x70bd2d, 0x700, {0x0, 0x0, 0x0, 0x0, 0xe000000, 0x1000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x2000000)
lseek(r0, 0x9, 0x0)

7m38.630681193s ago: executing program 0 (id=504):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xe160, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x40840)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x5a)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r2 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r3 = mmap$KVM_VCPU(&(0x7f00002cb000/0x13000)=nil, 0x930, 0x1000007, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')

7m29.200309652s ago: executing program 2 (id=505):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_ID={0x8}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x88}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0x74}, 0x1, 0x0, 0x0, 0x4404c810}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r5 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x55, 0x2000, @fd_index=0xd, 0x7, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r5, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x4, 0x5}, {0xfff2}, {0xb}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x40}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8858}, 0x20004804)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r11, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r12, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xdddd1000, 0x10, 0x0, 0x8, 0x2, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}, {0x2000, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0xe, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x3, 0x4}, {0xeeee0000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x10, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x2}, {0x8080000, 0x3000, 0x4, 0x0, 0x0, 0x1, 0x10, 0xa, 0x26}, {0x80ac000}, {0x4000}, 0xddf8ffdb, 0x0, 0x8080000, 0xf0, 0x8, 0xdd00, 0x0, [0xe, 0x0, 0x1]})
ioctl$KVM_TRANSLATE(r12, 0xc018ae85, &(0x7f00000000c0))
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000000514010028bc7000fedbdf2508000100000000000800030001000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x140c, 0x100, 0x70bd2d, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x44084}, 0x8005)

7m24.215364548s ago: executing program 34 (id=493):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000080)={0x4, &(0x7f0000000440)=[{0xe53, 0x8, 0x3, 0x77ff0000}, {0xfffb, 0x10, 0x0, 0xfffffffd}, {0x9, 0xf9, 0x6, 0x8}, {0x2, 0x80, 0x2, 0x2}]})
r2 = getpgid(0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x21, 0x0, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
write$sndseq(r5, &(0x7f0000000140)=[{0x21, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @connect={{0x0, 0x3}}}], 0x1c)
ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000380)=0x3)
r6 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r6, &(0x7f0000000140)=[{0x0, 0x40, 0x7, 0x2, @time={0x3, 0x2}, {0xee, 0x1}, {0x0, 0xfd}, @connect={{0x6, 0xa}, {0xd, 0x4}}}, {0xfb, 0x0, 0x1, 0x81, @time={0x10, 0x8}, {0x8, 0x30}, {0x2}, @raw8={"fc82b01d8000228d65e81d78"}}], 0x38)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x7fff, 0x4)
r7 = socket(0x2, 0x80805, 0x0)
pread64(r7, 0x0, 0x0, 0xe0ffff000000)
r8 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$SO_COOKIE(r7, 0x1, 0x39, &(0x7f00000003c0), &(0x7f0000000400)=0x8)
sendmsg$DEVLINK_CMD_RATE_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000680)=ANY=[@ANYRESHEX, @ANYRES16, @ANYRES8=r6, @ANYRESHEX=0x0], 0x34}, 0x1, 0x0, 0x0, 0x4045}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r7, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r1, @ANYBLOB="20002dbd7000ffdbdf25170000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000100000008000b0006000000060016000000000005001200000000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b004000000006001600080000000500120000000000080001007063690011000200303030303a30303a31302e3000000000080003000200000008000b000700000006001600949200000500120000000000080001007063690011000200303030303a30303a31302e3000000000080003000300000008000b000700000006001600030000000500120000000000"], 0x10c}, 0x1, 0x0, 0x0, 0x10}, 0x8080)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x80)
ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x1000}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r10, 0x5, 0x1, 0x0, &(0x7f0000000000)="f7", 0x0, 0x149c, 0x503, 0x4, 0x0, 0x0, 0x0, 0x4, 0xffff80fe, 0x18e6}, 0x4c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xdc)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x7ff, 0x8, 0xffffffff, 0x8, 0xba4, 0xffffffffffffffff, 0xfffffffffffffff8}, 0x0, 0x0, 0x0, 0x0)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)

7m23.212543944s ago: executing program 35 (id=504):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @vbi={0x6, 0x2, 0xc7a, 0x38414762, [0x3, 0x7], [0x2, 0x6], 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)
read$msr(r0, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xe160, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x1, 0x40840)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, 0x0, 0x5a)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r2 = mmap$KVM_VCPU(&(0x7f0000007000/0x1000)=nil, 0x930, 0x1000002, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
r3 = mmap$KVM_VCPU(&(0x7f00002cb000/0x13000)=nil, 0x930, 0x1000007, 0x28031, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000240)="fb4149dd033be3ac2cc4a22332fdaa8de0418df24200000000a6ab8031d1dfd92f0000000001ffffffff9610fbff77521ce10d8f6b69d22627e700", 0x0, 0xffffffffffffffca)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')

7m23.182584178s ago: executing program 36 (id=503):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(0x0, &(0x7f0000000140))
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
dup(0xffffffffffffffff)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r7, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{0x0}], 0x1}, 0x4048043)
dup(0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'comedi_bond\x00', [0x2f, 0x80, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x4, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x89, 0x6, 0x0, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x8, 0x6, 0x401, 0xfffffffd]})
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r8, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x503, 0x70bd2d, 0x700, {0x0, 0x0, 0x0, 0x0, 0xe000000, 0x1000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x2000000)
lseek(r0, 0x9, 0x0)

7m14.852262135s ago: executing program 2 (id=509):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
syz_open_pts(r0, 0x0) (async)
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xe825, 0x3400, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000380)="b8b2a0e146380d23f2c29d7427e15510787cd222941ded8b5793b53e182d258a4b7cfd1e8391294c1d1ba4a44a7622571375fcf4ee4b4eeeed64098dc142c7ece1da9706606eee8f49d365fe3ef6cf60de22f6676f57db9f555afb97d836ebad76c3bfc750ac204ff73ee0307a9fa707a1e52e6f4006463324f6d5c8081513822e3edb93ed7b6512badcf9f0bed839399e9597626880735bf5a17a4013292f65bbfa51f2c0b2f38b1ffbe0c3123d063ee25fc2f68b6cf7881f8c25771c1c0c1189dd3c97a292cc6fbeafb9", 0xcb}, {&(0x7f0000000480)="2287df8fae820c44a4cd8b548a93b1e45902f947b3e0204dde2baac46a668f0c641ecad9652016cc3ffb2cbd70533345947a200025cf9a301d713dc410397d4c3ecce26df76da5e1704f772627ba6dd58cf3ee37ca98ab293ad12dca56bec4a08c018e732395", 0x66}], 0x2, 0xfffffffc, 0xffff, 0x10) (async)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000380)="b8b2a0e146380d23f2c29d7427e15510787cd222941ded8b5793b53e182d258a4b7cfd1e8391294c1d1ba4a44a7622571375fcf4ee4b4eeeed64098dc142c7ece1da9706606eee8f49d365fe3ef6cf60de22f6676f57db9f555afb97d836ebad76c3bfc750ac204ff73ee0307a9fa707a1e52e6f4006463324f6d5c8081513822e3edb93ed7b6512badcf9f0bed839399e9597626880735bf5a17a4013292f65bbfa51f2c0b2f38b1ffbe0c3123d063ee25fc2f68b6cf7881f8c25771c1c0c1189dd3c97a292cc6fbeafb9", 0xcb}, {&(0x7f0000000480)="2287df8fae820c44a4cd8b548a93b1e45902f947b3e0204dde2baac46a668f0c641ecad9652016cc3ffb2cbd70533345947a200025cf9a301d713dc410397d4c3ecce26df76da5e1704f772627ba6dd58cf3ee37ca98ab293ad12dca56bec4a08c018e732395", 0x66}], 0x2, 0xfffffffc, 0xffff, 0x10)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r7, 0x331, 0x70bd29, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x4000) (async)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x1c, r7, 0x331, 0x70bd29, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}}, 0x4000)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x5c, r7, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x3}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7f}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x4000000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x40000)
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="a40000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000010000000000aa14000400000000000000000000000000000000010c00028010000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000000c00028005000100000000000800074000000000100005800a000100512e393331000000"], 0xa4}}, 0x0)

7m14.711008436s ago: executing program 2 (id=510):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f00000002c0)=0x3)
unshare(0x6020480)
pselect6(0x40, &(0x7f0000000100)={0x7, 0x200400000007, 0x2, 0x7ffffffffffffbff, 0x2000000000000000, 0x0, 0x0, 0x2000000000000000}, 0x0, &(0x7f0000000240)={0x1f, 0x1, 0xffffffffffffffea, 0x1000000, 0x0, 0x200000, 0x4, 0x6}, &(0x7f0000000280)={0x0, 0x989680}, 0x0)

7m12.601471114s ago: executing program 2 (id=511):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5c000000100003047fff00"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002c00128009000100766c616e000000001c000280060001000200ed00100003800c000100071900000800000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4], 0x5c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

6m57.194772647s ago: executing program 37 (id=511):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5c000000100003047fff00"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002c00128009000100766c616e000000001c000280060001000200ed00100003800c000100071900000800000008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4], 0x5c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

5m10.516873422s ago: executing program 9 (id=716):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x56e01, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="5400000004060102000000000000000005000000050001"], 0x54}}, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000600)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000100)=@gcm_256={{0x303}, "0f78fbc54b6c106c", "75fd7583f127c5c356354c80ea765edaa15f377fb214e20fda1b0241bed67dc4", "b1726789", "fb442565fb00"}, 0x38)
sendto$inet6(r3, &(0x7f00000001c0), 0xffffffffffffff13, 0x0, 0x0, 0x3000137)
r5 = dup3(r0, r1, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xc8, 0x1, 0x0}, &(0x7f0000001380)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000400)=0x40)

5m10.438991111s ago: executing program 9 (id=719):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100002000a00000e053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000000000000200000001000000000000000b000000070000b29ba2"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
socket$kcm(0x10, 0x2, 0x10) (async)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100002000a00000e053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) (async)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000000000000200000001000000000000000b000000070000b29ba2"]) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)

5m10.190407375s ago: executing program 9 (id=726):
timerfd_create(0x7, 0x800)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000540)={0x0, 0x86f7, 0x4000}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_setup(0x177f, 0x0) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 32)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000080)={0xcf, 0x0, 0x0, 0xd, 0xfa, 0x6, 0x9, 0x3, 0x9, 0xd, 0x8, 0x6, 0x29, 0x7}, 0xe) (async, rerun: 32)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e22, 0x101, @remote, 0x140}}, 0x7, 0x2, 0x3, 0x4, 0x7}, &(0x7f0000000100)=0x98)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) (async)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x8004587d, 0x0) (async)
socket$tipc(0x1e, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x4}, 0xc) (async)
syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00') (async)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz1\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x8, 0x100, 0x3, 0x1, 0x7, 0x9, 0x3, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xd, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0xb1, 0x6, 0xff, 0x2, 0xa5f2b87a, 0x409, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x5, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x3, 0x6, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x8000, 0xfffffffd, 0x80, 0x8, 0x8, 0x9, 0x7, 0x101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x10000004], [0x8, 0x3, 0x8, 0x8, 0x0, 0x8, 0x4, 0x239ce46f, 0x25, 0x50, 0x8, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x3, 0x3, 0x1, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x9, 0x8, 0x5a, 0xffff2503, 0x8001, 0x6995, 0x3, 0x80000000, 0x8, 0xdab, 0x7, 0x0, 0x76c4, 0x6, 0x5, 0x4, 0x10000, 0xd, 0xfffffffe, 0x9, 0x3, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x8001, 0x3, 0x2, 0x3a6, 0x0, 0x5, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0x3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x102, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x80000001, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x1, 0x6, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9a, 0x3, 0xafdab97, 0xa1, 0x0, 0x9d, 0x7, 0x2000a8a, 0x2, 0x10001, 0x77, 0x8, 0x40, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x5, 0x5d3a, 0x2, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x9, 0x3, 0x2, 0x10, 0x8, 0x2, 0xff, 0x6, 0x4, 0x4, 0x200, 0x0, 0x7, 0x4e6, 0x8, 0x40000000, 0xffffffff, 0x7ffe, 0xc, 0x41, 0x400, 0x1, 0x5, 0x0, 0x9a8, 0x99f, 0x231, 0x3ff, 0x8, 0x1, 0x7, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x101, 0x202, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)

5m10.129458712s ago: executing program 9 (id=728):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=ANY=[@ANYBLOB="54000000100001002abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="8021000000000000140003006e657464657673696d30000000000000080004a10e0400001800168014000180100006"], 0x54}}, 0x800)

5m10.040386254s ago: executing program 9 (id=729):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) (async)
mremap(&(0x7f0000230000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000001000/0x1000)=nil) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async, rerun: 32)
chdir(&(0x7f0000000080)='./file1\x00') (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0xc2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) (async, rerun: 32)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) (rerun: 32)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'}) (async, rerun: 64)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r0, 0x89f6, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={@remote, 0x0, 0x0, 0x60, 0x0, [{@remote}, {@multicast2}, {@dev}, {}, {@initdev}, {@dev}]}}) (rerun: 64)

5m9.981471157s ago: executing program 9 (id=731):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f0000000040), &(0x7f0000000100), 0x40, 0x0)
mount$overlay(0x2000000, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

4m54.943383166s ago: executing program 38 (id=731):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f0000000040), &(0x7f0000000100), 0x40, 0x0)
mount$overlay(0x2000000, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

6.98118797s ago: executing program 6 (id=2834):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000003c0)={0x3, 0x0, 0x0, 0xfdfdffff, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000002400)={0x1, 0x0, [{0x122}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r7=>0x0}, &(0x7f0000000280)=0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x8, '\x00', r7}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r8, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYBLOB, @ANYBLOB="2b030040000000004c001280"], 0x74}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x22ac, 0x0, &(0x7f0000000180), &(0x7f0000000000))

6.10320888s ago: executing program 8 (id=2876):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000480)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1fff, 0x6, @mcast2, 0x4}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r0, &(0x7f0000000140)="8f6500dd", 0x4)

5.988468982s ago: executing program 8 (id=2877):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f00005b9000/0x1000)=nil, 0x1000, 0x1000003, 0x11012, r0, 0x68255000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000, 0x1, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x48c00, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x802)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000800000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000032ce8500000004000000850000000500000095", @ANYRES16=r2], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00', r5}, 0x10)
syz_emit_ethernet(0x75, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500006700000000000190780a010102ac1414aa0b00907800ffffff7fb80001006500080802000564010102ac1e010101442c155000000fff00000080000000083b444460000000dfb65f450700009a4500000fff000000800000000c940401007e5d2bde968d"], 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0x5)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x10)
mmap$binder(&(0x7f0000225000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x4)
syz_clone(0x4104000, &(0x7f0000000580)="ca530e156886286c96b6fdb6968d04b7479dbb2313982f95aa08f14e4f80abd4fd14f7438303e94d6db890633eb0560bcf4b77d3d3c9ecbf2bb563a00a1b3e11ad8abb1095ca1166e37f993bbd585b89a5d797270b33c9c8898407dfd3bf08cc33392fdd526a9d46d7ff8b20dd937deda4a755189441956be668a30807668d8a469ea149a997c5b42923fa8e4a0998ad4bbc242436b92e937ffe5dab9ddf3f516c8c5823d16b9e7acc57de6d32f58a312fbc89c52c54499036894cf2c842c820e3655973f2b83a2deeae691f9002d31e6e1e4659c830f48e57526d50c0004290f001b5422adc283108ac9e1bf1929c1db46f2adc01bae6", 0xf7, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000680)="500aa9109e5d045b4e4db84a4f6418e987608f72c6ffd87071e38d4d6fb792c14c683371af7d4afda2dd50640f6297f6c95e4c9f7644db498b757efeb7ad1a2647dc0e4bd0490c8ca7e5be562d98de295318880bf1737f487da0930282ec3d86087b767e27425121836d47b55b34a7f9a123b22a840894a73cc03f943ef0f8d9da44d11860516b06d1564cf574052f3819ab7caea1c74bca890f6d0a974c54a3a2ab8ef6cbe9fad55323c5dc365683091c792550d6ff99826eaf5bcff1e9bb42b5d7301dc90796920e10ad6f74a4bd52")
sendfile(r4, r4, 0x0, 0x2000fb)

5.857172835s ago: executing program 7 (id=2878):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x13f, 0x2}}, 0x20)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x48c00, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$dsp(0xffffff9c, 0x0, 0x82040, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r3, 0xc0044dff, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
socket(0x1, 0x5, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x9)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r5, 0x1, 0x7, &(0x7f0000000180)=0x7, 0x4)
socket(0x2, 0x2, 0x1)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
write$char_usb(r6, 0x0, 0x0)
write$char_usb(r6, &(0x7f0000000bc0), 0x0)
syz_usb_disconnect(r1)
close(r0)

5.396231954s ago: executing program 6 (id=2880):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000005880)={0x0, 0x0, &(0x7f0000005840)={&(0x7f0000005800)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {0x0, 0x8001}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40d0}, 0x4000140)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_open_dev$vim2m(0x0, 0x4000000000000103, 0x2)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffff274}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x5, 0xb68, 0xfffffffffffffeb9, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0xf0, 0x0, 0x0, 0x2, 0xffff80fe, 0xe}, 0x48)

5.376981479s ago: executing program 6 (id=2881):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000007900000005000000180001801400020073797a5f74756e00000000000000000024000380040001001c0003800c000180080001"], 0x50}}, 0x0)

5.295823709s ago: executing program 6 (id=2882):
fstatat64(0xffffff9c, 0x0, 0x0, 0x400)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_test\x00', [0x6, 0x7ff, 0x1, 0x0, 0x0, 0xccc, 0x8, 0xb, 0xa, 0xfc, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000007, 0x100, 0x2, 0xf27, 0x3, 0x8, 0x8, 0x5, 0x7, 0x4, 0x10000, 0x6]})
ioctl$COMEDI_SETRSUBD(r0, 0x6410)
r1 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_FLAGS={0x8, 0x8, 0x702}]}, 0x34}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x68, 0x90, 0xc8, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
fstatat64(0xffffff9c, 0x0, 0x0, 0x400) (async)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) (async)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) (async)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'comedi_test\x00', [0x6, 0x7ff, 0x1, 0x0, 0x0, 0xccc, 0x8, 0xb, 0xa, 0xfc, 0x2, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000007, 0x100, 0x2, 0xf27, 0x3, 0x8, 0x8, 0x5, 0x7, 0x4, 0x10000, 0x6]}) (async)
ioctl$COMEDI_SETRSUBD(r0, 0x6410) (async)
socket(0x10, 0x803, 0x0) (async)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_FLAGS={0x8, 0x8, 0x702}]}, 0x34}}, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x68, 0x90, 0xc8, r2}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)

5.196404342s ago: executing program 6 (id=2883):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x564ae9994d0fec99, 0xa, 0x6bb)
r0 = syz_open_dev$loop(&(0x7f0000000280), 0xa4f, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}})
ioctl$BLKRRPART(r0, 0x125f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000000)={&(0x7f0000000200)="8d", 0x1})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000240)="48fa65", 0x3, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r2, 0xc00464be, &(0x7f00000000c0)={r3})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x52, 0x2, 0x7, {0xfff7, 0x2}, {0x1, 0x3}, @ramp={0xfff, 0x7f, {0x866, 0x4, 0x515, 0x2}}})
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x822f01)
write$char_usb(r1, &(0x7f0000000180)="132cf7e22b665c1a9c2f73315ce99a14d21a70821f7b6754fd7c525dbe967ede5ff18eeb270000007d258d124c01b18a61d90000e05f0a74e247b9c866b9629cd826e44217529a757cac8380ee", 0x4d)
ioctl$KVM_SET_CLOCK(r5, 0x4188aec6, &(0x7f0000000040))
dup2(r4, r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)

3.875059988s ago: executing program 8 (id=2884):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xffffffff, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x707cb000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2000000000002)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r3 = syz_open_procfs(r0, &(0x7f0000000400)='net/igmp6\x00')
preadv(r3, &(0x7f0000001400)=[{0x0}], 0x1, 0xc002a0, 0x0)
r4 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x2, &(0x7f0000000180), 0xfe)

3.35415454s ago: executing program 6 (id=2885):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
syz_emit_ethernet(0x123, &(0x7f0000000640)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800460f01150067000004069078e00000017f000001820200004e214e24", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="918000089078000702107f0000000200000000000f0000004eaf808f7bb37ad7b105c6d13ae4213db7deae93d21adb2001e7a0ef1acc568b4c4b9c74fe7a2f3f82f80ef79231c49b4631ee8393b5205003ea5d581a76adc08c4fd361c56d97874e2d1bd34849917ee3942f9c368f369f6194ca30e0db32427f308838cfea0d0dd2fa6002bac76c9f7430b1c60a6b5222b1cc384ba8d65c1c4c5761d418f4f3c936aa242c358df8b2a23995d2516af823d4a5a2e1e135d3bf3763750e03257dad219990886a03f7f265930add0f7e20becba1b1f0277eadb59d6329da88305c8ee8960aa2ba7edaed16aabeca8c53b22736cad2a5fce782d9c4450c30b710f01400"/274], 0x0)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)=ANY=[@ANYBLOB="1201000035ffaa20cd0caf104e380102030109021b00010000100009045902019b042a00090582"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@random={'security.', 'syz2\x00'}, &(0x7f0000000500)=""/102, 0x66)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0xf5, &(0x7f0000009b00)={&(0x7f00000042c0)={{0x14, 0x10, 0x1, 0x0, 0x3000000, {0x7}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x24, 0x3, "7339f2f304fdd672bad09dfb040000000001000001f9580dabf95ddc91967c20"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20008040)
syz_usb_control_io$hid(r0, 0x0, 0x0)
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f000007e000/0x1000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
mremap(&(0x7f000007e000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000340)={0xc, &(0x7f0000000240)={0x0, 0x1, 0xb9, {0xb9, 0x24, "91f3ff8225ed7280635d04b6284da1304f839d366f728cae89e2cae85fad1eba472a3644d172c653ee562fa8410d233d1f088a55833e3d8fc6e0daac994b7bedc30e62dc3098d3bb8c6dee2dc48bdaaecf3c99e5b1b7cb154ccda38b589e382a55ab13f7ec6ec8950ad49c2af255d32c5a7702e733c3c1a9bdeefd4ad372ffe5c1d615d6162d494952e82c0397c4a6ab98b89b6b70dbb3c3b300054490d421f1b0355b6c712e86531171c711c677d576ac1f02dcaeb23f"}}, &(0x7f0000000300)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000440)={0x10, &(0x7f00000007c0)=ANY=[@ANYBLOB="403413000000dde89888aecd9867860800000053bde92ac382fa35c351e67f3da0e30456625188931ab3f53d5c2b50a9dbe839a6e73ff4d858b4838bdbd697b4095e213b18fc0a0df82d76afc5edef05d7c862305988611e8539fb28a7709f1ead6097f523d198fe6a557a3d40e8b75311902f1df0669263328686576213f69de8f28b02601478511e76ce29c5a3737b1beeee71943b4d5f3109a1756c24801fe98ee4fdb773609fc8cd68423554eff452a56b29326c7d9a340b72c6c9b2b70847a2378162fede102f4920866b072acb9ebaca52076b48b0125cbd"], &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x7f}})
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)

2.793727022s ago: executing program 8 (id=2889):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000005c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000003c0)={0x3, 0x0, 0x0, 0xfdfdffff, 0xfffffffd})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000002400)={0x1, 0x0, [{0x122}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r7=>0x0}, &(0x7f0000000280)=0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x8, '\x00', r7}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r8, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYBLOB, @ANYBLOB="2b030040000000004c0012800b0001006765"], 0x74}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x22ac, 0x0, &(0x7f0000000180), &(0x7f0000000000))

2.785897982s ago: executing program 7 (id=2890):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x8, @local, 0xc}, {0xa, 0x4e24, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000cc0)={{0xa, 0x0, 0x3d, @local}, {0xa, 0x0, 0x0, @empty}, 0x1, {[0x0, 0x20, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c)

2.463078001s ago: executing program 7 (id=2891):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000041bc61100c000000000063014800400000009500090000000000e2cd00741267c333f02ec3502b713018dfcb083d0e75b6f5ce04e3fa86a248f42f3a7687bd1c4e000b3cffa45e8da5ea"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x133, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x3e70, &(0x7f0000000480)={0x0, 0x200003, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_OPENAT2={0x1c, 0x13, 0x0, r1, &(0x7f0000000280)={0x20040, 0x100, 0x4}, &(0x7f0000000440)='./file0\x00', 0x18, 0x0, 0x12345})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000300)=""/213, 0xd5}], 0x1, 0xfffffffe, 0x10a2)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
epoll_create1(0x80000)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r7, &(0x7f0000000640)="c9", 0x1, 0x40821, &(0x7f0000000400)={0xa, 0xfffc, 0x8, @local, 0x7}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x3, 0x2, 0x1, 0x3}, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, &(0x7f0000000100))
shutdown(r7, 0x1)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f00000000c0)=0x439f, 0x4)
recvmmsg(r7, 0x0, 0x0, 0x406, 0x0)
syz_io_uring_setup(0xc97, &(0x7f0000000700)={0x0, 0x6015, 0x800, 0xff7fffff, 0x11c}, &(0x7f00000003c0), &(0x7f0000000140))
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wg2\x00'})
r9 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r9, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb})

1.885226055s ago: executing program 3 (id=2893):
r0 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f00000003c0), 0x2214000, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000000))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000040))
sendmsg$IPCTNL_MSG_CT_GET_STATS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x101}, 0x14}}, 0x0)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000100)={0xf5, "51cbe4581fa51e0eaa2d59edd79981e71ce5a6a775ce0fe33bcd0148425fdc1e", 0x1, 0x302, 0x2, 0x2, 0x8, 0x6, 0xd, 0xcad7})

1.650813853s ago: executing program 3 (id=2894):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38)
r1 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r4 = memfd_create(&(0x7f0000000bc0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\xd8\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\x01\xf0\xff\xff\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6\'\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1B\xd7\xaf\x99\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xe6\x94\xed\xf8\xe9\xd8\xe9\x95\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9\xa3\xb5\xdc}\x1fgn\xd61\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k\x00\x00\x00\x00\x00\x00\x10\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa7:\xc8\xcfI\xaa\x14\xeb\xc0\x1a\xaa', 0x1)
pwritev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4)
pwritev2(r4, &(0x7f0000000100)=[{&(0x7f0000000380)}, {&(0x7f0000000580)}, {&(0x7f0000000040)="5d7abc3e5de56afce793dd6d3d68d7681576ea0d02df3a6746d92de527ab822054078924d0d19e5d12517367925bf92d6670099f8c6abd0d3c5cd96a999a1e18956f765779b41da78a26896f32ff66c3ebe49ca53f489ee35991b7f3039d796c", 0x60}], 0x3, 0x2, 0x1, 0x10)
sendfile(r3, r3, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {0x600}, 0x40000004, 0x0, 0x14, 0x18, "28f5c985d9756538c50d6418d2da690e5f8cd7af40fd15030057c1665f74645bba7663c435aff94793ddd7aae03285889fd9bd0e2ff25145000000007fa8d541", "07a9310978042a8bfe1406b84819e7df4af14e1df82d00", [0xffffffffffff7fff, 0x9]})
ioctl$LOOP_SET_STATUS(r3, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r3)
r5 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000180)={@loopback={0x200000000000000}, 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x37fffe, @remote}, 0x1c)
connect$inet6(r2, 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000140)={0x3, {{0x2, 0x4e21, @local}}, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x23}}}}, 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

1.501919837s ago: executing program 7 (id=2895):
r0 = syz_io_uring_setup(0xc0f, &(0x7f00000000c0)={0x0, 0x6efd, 0x80, 0xffffffff, 0x1a}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080006007c09e8fe55a10a0015800a00142603600e1208000f0000000406a80016c0080003400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x0, r4, 0x0, 0x0, 0x0, 0x80000})
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x91)
ioctl$int_in(r5, 0x5452, &(0x7f0000000080)=0xfffffffffffffffc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r6], 0x20}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a"], 0x24}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x64, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x30, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x64}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}}, 0x20}}, 0x0)
io_uring_enter(r0, 0x47f5, 0x0, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0xf3a, &(0x7f00000001c0)={0x0, 0x64f0, 0x1, 0x1, 0x20b}, &(0x7f0000000040), &(0x7f0000000240))
r11 = eventfd2(0x6, 0x80000)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r10, 0x7, &(0x7f0000000280)=r11, 0x1)

1.27929807s ago: executing program 7 (id=2896):
r0 = syz_open_dev$vbi(&(0x7f0000000480), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000240)={0x5, 0x0, '\x00', {0x0, @bt={0x6, 0x5, 0x1, 0x0, 0x3, 0x10000, 0x905ffd, 0xfff, 0x100007, 0x4, 0x1, 0xffffffff, 0x106af, 0x43cb, 0x0, 0x6, {0x800085a7, 0x7ffffdff}, 0xb2, 0x81}}}) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IP_PROTO={0x5, 0x1b, 0x3a}]}, 0x24}}, 0x0) (async)
r2 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) (async, rerun: 64)
r4 = socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 64)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'lo\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001400030500008000ffdbdf25020751ff", @ANYRES32=r7, @ANYBLOB="080002007f00000108000400e000000208000800890200"], 0x30}, 0x1, 0x0, 0x0, 0xc090}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}}) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r8=>0x0}) (rerun: 32)
sendto$packet(r2, &(0x7f0000000000)="a6bea8a120e5f8320c30ce5086dda5e986", 0x11, 0x0, &(0x7f0000000140)={0x11, 0xf6, r8, 0x1, 0xa, 0x6, @random="ad446050e878"}, 0x14) (async, rerun: 32)
socketpair(0x28, 0x5, 0x0, &(0x7f0000000040)) (rerun: 32)

1.266794604s ago: executing program 8 (id=2897):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(r0, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x48, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0x2, 0x1}}, [@qdisc_kind_options=@q_cbq={{0x8}, {0x1c, 0x2, [@TCA_CBS_PARMS={0x18, 0x1, {0x3, '\x00', 0x5, 0x2, 0x3, 0x8}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r8, &(0x7f0000000140)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r7, 0x1, 0xd8, 0x6, @random="98c8ca7122df"}, 0x14)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r10, 0x0)
ioctl$KVM_X86_SETUP_MCE(r10, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4c, 0x4})
sendmmsg$inet6(r9, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1.071278785s ago: executing program 3 (id=2898):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = openat$autofs(0xffffff9c, &(0x7f0000000000), 0x8600, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r2, 0x0, 0xd}, 0x18)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x402, 0x0)
ioctl$COMEDI_CMD(r3, 0x80406409, &(0x7f0000000280)={0x0, 0x20, 0x0, 0x8, 0x10, 0xb9, 0x2, 0x100, 0x4, 0x7a, 0x0, 0x400003, 0x0, 0x0, 0x0})

1.070963821s ago: executing program 8 (id=2899):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYRESDEC=0x0])
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setgroups(0x0, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x15)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r3, 0x0, 0x5004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x19, 0x3c}]}, 0x24}}, 0x48850)

1.069464529s ago: executing program 3 (id=2900):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}}, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x400, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0x11000) (async)
fstat(r2, &(0x7f00000002c0))
mount$9p_fd(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000001780), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) (async)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) (async)
creat(&(0x7f0000000080)='./file0\x00', 0xc7)
mount$nfs(&(0x7f0000000040)='@\a', &(0x7f0000000340)='./file1\x00', 0x0, 0x20887b, 0x0) (async)
mount$nfs(&(0x7f0000000080)='@\a', &(0x7f00000000c0)='./file1\x00', &(0x7f0000000500), 0x20040c1, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010800040000000000000b00200008000300", @ANYRES32=r5, @ANYBLOB="0a000600080211000001000030005080110001004abee33908f8eef16f162471f4000000080007000000000005000200020000000800030005ac0f"], 0x58}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) (async)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000fedbdf25030000005800018044000400200001000a000000000000000000000000080000000000000000000100000000200002000a00000000000000fe8000000000000000000000000000bb000000000d0001007564703a73797a3000000000"], 0x6c}}, 0x0)

1.069267352s ago: executing program 7 (id=2901):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
mount(&(0x7f0000000140)=@sg0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448ca, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000008c0)=[0x0, 0x0], &(0x7f0000000900), 0x0, 0x2, 0x0, 0x0, r4, 0x3000000})

901.260694ms ago: executing program 3 (id=2902):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010020000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000050000000060a010400000000000000000100000008000b400000000028000480240001800b000100736f636b6574000014000280080001400000000308ffff00000000000000010073797a3000000000140000001100010000000000000000000000000a"], 0xc4}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001040)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x1d, &(0x7f0000001080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0xa7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fstatfs(0xffffffffffffffff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x401, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
openat$kvm(0xffffff9c, &(0x7f0000000000), 0x400080, 0x0)
r7 = openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$SNDCTL_DSP_GETISPACE(r7, 0x8010500d, &(0x7f0000000500))
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r8, 0x0, 0x0)

0s ago: executing program 3 (id=2903):
socket$can_j1939(0x1d, 0x2, 0x7)
socket(0x22, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000140))
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
pipe(&(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000007000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

kernel console output (not intermixed with test programs):

nd, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  456.646264][ T7009] usb 12-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  456.649929][ T7009] usb 12-1: Product: syz
[  456.651530][ T7009] usb 12-1: Manufacturer: syz
[  456.651813][T12516] netlink: 'syz.6.1681': attribute type 21 has an invalid length.
[  456.653182][ T7009] usb 12-1: SerialNumber: syz
[  456.660533][ T7009] usb 12-1: config 0 descriptor??
[  456.665861][ T7009] yurex 12-1:0.0: USB YUREX device now attached to Yurex #1
[  456.707675][T12518] netlink: 'syz.6.1682': attribute type 12 has an invalid length.
[  456.742211][ T6006] usb 8-1: USB disconnect, device number 17
[  456.874664][ T8600] usb 12-1: USB disconnect, device number 14
[  456.879924][ T8600] yurex 12-1:0.0: USB YUREX #1 now disconnected
[  456.954888][T12524] lo speed is unknown, defaulting to 1000
[  456.994158][T12524] cgroup: No subsys list or none specified
[  458.578954][T12543] netlink: 'syz.8.1690': attribute type 21 has an invalid length.
[  459.359886][T12570] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1698'.
[  459.436124][T12573] netlink: 'syz.3.1699': attribute type 21 has an invalid length.
[  460.604898][T12589] Malformed UNC in devname
[  460.604898][T12589] 
[  460.611299][T12589] CIFS: VFS: Malformed UNC in devname
[  460.733655][T12598] netlink: 'syz.3.1708': attribute type 21 has an invalid length.
[  461.018566][T12611] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1712'.
[  461.621942][T12624] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  461.798752][T12629] FAULT_INJECTION: forcing a failure.
[  461.798752][T12629] name failslab, interval 1, probability 0, space 0, times 0
[  461.802960][T12629] CPU: 2 UID: 0 PID: 12629 Comm: syz.6.1718 Not tainted syzkaller #0 PREEMPT(full) 
[  461.802986][T12629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  461.802993][T12629] Call Trace:
[  461.802998][T12629]  <TASK>
[  461.803003][T12629]  dump_stack_lvl+0x16c/0x1f0
[  461.803021][T12629]  should_fail_ex+0x512/0x640
[  461.803038][T12629]  ? __kmalloc_cache_noprof+0x5f/0x780
[  461.803051][T12629]  should_failslab+0xc2/0x120
[  461.803068][T12629]  __kmalloc_cache_noprof+0x72/0x780
[  461.803078][T12629]  ? genl_start+0x1e8/0x980
[  461.803095][T12629]  ? genl_start+0x1e8/0x980
[  461.803107][T12629]  genl_start+0x1e8/0x980
[  461.803122][T12629]  __netlink_dump_start+0x60e/0x990
[  461.803147][T12629]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  461.803168][T12629]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  461.803192][T12629]  ? aa_get_newest_label+0xd2/0x250
[  461.803218][T12629]  ? __pfx_genl_start+0x10/0x10
[  461.803235][T12629]  ? __pfx_genl_dumpit+0x10/0x10
[  461.803251][T12629]  ? __pfx_genl_done+0x10/0x10
[  461.803269][T12629]  ? bpf_lsm_capable+0x9/0x10
[  461.803288][T12629]  ? security_capable+0x7e/0x260
[  461.803309][T12629]  ? ns_capable+0xd7/0x110
[  461.803326][T12629]  genl_rcv_msg+0x46e/0x800
[  461.803347][T12629]  ? __pfx_genl_rcv_msg+0x10/0x10
[  461.803366][T12629]  ? __pfx_batadv_orig_dump+0x10/0x10
[  461.803387][T12629]  ? __lock_acquire+0x622/0x1c90
[  461.803411][T12629]  netlink_rcv_skb+0x158/0x420
[  461.803426][T12629]  ? __pfx_genl_rcv_msg+0x10/0x10
[  461.803445][T12629]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  461.803470][T12629]  ? netlink_deliver_tap+0x1ae/0xd30
[  461.803488][T12629]  genl_rcv+0x28/0x40
[  461.803503][T12629]  netlink_unicast+0x5aa/0x870
[  461.803522][T12629]  ? __pfx_netlink_unicast+0x10/0x10
[  461.803546][T12629]  netlink_sendmsg+0x8c8/0xdd0
[  461.803566][T12629]  ? __pfx_netlink_sendmsg+0x10/0x10
[  461.803584][T12629]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  461.803610][T12629]  ____sys_sendmsg+0xa98/0xc70
[  461.803631][T12629]  ? __pfx_____sys_sendmsg+0x10/0x10
[  461.803648][T12629]  ? get_compat_msghdr+0x11a/0x170
[  461.803672][T12629]  ___sys_sendmsg+0x134/0x1d0
[  461.803689][T12629]  ? __pfx____sys_sendmsg+0x10/0x10
[  461.803713][T12629]  ? find_held_lock+0x2b/0x80
[  461.803740][T12629]  __sys_sendmsg+0x16d/0x220
[  461.803754][T12629]  ? __pfx___sys_sendmsg+0x10/0x10
[  461.803784][T12629]  ? rcu_is_watching+0x12/0xc0
[  461.803802][T12629]  __do_fast_syscall_32+0x7c/0x300
[  461.803823][T12629]  do_fast_syscall_32+0x32/0x80
[  461.803840][T12629]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.803858][T12629] RIP: 0023:0xf7f53579
[  461.803870][T12629] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  461.803885][T12629] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  461.803902][T12629] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004340
[  461.803912][T12629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  461.803922][T12629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  461.803932][T12629] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  461.803942][T12629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.803970][T12629]  </TASK>
[  461.923781][    C2] vkms_vblank_simulate: vblank timer overrun
[  462.427900][T12633] netlink: 'syz.7.1719': attribute type 21 has an invalid length.
[  462.688604][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  462.688616][   T40] audit: type=1326 audit(1763465552.814:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.697437][   T40] audit: type=1326 audit(1763465552.814:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.718400][   T40] audit: type=1326 audit(1763465552.814:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.727110][   T40] audit: type=1326 audit(1763465781.821:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.736260][   T40] audit: type=1326 audit(1763465781.821:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.745585][   T40] audit: type=1326 audit(1763465781.821:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.757023][   T40] audit: type=1326 audit(1763465781.821:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.767041][   T40] audit: type=1326 audit(1763465781.821:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.776456][   T40] audit: type=1326 audit(1763465781.821:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  462.786570][   T40] audit: type=1326 audit(1763465781.821:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12647 comm="syz.6.1725" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf7f53579 code=0x7ffc0000
[  463.147589][T12668] syzkaller0: entered promiscuous mode
[  463.150315][T12668] syzkaller0: entered allmulticast mode
[  463.274834][T12670] netlink: 'syz.3.1729': attribute type 21 has an invalid length.
[  464.017003][ T5951] Bluetooth: hci4: unexpected event for opcode 0x2012
[  464.885062][T12699] netlink: 'syz.3.1739': attribute type 21 has an invalid length.
[  464.932131][T12701] netlink: 'syz.3.1740': attribute type 1 has an invalid length.
[  465.260119][T12705] ALSA: mixer_oss: invalid OSS volume ''
[  465.714028][T12709] netlink: 'syz.7.1742': attribute type 23 has an invalid length.
[  465.778988][T12716] netlink: 'syz.8.1746': attribute type 1 has an invalid length.
[  465.824513][T12716] bond3: (slave veth7): Enslaving as an active interface with a down link
[  465.831221][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1746'.
[  465.837917][T12716] bond3 (unregistering): (slave veth7): Releasing active interface
[  465.843687][T12716] bond3 (unregistering): Released all slaves
[  465.961057][T12714] block nbd0: server does not support multiple connections per device.
[  465.965711][T12714] block nbd0: shutting down sockets
[  466.039172][T12726] syzkaller0: entered promiscuous mode
[  466.041161][T12726] syzkaller0: entered allmulticast mode
[  466.062179][T12726] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  466.066839][T12725] tipc: Resetting bearer <eth:syzkaller0>
[  466.089273][T12725] tipc: Disabling bearer <eth:syzkaller0>
[  466.402526][T12739] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1752'.
[  467.593553][T12767] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  467.709537][T12771] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20002
[  468.497255][T12775] IPVS: set_ctl: invalid protocol: 0 10.1.1.1:20004
[  468.576955][T12775] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  468.581788][T12776] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  468.594807][T12775] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  468.824339][ T8600] usb 12-1: new full-speed USB device number 15 using dummy_hcd
[  468.837023][T12786] netlink: 'syz.8.1767': attribute type 23 has an invalid length.
[  468.986135][ T8600] usb 12-1: config 1 interface 0 has no altsetting 0
[  468.992186][ T8600] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  468.998672][ T8600] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.012503][ T8600] usb 12-1: Product: syz
[  469.024697][ T8600] usb 12-1: Manufacturer: syz
[  469.027158][ T8600] usb 12-1: SerialNumber: syz
[  469.446967][ T8600] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 15 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  469.801547][T12808] netlink: 'syz.7.1764': attribute type 1 has an invalid length.
[  469.823744][T12808] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  469.883774][ T1154] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  469.884561][T12808] 8021q: adding VLAN 0 to HW filter on device bond2
[  469.915764][T12808] veth5: entered promiscuous mode
[  469.919282][T12808] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  470.008483][ T1154] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  470.597611][T12831] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[  470.600521][T12831] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  470.603956][T12831] vhci_hcd vhci_hcd.0: Device attached
[  470.683728][T12832] vhci_hcd: connection closed
[  470.684035][   T12] vhci_hcd: stop threads
[  470.688283][   T12] vhci_hcd: release socket
[  470.690352][   T12] vhci_hcd: disconnect device
[  471.023367][T12827] 9pnet_fd: p9_fd_create_tcp (12827): problem connecting socket to 127.0.0.1
[  471.208979][T12839] bridge2: entered allmulticast mode
[  471.395692][T12855] netlink: 'syz.6.1789': attribute type 1 has an invalid length.
[  471.401655][T12855] netlink: 228 bytes leftover after parsing attributes in process `syz.6.1789'.
[  471.834648][ T6006] usb 12-1: USB disconnect, device number 15
[  471.851381][ T6006] usblp0: removed
[  472.290897][T12861] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  472.477438][T12863] overlayfs: failed to clone upperpath
[  472.499169][T12865] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1793'.
[  473.453059][T12894] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1802'.
[  473.476028][T12894] 8021q: adding VLAN 0 to HW filter on device bond3
[  473.492492][T12894] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1802'.
[  473.503188][T12894] macvlan0: entered promiscuous mode
[  473.506765][T12894] bond3: (slave macvlan0): Opening slave failed
[  473.840396][T12908] netlink: 120 bytes leftover after parsing attributes in process `syz.7.1807'.
[  474.005948][T12915] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  474.353481][T12930] syzkaller0: entered promiscuous mode
[  474.357010][T12930] syzkaller0: entered allmulticast mode
[  474.600178][T12942] netlink: 'syz.6.1820': attribute type 7 has an invalid length.
[  474.604100][T12942] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1820'.
[  475.871282][T12967] syzkaller0: entered promiscuous mode
[  475.873504][T12967] syzkaller0: entered allmulticast mode
[  476.322412][T12990] comedi comedi0: Minor 7 could not be opened
[  476.342007][T12982] netlink: 'syz.7.1834': attribute type 1 has an invalid length.
[  476.373385][T12982] 8021q: adding VLAN 0 to HW filter on device bond3
[  476.385514][T12982] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1834'.
[  476.539964][T12995] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1837'.
[  476.581920][T12997] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1838'.
[  476.800731][T13004] Cannot find del_set index 2 as target
[  477.647888][T13045] ieee802154 phy0 wpan0: encryption failed: -22
[  477.734945][T13056] netlink: 'syz.8.1859': attribute type 11 has an invalid length.
[  477.739646][T13056] netlink: 44 bytes leftover after parsing attributes in process `syz.8.1859'.
[  479.532506][T13117] mkiss: ax0: crc mode is auto.
[  479.694321][T13119] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1881'.
[  479.935163][T13119] batman_adv: batadv0: Removing interface: dummy0
[  480.999224][T13147] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  481.249639][T13155] comedi comedi0: Minor 47 could not be opened
[  481.253971][T13155] netlink: 'syz.7.1891': attribute type 1 has an invalid length.
[  481.318018][T13155] bond4: entered promiscuous mode
[  481.320995][T13155] 8021q: adding VLAN 0 to HW filter on device bond4
[  482.151201][T13155] 8021q: adding VLAN 0 to HW filter on device bond4
[  482.153727][T13155] bond4: (slave gre1): The slave device specified does not support setting the MAC address
[  482.157094][T13155] bond4: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  482.162060][T13155] bond4: (slave gre1): making interface the new active one
[  482.165033][T13155] gre1: entered promiscuous mode
[  482.168120][T13155] bond4: (slave gre1): Enslaving as an active interface with an up link
[  482.196907][T13163] lo speed is unknown, defaulting to 1000
[  482.289086][T13169] netlink: 91 bytes leftover after parsing attributes in process `syz.6.1895'.
[  483.034302][T13179] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  483.120784][T13186] xt_l2tp: v2 tid > 0xffff: 37482740
[  483.606365][T13201] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  483.608778][T13201] UDF-fs: Scanning with blocksize 2048 failed
[  483.612782][T13201] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  483.615479][T13201] UDF-fs: Scanning with blocksize 4096 failed
[  483.933747][T13191] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  484.042584][T13203] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1906'.
[  484.360258][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  484.360274][   T40] audit: type=1804 audit(1763466059.476:62): pid=13207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1908" name="file0" dev="ramfs" ino=93240 res=1 errno=0
[  484.608413][T13219] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1909'.
[  484.667429][T13193] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1903'.
[  485.264155][T13239] lo speed is unknown, defaulting to 1000
[  485.306045][T13242] netlink: 'syz.8.1915': attribute type 1 has an invalid length.
[  485.350396][T13239] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1915'.
[  485.361399][T13246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1916'.
[  485.367878][T13246] bridge0: port 3(syz_tun) entered blocking state
[  485.371222][T13246] bridge0: port 3(syz_tun) entered disabled state
[  485.375587][T13246] syz_tun: entered promiscuous mode
[  485.380035][T13246] bridge0: port 3(syz_tun) entered blocking state
[  485.382994][T13246] bridge0: port 3(syz_tun) entered forwarding state
[  485.464929][T13250] overlay: Unknown parameter 'obj_type'
[  486.387450][T13268] netlink: 'syz.7.1924': attribute type 21 has an invalid length.
[  486.724901][T13284] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  487.231489][T13299] 9pnet_fd: Insufficient options for proto=fd
[  487.489942][T13304] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1936'.
[  487.648258][T13310] netlink: 'syz.3.1938': attribute type 1 has an invalid length.
[  487.659982][T13304] netlink: 'syz.6.1936': attribute type 13 has an invalid length.
[  487.671886][T13310] 8021q: adding VLAN 0 to HW filter on device bond4
[  487.724259][T13310] bond4: (slave veth5): Enslaving as an active interface with a down link
[  487.751003][T13310] bond4: (slave dummy0): making interface the new active one
[  487.755523][T13310] dummy0: entered promiscuous mode
[  487.758020][T13310] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  487.805317][T13313] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  487.882943][T13310] bond4 (unregistering): (slave veth5): Releasing active interface
[  487.889354][T13310] bond4 (unregistering): (slave dummy0): Releasing active interface
[  487.895030][T13310] bond4 (unregistering): Released all slaves
[  488.101009][T13323] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  488.104744][T13323] block device autoloading is deprecated and will be removed.
[  488.544236][T13338] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1947'.
[  488.690937][T13342] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1947'.
[  488.695629][T13342] nbd: nbd64 already in use
[  488.980833][ T8360] udevd[8360]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  489.018226][T13350] lo: Caught tx_queue_len zero misconfig
[  489.361072][T13367] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1955'.
[  490.470523][T13383] netlink: 'syz.8.1960': attribute type 10 has an invalid length.
[  490.474190][T13383] macvlan0: entered promiscuous mode
[  490.478634][T13383] macvlan0: entered allmulticast mode
[  490.481662][T13383] veth1_vlan: entered allmulticast mode
[  490.487521][T13383] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  490.750752][T13401] veth1_vlan: left allmulticast mode
[  490.753685][T13401] macvlan0: left promiscuous mode
[  490.756518][T13401] macvlan0: left allmulticast mode
[  490.775785][T13403] 9pnet: Found fid 0 not clunked
[  490.778963][T13401] vlan2: left promiscuous mode
[  490.781161][T13401] bridge1: left promiscuous mode
[  490.783535][T13401] vlan2: left allmulticast mode
[  490.785963][T13401] bridge1: left allmulticast mode
[  490.789987][T13401] bridge2: left allmulticast mode
[  491.599266][T13428] 9pnet: Found fid 0 not clunked
[  492.008685][   T40] audit: type=1326 audit(1763466067.115:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13424 comm="syz.3.1974" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa5579 code=0x0
[  492.507536][T13460] netlink: 'syz.3.1987': attribute type 1 has an invalid length.
[  492.511007][T13460] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1987'.
[  492.682892][T13462] netlink: 'syz.8.1985': attribute type 1 has an invalid length.
[  492.775419][T13462] bond4: entered promiscuous mode
[  492.779668][T13462] 8021q: adding VLAN 0 to HW filter on device bond4
[  492.854026][T13462] 8021q: adding VLAN 0 to HW filter on device bond4
[  492.859217][T13462] bond4: (slave gre1): The slave device specified does not support setting the MAC address
[  492.864077][T13462] bond4: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  492.880853][T13462] bond4: (slave gre1): making interface the new active one
[  492.884142][T13462] gre1: entered promiscuous mode
[  492.892636][T13462] bond4: (slave gre1): Enslaving as an active interface with an up link
[  494.312100][T13497] netlink: 2384 bytes leftover after parsing attributes in process `syz.7.1994'.
[  494.366531][   T40] audit: type=1400 audit(1763466069.472:64): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=13501 comm="syz.6.1996"
[  496.721849][T13570] netlink: 'syz.7.2011': attribute type 1 has an invalid length.
[  496.764160][T13570] 8021q: adding VLAN 0 to HW filter on device bond5
[  496.767332][T13573] comedi comedi2: comedi_config --init_data is deprecated
[  496.779583][T13570] vlan2: entered allmulticast mode
[  496.781455][T13570] veth1: entered allmulticast mode
[  496.783814][T13570] bond5: (slave vlan2): Opening slave failed
[  497.092663][T13586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2016'.
[  497.147982][T13588] lo speed is unknown, defaulting to 1000
[  497.192452][T13589] cgroup: Invalid name
[  497.258894][T13589] nilfs2: Unknown parameter '·>ä'rnW\š¶Ìøîh¨J)jÔç ¼±˜î‘g»Ütâ'
[  498.947860][T13618] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2026'.
[  498.969767][T13625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2028'.
[  499.012091][T13629] syzkaller0: entered promiscuous mode
[  499.013946][T13629] syzkaller0: entered allmulticast mode
[  499.034245][T13629] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  499.045074][T13628] tipc: Resetting bearer <eth:syzkaller0>
[  499.056027][T13628] tipc: Disabling bearer <eth:syzkaller0>
[  499.238261][T13636] netlink: 'syz.6.2032': attribute type 21 has an invalid length.
[  500.983041][T13681] syz_tun: left promiscuous mode
[  500.985162][T13681] bridge0: port 3(syz_tun) entered disabled state
[  501.000857][T13681] bridge_slave_0: left allmulticast mode
[  501.003287][T13681] bridge_slave_0: left promiscuous mode
[  501.005796][T13681] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.011164][T13681] bridge_slave_1: left allmulticast mode
[  501.013639][T13681] bridge_slave_1: left promiscuous mode
[  501.016324][T13681] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.022632][T13681] bond0: (slave bond_slave_0): Releasing backup interface
[  501.028437][T13681] bond0: (slave bond_slave_1): Releasing backup interface
[  501.039258][T13681] team0: Port device team_slave_0 removed
[  501.050263][T13681] team0: Port device team_slave_1 removed
[  501.055313][T13681] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  501.058756][T13681] batman_adv: batadv0: Removing interface: batadv_slave_0
[  501.065003][T13681] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  501.068478][T13681] batman_adv: batadv0: Removing interface: batadv_slave_1
[  501.074240][T13681] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  501.438913][T13711] siw: device registration error -23
[  502.838616][T13739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2056'.
[  502.842633][T13739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2056'.
[  502.995604][T13744] syzkaller0: entered promiscuous mode
[  502.997435][T13744] syzkaller0: entered allmulticast mode
[  503.597597][T13760] ip6gre0: Caught tx_queue_len zero misconfig
[  503.600368][T13760] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1536) !
[  504.049685][T13786] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2067'.
[  504.066514][T13786] overlayfs: missing 'lowerdir'
[  505.173292][T13837] netlink: 'syz.7.2080': attribute type 12 has an invalid length.
[  505.464321][T13856] syzkaller0: entered promiscuous mode
[  505.466483][T13856] syzkaller0: entered allmulticast mode
[  505.581927][T13858] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1420284373 (5681137492 ns) > initial count (657219872 ns). Using initial count to start timer.
[  506.203003][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  506.535156][T13864] 9pnet_fd: p9_fd_create_tcp (13864): problem connecting socket to 127.0.0.1
[  509.182003][T13932] netlink: 'syz.7.2107': attribute type 27 has an invalid length.
[  509.568674][   T40] audit: type=1326 audit(1763466084.650:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.584172][   T40] audit: type=1326 audit(1763466084.650:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.597751][   T40] audit: type=1326 audit(1763466084.660:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.606620][   T40] audit: type=1326 audit(1763466084.660:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.613078][   T40] audit: type=1326 audit(1763466084.660:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.619455][   T40] audit: type=1326 audit(1763466084.660:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.625897][   T40] audit: type=1326 audit(1763466084.660:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.632194][   T40] audit: type=1326 audit(1763466084.660:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.644548][   T40] audit: type=1326 audit(1763466084.660:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.650771][   T40] audit: type=1326 audit(1763466084.660:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13952 comm="syz.8.2115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  509.662316][T13953] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2115'.
[  510.051506][T13969] Cannot find add_set index 2 as target
[  510.126733][T13960] block device autoloading is deprecated and will be removed.
[  510.904542][ T8676] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  511.054605][ T8676] usb 11-1: Using ep0 maxpacket: 8
[  511.069978][ T8676] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[  511.072694][ T8676] usb 11-1: config 0 has no interface number 0
[  511.080941][ T8676] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  511.089705][ T8676] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  511.094411][ T8676] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  511.098882][ T8676] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  511.104427][ T8676] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  511.112123][ T8676] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.126712][ T8676] usb 11-1: config 0 descriptor??
[  511.141002][ T8676] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  511.337053][T13988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  511.341824][T13988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  513.032923][T14039] netlink: 'syz.8.2144': attribute type 23 has an invalid length.
[  513.074729][T14041] netlink: 'syz.8.2145': attribute type 1 has an invalid length.
[  513.105517][T14041] bond5: (slave veth11): Enslaving as an active interface with a down link
[  513.113596][T14041] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2145'.
[  513.119688][T14041] bond5 (unregistering): (slave veth11): Releasing active interface
[  513.151206][T14041] bond5 (unregistering): Released all slaves
[  513.409617][ T5937] usb 11-1: USB disconnect, device number 8
[  513.416734][ T5937] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[  513.498752][T14057] ucma_write: process 979 (syz.3.2150) changed security contexts after opening file descriptor, this is not allowed.
[  513.510744][T14057] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2150'.
[  514.895627][T14090] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20002
[  514.990089][T14091] binder: 14088:14091 ioctl c0306201 80000080 returned -14
[  515.453382][T14096] netlink: 'syz.7.2161': attribute type 23 has an invalid length.
[  515.470181][T14082] wireguard0: entered promiscuous mode
[  515.472753][T14082] wireguard0: entered allmulticast mode
[  515.514259][T14093] libceph: resolve '
[  515.514259][T14093] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[  515.514259][T14093] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[  515.720357][T14103] loop6: detected capacity change from 0 to 524287999
[  515.894435][T14116] bond4: left promiscuous mode
[  515.896060][T14116] gre1: left promiscuous mode
[  516.575386][T14134] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2169'.
[  516.582664][T14134] netlink: 14 bytes leftover after parsing attributes in process `syz.8.2169'.
[  517.276604][T14153] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2176'.
[  519.098234][T14180] befs: (loop7): No write support. Marking filesystem read-only
[  519.101346][T14180] befs: (loop7): unable to read superblock
[  519.106784][T14181] befs: (loop7): No write support. Marking filesystem read-only
[  519.110316][T14181] befs: (loop7): unable to read superblock
[  519.149434][T14183] fuse: Bad value for 'fd'
[  519.475215][T14203] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2191'.
[  519.482807][T14203] bridge0: port 1(syz_tun) entered blocking state
[  519.486034][T14203] bridge0: port 1(syz_tun) entered disabled state
[  519.489195][T14203] syz_tun: entered allmulticast mode
[  519.494812][T14203] syz_tun: entered promiscuous mode
[  519.643472][T14209] overlayfs: failed to clone upperpath
[  519.708654][T14213] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2194'.
[  520.037108][ T6003] usb 12-1: new full-speed USB device number 16 using dummy_hcd
[  520.065411][T14221] netlink: 'syz.6.2198': attribute type 1 has an invalid length.
[  520.069178][T14221] netlink: 228 bytes leftover after parsing attributes in process `syz.6.2198'.
[  520.219243][ T6003] usb 12-1: not running at top speed; connect to a high speed hub
[  520.223604][ T6003] usb 12-1: config 5 has an invalid interface number: 38 but max is 3
[  520.227078][ T6003] usb 12-1: config 5 has an invalid interface association descriptor of length 3, skipping
[  520.231421][ T6003] usb 12-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  520.234680][ T6003] usb 12-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  520.237788][ T6003] usb 12-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  520.241787][ T6003] usb 12-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  520.245211][ T6003] usb 12-1: config 5 has 1 interface, different from the descriptor's value: 4
[  520.248317][ T6003] usb 12-1: config 5 has no interface number 0
[  520.250386][ T6003] usb 12-1: config 5 interface 38 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  520.254233][ T6003] usb 12-1: config 5 interface 38 altsetting 1 endpoint 0xF has invalid maxpacket 512, setting to 64
[  520.258258][ T6003] usb 12-1: config 5 interface 38 altsetting 1 has 4 endpoint descriptors, different from the interface descriptor's value: 7
[  520.262676][ T6003] usb 12-1: config 5 interface 38 has no altsetting 0
[  520.267155][ T6003] usb 12-1: New USB device found, idVendor=0502, idProduct=16e2, bcdDevice=9e.91
[  520.270231][ T6003] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.272848][ T6003] usb 12-1: Product: ည
[  520.274350][ T6003] usb 12-1: Manufacturer: ࢫ㱮哹䅵攡맿憓녹씕̽堛輦�亼㛮㞟殪ꋒ楟俋헬ߢ헢榤ᚫ꾹
[  520.278605][ T6003] usb 12-1: SerialNumber: syz
[  520.491156][T14215] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2196'.
[  520.503863][ T6003] usb 12-1: USB disconnect, device number 16
[  521.037507][T14237] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2201'.
[  521.044334][T14237] bridge0: port 3(syz_tun) entered blocking state
[  521.047268][T14237] bridge0: port 3(syz_tun) entered disabled state
[  521.051834][T14237] syz_tun: entered allmulticast mode
[  521.058559][T14237] syz_tun: entered promiscuous mode
[  521.148840][T14244] netlink: 'syz.8.2206': attribute type 21 has an invalid length.
[  522.630786][T14285] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  522.633439][T14285] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  522.636713][T14285] vhci_hcd vhci_hcd.0: Device attached
[  522.723181][T14293] netlink: 'syz.6.2217': attribute type 21 has an invalid length.
[  522.857140][T14298] mac80211_hwsim hwsim16 wlan0: left promiscuous mode
[  522.862884][T14298] bond1: left promiscuous mode
[  522.865211][T14298] gre1: left promiscuous mode
[  522.941120][ T8843] usb 44-1: SetAddress Request (6) to port 0
[  522.944210][ T8843] usb 44-1: new SuperSpeed USB device number 6 using vhci_hcd
[  523.256734][T14286] vhci_hcd: connection reset by peer
[  523.260706][ T1141] vhci_hcd: stop threads
[  523.266039][ T1141] vhci_hcd: release socket
[  523.268234][ T1141] vhci_hcd: disconnect device
[  523.970708][T14315] syzkaller0: entered promiscuous mode
[  523.973244][T14315] syzkaller0: entered allmulticast mode
[  524.128867][T14319] netlink: 'syz.6.2226': attribute type 21 has an invalid length.
[  524.282655][T14325] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2228'.
[  525.016299][T14356] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2236'.
[  525.064783][T14358] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2237'.
[  525.402641][T14375] netlink: 'syz.6.2245': attribute type 11 has an invalid length.
[  525.406196][T14375] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2245'.
[  525.647901][T14384] netlink: 'syz.6.2247': attribute type 21 has an invalid length.
[  525.937006][T14386] mkiss: ax0: crc mode is auto.
[  526.203902][T14406] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2254'.
[  526.207960][T14406] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2254'.
[  526.566893][T14417] usb usb8: usbfs: process 14417 (syz.3.2258) did not claim interface 0 before use
[  526.945391][T14424] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2260'.
[  527.247153][T14417] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  527.249600][T14417] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  527.253152][T14417] vhci_hcd vhci_hcd.0: Device attached
[  527.296669][T14435] vhci_hcd: connection closed
[  527.296848][ T1141] vhci_hcd: stop threads
[  527.300418][ T1141] vhci_hcd: release socket
[  527.302191][ T1141] vhci_hcd: disconnect device
[  527.453536][T14446] 
: renamed from bridge_slave_0
[  527.518376][T14447] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  527.521577][T14447] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  527.525180][T14447] vhci_hcd vhci_hcd.0: Device attached
[  527.532023][   T40] kauditd_printk_skb: 175 callbacks suppressed
[  527.532033][   T40] audit: type=1326 audit(1763466102.586:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.542808][   T40] audit: type=1326 audit(1763466102.586:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.550079][   T40] audit: type=1326 audit(1763466102.586:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.557180][   T40] audit: type=1326 audit(1763466102.586:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.564713][   T40] audit: type=1326 audit(1763466102.586:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.573323][   T40] audit: type=1326 audit(1763466102.586:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.581227][   T40] audit: type=1326 audit(1763466102.586:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.588901][   T40] audit: type=1326 audit(1763466102.586:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.595833][   T40] audit: type=1326 audit(1763466102.586:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.603277][   T40] audit: type=1326 audit(1763466102.586:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz.7.2268" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  527.767909][ T8676] usb 51-1: new low-speed USB device number 2 using vhci_hcd
[  527.988329][ T8843] usb 44-1: device descriptor read/8, error -110
[  528.306330][T14448] vhci_hcd: connection reset by peer
[  528.309994][ T1146] vhci_hcd: stop threads
[  528.312088][ T1146] vhci_hcd: release socket
[  528.314271][ T1146] vhci_hcd: disconnect device
[  528.389028][ T8843] usb usb44-port1: attempt power cycle
[  528.856471][T14480] netlink: 'syz.7.2277': attribute type 21 has an invalid length.
[  528.970666][ T8843] usb usb44-port1: unable to enumerate USB device
[  529.549562][T14507] netlink: 'syz.3.2286': attribute type 21 has an invalid length.
[  529.714070][T14510] netlink: 'syz.3.2287': attribute type 21 has an invalid length.
[  530.228460][T14542] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2293'.
[  530.574028][ T5937] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  530.721697][ T5937] usb 8-1: Using ep0 maxpacket: 8
[  530.733783][ T5937] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  530.741403][ T5937] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  530.744704][ T5937] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  530.749613][ T5937] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  530.755698][ T5937] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  530.759721][ T5937] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.768112][ T5937] hub 8-1:1.0: bad descriptor, ignoring hub
[  530.770234][ T5937] hub 8-1:1.0: probe with driver hub failed with error -5
[  530.772893][ T5937] cdc_wdm 8-1:1.0: skipping garbage
[  530.774594][ T5937] cdc_wdm 8-1:1.0: skipping garbage
[  530.777438][ T5937] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  530.782079][ T5937] cdc_wdm 8-1:1.0: Unknown control protocol
[  531.480242][T14564] omfs: Invalid superblock (0)
[  531.948703][T14546] usb 8-1: reset high-speed USB device number 18 using dummy_hcd
[  531.955035][T14546] usb 8-1: device reset changed ep0 maxpacket size!
[  531.960099][   T24] usb 8-1: USB disconnect, device number 18
[  532.103579][   T24] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  532.255719][   T24] usb 8-1: unable to get BOS descriptor or descriptor too short
[  532.259210][   T24] usb 8-1: config 0 interface 0 has no altsetting 0
[  532.263514][   T24] usb 8-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  532.266877][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.269590][   T24] usb 8-1: Product: syz
[  532.270974][   T24] usb 8-1: Manufacturer: syz
[  532.272497][   T24] usb 8-1: SerialNumber: syz
[  532.276058][   T24] usb 8-1: config 0 descriptor??
[  532.688408][T14546] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.692298][T14546] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.696371][T14546] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.700086][T14546] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.704751][T14546] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  532.707976][T14546] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.720052][   T24] snd_usb_podhd 8-1:0.0: Line 6 POD HDDESKTOP found
[  532.722610][   T24] snd_usb_podhd 8-1:0.0: set_interface failed
[  532.725231][   T24] snd_usb_podhd 8-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  532.727903][   T24] snd_usb_podhd 8-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  532.732491][   T24] usb 8-1: USB disconnect, device number 19
[  532.874810][ T8676] vhci_hcd: vhci_device speed not set
[  533.773613][T14650] 9pnet_fd: Insufficient options for proto=fd
[  533.791315][T14652] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2327'.
[  533.794232][T14652] netlink: 196 bytes leftover after parsing attributes in process `syz.6.2327'.
[  533.797518][T14652] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2327'.
[  533.801228][T14652] netlink: 196 bytes leftover after parsing attributes in process `syz.6.2327'.
[  534.178534][T14663] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(11)
[  534.181515][T14663] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  534.185928][T14663] vhci_hcd vhci_hcd.0: Device attached
[  534.417804][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  534.417819][   T40] audit: type=1326 audit(1763466109.466:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14667 comm="syz.3.2332" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa5579 code=0x0
[  534.448201][T14670] overlayfs: failed to clone upperpath
[  534.534096][ T8843] usb 52-1: SetAddress Request (27) to port 0
[  534.536505][ T8843] usb 52-1: new SuperSpeed USB device number 27 using vhci_hcd
[  534.673563][T14683] netlink: 'syz.8.2338': attribute type 1 has an invalid length.
[  534.691399][T14683] bond5: entered promiscuous mode
[  534.693357][T14683] 8021q: adding VLAN 0 to HW filter on device bond5
[  535.750702][T14702] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2343'.
[  535.779980][T14702] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2343'.
[  535.783483][T14702] nbd: nbd64 already in use
[  535.893436][ T8360] udevd[8360]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  536.319516][T14738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2354'.
[  536.927353][T14664] vhci_hcd: connection reset by peer
[  536.930331][ T1141] vhci_hcd: stop threads
[  536.932331][ T1141] vhci_hcd: release socket
[  536.934417][ T1141] vhci_hcd: disconnect device
[  537.331023][ T8676] usb 12-1: new high-speed USB device number 17 using dummy_hcd
[  537.342893][T14758] infiniband syz1: set down
[  537.344501][T14758] infiniband syz1: added syz_tun
[  537.360764][T14758] RDS/IB: syz1: added
[  537.362172][T14758] smc: adding ib device syz1 with port count 1
[  537.364392][T14758] smc:    ib device syz1 port 1 has no pnetid
[  537.490848][ T8676] usb 12-1: Using ep0 maxpacket: 8
[  537.494630][ T8676] usb 12-1: config 0 interface 0 has no altsetting 0
[  537.496976][ T8676] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  537.500295][ T8676] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.507162][ T8676] usb 12-1: config 0 descriptor??
[  537.919163][ T8676] mcp2221 0003:04D8:00DD.0010: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  538.117153][ T8676] usb 12-1: USB disconnect, device number 17
[  538.169903][T14776] 9pnet_fd: Insufficient options for proto=fd
[  538.355740][T14790] 9pnet_fd: Insufficient options for proto=fd
[  539.383639][T14844] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  539.387070][T14844] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  539.391476][T14844] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  539.392615][T14846] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  539.395762][T14844] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  539.468781][T14851] netlink: 'syz.3.2388': attribute type 1 has an invalid length.
[  539.471447][T14851] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2388'.
[  539.630022][ T8843] usb 52-1: device descriptor read/8, error -110
[  539.751669][T14858] siw: device registration error -23
[  540.053610][ T5951] Bluetooth: hci7: unexpected event for opcode 0x0008
[  540.074530][T14865] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2393'.
[  540.106725][ T8843] usb usb52-port1: attempt power cycle
[  540.172027][T14867] netlink: 'syz.8.2392': attribute type 1 has an invalid length.
[  540.215773][T14867] bond6: entered promiscuous mode
[  540.218579][T14867] 8021q: adding VLAN 0 to HW filter on device bond6
[  540.887091][T14870] FAULT_INJECTION: forcing a failure.
[  540.887091][T14870] name failslab, interval 1, probability 0, space 0, times 0
[  540.891494][T14870] CPU: 0 UID: 0 PID: 14870 Comm: syz.7.2394 Not tainted syzkaller #0 PREEMPT(full) 
[  540.891510][T14870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  540.891517][T14870] Call Trace:
[  540.891522][T14870]  <TASK>
[  540.891528][T14870]  dump_stack_lvl+0x16c/0x1f0
[  540.891546][T14870]  should_fail_ex+0x512/0x640
[  540.891566][T14870]  should_failslab+0xc2/0x120
[  540.891581][T14870]  __kmalloc_cache_noprof+0x72/0x780
[  540.891593][T14870]  ? tipc_dest_push+0x148/0x310
[  540.891612][T14870]  ? tipc_dest_push+0x148/0x310
[  540.891626][T14870]  tipc_dest_push+0x148/0x310
[  540.891643][T14870]  tipc_nametbl_lookup_mcast_sockets+0x2b8/0x500
[  540.891664][T14870]  tipc_sk_mcast_rcv+0x4e6/0xfa0
[  540.891675][T14870]  ? __lock_acquire+0xb8a/0x1c90
[  540.891695][T14870]  ? __pfx_tipc_sk_mcast_rcv+0x10/0x10
[  540.891705][T14870]  ? __lock_acquire+0x622/0x1c90
[  540.891727][T14870]  ? find_held_lock+0x2b/0x80
[  540.891739][T14870]  ? tipc_mcast_xmit+0x6d5/0xfe0
[  540.891777][T14870]  tipc_mcast_xmit+0x711/0xfe0
[  540.891795][T14870]  ? __pfx__copy_from_iter+0x10/0x10
[  540.891812][T14870]  ? __pfx___alloc_skb+0x10/0x10
[  540.891832][T14870]  ? __pfx_tipc_mcast_xmit+0x10/0x10
[  540.891866][T14870]  ? tipc_sendmcast+0x882/0xba0
[  540.891875][T14870]  tipc_sendmcast+0x882/0xba0
[  540.891884][T14870]  ? __update_page_owner_handle+0x395/0x550
[  540.891903][T14870]  ? __pfx_tipc_sendmcast+0x10/0x10
[  540.891919][T14870]  ? __page_table_check_zero+0x33c/0x5d0
[  540.891935][T14870]  ? __page_table_check_zero+0x346/0x5d0
[  540.891948][T14870]  ? __pfx_woken_wake_function+0x10/0x10
[  540.891966][T14870]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  540.891982][T14870]  __tipc_sendmsg+0x1360/0x19a0
[  540.891996][T14870]  ? __pfx___tipc_sendmsg+0x10/0x10
[  540.892020][T14870]  ? __local_bh_enable_ip+0xa4/0x120
[  540.892036][T14870]  tipc_sendmsg+0x4f/0x70
[  540.892046][T14870]  ____sys_sendmsg+0xa98/0xc70
[  540.892062][T14870]  ? __pfx_____sys_sendmsg+0x10/0x10
[  540.892075][T14870]  ? get_compat_msghdr+0x11a/0x170
[  540.892089][T14870]  ? __pfx__kstrtoull+0x10/0x10
[  540.892105][T14870]  ___sys_sendmsg+0x134/0x1d0
[  540.892117][T14870]  ? __pfx____sys_sendmsg+0x10/0x10
[  540.892127][T14870]  ? __lock_acquire+0x622/0x1c90
[  540.892159][T14870]  __sys_sendmmsg+0x2f9/0x420
[  540.892172][T14870]  ? __pfx___sys_sendmmsg+0x10/0x10
[  540.892188][T14870]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  540.892210][T14870]  ? fput+0x9b/0xd0
[  540.892225][T14870]  ? ksys_write+0x1ac/0x250
[  540.892237][T14870]  ? __pfx_ksys_write+0x10/0x10
[  540.892252][T14870]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  540.892263][T14870]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  540.892279][T14870]  __do_fast_syscall_32+0x7c/0x300
[  540.892295][T14870]  do_fast_syscall_32+0x32/0x80
[  540.892309][T14870]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  540.892324][T14870] RIP: 0023:0xf7f74579
[  540.892333][T14870] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  540.892344][T14870] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  540.892354][T14870] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080004400
[  540.892361][T14870] RDX: 0000000000000203 RSI: 00000000000101d0 RDI: 0000000000000000
[  540.892367][T14870] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  540.892373][T14870] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  540.892379][T14870] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  540.892394][T14870]  </TASK>
[  541.106787][ T8843] usb usb52-port1: unable to enumerate USB device
[  541.528128][   T40] audit: type=1326 audit(1763466116.567:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.537044][   T40] audit: type=1326 audit(1763466116.567:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.545907][   T40] audit: type=1326 audit(1763466116.567:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.553572][   T40] audit: type=1326 audit(1763466116.567:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.560895][   T40] audit: type=1326 audit(1763466116.567:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.569237][   T40] audit: type=1326 audit(1763466116.567:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.577908][   T40] audit: type=1326 audit(1763466116.567:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.602597][   T40] audit: type=1326 audit(1763466116.567:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.609267][   T40] audit: type=1326 audit(1763466116.567:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.615565][   T40] audit: type=1326 audit(1763466116.567:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14879 comm="syz.8.2397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000
[  541.646260][T14882] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2398'.
[  542.428338][T14896] netlink: 2384 bytes leftover after parsing attributes in process `syz.8.2401'.
[  542.602494][T14904] netlink: 'syz.6.2405': attribute type 21 has an invalid length.
[  543.681092][T14921] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20002
[  544.544483][T14924] QAT: Invalid ioctl 35075
[  544.547918][T14924] binder: Unknown parameter 'obj_role'
[  544.625132][T14926] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2411'.
[  546.715913][T14981] netlink: 'syz.8.2427': attribute type 21 has an invalid length.
[  546.824403][T14986] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2428'.
[  546.833548][T14986] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2428'.
[  547.557391][T15020] netlink: 'syz.7.2438': attribute type 21 has an invalid length.
[  549.827392][T15074] netlink: 'syz.3.2450': attribute type 21 has an invalid length.
[  549.840452][T15078] netlink: 'syz.6.2452': attribute type 12 has an invalid length.
[  549.920563][T15082] rdma_rxe: rxe_newlink: failed to add bond_slave_0
[  550.097314][T15090] syzkaller0: entered promiscuous mode
[  550.100509][T15090] syzkaller0: entered allmulticast mode
[  553.250712][T15148] netlink: 'syz.8.2463': attribute type 21 has an invalid length.
[  553.506544][T15142] 9pnet_fd: p9_fd_create_tcp (15142): problem connecting socket to 127.0.0.1
[  554.187375][T15186] netlink: 'syz.8.2473': attribute type 21 has an invalid length.
[  554.945888][   T40] kauditd_printk_skb: 498 callbacks suppressed
[  554.945904][   T40] audit: type=1804 audit(1763466129.959:781): pid=15204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2479" name="/newroot/489/file0" dev="tmpfs" ino=2619 res=1 errno=0
[  554.956990][T15203] uprobe: syz.6.2479:15203 failed to unregister, leaking uprobe
[  555.258066][T15220] netlink: 'syz.6.2485': attribute type 21 has an invalid length.
[  555.564993][   T10] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  555.715236][   T10] usb 8-1: Using ep0 maxpacket: 16
[  555.719571][   T10] usb 8-1: config 0 has no interfaces?
[  555.722254][   T10] usb 8-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  555.726865][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.732163][   T10] usb 8-1: config 0 descriptor??
[  555.905120][T15241] --map-set only usable from mangle table
[  555.939391][ T8843] usb 8-1: USB disconnect, device number 20
[  556.082388][T15247] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  556.376784][T15268] netlink: 'syz.7.2497': attribute type 21 has an invalid length.
[  556.555321][T15278] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  556.558316][T15278] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 1th superblock
[  556.561089][T15278] F2FS-fs (nbd7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  556.564813][T15278] F2FS-fs (nbd7): Can't find valid F2FS filesystem in 2th superblock
[  556.625147][ T5937] kernel write not supported for file /uinput (pid: 5937 comm: kworker/3:3)
[  556.703845][T15292] netlink: 'syz.6.2509': attribute type 21 has an invalid length.
[  556.883848][T15297] netlink: 'syz.6.2510': attribute type 27 has an invalid length.
[  557.448235][T15321] netlink: 'syz.7.2518': attribute type 21 has an invalid length.
[  558.993458][T15342] lo speed is unknown, defaulting to 1000
[  561.362761][T15393] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  561.780153][T14561] syz_tun (unregistering): left allmulticast mode
[  561.782350][T14561] syz_tun (unregistering): left promiscuous mode
[  561.785338][T14561] bridge0: port 1(syz_tun) entered disabled state
[  561.811670][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  561.817268][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  561.821645][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  561.832130][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  561.842863][T15404] new mount options do not match the existing superblock, will be ignored
[  561.850345][T15404] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  561.856711][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  561.857187][T15404] Invalid source name
[  561.861613][T15404] UBIFS error (pid: 15404): cannot open "usrquotauencer", error -22
[  561.917044][T15403] lo speed is unknown, defaulting to 1000
[  562.106709][T15421] netlink: 'syz.6.2548': attribute type 23 has an invalid length.
[  562.181754][T15403] chnl_net:caif_netlink_parms(): no params data found
[  562.246735][T15433] overlay: ./file0 is not a directory
[  562.267946][T15403] bridge0: port 1(bridge_slave_0) entered blocking state
[  562.270475][T15403] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.272973][T15403] bridge_slave_0: entered allmulticast mode
[  562.275846][T15403] bridge_slave_0: entered promiscuous mode
[  562.279047][T15403] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.281560][T15403] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.284151][T15403] bridge_slave_1: entered allmulticast mode
[  562.287032][T15403] bridge_slave_1: entered promiscuous mode
[  562.326566][T15403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  562.332053][T15403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  562.371095][T15403] team0: Port device team_slave_0 added
[  562.376245][T15403] team0: Port device team_slave_1 added
[  562.452659][T15403] batman_adv: batadv0: Adding interface: batadv_slave_0
[  562.456022][T15403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  562.466268][T15403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  562.472470][T15403] batman_adv: batadv0: Adding interface: batadv_slave_1
[  562.476140][T15403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  562.487245][T15403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  562.509373][T15438] netlink: 'syz.3.2552': attribute type 1 has an invalid length.
[  562.659725][ T1143] bond4 (unregistering): (slave gre1): Releasing backup interface
[  563.052838][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  563.057489][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  563.061635][ T1143] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  563.066033][ T1143] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  563.069935][ T1143] bond0 (unregistering): Released all slaves
[  563.076687][ T1143] bond1 (unregistering): Released all slaves
[  563.083074][ T1143] bond2 (unregistering): Released all slaves
[  563.089863][ T1143] bond3 (unregistering): Released all slaves
[  563.195029][ T1143] bond4 (unregistering): Released all slaves
[  563.279232][ T1143] bond5 (unregistering): Released all slaves
[  563.358090][ T1143] bond6 (unregistering): Released all slaves
[  563.371197][T15438] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  563.456281][T15452] 9pnet_fd: Insufficient options for proto=fd
[  563.457200][T15403] hsr_slave_0: entered promiscuous mode
[  563.468708][T15403] hsr_slave_1: entered promiscuous mode
[  563.471020][T15403] debugfs: 'hsr0' already exists in 'hsr'
[  563.473092][T15403] Cannot create hsr debugfs directory
[  563.793538][T15454] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2556'.
[  563.956421][ T5938] Bluetooth: hci0: command tx timeout
[  564.032763][ T1143] hsr_slave_0: left promiscuous mode
[  564.035653][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[  564.043165][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[  564.134313][T15489] netlink: 'syz.3.2562': attribute type 21 has an invalid length.
[  565.371927][T15508] fuse: Bad value for 'fd'
[  565.377603][T15508] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2567'.
[  565.444940][T15510] netlink: 'syz.7.2568': attribute type 23 has an invalid length.
[  565.467897][T15511] FAULT_INJECTION: forcing a failure.
[  565.467897][T15511] name failslab, interval 1, probability 0, space 0, times 0
[  565.472004][T15511] CPU: 2 UID: 0 PID: 15511 Comm: syz.6.2566 Not tainted syzkaller #0 PREEMPT(full) 
[  565.472032][T15511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  565.472039][T15511] Call Trace:
[  565.472043][T15511]  <TASK>
[  565.472048][T15511]  dump_stack_lvl+0x16c/0x1f0
[  565.472066][T15511]  should_fail_ex+0x512/0x640
[  565.472087][T15511]  should_failslab+0xc2/0x120
[  565.472103][T15511]  kmem_cache_alloc_noprof+0x75/0x6e0
[  565.472116][T15511]  ? dst_alloc+0x99/0x1a0
[  565.472136][T15511]  ? dst_alloc+0x99/0x1a0
[  565.472151][T15511]  dst_alloc+0x99/0x1a0
[  565.472169][T15511]  ipv4_blackhole_route+0x35/0x860
[  565.472190][T15511]  xfrm_lookup_route+0x10e/0x200
[  565.472203][T15511]  ip_route_output_flow+0x11e/0x150
[  565.472221][T15511]  udp_sendmsg+0x1af9/0x2870
[  565.472249][T15511]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  565.472264][T15511]  ? __pfx_udp_sendmsg+0x10/0x10
[  565.472290][T15511]  ? aa_sk_perm+0x2f4/0xb10
[  565.472306][T15511]  ? ____sys_sendmsg+0x203/0xc70
[  565.472322][T15511]  ? __pfx_udp_sendmsg+0x10/0x10
[  565.472336][T15511]  inet_sendmsg+0x105/0x140
[  565.472353][T15511]  ____sys_sendmsg+0x973/0xc70
[  565.472369][T15511]  ? __pfx_____sys_sendmsg+0x10/0x10
[  565.472382][T15511]  ? get_compat_msghdr+0x11a/0x170
[  565.472400][T15511]  ___sys_sendmsg+0x134/0x1d0
[  565.472412][T15511]  ? __pfx____sys_sendmsg+0x10/0x10
[  565.472422][T15511]  ? __lock_acquire+0x622/0x1c90
[  565.472452][T15511]  ? __pfx___might_resched+0x10/0x10
[  565.472468][T15511]  __sys_sendmmsg+0x2f9/0x420
[  565.472481][T15511]  ? __pfx___sys_sendmmsg+0x10/0x10
[  565.472508][T15511]  ? fput+0x9b/0xd0
[  565.472523][T15511]  ? ksys_write+0x1ac/0x250
[  565.472539][T15511]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  565.472550][T15511]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  565.472566][T15511]  __do_fast_syscall_32+0x7c/0x300
[  565.472583][T15511]  do_fast_syscall_32+0x32/0x80
[  565.472597][T15511]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  565.472612][T15511] RIP: 0023:0xf7f53579
[  565.472621][T15511] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  565.472632][T15511] RSP: 002b:00000000f542555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  565.472642][T15511] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080004d00
[  565.472649][T15511] RDX: 0000000000000300 RSI: 0000000000000f00 RDI: 0000000000000000
[  565.472656][T15511] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  565.472661][T15511] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  565.472668][T15511] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  565.472682][T15511]  </TASK>
[  566.048712][ T5938] Bluetooth: hci0: command tx timeout
[  566.194154][T15513] IPVS: set_ctl: invalid protocol: 56 84.0.1.0:9917
[  566.209503][T15515] random: crng reseeded on system resumption
[  566.284113][T15515] Restarting kernel threads ...
[  566.287591][T15515] Done restarting kernel threads.
[  566.536930][T15403] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  566.544050][T15403] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  566.551044][T15403] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  566.556144][T15403] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  566.577751][ T1143] IPVS: stop unused estimator thread 0...
[  566.638890][T15403] 8021q: adding VLAN 0 to HW filter on device bond0
[  566.647284][T15403] 8021q: adding VLAN 0 to HW filter on device team0
[  566.667769][T15403] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  566.671338][T15403] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  566.680209][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[  566.682590][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  566.685989][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[  566.688386][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  566.770978][T15403] 8021q: adding VLAN 0 to HW filter on device batadv0
[  566.838417][T15569] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  566.840675][T15569] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  566.843798][T15569] vhci_hcd vhci_hcd.0: Device attached
[  566.867067][T15569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2578'.
[  566.873608][T15569] netlink: 'syz.3.2578': attribute type 10 has an invalid length.
[  566.929385][T15403] veth0_vlan: entered promiscuous mode
[  566.938593][T15403] veth1_vlan: entered promiscuous mode
[  566.960407][T15403] veth0_macvtap: entered promiscuous mode
[  566.965092][T15403] veth1_macvtap: entered promiscuous mode
[  566.977309][T15403] batman_adv: batadv0: Interface activated: batadv_slave_0
[  566.983938][T15403] batman_adv: batadv0: Interface activated: batadv_slave_1
[  566.991814][ T8421] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  566.994873][ T8421] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  566.998257][ T8421] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  567.001912][ T8421] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  567.047838][ T6665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.056026][ T6665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.071094][ T6665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.074929][ T6665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  567.110091][ T7009] usb 44-1: SetAddress Request (10) to port 0
[  567.112200][ T7009] usb 44-1: new SuperSpeed USB device number 10 using vhci_hcd
[  567.393346][T15593] syz_tun: entered allmulticast mode
[  567.462415][T15596] fuse: Bad value for 'fd'
[  567.465333][T15570] vhci_hcd: connection reset by peer
[  567.469443][ T8421] vhci_hcd: stop threads
[  567.471499][ T8421] vhci_hcd: release socket
[  567.474256][ T8421] vhci_hcd: disconnect device
[  568.121407][ T5938] Bluetooth: hci0: command tx timeout
[  568.165983][T15586] syz_tun: left allmulticast mode
[  568.322037][T15604] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2586'.
[  568.325397][T15604] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2586'.
[  569.064430][T15600] 9pnet_fd: p9_fd_create_tcp (15600): problem connecting socket to 127.0.0.1
[  569.103012][T15617] overlayfs: overlapping lowerdir path
[  569.139532][T15619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2590'.
[  569.306235][T15630] qrtr: Invalid version 221
[  569.309898][T15632] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2596'.
[  569.344293][T15632] 8021q: adding VLAN 0 to HW filter on device bond3
[  569.375201][T15632] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2596'.
[  569.393117][T15632] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2596'.
[  569.403619][T15632] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2596'.
[  569.451270][T15638] netlink: 'syz.6.2598': attribute type 1 has an invalid length.
[  569.454072][T15638] netlink: 228 bytes leftover after parsing attributes in process `syz.6.2598'.
[  569.627873][T15639] lo speed is unknown, defaulting to 1000
[  569.812063][ T8843] usb 12-1: new high-speed USB device number 18 using dummy_hcd
[  569.983772][ T8843] usb 12-1: Using ep0 maxpacket: 8
[  569.998834][ T8843] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  570.024901][ T8843] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  570.048292][ T8843] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  570.069944][ T8843] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  570.088797][ T8843] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  570.106654][ T8843] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.648782][ T8843] hub 12-1:1.0: bad descriptor, ignoring hub
[  570.651620][ T8843] hub 12-1:1.0: probe with driver hub failed with error -5
[  570.662310][ T8843] cdc_wdm 12-1:1.0: skipping garbage
[  570.668127][ T8843] cdc_wdm 12-1:1.0: skipping garbage
[  570.677465][ T8843] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  570.680176][ T8843] cdc_wdm 12-1:1.0: Unknown control protocol
[  571.516472][T15624] usb 12-1: reset high-speed USB device number 18 using dummy_hcd
[  571.521054][T15624] usb 12-1: device reset changed ep0 maxpacket size!
[  571.525173][   T10] usb 12-1: USB disconnect, device number 18
[  571.656013][   T10] usb 12-1: new high-speed USB device number 19 using dummy_hcd
[  571.820435][   T10] usb 12-1: unable to get BOS descriptor or descriptor too short
[  571.827572][   T10] usb 12-1: config 0 interface 0 has no altsetting 0
[  571.831377][   T10] usb 12-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  571.834673][   T10] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.837678][   T10] usb 12-1: Product: syz
[  571.839223][   T10] usb 12-1: Manufacturer: syz
[  571.840804][   T10] usb 12-1: SerialNumber: syz
[  571.856756][   T10] usb 12-1: config 0 descriptor??
[  572.279013][T15624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  572.286803][ T7009] usb 44-1: device descriptor read/8, error -110
[  572.286850][T15624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  572.303549][T15624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  572.308251][T15624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  572.314068][T15624] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  572.317254][T15624] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  572.330462][   T10] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP found
[  572.338957][   T10] snd_usb_podhd 12-1:0.0: set_interface failed
[  572.344636][   T10] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  572.348849][   T10] snd_usb_podhd 12-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  572.356684][   T10] usb 12-1: USB disconnect, device number 19
[  572.678171][ T7009] usb usb44-port1: attempt power cycle
[  573.259983][ T7009] usb usb44-port1: unable to enumerate USB device
[  574.596193][T15716] syz.3.2616 (15716): drop_caches: 2
[  574.662658][T15718] mac80211_hwsim hwsim41 wlan0: entered promiscuous mode
[  574.729386][T15724] syzkaller0: entered promiscuous mode
[  574.731397][T15724] syzkaller0: entered allmulticast mode
[  574.752332][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x3
[  574.755469][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x3
[  574.761050][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.763906][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.766463][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.782032][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.784541][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.787037][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.789443][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.793987][ T4504] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[  574.805168][ T4504] hid-generic 0000:0000:0000.0011: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  574.868137][T15728] fido_id[15728]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  574.885233][T15731] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  574.887508][T15731] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  574.900223][T15731] vhci_hcd vhci_hcd.0: Device attached
[  575.180661][ T7009] usb 44-1: SetAddress Request (14) to port 0
[  575.186034][T15743] netlink: 'syz.6.2626': attribute type 21 has an invalid length.
[  575.189969][ T7009] usb 44-1: new SuperSpeed USB device number 14 using vhci_hcd
[  575.191571][T15743] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2626'.
[  575.538462][T15732] vhci_hcd: connection reset by peer
[  575.544214][ T1143] vhci_hcd: stop threads
[  575.545702][ T1143] vhci_hcd: release socket
[  575.547504][ T1143] vhci_hcd: disconnect device
[  575.720172][T15759] Cannot find del_set index 2 as target
[  576.558071][T15777] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2638'.
[  576.729133][T15791] netlink: 'syz.7.2644': attribute type 11 has an invalid length.
[  576.731739][T15791] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2644'.
[  576.905955][T15802] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  577.345891][T15819] mkiss: ax0: crc mode is auto.
[  577.834463][T15861] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  577.836666][T15861] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  577.839549][T15861] vhci_hcd vhci_hcd.0: Device attached
[  578.078239][T15872] syz_tun: left allmulticast mode
[  578.079973][T15872] syz_tun: left promiscuous mode
[  578.081770][T15872] bridge0: port 3(syz_tun) entered disabled state
[  578.085523][T15872] 
: left allmulticast mode
[  578.087053][T15872] 
: left promiscuous mode
[  578.088650][T15872] bridge0: port 1(
) entered disabled state
[  578.091779][T15872] bridge_slave_1: left allmulticast mode
[  578.093771][T15872] bridge_slave_1: left promiscuous mode
[  578.096379][T15872] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.100579][T15872] bond0: (slave bond_slave_0): Releasing backup interface
[  578.104141][T15872] bond0: (slave bond_slave_1): Releasing backup interface
[  578.108171][T15872] team0: Port device team_slave_0 removed
[  578.111350][T15872] team0: Port device team_slave_1 removed
[  578.113544][T15872] batman_adv: batadv0: Removing interface: batadv_slave_0
[  578.116585][T15872] batman_adv: batadv0: Removing interface: batadv_slave_1
[  578.120105][T15872] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  578.410549][T15862] vhci_hcd: connection closed
[  578.412230][   T91] vhci_hcd: stop threads
[  578.416299][   T91] vhci_hcd: release socket
[  578.419749][   T91] vhci_hcd: disconnect device
[  578.706119][T15883] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2676'.
[  578.855068][T15888] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2678'.
[  578.858968][T15888] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2678'.
[  579.005587][ T5937] usb 12-1: new high-speed USB device number 20 using dummy_hcd
[  579.143358][T15900] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2682'.
[  579.147464][T15900] netlink: 224 bytes leftover after parsing attributes in process `syz.8.2682'.
[  579.155877][ T5937] usb 12-1: Using ep0 maxpacket: 8
[  579.160261][ T5937] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  579.164528][ T5937] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  579.169252][ T5937] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  579.173633][ T5937] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  579.179663][ T5937] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  579.183652][ T5937] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.275500][T15904] netlink: 'syz.6.2684': attribute type 21 has an invalid length.
[  579.280677][T15904] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2684'.
[  579.401728][ T5937] usb 12-1: GET_CAPABILITIES returned 0
[  579.403789][ T5937] usbtmc 12-1:16.0: can't read capabilities
[  579.606559][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.611059][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.614280][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.617451][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.620614][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.623775][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.627129][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.630291][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.633840][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.636998][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.640299][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.643500][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.646956][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.650460][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.655742][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.659417][    C2] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  579.679534][T15890] lo speed is unknown, defaulting to 1000
[  579.860484][   T24] usb 12-1: USB disconnect, device number 20
[  580.224414][T15927] lo speed is unknown, defaulting to 1000
[  580.322396][ T7009] usb 44-1: device descriptor read/8, error -110
[  580.500764][T15936] netlink: 'syz.7.2694': attribute type 21 has an invalid length.
[  581.005756][ T7009] usb usb44-port1: attempt power cycle
[  581.669751][ T7009] usb usb44-port1: unable to enumerate USB device
[  581.820351][T15954] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  581.862387][ T5938] Bluetooth: hci4: SCO packet for unknown connection handle 201
[  581.905116][T15964] netlink: 'syz.6.2703': attribute type 21 has an invalid length.
[  581.908233][T15965] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2704'.
[  582.200996][T15980] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2709'.
[  582.205908][T15980] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2709'.
[  582.220175][T15980] vlan2: entered promiscuous mode
[  582.221934][T15980] bridge3: entered promiscuous mode
[  582.224155][T15980] vlan2: entered allmulticast mode
[  582.226176][T15980] bridge3: entered allmulticast mode
[  582.366986][T15988] netlink: 3 bytes leftover after parsing attributes in process `syz.8.2708'.
[  582.381710][T15988] batadv1: entered allmulticast mode
[  583.182586][   T40] audit: type=1804 audit(1763466158.172:782): pid=15996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2714" name="file0" dev="ramfs" ino=134058 res=1 errno=0
[  583.194940][T15998] netlink: 'syz.8.2715': attribute type 21 has an invalid length.
[  583.538996][T16016] mac80211_hwsim hwsim42 wlan1: entered allmulticast mode
[  583.568994][T16016] bridge_slave_0: left allmulticast mode
[  583.571005][T16016] bridge_slave_0: left promiscuous mode
[  583.573153][T16016] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.580353][T16016] bridge_slave_1: left allmulticast mode
[  583.582594][T16016] bridge_slave_1: left promiscuous mode
[  583.584824][T16016] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.592202][T16016] bond0: (slave bond_slave_0): Releasing backup interface
[  583.600393][T16016] bond0: (slave bond_slave_1): Releasing backup interface
[  583.618243][T16019] netlink: 'syz.8.2721': attribute type 10 has an invalid length.
[  583.629027][T16016] team0: Port device team_slave_0 removed
[  583.640852][T16016] team0: Port device team_slave_1 removed
[  583.653083][T16016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  583.656410][T16016] batman_adv: batadv0: Removing interface: batadv_slave_0
[  583.662525][T16016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  583.665914][T16016] batman_adv: batadv0: Removing interface: batadv_slave_1
[  583.671092][T16016] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  583.700425][T16019] mac80211_hwsim hwsim42 wlan1: left allmulticast mode
[  583.709758][T16019] 8021q: adding VLAN 0 to HW filter on device bond0
[  583.715755][T16019] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  584.184656][T16039] netlink: 'syz.7.2726': attribute type 21 has an invalid length.
[  584.489609][   T40] audit: type=1326 audit(1763466159.471:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.498086][   T40] audit: type=1326 audit(1763466159.471:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.508959][   T40] audit: type=1326 audit(1763466159.471:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=51 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.518508][   T40] audit: type=1326 audit(1763466159.471:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.531450][   T40] audit: type=1326 audit(1763466159.471:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.541832][   T40] audit: type=1326 audit(1763466159.471:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.551529][   T40] audit: type=1326 audit(1763466159.471:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.554743][T16022] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  584.561230][   T40] audit: type=1326 audit(1763466159.471:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.563821][T16022] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  584.570967][   T40] audit: type=1326 audit(1763466159.471:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16043 comm="syz.7.2728" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  584.654789][T16054] netlink: 'syz.6.2732': attribute type 1 has an invalid length.
[  584.704719][T16059] 9pnet_fd: Insufficient options for proto=fd
[  584.760562][T16061] netlink: 'syz.6.2735': attribute type 21 has an invalid length.
[  584.761637][T16063] netlink: 'syz.3.2737': attribute type 1 has an invalid length.
[  584.776225][T16063] bond4: entered promiscuous mode
[  584.779123][T16063] 8021q: adding VLAN 0 to HW filter on device bond4
[  585.685134][T16088] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2745'.
[  585.743152][T16094] netlink: 'syz.8.2748': attribute type 21 has an invalid length.
[  585.824124][ T5938] Bluetooth: hci4: command 0x0406 tx timeout
[  586.385798][T16106] netlink: 'syz.8.2750': attribute type 21 has an invalid length.
[  586.625234][ T5938] Bluetooth: hci7: command 0x0406 tx timeout
[  587.136852][T16119] batman_adv: batadv0: Adding interface: vlan2
[  587.138960][T16119] batman_adv: batadv0: The MTU of interface vlan2 is too small (1536) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1568 would solve the problem.
[  587.147803][T16119] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  587.425416][T16131] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2758'.
[  588.998010][T16108] Set syz1 is full, maxelem 65536 reached
[  589.121482][T16153] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  589.158454][ T7009] usb 12-1: new high-speed USB device number 21 using dummy_hcd
[  589.308545][ T7009] usb 12-1: Using ep0 maxpacket: 8
[  589.314212][ T7009] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  589.318741][ T7009] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  589.326268][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  589.336381][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  589.348620][ T7009] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  589.351996][ T7009] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.357925][ T7009] hub 12-1:1.0: bad descriptor, ignoring hub
[  589.361253][ T7009] hub 12-1:1.0: probe with driver hub failed with error -5
[  589.367503][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  589.371629][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  589.378344][ T7009] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  589.383354][ T7009] cdc_wdm 12-1:1.0: Unknown control protocol
[  589.791748][T16164] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2768'.
[  590.365478][T16173] new mount options do not match the existing superblock, will be ignored
[  590.370675][T16173] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  590.375540][T16173] Invalid source name
[  590.376935][T16173] UBIFS error (pid: 16173): cannot open "usrquotauencer", error -22
[  590.501789][T16148] usb 12-1: reset high-speed USB device number 21 using dummy_hcd
[  590.515326][T16148] usb 12-1: device reset changed ep0 maxpacket size!
[  590.520087][ T7009] usb 12-1: USB disconnect, device number 21
[  590.661735][ T7009] usb 12-1: new high-speed USB device number 22 using dummy_hcd
[  590.726700][T16192] lo speed is unknown, defaulting to 1000
[  591.033421][ T7009] usb 12-1: unable to get BOS descriptor or descriptor too short
[  591.504673][ T7009] usb 12-1: config 0 interface 0 has no altsetting 0
[  591.517001][ T7009] usb 12-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  591.520576][ T7009] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.533475][ T7009] usb 12-1: Product: syz
[  591.535229][ T7009] usb 12-1: Manufacturer: syz
[  591.537025][ T7009] usb 12-1: SerialNumber: syz
[  591.545101][ T7009] usb 12-1: config 0 descriptor??
[  591.963076][T16148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  591.968327][T16148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  591.974352][T16148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  591.978821][T16148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  591.982942][T16148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  591.985886][T16148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  592.173374][ T7009] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP found
[  592.182180][ T7009] snd_usb_podhd 12-1:0.0: set_interface failed
[  592.184346][ T7009] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  592.186915][ T7009] snd_usb_podhd 12-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  592.198489][ T7009] usb 12-1: USB disconnect, device number 22
[  592.722414][T16240] netlink: 'syz.3.2790': attribute type 21 has an invalid length.
[  592.774646][T16242] netlink: 'syz.6.2791': attribute type 21 has an invalid length.
[  593.017014][T16252] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2794'.
[  593.257701][T16258] FAULT_INJECTION: forcing a failure.
[  593.257701][T16258] name failslab, interval 1, probability 0, space 0, times 0
[  593.262891][T16258] CPU: 2 UID: 0 PID: 16258 Comm: syz.3.2795 Not tainted syzkaller #0 PREEMPT(full) 
[  593.262915][T16258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  593.262926][T16258] Call Trace:
[  593.262933][T16258]  <TASK>
[  593.262941][T16258]  dump_stack_lvl+0x16c/0x1f0
[  593.262965][T16258]  should_fail_ex+0x512/0x640
[  593.262992][T16258]  should_failslab+0xc2/0x120
[  593.263014][T16258]  kmem_cache_alloc_node_noprof+0x78/0x770
[  593.263032][T16258]  ? __alloc_skb+0x2b2/0x380
[  593.263062][T16258]  ? __alloc_skb+0x2b2/0x380
[  593.263083][T16258]  __alloc_skb+0x2b2/0x380
[  593.263107][T16258]  ? __pfx___alloc_skb+0x10/0x10
[  593.263131][T16258]  ? kasan_quarantine_put+0xc0/0x240
[  593.263157][T16258]  __pskb_copy_fclone+0xef/0xb50
[  593.263181][T16258]  tipc_sk_mcast_rcv+0x52d/0xfa0
[  593.263197][T16258]  ? __lock_acquire+0xb8a/0x1c90
[  593.263225][T16258]  ? __pfx_tipc_sk_mcast_rcv+0x10/0x10
[  593.263240][T16258]  ? __lock_acquire+0x622/0x1c90
[  593.263269][T16258]  ? find_held_lock+0x2b/0x80
[  593.263286][T16258]  ? tipc_mcast_xmit+0x6d5/0xfe0
[  593.263314][T16258]  tipc_mcast_xmit+0x711/0xfe0
[  593.263338][T16258]  ? __pfx__copy_from_iter+0x10/0x10
[  593.263360][T16258]  ? __pfx___alloc_skb+0x10/0x10
[  593.263387][T16258]  ? __pfx_tipc_mcast_xmit+0x10/0x10
[  593.263454][T16258]  ? tipc_sendmcast+0x882/0xba0
[  593.263470][T16258]  tipc_sendmcast+0x882/0xba0
[  593.263485][T16258]  ? find_held_lock+0x2b/0x80
[  593.263515][T16258]  ? __pfx_tipc_sendmcast+0x10/0x10
[  593.263538][T16258]  ? do_pte_missing+0x567/0x3ba0
[  593.263569][T16258]  ? __pfx_woken_wake_function+0x10/0x10
[  593.263585][T16258]  ? __handle_mm_fault+0x5a8/0x2aa0
[  593.263615][T16258]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  593.263642][T16258]  ? css_rstat_updated+0x1c2/0x510
[  593.263664][T16258]  __tipc_sendmsg+0x1360/0x19a0
[  593.263687][T16258]  ? __pfx___tipc_sendmsg+0x10/0x10
[  593.263723][T16258]  ? __local_bh_enable_ip+0xa4/0x120
[  593.263746][T16258]  tipc_sendmsg+0x4f/0x70
[  593.263762][T16258]  ____sys_sendmsg+0xa98/0xc70
[  593.263789][T16258]  ? __pfx_____sys_sendmsg+0x10/0x10
[  593.263808][T16258]  ? get_compat_msghdr+0x11a/0x170
[  593.263827][T16258]  ? __pfx__kstrtoull+0x10/0x10
[  593.263851][T16258]  ___sys_sendmsg+0x134/0x1d0
[  593.263869][T16258]  ? __pfx____sys_sendmsg+0x10/0x10
[  593.263883][T16258]  ? __lock_acquire+0x622/0x1c90
[  593.263933][T16258]  __sys_sendmmsg+0x2f9/0x420
[  593.263953][T16258]  ? __pfx___sys_sendmmsg+0x10/0x10
[  593.263977][T16258]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  593.264008][T16258]  ? fput+0x9b/0xd0
[  593.264030][T16258]  ? ksys_write+0x1ac/0x250
[  593.264047][T16258]  ? __pfx_ksys_write+0x10/0x10
[  593.264068][T16258]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  593.264085][T16258]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  593.264106][T16258]  __do_fast_syscall_32+0x7c/0x300
[  593.264129][T16258]  do_fast_syscall_32+0x32/0x80
[  593.264150][T16258]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  593.264169][T16258] RIP: 0023:0xf7fa5579
[  593.264183][T16258] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  593.264198][T16258] RSP: 002b:00000000f545455c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  593.264215][T16258] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080004400
[  593.264226][T16258] RDX: 0000000000000203 RSI: 00000000000101d0 RDI: 0000000000000000
[  593.264235][T16258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  593.264244][T16258] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  593.264253][T16258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  593.264277][T16258]  </TASK>
[  593.389094][T16258] tipc: Failed to clone mcast rcv buffer
[  594.448591][T16270] netlink: 'syz.7.2800': attribute type 21 has an invalid length.
[  594.525364][ T8676] usb 13-1: new high-speed USB device number 5 using dummy_hcd
[  594.566493][T16274] comedi comedi2: comedi_config --init_data is deprecated
[  594.675857][ T8676] usb 13-1: Using ep0 maxpacket: 8
[  594.731703][ T8676] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  594.737289][ T8676] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[  594.741286][ T8676] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  594.746529][ T8676] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  594.751452][ T8676] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  594.755858][ T8676] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.772337][ T8676] hub 13-1:1.0: bad descriptor, ignoring hub
[  594.774969][ T8676] hub 13-1:1.0: probe with driver hub failed with error -5
[  594.787278][ T8676] cdc_wdm 13-1:1.0: skipping garbage
[  594.795782][ T8676] cdc_wdm 13-1:1.0: skipping garbage
[  594.801678][ T8676] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  594.809255][ T8676] cdc_wdm 13-1:1.0: Unknown control protocol
[  595.500273][T16291] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2806'.
[  595.553095][T16292] 9pnet_fd: Insufficient options for proto=fd
[  595.921075][T16265] usb 13-1: reset high-speed USB device number 5 using dummy_hcd
[  595.924578][T16265] usb 13-1: device reset changed ep0 maxpacket size!
[  595.929104][ T7009] usb 13-1: USB disconnect, device number 5
[  596.077361][ T7009] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  596.298769][T16305] netlink: 'syz.7.2810': attribute type 1 has an invalid length.
[  596.345411][T16305] bond8: entered promiscuous mode
[  596.348980][T16305] 8021q: adding VLAN 0 to HW filter on device bond8
[  596.355709][ T7009] usb 13-1: unable to get BOS descriptor or descriptor too short
[  596.368733][ T7009] usb 13-1: config 0 interface 0 has no altsetting 0
[  596.373864][ T7009] usb 13-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  596.379223][ T7009] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.385296][ T7009] usb 13-1: Product: syz
[  596.388420][ T7009] usb 13-1: Manufacturer: syz
[  596.392344][ T7009] usb 13-1: SerialNumber: syz
[  596.398278][ T7009] usb 13-1: config 0 descriptor??
[  596.617306][T16309] netlink: 'syz.3.2811': attribute type 21 has an invalid length.
[  596.655883][T16311] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2812'.
[  596.812143][T16265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  596.815254][T16265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  596.819129][T16265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  596.822218][T16265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  596.826280][T16265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  596.829616][T16265] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  596.841628][ T7009] snd_usb_podhd 13-1:0.0: Line 6 POD HDDESKTOP found
[  596.848371][ T7009] snd_usb_podhd 13-1:0.0: set_interface failed
[  596.850598][ T7009] snd_usb_podhd 13-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  596.853278][ T7009] snd_usb_podhd 13-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  596.859043][ T7009] usb 13-1: USB disconnect, device number 6
[  597.860206][ T6003] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  597.947319][T16328] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(6)
[  597.949913][T16328] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  597.953631][T16328] vhci_hcd vhci_hcd.0: Device attached
[  598.039600][ T6003] usb 8-1: Using ep0 maxpacket: 16
[  598.043513][T16338] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20002
[  598.303563][ T5937] usb 54-1: SetAddress Request (11) to port 0
[  598.305657][ T5937] usb 54-1: new SuperSpeed USB device number 11 using vhci_hcd
[  598.414102][ T6003] usb 8-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.450071][T16333] vhci_hcd: connection reset by peer
[  598.452212][ T1146] vhci_hcd: stop threads
[  598.453756][ T1146] vhci_hcd: release socket
[  598.455497][ T1146] vhci_hcd: disconnect device
[  598.914515][ T6003] usb 8-1: config 0 interface 0 has no altsetting 0
[  598.923066][ T6003] usb 8-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  598.927117][ T6003] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.931798][ T6003] usb 8-1: config 0 descriptor??
[  599.164855][T16345] netlink: 'syz.8.2822': attribute type 21 has an invalid length.
[  599.353679][ T6003] nzxt-smart2 0003:1E71:2009.0012: hidraw1: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0
[  599.509317][T16352] mac80211_hwsim hwsim42 syzkaller0: entered promiscuous mode
[  599.512299][T16352] mac80211_hwsim hwsim42 syzkaller0: entered allmulticast mode
[  599.781714][ T8676] usb 13-1: new high-speed USB device number 7 using dummy_hcd
[  599.805599][   T24] usb 8-1: USB disconnect, device number 21
[  599.932010][ T8676] usb 13-1: Using ep0 maxpacket: 8
[  599.938499][ T8676] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  599.943016][ T8676] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[  599.946086][ T8676] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  599.949929][ T8676] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  599.954106][ T8676] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  599.957493][ T8676] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.969280][ T8676] hub 13-1:1.0: bad descriptor, ignoring hub
[  599.975363][ T8676] hub 13-1:1.0: probe with driver hub failed with error -5
[  599.982746][ T8676] cdc_wdm 13-1:1.0: skipping garbage
[  599.989362][ T8676] cdc_wdm 13-1:1.0: skipping garbage
[  599.995467][ T8676] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  600.001204][ T8676] cdc_wdm 13-1:1.0: Unknown control protocol
[  600.417477][T16365] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2828'.
[  600.444288][ T7009] usb 12-1: new high-speed USB device number 23 using dummy_hcd
[  600.513812][T16373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2830'.
[  600.592967][ T7009] usb 12-1: Using ep0 maxpacket: 8
[  600.597020][ T7009] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  600.601858][ T7009] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  600.605964][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  600.610013][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  600.611188][T16379] netlink: 'syz.3.2832': attribute type 21 has an invalid length.
[  600.614705][ T7009] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  600.620831][ T7009] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.631369][ T7009] hub 12-1:1.0: bad descriptor, ignoring hub
[  600.638998][ T7009] hub 12-1:1.0: probe with driver hub failed with error -5
[  600.646064][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  600.648562][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  600.653944][ T7009] cdc_wdm 12-1:1.0: cdc-wdm1: USB WDM device
[  600.656806][ T7009] cdc_wdm 12-1:1.0: Unknown control protocol
[  601.025505][T16384] siw: device registration error -23
[  601.126820][T16354] usb 13-1: reset high-speed USB device number 7 using dummy_hcd
[  601.132917][T16354] usb 13-1: device reset changed ep0 maxpacket size!
[  601.136044][ T8676] usb 13-1: USB disconnect, device number 7
[  601.140398][T16360] cdc_wdm 13-1:1.0: Error autopm - -16
[  601.208862][   T24] usb 12-1: USB disconnect, device number 23
[  601.275743][ T8676] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  601.465050][ T8676] usb 13-1: unable to get BOS descriptor or descriptor too short
[  601.469380][ T8676] usb 13-1: config 0 interface 0 has no altsetting 0
[  601.473004][ T8676] usb 13-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  601.476733][ T8676] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.479373][ T8676] usb 13-1: Product: syz
[  601.480773][ T8676] usb 13-1: Manufacturer: syz
[  601.482342][ T8676] usb 13-1: SerialNumber: syz
[  601.486104][ T8676] usb 13-1: config 0 descriptor??
[  601.545086][   T24] usb 12-1: new high-speed USB device number 24 using dummy_hcd
[  601.696039][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  601.700695][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  601.704416][   T24] usb 12-1: Using ep0 maxpacket: 8
[  601.706732][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  601.710279][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  601.717636][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  601.724781][   T24] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  601.729350][   T24] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  601.734651][   T24] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  601.739841][   T24] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  601.744992][   T24] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  601.749059][   T24] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.758992][   T24] hub 12-1:1.0: bad descriptor, ignoring hub
[  601.761055][   T24] hub 12-1:1.0: probe with driver hub failed with error -5
[  601.764053][   T24] cdc_wdm 12-1:1.0: skipping garbage
[  601.768529][T16387] lo speed is unknown, defaulting to 1000
[  601.769288][   T24] cdc_wdm 12-1:1.0: skipping garbage
[  601.776685][   T24] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  601.779435][   T24] cdc_wdm 12-1:1.0: Unknown control protocol
[  601.890566][ T1141] smc: removing ib device syz1
[  601.901756][T16354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.906027][T16354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.912046][T16354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.919315][T16354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.927482][T16354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.931089][T16354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.942063][ T8676] snd_usb_podhd 13-1:0.0: Line 6 POD HDDESKTOP found
[  601.945078][ T8676] snd_usb_podhd 13-1:0.0: set_interface failed
[  601.947448][ T8676] snd_usb_podhd 13-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  601.950006][ T8676] snd_usb_podhd 13-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  601.961374][ T8676] usb 13-1: USB disconnect, device number 8
[  601.961563][T16360] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2827'.
[  601.979180][T16360] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2827'.
[  602.094843][   T24] usb 12-1: USB disconnect, device number 24
[  602.113786][T16387] chnl_net:caif_netlink_parms(): no params data found
[  602.383704][T16387] bridge0: port 1(bridge_slave_0) entered blocking state
[  602.386793][T16387] bridge0: port 1(bridge_slave_0) entered disabled state
[  602.389374][T16387] bridge_slave_0: entered allmulticast mode
[  602.393168][T16387] bridge_slave_0: entered promiscuous mode
[  602.397141][T16387] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.399550][T16387] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.401845][T16387] bridge_slave_1: entered allmulticast mode
[  602.406517][T16387] bridge_slave_1: entered promiscuous mode
[  602.494205][T16387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  602.526103][T16387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  602.704076][T16387] team0: Port device team_slave_0 added
[  602.743571][T16387] team0: Port device team_slave_1 added
[  602.830775][T16413] netlink: 'syz.8.2841': attribute type 21 has an invalid length.
[  602.946225][T16387] batman_adv: batadv0: Adding interface: batadv_slave_0
[  602.949163][T16387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  602.969719][T16387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  602.988561][T16387] batman_adv: batadv0: Adding interface: batadv_slave_1
[  602.991623][T16387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  603.030115][T16387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  603.354060][T16387] hsr_slave_0: entered promiscuous mode
[  603.359048][T16387] hsr_slave_1: entered promiscuous mode
[  603.370215][T16387] debugfs: 'hsr0' already exists in 'hsr'
[  603.380368][ T5937] usb 54-1: device descriptor read/8, error -110
[  603.384862][T16387] Cannot create hsr debugfs directory
[  603.766911][ T5951] Bluetooth: hci2: command tx timeout
[  603.902817][ T5937] usb usb54-port1: attempt power cycle
[  603.927049][ T1154] bond1 (unregistering): (slave gre1): Releasing backup interface
[  604.057059][ T7009] usb 13-1: new high-speed USB device number 9 using dummy_hcd
[  604.141837][T16436] loop6: detected capacity change from 0 to 524287999
[  604.198960][T16436] loop6: detected capacity change from 524287999 to 522256055
[  604.207015][    C1] I/O error, dev loop6, sector 524287976 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  604.214529][ T7009] usb 13-1: Using ep0 maxpacket: 8
[  604.218838][ T7009] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  604.222285][ T7009] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[  604.225361][ T7009] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  604.237787][ T7009] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  604.241560][ T7009] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  604.244616][ T7009] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.264701][ T7009] hub 13-1:1.0: bad descriptor, ignoring hub
[  604.266728][ T7009] hub 13-1:1.0: probe with driver hub failed with error -5
[  604.270245][ T7009] cdc_wdm 13-1:1.0: skipping garbage
[  604.272038][ T7009] cdc_wdm 13-1:1.0: skipping garbage
[  604.277392][ T7009] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  604.280516][ T7009] cdc_wdm 13-1:1.0: Unknown control protocol
[  604.467873][ T1154] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  604.495199][ T1154] bond0 (unregistering): Released all slaves
[  604.542409][T16444] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2850'.
[  604.562871][ T5937] usb usb54-port1: unable to enumerate USB device
[  604.698584][ T1154] bond1 (unregistering): Released all slaves
[  604.711348][ T1154] bond2 (unregistering): Released all slaves
[  604.732513][T16451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2852'.
[  604.877929][ T1154] bond3 (unregistering): Released all slaves
[  604.972216][ T1154] tipc: Disabling bearer <eth:veth0_macvtap>
[  604.987896][ T1154] tipc: Left network mode
[  605.179792][T16422] usb 13-1: reset high-speed USB device number 9 using dummy_hcd
[  605.188324][T16422] usb 13-1: device reset changed ep0 maxpacket size!
[  605.191369][   T24] usb 13-1: USB disconnect, device number 9
[  605.328664][   T24] usb 13-1: new high-speed USB device number 10 using dummy_hcd
[  605.886226][ T5951] Bluetooth: hci2: command tx timeout
[  606.830499][ T7009] usb 12-1: new high-speed USB device number 25 using dummy_hcd
[  607.099976][ T7009] usb 12-1: Using ep0 maxpacket: 8
[  607.103336][ T7009] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  607.106746][ T7009] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 2
[  607.109810][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  607.113628][ T7009] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  607.120458][ T7009] usb 12-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  607.130432][ T7009] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.281916][ T7009] hub 12-1:1.0: bad descriptor, ignoring hub
[  607.284395][ T7009] hub 12-1:1.0: probe with driver hub failed with error -5
[  607.295721][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  607.297736][ T7009] cdc_wdm 12-1:1.0: skipping garbage
[  607.310474][ T7009] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  607.313598][ T7009] cdc_wdm 12-1:1.0: Unknown control protocol
[  607.405338][   T24] usb 13-1: device descriptor read/all, error -71
[  607.427759][ T1154] hsr_slave_0: left promiscuous mode
[  607.436052][ T1154] hsr_slave_1: left promiscuous mode
[  607.931885][ T5951] Bluetooth: hci2: command tx timeout
[  608.316407][T16490] Cannot find add_set index 2 as target
[  608.453444][T16468] usb 12-1: reset high-speed USB device number 25 using dummy_hcd
[  608.457016][T16468] usb 12-1: device reset changed ep0 maxpacket size!
[  608.459931][ T7009] usb 12-1: USB disconnect, device number 25
[  608.592808][ T7009] usb 12-1: new high-speed USB device number 26 using dummy_hcd
[  608.661913][T16493] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  608.664175][T16493] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  608.674353][T16493] vhci_hcd vhci_hcd.0: Device attached
[  608.776643][ T7009] usb 12-1: unable to get BOS descriptor or descriptor too short
[  608.787173][ T7009] usb 12-1: config 0 interface 0 has no altsetting 0
[  608.798564][ T7009] usb 12-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[  608.801929][ T7009] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.811350][ T7009] usb 12-1: Product: syz
[  608.813043][ T7009] usb 12-1: Manufacturer: syz
[  608.814730][ T7009] usb 12-1: SerialNumber: syz
[  608.818705][ T7009] usb 12-1: config 0 descriptor??
[  608.983818][ T8842] usb 44-1: SetAddress Request (18) to port 0
[  608.986223][ T8842] usb 44-1: new SuperSpeed USB device number 18 using vhci_hcd
[  609.205236][T16494] vhci_hcd: connection reset by peer
[  609.208241][   T62] vhci_hcd: stop threads
[  609.209804][   T62] vhci_hcd: release socket
[  609.211349][   T62] vhci_hcd: disconnect device
[  609.228827][T16468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  609.231815][T16468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  609.237757][T16468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  609.240755][T16468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  609.244876][T16468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  609.247765][T16468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  609.261940][ T7009] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP found
[  609.274402][ T7009] snd_usb_podhd 12-1:0.0: set_interface failed
[  609.276551][ T7009] snd_usb_podhd 12-1:0.0: Line 6 POD HDDESKTOP now disconnected
[  609.279126][ T7009] snd_usb_podhd 12-1:0.0: probe with driver snd_usb_podhd failed with error -71
[  609.289602][ T7009] usb 12-1: USB disconnect, device number 26
[  610.019450][ T5951] Bluetooth: hci2: command tx timeout
[  610.828104][T16512] netlink: 'syz.7.2865': attribute type 21 has an invalid length.
[  611.091118][T16387] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  611.113334][T16387] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  611.129806][T16387] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  611.150668][T16387] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  611.449611][T16387] 8021q: adding VLAN 0 to HW filter on device bond0
[  611.480965][T16387] 8021q: adding VLAN 0 to HW filter on device team0
[  611.490497][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.493654][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.505763][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.508978][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.660389][ T1154] IPVS: stop unused estimator thread 0...
[  611.747622][T16387] 8021q: adding VLAN 0 to HW filter on device batadv0
[  612.029970][T16387] veth0_vlan: entered promiscuous mode
[  612.039483][T16387] veth1_vlan: entered promiscuous mode
[  612.067588][T16387] veth0_macvtap: entered promiscuous mode
[  612.073954][T16387] veth1_macvtap: entered promiscuous mode
[  612.094321][T16387] batman_adv: batadv0: Interface activated: batadv_slave_0
[  612.109853][T16387] batman_adv: batadv0: Interface activated: batadv_slave_1
[  612.123654][ T1141] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  612.134833][ T1141] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  612.156735][ T1141] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  612.167894][ T1141] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  612.253320][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  612.256787][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.282817][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  612.285417][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  612.523521][T16567] netlink: 'syz.7.2873': attribute type 4 has an invalid length.
[  612.697794][    T9] usb 8-1: new full-speed USB device number 22 using dummy_hcd
[  612.897041][    T9] usb 8-1: config 0 has no interfaces?
[  612.899807][    T9] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  612.909152][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.925367][T16574] netlink: 'syz.7.2875': attribute type 21 has an invalid length.
[  612.929139][    T9] usb 8-1: config 0 descriptor??
[  612.958321][T16574] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2875'.
[  613.158651][T16554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  613.174636][T16554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  613.194938][ T7009] usb 8-1: USB disconnect, device number 22
[  613.689050][ T7009] usb 12-1: new high-speed USB device number 27 using dummy_hcd
[  613.849180][ T7009] usb 12-1: Using ep0 maxpacket: 32
[  613.860704][ T7009] usb 12-1: config index 0 descriptor too short (expected 156, got 27)
[  613.866245][ T7009] usb 12-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  613.875966][ T7009] usb 12-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  613.879911][ T7009] usb 12-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  613.884694][ T7009] usb 12-1: config 0 interface 0 has no altsetting 0
[  613.900951][ T7009] usb 12-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  613.904553][ T7009] usb 12-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  613.908254][ T7009] usb 12-1: Product: syz
[  613.919256][ T7009] usb 12-1: Manufacturer: syz
[  613.921544][ T7009] usb 12-1: SerialNumber: syz
[  613.930058][ T7009] usb 12-1: config 0 descriptor??
[  613.938496][ T7009] ldusb 12-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  613.949670][ T7009] ldusb 12-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  613.993271][T16590] comedi comedi3: comedi_test: 6 microvolt, 2047 microsecond waveform attached
[  614.031409][T16591] comedi comedi3: comedi_test: 6 microvolt, 2047 microsecond waveform attached
[  614.035906][T16591] comedi comedi3: Buffer allocation failed
[  614.087350][T16595] loop9: detected capacity change from 0 to 7
[  614.099481][T16595] Dev loop9: unable to read RDB block 7
[  614.099876][ T8842] usb 44-1: device descriptor read/8, error -110
[  614.101969][T16595]  loop9: unable to read partition table
[  614.110483][T16595] loop9: partition table beyond EOD, truncated
[  614.113133][T16595] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  615.395772][ T7009] usb 12-1: USB disconnect, device number 27
[  615.397827][    C1] ldusb 12-1:0.0: usb_submit_urb failed (-19)
[  615.423909][T16595] Dev loop9: unable to read RDB block 7
[  615.426131][T16595]  loop9: unable to read partition table
[  615.428089][T16595] loop9: partition table beyond EOD, truncated
[  615.470034][ T7009] ldusb 12-1:0.0: LD USB Device #0 now disconnected
[  615.633046][ T8842] usb usb44-port1: attempt power cycle
[  615.727948][T16607] 9pnet_fd: Insufficient options for proto=fd
[  615.952687][T16606] Process accounting resumed
[  616.030704][T16612] netlink: 'syz.3.2886': attribute type 21 has an invalid length.
[  616.036503][T16612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2886'.
[  616.202103][ T7009] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  616.222678][ T8842] usb usb44-port1: unable to enumerate USB device
[  616.372518][ T7009] usb 11-1: Using ep0 maxpacket: 32
[  616.376723][ T7009] usb 11-1: config 0 has an invalid interface number: 89 but max is 0
[  616.380493][ T7009] usb 11-1: config 0 has no interface number 0
[  616.383907][ T7009] usb 11-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  616.388700][ T7009] usb 11-1: config 0 interface 89 has no altsetting 0
[  616.398316][ T7009] usb 11-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  616.401772][ T7009] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.406593][ T7009] usb 11-1: Product: syz
[  616.408088][ T7009] usb 11-1: Manufacturer: syz
[  616.409837][ T7009] usb 11-1: SerialNumber: syz
[  616.418872][ T7009] usb 11-1: config 0 descriptor??
[  616.493744][ T7009] em28xx 11-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  616.497342][ T7009] em28xx 11-1:0.89: Video interface 89 found:
[  617.164445][T16638] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  617.191275][ T7009] em28xx 11-1:0.89: unknown em28xx chip ID (0)
[  617.704859][T16650] loop7: detected capacity change from 0 to 16384
[  617.788192][T16652] netlink: 'syz.7.2895': attribute type 21 has an invalid length.
[  617.795103][T16652] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2895'.
[  618.035915][T16653] loop7: detected capacity change from 16384 to 0
[  618.038624][    C0] I/O error, dev loop7, sector 8320 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2
[  618.152718][T16663] mac80211_hwsim hwsim42 syzkaller0: Caught tx_queue_len zero misconfig
[  618.329652][T16668] tipc: Enabled bearer <udp:syz2>, priority 10
[  618.336480][T16668] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  618.371142][T16678] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2902'.
[  618.848933][ T7009] em28xx 11-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  618.851705][ T7009] em28xx 11-1:0.89: board has no eeprom
[  618.866172][T16682] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(9)
[  618.868342][T16682] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  618.871198][T16682] vhci_hcd vhci_hcd.0: Device attached
[  618.880517][T16685] siw: device registration error -23
[  618.997805][ T7009] em28xx 11-1:0.89: Identified as Terratec Grabby (card=67)
[  619.000496][ T7009] em28xx 11-1:0.89: analog set to bulk mode.
[  619.022434][ T8841] em28xx 11-1:0.89: Registering V4L2 extension
[  619.154706][ T8841] em28xx 11-1:0.89: reading from i2c device at 0x4a failed (error=-5)
[  619.158612][ T8841] em28xx 11-1:0.89: reading from i2c device at 0x48 failed (error=-5)
[  619.162226][ T8841] em28xx 11-1:0.89: reading from i2c device at 0x42 failed (error=-5)
[  619.165399][ T8841] em28xx 11-1:0.89: reading from i2c device at 0x40 failed (error=-5)
[  619.170045][ T8841] em28xx 11-1:0.89: Config register raw data: 0xfffffffb
[  619.174627][ T8841] em28xx 11-1:0.89: AC97 chip type couldn't be determined
[  619.177159][ T8841] em28xx 11-1:0.89: No AC97 audio processor
[  619.201006][ T8841] usb 11-1: Decoder not found
[  619.202714][ T8841] em28xx 11-1:0.89: failed to create media graph
[  619.260087][ T8842] usb 54-1: SetAddress Request (15) to port 0
[  619.262830][ T8842] usb 54-1: new SuperSpeed USB device number 15 using vhci_hcd
[  619.268850][ T8841] em28xx 11-1:0.89: V4L2 device video103 deregistered
[  619.310418][ T8841] em28xx 11-1:0.89: Registering snapshot button...
[  619.310747][T16687] ==================================================================
[  619.315866][T16687] BUG: KASAN: slab-use-after-free in v4l2_fh_init+0x27d/0x2c0
[  619.318378][T16687] Read of size 8 at addr ffff88806b6e0740 by task v4l_id/16687
[  619.323282][ T8841] input: em28xx snapshot button as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.89/input/input27
[  619.327242][T16687] 
[  619.327253][T16687] CPU: 2 UID: 0 PID: 16687 Comm: v4l_id Not tainted syzkaller #0 PREEMPT(full) 
[  619.327267][T16687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  619.327274][T16687] Call Trace:
[  619.327278][T16687]  <TASK>
[  619.327284][T16687]  dump_stack_lvl+0x116/0x1f0
[  619.327306][T16687]  print_report+0xcd/0x630
[  619.327321][T16687]  ? __virt_addr_valid+0x81/0x610
[  619.327336][T16687]  ? __phys_addr+0xe8/0x180
[  619.327350][T16687]  ? v4l2_fh_init+0x27d/0x2c0
[  619.327364][T16687]  kasan_report+0xe0/0x110
[  619.327378][T16687]  ? v4l2_fh_init+0x27d/0x2c0
[  619.327393][T16687]  v4l2_fh_init+0x27d/0x2c0
[  619.327408][T16687]  v4l2_fh_open+0x64/0xa0
[  619.327422][T16687]  em28xx_v4l2_open+0x24e/0x7e0
[  619.327438][T16687]  v4l2_open+0x1d2/0x5e0
[  619.327450][T16687]  ? __pfx_v4l2_open+0x10/0x10
[  619.327462][T16687]  chrdev_open+0x234/0x6a0
[  619.327476][T16687]  ? __pfx_chrdev_open+0x10/0x10
[  619.327490][T16687]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  619.327504][T16687]  do_dentry_open+0x982/0x1530
[  619.327517][T16687]  ? __pfx_chrdev_open+0x10/0x10
[  619.327532][T16687]  vfs_open+0x82/0x3f0
[  619.327548][T16687]  path_openat+0x1de4/0x2cb0
[  619.327562][T16687]  ? __pfx_path_openat+0x10/0x10
[  619.327574][T16687]  ? __lock_acquire+0xb8a/0x1c90
[  619.327590][T16687]  do_filp_open+0x20b/0x470
[  619.327603][T16687]  ? __pfx_do_filp_open+0x10/0x10
[  619.327619][T16687]  ? alloc_fd+0x471/0x7d0
[  619.327632][T16687]  do_sys_openat2+0x11b/0x1d0
[  619.327648][T16687]  ? __pfx_do_sys_openat2+0x10/0x10
[  619.327663][T16687]  ? find_held_lock+0x2b/0x80
[  619.327674][T16687]  ? handle_mm_fault+0x2ab/0xd10
[  619.327693][T16687]  __x64_sys_openat+0x174/0x210
[  619.327710][T16687]  ? __pfx___x64_sys_openat+0x10/0x10
[  619.327727][T16687]  ? do_user_addr_fault+0x843/0x1370
[  619.327739][T16687]  do_syscall_64+0xcd/0xfa0
[  619.327754][T16687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.327765][T16687] RIP: 0033:0x7f803e6a7407
[  619.327775][T16687] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  619.327786][T16687] RSP: 002b:00007ffc67076570 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  619.327796][T16687] RAX: ffffffffffffffda RBX: 00007f803ee72880 RCX: 00007f803e6a7407
[  619.327803][T16687] RDX: 0000000000000000 RSI: 00007ffc67076f19 RDI: ffffffffffffff9c
[  619.327810][T16687] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  619.327816][T16687] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  619.327823][T16687] R13: 00007ffc670767c0 R14: 00007f803efd9000 R15: 00005608326f64d8
[  619.327833][T16687]  </TASK>
[  619.327837][T16687] 
[  619.419598][T16687] Allocated by task 8841:
[  619.421445][T16687]  kasan_save_stack+0x33/0x60
[  619.423578][T16687]  kasan_save_track+0x14/0x30
[  619.425592][T16687]  __kasan_kmalloc+0xaa/0xb0
[  619.427628][T16687]  em28xx_v4l2_init+0x114/0x4080
[  619.429853][T16687]  em28xx_init_extension+0x13a/0x200
[  619.432176][T16687]  request_module_async+0x61/0x70
[  619.433964][ T8841] em28xx 11-1:0.89: Remote control support is not available for this card.
[  619.434392][T16687]  process_one_work+0x9cf/0x1b70
[  619.439567][T16687]  worker_thread+0x6c8/0xf10
[  619.441647][T16687]  kthread+0x3c5/0x780
[  619.443494][T16687]  ret_from_fork+0x675/0x7d0
[  619.445653][T16687]  ret_from_fork_asm+0x1a/0x30
[  619.447860][T16687] 
[  619.448988][T16687] Freed by task 8841:
[  619.450800][T16687]  kasan_save_stack+0x33/0x60
[  619.452904][T16687]  kasan_save_track+0x14/0x30
[  619.455029][T16687]  __kasan_save_free_info+0x3b/0x60
[  619.457307][T16687]  __kasan_slab_free+0x5f/0x80
[  619.459447][T16687]  kfree+0x2b8/0x6d0
[  619.461216][T16687]  em28xx_v4l2_init+0x22b5/0x4080
[  619.463461][T16687]  em28xx_init_extension+0x13a/0x200
[  619.465723][T16687]  request_module_async+0x61/0x70
[  619.467957][T16687]  process_one_work+0x9cf/0x1b70
[  619.470187][T16687]  worker_thread+0x6c8/0xf10
[  619.472256][T16687]  kthread+0x3c5/0x780
[  619.474106][T16687]  ret_from_fork+0x675/0x7d0
[  619.476167][T16687]  ret_from_fork_asm+0x1a/0x30
[  619.478349][T16687] 
[  619.479435][T16687] The buggy address belongs to the object at ffff88806b6e0000
[  619.479435][T16687]  which belongs to the cache kmalloc-8k of size 8192
[  619.485469][T16687] The buggy address is located 1856 bytes inside of
[  619.485469][T16687]  freed 8192-byte region [ffff88806b6e0000, ffff88806b6e2000)
[  619.491500][T16687] 
[  619.492770][T16687] The buggy address belongs to the physical page:
[  619.495590][T16687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6b6e0
[  619.499470][T16687] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  619.503171][T16687] ksm flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  619.506687][T16687] page_type: f5(slab)
[  619.508563][T16687] raw: 04fff00000000040 ffff88801b443180 ffffea00008da800 dead000000000003
[  619.512508][T16687] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[  619.516309][T16687] head: 04fff00000000040 ffff88801b443180 ffffea00008da800 dead000000000003
[  619.520230][T16687] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000
[  619.524041][T16687] head: 04fff00000000003 ffffea0001adb801 00000000ffffffff 00000000ffffffff
[  619.527834][T16687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  619.531707][T16687] page dumped because: kasan: bad access detected
[  619.534563][T16687] page_owner tracks the page as allocated
[  619.537087][T16687] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5941, tgid 5941 (syz-executor), ts 54768967646, free_ts 54566377222
[  619.546232][T16687]  post_alloc_hook+0x1c0/0x230
[  619.548260][T16687]  get_page_from_freelist+0x10a3/0x3a30
[  619.550776][T16687]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  619.553363][T16687]  alloc_pages_mpol+0x1fb/0x550
[  619.555492][T16687]  new_slab+0x24a/0x360
[  619.557330][T16687]  ___slab_alloc+0xd79/0x1a50
[  619.559095][T16687]  __slab_alloc.constprop.0+0x63/0x110
[  619.561526][T16687]  __kmalloc_node_track_caller_noprof+0x4db/0x8a0
[  619.564395][T16687]  kmalloc_reserve+0xef/0x2c0
[  619.566510][T16687]  __alloc_skb+0x166/0x380
[  619.568458][T16687]  netlink_dump+0x644/0xd30
[  619.570483][T16687]  __netlink_dump_start+0x6d6/0x990
[  619.572771][T16687]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  619.575278][T16687]  genl_rcv_msg+0x46e/0x800
[  619.577343][T16687]  netlink_rcv_skb+0x158/0x420
[  619.579487][T16687]  genl_rcv+0x28/0x40
[  619.581289][T16687] page last free pid 5941 tgid 5941 stack trace:
[  619.584096][T16687]  __free_frozen_pages+0x7df/0x1160
[  619.586420][T16687]  __put_partials+0x130/0x170
[  619.588536][T16687]  qlist_free_all+0x4d/0x120
[  619.590549][T16687]  kasan_quarantine_reduce+0x195/0x1e0
[  619.592399][T16687]  __kasan_slab_alloc+0x69/0x90
[  619.594485][T16687]  __kmalloc_cache_noprof+0x274/0x780
[  619.596738][T16687]  ref_tracker_alloc+0x18e/0x5b0
[  619.598908][T16687]  netdev_queue_update_kobjects+0x2db/0x720
[  619.600901][T16687]  netdev_register_kobject+0x2b3/0x3d0
[  619.602788][T16687]  register_netdevice+0x13dc/0x2270
[  619.604527][T16687]  macsec_newlink+0x512/0x1d80
[  619.606146][T16687]  rtnl_newlink+0xc45/0x2000
[  619.607812][T16687]  rtnetlink_rcv_msg+0x95e/0xe90
[  619.609482][T16687]  netlink_rcv_skb+0x158/0x420
[  619.611117][T16687]  netlink_unicast+0x5aa/0x870
[  619.612913][T16687]  netlink_sendmsg+0x8c8/0xdd0
[  619.614593][T16687] 
[  619.615679][T16687] Memory state around the buggy address:
[  619.617598][T16687]  ffff88806b6e0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  619.620702][T16687]  ffff88806b6e0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  619.624207][T16687] >ffff88806b6e0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  619.627717][T16687]                                            ^
[  619.630449][T16687]  ffff88806b6e0780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  619.633995][T16687]  ffff88806b6e0800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  619.637021][T16687] ==================================================================
[  619.653227][ T8676] tipc: Node number set to 235925342
[  619.655317][T16687] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  619.657933][T16687] CPU: 2 UID: 0 PID: 16687 Comm: v4l_id Not tainted syzkaller #0 PREEMPT(full) 
[  619.660888][T16687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  619.664843][T16687] Call Trace:
[  619.666042][T16687]  <TASK>
[  619.667036][T16687]  dump_stack_lvl+0x3d/0x1f0
[  619.668579][T16687]  vpanic+0x640/0x6f0
[  619.669983][T16687]  panic+0xca/0xd0
[  619.671245][T16687]  ? __pfx_panic+0x10/0x10
[  619.672960][T16687]  ? v4l2_fh_init+0x27d/0x2c0
[  619.674599][T16687]  ? preempt_schedule_common+0x44/0xc0
[  619.676647][T16687]  ? preempt_schedule_thunk+0x16/0x30
[  619.679123][T16687]  ? check_panic_on_warn+0x1f/0xb0
[  619.681534][T16687]  check_panic_on_warn+0xab/0xb0
[  619.683751][T16687]  end_report+0x107/0x170
[  619.685778][T16687]  kasan_report+0xee/0x110
[  619.687785][T16687]  ? v4l2_fh_init+0x27d/0x2c0
[  619.689920][T16687]  v4l2_fh_init+0x27d/0x2c0
[  619.691964][T16687]  v4l2_fh_open+0x64/0xa0
[  619.693967][T16687]  em28xx_v4l2_open+0x24e/0x7e0
[  619.696148][T16687]  v4l2_open+0x1d2/0x5e0
[  619.698074][T16687]  ? __pfx_v4l2_open+0x10/0x10
[  619.700197][T16687]  chrdev_open+0x234/0x6a0
[  619.702215][T16687]  ? __pfx_chrdev_open+0x10/0x10
[  619.704433][T16687]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  619.707263][T16687]  do_dentry_open+0x982/0x1530
[  619.709372][T16687]  ? __pfx_chrdev_open+0x10/0x10
[  619.711580][T16687]  vfs_open+0x82/0x3f0
[  619.713424][T16687]  path_openat+0x1de4/0x2cb0
[  619.715437][T16687]  ? __pfx_path_openat+0x10/0x10
[  619.717636][T16687]  ? __lock_acquire+0xb8a/0x1c90
[  619.719869][T16687]  do_filp_open+0x20b/0x470
[  619.721804][T16687]  ? __pfx_do_filp_open+0x10/0x10
[  619.724042][T16687]  ? alloc_fd+0x471/0x7d0
[  619.725996][T16687]  do_sys_openat2+0x11b/0x1d0
[  619.728051][T16687]  ? __pfx_do_sys_openat2+0x10/0x10
[  619.730371][T16687]  ? find_held_lock+0x2b/0x80
[  619.732441][T16687]  ? handle_mm_fault+0x2ab/0xd10
[  619.734665][T16687]  __x64_sys_openat+0x174/0x210
[  619.736832][T16687]  ? __pfx___x64_sys_openat+0x10/0x10
[  619.739248][T16687]  ? do_user_addr_fault+0x843/0x1370
[  619.741583][T16687]  do_syscall_64+0xcd/0xfa0
[  619.743592][T16687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.746180][T16687] RIP: 0033:0x7f803e6a7407
[  619.748155][T16687] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  619.756486][T16687] RSP: 002b:00007ffc67076570 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  619.760204][T16687] RAX: ffffffffffffffda RBX: 00007f803ee72880 RCX: 00007f803e6a7407
[  619.763704][T16687] RDX: 0000000000000000 RSI: 00007ffc67076f19 RDI: ffffffffffffff9c
[  619.767267][T16687] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  619.770712][T16687] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  619.774194][T16687] R13: 00007ffc670767c0 R14: 00007f803efd9000 R15: 00005608326f64d8
[  619.776902][T16687]  </TASK>
[  619.778804][T16687] Kernel Offset: disabled
[  619.780748][T16687] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:35:09  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff89ff18c0 RBX=0000000000000000 RCX=0000000080000002 RDX=0000000000000000
RSI=ffffc90025a6fd48 RDI=ffff88805db2e1c0 RBP=ffffc90025a6fd48 RSP=ffffc90025a6f9a8
R8 =0000000000000005 R9 =0000000000000000 R10=000000000000e62c R11=0000000000000001
R12=ffff88805db2e1c0 R13=00000000801cc640 R14=ffffc90025a6fd8c R15=0000000080000002
RIP=ffffffff89ff18c4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809780d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6882d846e2 CR3=000000004e3d0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff9734bf78 RBX=00000000000000bb RCX=0000000000000000 RDX=0000000000000144
RSI=ffffc900032df1d0 RDI=ffffffff973ac768 RBP=0000000000000030 RSP=ffffc900032df130
R8 =ffffffff95ac3630 R9 =0000000000000002 R10=ffffc900032df2d0 R11=0000000000000001
R12=ffffffff8197d8d0 R13=ffffc900032df1d0 R14=ffffffff8197e3e0 R15=ffffffff973ac768
RIP=ffffffff8197f92a RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809790d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c42a08d CR3=000000004e3d0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00023eb000000000 0000099400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85269d55 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc9000487f2f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9adc5da0 R15=ffffffff85269cf0
RIP=ffffffff85269d7f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f803ee72880 ffffffff 00c00000
GS =0000 ffff888097a0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000577e64c0 CR3=000000005b1e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00023eb000000000 0000099400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806b0a8dc0 RCX=ffffffff8a0219af RDX=ffff88801bfc2480
RSI=ffffffff8a0222e8 RDI=ffff88806b0a8dd8 RBP=ffff88804fafe000 RSP=ffffc900005bf130
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88804fafe000 R13=ffff88806cf1c900 R14=0000000000000000 R15=ffff88806b0a8e18
RIP=ffffffff81bc57e6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097b0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7466288 CR3=0000000062757000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a800000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000