last executing test programs:

23m11.092830261s ago: executing program 32 (id=25):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000800)=[{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000340)="7d7a68e25d38566c61856d6817441a9caa9b23557af3d00f974cd91d1b33a9d6e17fd477051346d814913f8a3ef2e1a781a2bbfc8d55dca693d39139f04047784190d93b5301b4abe27c9242396d40a5c2b7789629214281c8e09a6c1f1e0db5d1e74e1f27a89b2c25c2316fcddc9ff2a71eceb3094ba46538", 0x79}, {&(0x7f0000000080)="ce2ede98d4bde439a7931c4e260090a647151bacb721146be7ef4494578b05c18fc56c1571aa57d0f79d3ce5", 0x2c}, {&(0x7f0000000600)="5fec9dec1e9d48e2b3a02e29dcaadb6d242c08b8b6e2a34dd08e48e3d32aa2bf0bd42348d6bf39fd7dac80fedaaab8ff4258ecbc4e025305fab94303f773d083bb47da241fe082c8f8602308cd2f7dc846c93e62a8d53d22fcabce47b5531463290c970dccfaa7da3e4e457ea05fd85e6fcc1fcae56136f44b99", 0x7a}], 0x3, 0x0, 0x0, 0x2400c0a0}], 0x1, 0x48800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

14m33.022352525s ago: executing program 33 (id=1108):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="160000000000000002000000fd00000000010000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000a00000000000000000000000000000000000000000000000000002ec73c55b2e94cbce9f4341fc419629b9ff76ff0ca31745daf41648ab8adb5381ac75dbcee840fa47945e40bf3c09ad2a21925d11ee3"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r0, &(0x7f0000002080)=0x3a, 0x23b)

13m33.022266659s ago: executing program 6 (id=1289):
r0 = getpgid(0xffffffffffffffff)
syz_open_procfs(r0, &(0x7f00000003c0)='statm\x00')
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000)
cachestat(r1, &(0x7f0000000300)={0x200}, &(0x7f0000000340), 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x200, 0x200)
renameat(r2, &(0x7f0000000080)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00')
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x20842, 0x0)
setuid(0xee01)
setxattr(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', 0x0, 0x0, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00')
read$FUSE(r4, &(0x7f0000006280)={0x2020, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
lchown(&(0x7f0000000380)='./file1\x00', r6, 0xffffffffffffffff)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ed0000/0x4000)=nil, 0x4000}, 0x7})
mknodat$loop(r4, &(0x7f0000000200)='./file1\x00', 0x20, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
write$FUSE_INIT(r4, &(0x7f0000000240)={0x50, 0x0, r5, {0x7, 0x2b, 0x10, 0x50000, 0x9, 0x27, 0x2, 0x68000, 0x0, 0x0, 0x80, 0x8}}, 0x50)
pipe(0x0)
memfd_secret(0x80000)

13m31.350714095s ago: executing program 6 (id=1293):
r0 = socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
add_key$keyring(&(0x7f00000085c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r1, 0xc004562f, &(0x7f0000000500)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x800002d0, 0x190, 0x1, 0x4, 0xd59f80, 0x7, 0x9, 0x9, 0x8, 0x8, 0x71e, 0x13, 0x7, 0x7f, 0x3f, 0x37, {0x0, 0x1}, 0x3, 0xed}})
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000040)=[{}], 0x1, 0x7, 0x0, 0x0, 0x0, 0x2e})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x5, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "3acf1ec7ae70bb24"}}, 0x48}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r4, &(0x7f0000000140)=[{&(0x7f0000000040)=""/223, 0xdf}], 0x1)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setresuid(0xee01, 0xee00, 0x0)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r5, 0x2)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58)

13m30.157439924s ago: executing program 6 (id=1297):
getuid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, 0x0, 0x0, r0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = fanotify_init(0x200, 0x0)
fanotify_mark(r5, 0x1, 0x4800003e, r4, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET_FEATURE(r6, &(0x7f0000001140)={0x0, 0x100000058, &(0x7f0000000080)={&(0x7f0000000040)={0x33fe0}, 0x33fe0}}, 0x0)

13m28.889266113s ago: executing program 6 (id=1300):
r0 = socket(0x2b, 0x80801, 0x1)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x5, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x9, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x7fd, 0xe2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, 0x0, 0x0)

13m27.258498168s ago: executing program 6 (id=1304):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x3e8, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x14, 0x2, [@TCA_PIE_TUPDATE={0x8, 0x3, 0xfffffffd}, @TCA_PIE_TARGET={0x8, 0x1, 0x4}]}}]}, 0x40}}, 0x0)

13m26.106377691s ago: executing program 6 (id=1309):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="09032dbd7000fedbdf251f"], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x220a00}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x24, 0x4, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13m11.096496759s ago: executing program 34 (id=1309):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="09032dbd7000fedbdf251f"], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x220a00}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x24, 0x4, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11m43.253520623s ago: executing program 1 (id=1588):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000020c0)='./file0\x00', 0x20)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0x91)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

11m43.058525414s ago: executing program 1 (id=1592):
prlimit64(0x0, 0xe, 0x0, 0x0)
syslog(0x3, &(0x7f0000000500)=""/218, 0xda)

11m42.972806095s ago: executing program 1 (id=1594):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x84)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f0000000000))
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)

11m42.892709774s ago: executing program 2 (id=1596):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000040), 0x0}, 0x20)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)

11m42.762742391s ago: executing program 2 (id=1598):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="e20e3e2ef30fbd7200269f66b99a0800000f32f0826b8090440f20c0663508000000440f22c066b9044d564b0f320f01d1baf80c66b80c824c8866efbafc0cedb800008ed8", 0x45}], 0x1, 0xd, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11m42.674753595s ago: executing program 1 (id=1600):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x400, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000300), 0x10)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0xf}}, './file1\x00'})
sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYRES32=r1], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)='./file0\x00')
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file1\x00', 0x0, 0x1000, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)

11m42.484609737s ago: executing program 1 (id=1601):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x1d, 0x12, "d285b6853bc4dc54c6910c1d66f8841a"}]}}}}}}}, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, 0x0, 0x0)
mount$cgroup2(0x0, 0x0, 0x0, 0x400, 0x0)

11m42.224916256s ago: executing program 1 (id=1602):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x80000002})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)

11m42.154707905s ago: executing program 2 (id=1603):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@host, 0x81}, 0x1, 0x1, 0x4})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f00000003c0)={0x0, 0x6})

11m41.817092538s ago: executing program 35 (id=1602):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x80000002})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)

11m41.790489355s ago: executing program 2 (id=1606):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r1, 0x0, 0xe803, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="fc", 0x1}], 0x1}}], 0x1, 0x4000851)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
splice(r1, 0x0, r2, 0x0, 0x7ffff000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11m40.894317137s ago: executing program 2 (id=1616):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setpgid(0x0, r0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0\x00', 0x42140, 0x0)

11m39.993139675s ago: executing program 2 (id=1618):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000100)='./file0\x00')
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='('], 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)

11m24.915656069s ago: executing program 36 (id=1618):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000100)='./file0\x00')
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='('], 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)

4m19.347684423s ago: executing program 9 (id=2834):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x7a52c2, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000140)={0x8, "afacd2119ca94c6b377526aeb5ab2a81fc0e3d99f20900"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25"})
syz_usb_connect(0x2, 0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000fe857108480b0730644f010203010902120001000000000904"], 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r1, 0x4bfb, &(0x7f0000000600)=""/171)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'pim6reg1\x00', 0x2})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x3c1, 0x3, 0x340, 0x1a0, 0x4c, 0x1a, 0x1a0, 0x73, 0x300, 0x258, 0x258, 0x300, 0x258, 0x3, 0x0, {[{{@ipv6={@remote, @local, [0x0, 0x0, 0xff], [0x0, 0xffffff00], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x11}, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x2}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xe, 0xb, 0xc, 0xc07, 'syz1\x00', 'syz0\x00', {0x2}}}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@icmp6={{0x28}, {0xc, "fc84"}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x14, 0x8000, 0x7, 0x18d, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x1d, 0x4, @tid=r3}, &(0x7f0000bbdffc))
getrusage(0x0, &(0x7f0000000400))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_REMOVE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd70007f0000000900000008000399a000020005"], 0x24}, 0x1, 0x0, 0x0, 0x80c0}, 0x20000000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000100), 0xc06620, 0x4)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v2={0x2000000, [{0x0, 0x6}, {0x83e, 0x40}]}, 0x14, 0x1)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')

4m12.159953944s ago: executing program 9 (id=2842):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x9, 0x0, @vifc_lcl_addr=@local, @multicast1=0xe0000300}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r6}, 0x38)

4m11.030038074s ago: executing program 9 (id=2844):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
pipe(0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000001440)=[{{&(0x7f0000000280)=@un=@abs, 0x0, &(0x7f0000001400)=[{&(0x7f0000001480)=""/1, 0xc08e}, {&(0x7f0000000300)=""/102}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/111}]}}], 0x700, 0x40002002, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040), 0xffc1)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000180)=0x55b7, 0x4)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

4m10.384300749s ago: executing program 9 (id=2848):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0xca400)
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

4m9.95351255s ago: executing program 9 (id=2850):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x0)
getdents64(r1, &(0x7f0000000fc0)=""/224, 0xe0)

4m9.493162506s ago: executing program 9 (id=2853):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0xb, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0xc0085504, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r1, 0xc008561c, &(0x7f0000000040)={0x980902, 0x0, @name="a13c67a9121fb71a1d3e142fe2fb8f9ba5ee159b867aa7d60668087c38d76487"})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x4c, 0x9, 0x6, 0x401, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x4000080)

3m52.455989716s ago: executing program 37 (id=2853):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0xb, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0xc0085504, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r1, 0xc008561c, &(0x7f0000000040)={0x980902, 0x0, @name="a13c67a9121fb71a1d3e142fe2fb8f9ba5ee159b867aa7d60668087c38d76487"})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x4c, 0x9, 0x6, 0x401, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x4000080)

2m12.195477456s ago: executing program 3 (id=3074):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x39, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0xb, <r0=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1f, 0xc, &(0x7f0000000200)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
r3 = memfd_secret(0x80000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000000000000711133000000000085100000020c0000000000000000000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r7, 0x402c542c, &(0x7f0000000080)={0xffffffd8, 0xc, 0x80404, 0x10006, 0x6, "00eaff00", 0x100004, 0x204})
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000004c0)=0x8)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x2000000, @host}, 0x10)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f00000000c0)=0x4)
syz_usb_connect(0x2, 0x3f, &(0x7f0000000140)={{0x12, 0x1, 0x250, 0x38, 0xe2, 0xaa, 0x8, 0x2b73, 0x17, 0xa20e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x2, 0xdb, 0x4, 0x80, 0xe6, [{{0x9, 0x4, 0x0, 0x4, 0x0, 0xff, 0x9e, 0x4d, 0x5}}, {{0x9, 0x4, 0x0, 0x2, 0x2, 0xe2, 0xa5, 0xc6, 0xa, [], [{{0x9, 0x5, 0x4, 0x4, 0x8, 0x9, 0x2, 0x9}}, {{0x9, 0x5, 0x5, 0x0, 0x10, 0x10, 0xf8, 0x7}}]}}]}}]}}, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x0})

2m11.810534508s ago: executing program 3 (id=3077):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000008a0400"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x14, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r4, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x3f, &(0x7f0000000140)=<r6=>0x0)
r7 = timerfd_create(0x0, 0x0)
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
io_cancel(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="a11b3e42c4b15f5c20caa49f56cad49e70d4fe04304c6c3991e3e066113b16d47c15f7b75651d1ae95a997621631856a8f6f87c1c7163def225b8ef8d74b471f429bd033d8ca69a4b117d39854d5df9c9f22f22d2e79a11908e8e588e08730f69c1a65075c4cf04e0b6dbf64aa72b4d085297d028e70313b68b94a3b0d0f1560eaacfa4953d54a6860a31714f57588f522d41a19ddc45c4c16a2f89fba49869b5fad78f1f34225a0b0119f68b5e85616950c9c7d0be3576081f72af06e8573178c3679fd135d5756e5ba52416afaef6522d5e9bb9855f954ffbc6329b24860f346a0558f01094b6bf8c4ffba3ffde08fa540ea5d113933ab", 0xf8, 0x4, 0x0, 0x1}, &(0x7f00000003c0))
r8 = socket$xdp(0x2c, 0x3, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r11, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000380)=0x2000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r13=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r11, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r11, &(0x7f0000000100)={0x2c, 0x0, r13}, 0x10)
bind$xdp(r10, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)

1m56.070337593s ago: executing program 7 (id=3110):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_create1(0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = dup(r2)
syz_open_dev$ndb(&(0x7f0000000100), 0x0, 0x40000)
r4 = open_tree(0xffffffffffffff9c, 0x0, 0x9801)
statx(r4, 0x0, 0x1000, 0x80, &(0x7f0000000240))
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB='7'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x94)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0x6)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000001, 0x40010, r3, 0x8000000)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3000001, 0x100010, r3, 0x10000000)
r8 = openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000280)=@IORING_OP_WRITE_FIXED={0x5, 0x20, 0x4000, @fd=r8, 0x5, 0x3, 0x9, 0xd, 0x0, {0x3, r9}})
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x38, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0xa0}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
sendto$unix(r0, &(0x7f00000004c0)="a0a3", 0x2, 0x200080d1, 0x0, 0x0)
recvfrom$unix(r1, 0x0, 0x0, 0x10102, 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)

1m54.594749955s ago: executing program 7 (id=3113):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, r0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x9, 0x0, @vifc_lcl_addr=@local, @multicast1=0xe0000300}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="020000000400000006000000aa0b"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r6}, 0x38)

1m53.222234855s ago: executing program 7 (id=3116):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x4)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x44, 0x0, &(0x7f0000000140)={0x0, 0xa, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = fsopen(&(0x7f0000000700)='affs\x00', 0x1)
r6 = fcntl$dupfd(r5, 0x0, r5)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r8)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r8, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x24, r9, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x3}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xfffffffd}]}, 0x24}}, 0x80)
r10 = socket(0x10, 0x803, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000003c0)=0x14)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x1800)

1m51.574548525s ago: executing program 7 (id=3120):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000007880)={0x1, 0x58, &(0x7f0000007800)}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000078c0)=ANY=[], 0x50)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x2)
socket(0x400000000010, 0x3, 0x0)
r2 = mq_open(0x0, 0x42, 0x1f0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syslog(0x2, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x8, 0x11, r3, 0x0)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
r4 = syz_open_dev$mouse(&(0x7f0000000200), 0x4, 0x200000)
ioctl$MEDIA_IOC_ENUM_ENTITIES(r4, 0xc1007c01, &(0x7f0000000100))
syslog(0x4, &(0x7f00000000c0)=""/27, 0x1b)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000240)=<r6=>0x0)
sched_setscheduler(r6, 0x5, &(0x7f00000002c0)=0x2)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0xfd, 0x0}, 0x4623, 0x0, 'dh\x00', 0x1, 0x10001, 0x49}, 0x2c)

1m48.46507986s ago: executing program 7 (id=3124):
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
r1 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x9)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x358, 0x0)
prlimit64(0x0, 0x0, &(0x7f00000000c0)={0x80, 0xde}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r4 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="380c0000000000000d01000005000000ece538e8b62831eafcd9056be7c8a4f36891e0bd363476ba635f8d61e20221d10831df051097c214cf0e5f4345fa2c1eff6b0f8eedd3687f41fdd27b53aabf690ef80b8953b86b7943136212b1ec5c95809bc5d24c84f1ea4c6a1ff8b0dfc20e9b15115ddad4e233132bb07ee1577ae158a9ec4de6171ac0a7542ea221a3d97d80e7bed34fde3c64661a751d33a6d102ec5e611cee97f445ff21d4d3b360a17a83b7594ad811751ceb59ea8b5cde9525ac5679cf2e35907c0abbb85a25c776a98af56eff37c6627d00c51fd572f6113013d16a54d005b0f833f3c9cde6b897312b7ddc1b063781f822e06890c08ad3025e80b4a550a680e58053a8c33d2e1858f971a40788f6b287baa082a334140c0091f5f2d232ecbc86218a477e468e5be1b48d7787071b5c891cc3efde21a3b0337adeaa6a41ce8fd6edf1b0a47ca0cd6d785cc2c1c3803dde4d9749a10e21d489531efca60760b4ff2061dd7800c4f23c3d1e2bcd694fcc87261a2fdfee6baaa701c7083e9675a75b8d530f09f72d8d3fed4ed848ba18d11635893b52c84a6f0fdc9711b63cba52c9e33ac701261d5459b6ff53be036549b6d0e617d125a6a758370d0671f5f956918db7c4d0afb4f7369bad2a1cf0b7bcf130464bb031b092392a72e8234c1cc1d41190dad660bd1d9283d7d4c7f7410c83f6cfbd25b438097f3e5fd4a23e56c1995179797f03c6dfc5e8be4515d9c72ef9ecbb7cd80d4e71d2ac2f31396081eb9fee4b5d633aee32775a004f7aee9f33d81f9e469a1bef0a995ca8d50c2d853bfb1ebaf301d0c649b74827ae650b6a3bec85e2e9fd45e33bdd8c29cb0692d78a73700daf8eaff8efc06f8c07b3ce384ab1d925cdc440a4b85ace1edb6202df092fe6b37c11e10f3cb3d9e0cc19d55989766aec965403244c8dabfcdcc51c2297131307048ffc88b47d07e821656fa73395dd464d79ee82b3d4f47bd29f42f44f9521efdec7b0e8b5436d496ae046d72d69bc3d35a62829954fdf87fa10330a7864465ee86c540b2e1320e8453701898027ef86ad0d7c31c009f0e5f4c35eeb870ba4caa3708656b38c3797aaadb4b372acf23c05d55d98eb8c1c628e744a6a4439b5a515a2a083f8fbc71a2e6800c3ffec640d21d05a4b1f4548c5541f809e9766cce96b2c53b220361638c4dc43af7d5edb874bb48ca3c8a837fdccff0c8b50bc402da6262c5e3b344f313153fd455e4414f2b0e4a2bcf881b5615e399f8bbe6c3c20a314539b856de845a6e37e5f6925f3d5929eb59243b792834b0de7643077681b9113f5d192c4e96ebea0465901e5aa5da812b0d112089c048e29c523a753f7babe4e3de0bff0f220493bef0e7b76b051cecc325a8fb60a76880155ed33bbbccb472dd3b568829eb7cfb4280521adee82b1b1b7c31b0baa329f81f254526461b787d32bd18a760944a3f728a8a257f2bb9bc9172daeeb9a3d099fa60a440063b70cb48a54cf8739467f7e2b075b74800056475332bd226daf3e7a85c198107c3fe4818e78dda31d1d8c4c618c218e368a0e20655c325f95ebdb03320448cfd754064e7a6b69b1677d12a5c63b853d77bd06b4759e30e764806b91d5e9e54c907255ead2d433538105dc4dd9d364de0a82bbbe035d34e215be51d468b95a87e0e6d76264ff4a8bde40e956782351b5595118d6f630ae1eeeb5755177d0cd71f259eb580ba0918194a3b75d6110d58079c57ffef2f53a8d0fcd824c1bf83e612a2c63b0dc6f0e6997d7905d5adf649da853204a522043147f7b7debd7c01835b4f311ad3a6c4122f4cc970e2926ea30aaaf307555dea57ef2dbe3e5ec783dc447d1834cb1cc711c34051d5077d373013e995d34dd20a4ae0f3356b388a46ca2d3686daa528246dd0ab3e7400406e88797294d61b24e81ce8812e0eb0aa698c658dafa957618e969f73f988fb6a5b13b0bdd2a63e666f88513f5f15d0f0a743be28c5fa6386d9af70292e96b54d4d5495ab142b036f11a7c18d6245ceb713a30c875af0e7124934b1bda9a9484e617360e2b9b63052da78188ab3ff5e2c8df92e3ff7845343165fd501f097296d614e163a33d8e15032147e2f3dd57e8207c11a11cd9d39a786223d2b6b000ab841e3237bcca18431f26a0ece2e478c28b56ccb93966151be4e52d823d1bc345d9a5c2925d06c27e4c74dd2783f55d32d07ae2eb68fe6d5614cf979e3c16d3f467efee15169eb5a641837b93bc06733eab8e30cd85c731ea46a24266dfe87fb8a9515b25841a246e6d8df10faa34da94576a4a3e1ffc78323cc58b122c0a0993da408b82f4a311c2250483a701df3e99fba515f31791b5b8b6ee31cb92731d656b7ff43b38d3b2d9f59008a7400d6f2dece551883f32d0281395379aa42285e90dff71bad695156ba4842936f6ddcd99cdb5ef8a147a15cf6ede0eff9b5106306806574fe9b3ede36418c97ebbb1de5b7b23a453b98e10634956a34cbf40b62b4cff86935ddbdd31cf5b78e1248b19ba060cff190f1f2f178dab05e0d6395d9b1440b01ed10f5c46c903d3e2f78e9393124a981c7db5126210ce0981dfe0566d0751f3a76b66f06390a1df65218832cb33c91a1a78c67b24b4aa1a52231a6152a2483684eecf19522d5a22bde3cac03fd1de054e36325490af9081bda7b85e007e8714fa6f945257d8bbb766f612f682d19f885d054055de33423889c45157120dfde3ae504c6fd55c65fd652245fbc1d20e535da9e326341fd39bbb8f81117516747c7bd6a0e41faae21d4a7b905a6e82d4584bb56c0c2e540e7c69ce8594724b08c1ccb578617cc7f4f203f1f96011a5a3e9e4ae90ec5b7d5c1b5c682706b331c57e56966ac4017dc56e7a701c2c27657dc7fc436c4c02c51a76537bb90fffd13c1a2bb473245cbf0f34b020cc1b267ba624b09616448eabc753f3eb69256aa7f4ae3c590cca158457b1fd5e37c977ea19f30f813e0169c6b37496162134b6ea6501d6e5910a9b4b5597fd379bdceda96f016fea03ebfe375bdd60d9a61099e593706255f8b1a1048db705b304eb2f7b61737df8ddea67277059f37dc9065e71bfb49efbbbe79661afd5f58f388f02a03dcb69758237b6789fcbdc4ea2fea4132d33d777cd5193c210e345f06a1568e061b39b774ed321e435f44a54842435af0d574ceec62e3132d8b57d490d1e8f1860fbd95e6a30176af9c085760e5ecc9199df22b76069e1ec85035c69d754f399824ebd886693d897b55f139cf6053a27d6389e9158d7f187ee506c304953dcb5c0c72fa5c942933bcd0ed00127fc842cd2f50d6483faa9a775450ea4cac5a18d4c4868ca696f136c28a4703d1562167671ad50ea5e70d0c43f95992130db3ac2e97e10f614a8974650366d369437f12e598dd37f474ab5010b3dd4ef6c3a23e37db0ee18675bc16f0e0e96e50a72f3816e08dee4e9407b0906d57a7caf9539288bda2d6577e09c417c01f910f18a324bd7c1b9388fd464109a5cafa70ee2cf83197c6a0acc5e012343ce8afe4e6a94f0f55b2230c9a6acdc9b9cea5c4a06f6d4376a5d8c43a562736b617acfa01f2b8dfc0f4c25cd3f8d7c675ee2cb72d030dbe4f78805dd9589b4874093dd7b4c6b6715fd245e6d853dbbb4ffdaa4f665870f7f22ed0a9d862cff03581ff2c4bc9ee5768c7ca806460a882dd0ffc96238a22715b6a49d50df7705c2d1ad35ab7df6660ba3ded28f6bedd9dba2158c6a3cc7943d6df0bc376135ea3b9211523130ad7fdd1532841a7067a77b01573952bab397520a23eac4d5f67c54ff293e14d7e21792b909fae37de019200b6dcdaf815d0c747d891de553072f7d9dec9cb0657f9f2962c0be6f122bf1d8793995ecde34a14d46acbd238d0cc0edfa3556b7a7c763f37bd162bb6d638eda49818fe97ee6f5637254ff1b31cd1c358f19b362a978b689d5661873da06124960f1b25fa2c069586584ce5c83b72c4844ad85c917e35e0fbc6f565771579997cd31fdf3e42dcc1ab17573328e6a73affe545fc82c149566cb11b439cfb804b581a12c1054d4fee14feae7d91db10348b3470e282fc93c07376e050731cbfc091e3b858a9e1679b4c92b44656802a239ef3f0b91a5649eccdbff499328e9243ba7c25aa50de56d3e0dbafcc6aeab35b64b027e36d6e7868d5f6ea7e46d7d6bc263a3f304b5642e60fa847369f6ea08bd9049822fc6f7cebac468e88db61846c417be1c78ea28691e3a58d46607597c2746b0cdcdde0c8d2f21c6f407d88f17fec2eaa290db8b4513e29439be7ddd719d712e8b01dcff54fe42563e40973ad4f1b00bc9489cd10390b63adef8101b82144370e23d92ee972b129e14a3c1945288f7ebbb67999afcda79c63bb458949b6821cb0000000000000010000000000000001801000006000000a6a40454b31a930ee5b2b64e2590a7902ba47d82cf5c68e63fb1a8ab7650e03e87473d949f2b27c2b4d70c37587d6f5331858d70aecc1916719cc9280ad52b082c9bc9eb15211472219e9f7616c4fd21882649600d268de66447d0885a2209e6a0b34312ac866da0d121a53907bd7fb4a610144d3d90f8f35a84fcb412011d570eda64b8181fb9d490f014cb7995c451594e01140d3f32050103e5bff5f61cc2369798db3efb63990965424ffc3c64deb8ef86d486e73e43570dc0d5ba84b2ccb8bf21e601ff6cc7555da42c736c050d7a09f8f1853177ec04aadfbdb5c69f36befd7f2f8741c5b8a46f0227107a6068eaf5458352ea7ff3"], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r4, 0x92, 0x0, 0x0, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r8, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r9 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendfile(r9, r8, 0x0, 0x23b)
sched_setscheduler(0x0, 0x2, 0x0)
r10 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r10, 0xc034564b, &(0x7f0000000100)={0x0, 0x59455247, 0x280, 0x4b0, 0x0, @discrete={0x5, 0x6}})

1m46.438447846s ago: executing program 7 (id=3126):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x9, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8}, @TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PTYPE={0x6, 0xa}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x70}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)="18", 0x1}], 0x1}}], 0x1, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001080)=0xfd9)
ioctl$SIOCGETMIFCNT_IN6(r1, 0x89e0, &(0x7f0000000300)={0x1})
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000011d80)=@newtfilter={0x24, 0x2c, 0x400, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0x9, 0xfff1}, {0xfff3, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x2404c080}, 0x81)
recvmmsg$unix(r1, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000003c0)=""/4116, 0x1014}], 0x1}}], 0x1, 0x10000, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000001400)={0x11, @multicast2, 0x3, 0x0, 'lc\x00', 0x30, 0x3, 0x4e}, 0x2c)
sendto$inet(r4, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000640)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)

1m44.601433603s ago: executing program 3 (id=3077):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000008a0400"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x14, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r4, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x3f, &(0x7f0000000140)=<r6=>0x0)
r7 = timerfd_create(0x0, 0x0)
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
io_cancel(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="a11b3e42c4b15f5c20caa49f56cad49e70d4fe04304c6c3991e3e066113b16d47c15f7b75651d1ae95a997621631856a8f6f87c1c7163def225b8ef8d74b471f429bd033d8ca69a4b117d39854d5df9c9f22f22d2e79a11908e8e588e08730f69c1a65075c4cf04e0b6dbf64aa72b4d085297d028e70313b68b94a3b0d0f1560eaacfa4953d54a6860a31714f57588f522d41a19ddc45c4c16a2f89fba49869b5fad78f1f34225a0b0119f68b5e85616950c9c7d0be3576081f72af06e8573178c3679fd135d5756e5ba52416afaef6522d5e9bb9855f954ffbc6329b24860f346a0558f01094b6bf8c4ffba3ffde08fa540ea5d113933ab", 0xf8, 0x4, 0x0, 0x1}, &(0x7f00000003c0))
r8 = socket$xdp(0x2c, 0x3, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r11, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000380)=0x2000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r13=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r11, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r11, &(0x7f0000000100)={0x2c, 0x0, r13}, 0x10)
bind$xdp(r10, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)

1m31.316963694s ago: executing program 38 (id=3126):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x9, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8}, @TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PTYPE={0x6, 0xa}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x70}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)="18", 0x1}], 0x1}}], 0x1, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001080)=0xfd9)
ioctl$SIOCGETMIFCNT_IN6(r1, 0x89e0, &(0x7f0000000300)={0x1})
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000011d80)=@newtfilter={0x24, 0x2c, 0x400, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0x9, 0xfff1}, {0xfff3, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x2404c080}, 0x81)
recvmmsg$unix(r1, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000003c0)=""/4116, 0x1014}], 0x1}}], 0x1, 0x10000, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000001400)={0x11, @multicast2, 0x3, 0x0, 'lc\x00', 0x30, 0x3, 0x4e}, 0x2c)
sendto$inet(r4, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000640)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)

1m16.979845964s ago: executing program 3 (id=3077):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000008a0400"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x14, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r4, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x3f, &(0x7f0000000140)=<r6=>0x0)
r7 = timerfd_create(0x0, 0x0)
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
io_cancel(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="a11b3e42c4b15f5c20caa49f56cad49e70d4fe04304c6c3991e3e066113b16d47c15f7b75651d1ae95a997621631856a8f6f87c1c7163def225b8ef8d74b471f429bd033d8ca69a4b117d39854d5df9c9f22f22d2e79a11908e8e588e08730f69c1a65075c4cf04e0b6dbf64aa72b4d085297d028e70313b68b94a3b0d0f1560eaacfa4953d54a6860a31714f57588f522d41a19ddc45c4c16a2f89fba49869b5fad78f1f34225a0b0119f68b5e85616950c9c7d0be3576081f72af06e8573178c3679fd135d5756e5ba52416afaef6522d5e9bb9855f954ffbc6329b24860f346a0558f01094b6bf8c4ffba3ffde08fa540ea5d113933ab", 0xf8, 0x4, 0x0, 0x1}, &(0x7f00000003c0))
r8 = socket$xdp(0x2c, 0x3, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r11, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000380)=0x2000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r13=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r11, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r11, &(0x7f0000000100)={0x2c, 0x0, r13}, 0x10)
bind$xdp(r10, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)

57.448253786s ago: executing program 3 (id=3077):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000008a0400"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x14, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r4, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x3f, &(0x7f0000000140)=<r6=>0x0)
r7 = timerfd_create(0x0, 0x0)
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
io_cancel(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="a11b3e42c4b15f5c20caa49f56cad49e70d4fe04304c6c3991e3e066113b16d47c15f7b75651d1ae95a997621631856a8f6f87c1c7163def225b8ef8d74b471f429bd033d8ca69a4b117d39854d5df9c9f22f22d2e79a11908e8e588e08730f69c1a65075c4cf04e0b6dbf64aa72b4d085297d028e70313b68b94a3b0d0f1560eaacfa4953d54a6860a31714f57588f522d41a19ddc45c4c16a2f89fba49869b5fad78f1f34225a0b0119f68b5e85616950c9c7d0be3576081f72af06e8573178c3679fd135d5756e5ba52416afaef6522d5e9bb9855f954ffbc6329b24860f346a0558f01094b6bf8c4ffba3ffde08fa540ea5d113933ab", 0xf8, 0x4, 0x0, 0x1}, &(0x7f00000003c0))
r8 = socket$xdp(0x2c, 0x3, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r11, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000380)=0x2000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r13=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r11, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r11, &(0x7f0000000100)={0x2c, 0x0, r13}, 0x10)
bind$xdp(r10, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)

24.290909991s ago: executing program 3 (id=3077):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000008a0400"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x14, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r4, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_setup(0x3f, &(0x7f0000000140)=<r6=>0x0)
r7 = timerfd_create(0x0, 0x0)
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x4000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
io_cancel(r6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="a11b3e42c4b15f5c20caa49f56cad49e70d4fe04304c6c3991e3e066113b16d47c15f7b75651d1ae95a997621631856a8f6f87c1c7163def225b8ef8d74b471f429bd033d8ca69a4b117d39854d5df9c9f22f22d2e79a11908e8e588e08730f69c1a65075c4cf04e0b6dbf64aa72b4d085297d028e70313b68b94a3b0d0f1560eaacfa4953d54a6860a31714f57588f522d41a19ddc45c4c16a2f89fba49869b5fad78f1f34225a0b0119f68b5e85616950c9c7d0be3576081f72af06e8573178c3679fd135d5756e5ba52416afaef6522d5e9bb9855f954ffbc6329b24860f346a0558f01094b6bf8c4ffba3ffde08fa540ea5d113933ab", 0xf8, 0x4, 0x0, 0x1}, &(0x7f00000003c0))
r8 = socket$xdp(0x2c, 0x3, 0x0)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r10, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r11 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r11, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r11, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r11, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000380)=0x2000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r13=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r11, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r11, &(0x7f0000000100)={0x2c, 0x0, r13}, 0x10)
bind$xdp(r10, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r11}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)

23.302666479s ago: executing program 4 (id=3284):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x24004001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="0903007500000000040000000000"], 0x14}}, 0x0)
mmap(&(0x7f00006c6000/0x3000)=nil, 0x3000, 0x300000b, 0x12, r0, 0x2000)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x4000000004002, 0x0)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4, 0x1, 0x5, 0x7, 0x7, 0x3, 0x4, 0x3}}}}]}, 0x58}}, 0x44080)
r10 = dup(r6)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r10, 0x0, 0xffffffdb)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
syz_open_dev$dri(&(0x7f00000000c0), 0x3, 0x200)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)

21.999468466s ago: executing program 4 (id=3285):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
set_mempolicy(0x4003, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
waitid(0x0, 0x0, &(0x7f0000000240), 0x80000000, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))

16.26384199s ago: executing program 4 (id=3291):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100"], 0x64}}, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, 0x0, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

14.713578789s ago: executing program 4 (id=3295):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000080)={0x0, 0x3})
capget(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180)={0xfffffff8, 0x7, 0x2, 0xbac0, 0x10000})
setrlimit(0x40000000000008, &(0x7f0000000000))
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000001a006da800000000000000001c14000000000100"], 0x24}}, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000200), 0xa8040, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
chown(0x0, 0x0, 0x0)
dup(0xffffffffffffffff)
ioctl$KVM_PRE_FAULT_MEMORY(r7, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f00000000c0)={0x48, 0x7, r8, 0x0, 0x10001, 0x0, 0x4, 0xd6fe5, 0x3d3b4e})

14.690973972s ago: executing program 0 (id=3296):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}}, 0x4044004)
recvmmsg(r2, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0xfffffffa}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x401}, {{0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000000c0)=""/177, 0xb1}, {&(0x7f0000000dc0)=""/261, 0x105}, {&(0x7f0000000440)=""/84, 0x54}, {&(0x7f0000003bc0)=""/4103, 0x1007}, {&(0x7f0000000340)=""/227, 0xe3}, {&(0x7f0000000f40)=""/228, 0xe4}], 0x6}, 0x80000000}], 0x4, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0xa0000001})
epoll_wait(r1, &(0x7f0000000280)=[{}], 0x1, 0x4000005)
close_range(r0, 0xffffffffffffffff, 0x0)

12.885719011s ago: executing program 8 (id=3299):
syz_usb_connect$cdc_ncm(0x3, 0x72, &(0x7f0000000040)=ANY=[], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r1, 0xbabc)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000000), 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f00000000c0)=0x6)
read$char_usb(r0, 0x0, 0x0)

12.694606971s ago: executing program 0 (id=3300):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
r2 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x9)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$pokeuser(0x6, r4, 0x358, 0x0)
prlimit64(0x0, 0x0, &(0x7f00000000c0)={0x80, 0xde}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r5 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r8, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="380c0000000000000d01000005000000ece538e8b62831eafcd9056be7c8a4f36891e0bd363476ba635f8d61e20221d10831df051097c214cf0e5f4345fa2c1eff6b0f8eedd3687f41fdd27b53aabf690ef80b8953b86b7943136212b1ec5c95809bc5d24c84f1ea4c6a1ff8b0dfc20e9b15115ddad4e233132bb07ee1577ae158a9ec4de6171ac0a7542ea221a3d97d80e7bed34fde3c64661a751d33a6d102ec5e611cee97f445ff21d4d3b360a17a83b7594ad811751ceb59ea8b5cde9525ac5679cf2e35907c0abbb85a25c776a98af56eff37c6627d00c51fd572f6113013d16a54d005b0f833f3c9cde6b897312b7ddc1b063781f822e06890c08ad3025e80b4a550a680e58053a8c33d2e1858f971a40788f6b287baa082a334140c0091f5f2d232ecbc86218a477e468e5be1b48d7787071b5c891cc3efde21a3b0337adeaa6a41ce8fd6edf1b0a47ca0cd6d785cc2c1c3803dde4d9749a10e21d489531efca60760b4ff2061dd7800c4f23c3d1e2bcd694fcc87261a2fdfee6baaa701c7083e9675a75b8d530f09f72d8d3fed4ed848ba18d11635893b52c84a6f0fdc9711b63cba52c9e33ac701261d5459b6ff53be036549b6d0e617d125a6a758370d0671f5f956918db7c4d0afb4f7369bad2a1cf0b7bcf130464bb031b092392a72e8234c1cc1d41190dad660bd1d9283d7d4c7f7410c83f6cfbd25b438097f3e5fd4a23e56c1995179797f03c6dfc5e8be4515d9c72ef9ecbb7cd80d4e71d2ac2f31396081eb9fee4b5d633aee32775a004f7aee9f33d81f9e469a1bef0a995ca8d50c2d853bfb1ebaf301d0c649b74827ae650b6a3bec85e2e9fd45e33bdd8c29cb0692d78a73700daf8eaff8efc06f8c07b3ce384ab1d925cdc440a4b85ace1edb6202df092fe6b37c11e10f3cb3d9e0cc19d55989766aec965403244c8dabfcdcc51c2297131307048ffc88b47d07e821656fa73395dd464d79ee82b3d4f47bd29f42f44f9521efdec7b0e8b5436d496ae046d72d69bc3d35a62829954fdf87fa10330a7864465ee86c540b2e1320e8453701898027ef86ad0d7c31c009f0e5f4c35eeb870ba4caa3708656b38c3797aaadb4b372acf23c05d55d98eb8c1c628e744a6a4439b5a515a2a083f8fbc71a2e6800c3ffec640d21d05a4b1f4548c5541f809e9766cce96b2c53b220361638c4dc43af7d5edb874bb48ca3c8a837fdccff0c8b50bc402da6262c5e3b344f313153fd455e4414f2b0e4a2bcf881b5615e399f8bbe6c3c20a314539b856de845a6e37e5f6925f3d5929eb59243b792834b0de7643077681b9113f5d192c4e96ebea0465901e5aa5da812b0d112089c048e29c523a753f7babe4e3de0bff0f220493bef0e7b76b051cecc325a8fb60a76880155ed33bbbccb472dd3b568829eb7cfb4280521adee82b1b1b7c31b0baa329f81f254526461b787d32bd18a760944a3f728a8a257f2bb9bc9172daeeb9a3d099fa60a440063b70cb48a54cf8739467f7e2b075b74800056475332bd226daf3e7a85c198107c3fe4818e78dda31d1d8c4c618c218e368a0e20655c325f95ebdb03320448cfd754064e7a6b69b1677d12a5c63b853d77bd06b4759e30e764806b91d5e9e54c907255ead2d433538105dc4dd9d364de0a82bbbe035d34e215be51d468b95a87e0e6d76264ff4a8bde40e956782351b5595118d6f630ae1eeeb5755177d0cd71f259eb580ba0918194a3b75d6110d58079c57ffef2f53a8d0fcd824c1bf83e612a2c63b0dc6f0e6997d7905d5adf649da853204a522043147f7b7debd7c01835b4f311ad3a6c4122f4cc970e2926ea30aaaf307555dea57ef2dbe3e5ec783dc447d1834cb1cc711c34051d5077d373013e995d34dd20a4ae0f3356b388a46ca2d3686daa528246dd0ab3e7400406e88797294d61b24e81ce8812e0eb0aa698c658dafa957618e969f73f988fb6a5b13b0bdd2a63e666f88513f5f15d0f0a743be28c5fa6386d9af70292e96b54d4d5495ab142b036f11a7c18d6245ceb713a30c875af0e7124934b1bda9a9484e617360e2b9b63052da78188ab3ff5e2c8df92e3ff7845343165fd501f097296d614e163a33d8e15032147e2f3dd57e8207c11a11cd9d39a786223d2b6b000ab841e3237bcca18431f26a0ece2e478c28b56ccb93966151be4e52d823d1bc345d9a5c2925d06c27e4c74dd2783f55d32d07ae2eb68fe6d5614cf979e3c16d3f467efee15169eb5a641837b93bc06733eab8e30cd85c731ea46a24266dfe87fb8a9515b25841a246e6d8df10faa34da94576a4a3e1ffc78323cc58b122c0a0993da408b82f4a311c2250483a701df3e99fba515f31791b5b8b6ee31cb92731d656b7ff43b38d3b2d9f59008a7400d6f2dece551883f32d0281395379aa42285e90dff71bad695156ba4842936f6ddcd99cdb5ef8a147a15cf6ede0eff9b5106306806574fe9b3ede36418c97ebbb1de5b7b23a453b98e10634956a34cbf40b62b4cff86935ddbdd31cf5b78e1248b19ba060cff190f1f2f178dab05e0d6395d9b1440b01ed10f5c46c903d3e2f78e9393124a981c7db5126210ce0981dfe0566d0751f3a76b66f06390a1df65218832cb33c91a1a78c67b24b4aa1a52231a6152a2483684eecf19522d5a22bde3cac03fd1de054e36325490af9081bda7b85e007e8714fa6f945257d8bbb766f612f682d19f885d054055de33423889c45157120dfde3ae504c6fd55c65fd652245fbc1d20e535da9e326341fd39bbb8f81117516747c7bd6a0e41faae21d4a7b905a6e82d4584bb56c0c2e540e7c69ce8594724b08c1ccb578617cc7f4f203f1f96011a5a3e9e4ae90ec5b7d5c1b5c682706b331c57e56966ac4017dc56e7a701c2c27657dc7fc436c4c02c51a76537bb90fffd13c1a2bb473245cbf0f34b020cc1b267ba624b09616448eabc753f3eb69256aa7f4ae3c590cca158457b1fd5e37c977ea19f30f813e0169c6b37496162134b6ea6501d6e5910a9b4b5597fd379bdceda96f016fea03ebfe375bdd60d9a61099e593706255f8b1a1048db705b304eb2f7b61737df8ddea67277059f37dc9065e71bfb49efbbbe79661afd5f58f388f02a03dcb69758237b6789fcbdc4ea2fea4132d33d777cd5193c210e345f06a1568e061b39b774ed321e435f44a54842435af0d574ceec62e3132d8b57d490d1e8f1860fbd95e6a30176af9c085760e5ecc9199df22b76069e1ec85035c69d754f399824ebd886693d897b55f139cf6053a27d6389e9158d7f187ee506c304953dcb5c0c72fa5c942933bcd0ed00127fc842cd2f50d6483faa9a775450ea4cac5a18d4c4868ca696f136c28a4703d1562167671ad50ea5e70d0c43f95992130db3ac2e97e10f614a8974650366d369437f12e598dd37f474ab5010b3dd4ef6c3a23e37db0ee18675bc16f0e0e96e50a72f3816e08dee4e9407b0906d57a7caf9539288bda2d6577e09c417c01f910f18a324bd7c1b9388fd464109a5cafa70ee2cf83197c6a0acc5e012343ce8afe4e6a94f0f55b2230c9a6acdc9b9cea5c4a06f6d4376a5d8c43a562736b617acfa01f2b8dfc0f4c25cd3f8d7c675ee2cb72d030dbe4f78805dd9589b4874093dd7b4c6b6715fd245e6d853dbbb4ffdaa4f665870f7f22ed0a9d862cff03581ff2c4bc9ee5768c7ca806460a882dd0ffc96238a22715b6a49d50df7705c2d1ad35ab7df6660ba3ded28f6bedd9dba2158c6a3cc7943d6df0bc376135ea3b9211523130ad7fdd1532841a7067a77b01573952bab397520a23eac4d5f67c54ff293e14d7e21792b909fae37de019200b6dcdaf815d0c747d891de553072f7d9dec9cb0657f9f2962c0be6f122bf1d8793995ecde34a14d46acbd238d0cc0edfa3556b7a7c763f37bd162bb6d638eda49818fe97ee6f5637254ff1b31cd1c358f19b362a978b689d5661873da06124960f1b25fa2c069586584ce5c83b72c4844ad85c917e35e0fbc6f565771579997cd31fdf3e42dcc1ab17573328e6a73affe545fc82c149566cb11b439cfb804b581a12c1054d4fee14feae7d91db10348b3470e282fc93c07376e050731cbfc091e3b858a9e1679b4c92b44656802a239ef3f0b91a5649eccdbff499328e9243ba7c25aa50de56d3e0dbafcc6aeab35b64b027e36d6e7868d5f6ea7e46d7d6bc263a3f304b5642e60fa847369f6ea08bd9049822fc6f7cebac468e88db61846c417be1c78ea28691e3a58d46607597c2746b0cdcdde0c8d2f21c6f407d88f17fec2eaa290db8b4513e29439be7ddd719d712e8b01dcff54fe42563e40973ad4f1b00bc9489cd10390b63adef8101b82144370e23d92ee972b129e14a3c1945288f7ebbb67999afcda79c63bb458949b6821cb0000000000000010000000000000001801000006000000a6a40454b31a930ee5b2b64e2590a7902ba47d82cf5c68e63fb1a8ab7650e03e87473d949f2b27c2b4d70c37587d6f5331858d70aecc1916719cc9280ad52b082c9bc9eb15211472219e9f7616c4fd21882649600d268de66447d0885a2209e6a0b34312ac866da0d121a53907bd7fb4a610144d3d90f8f35a84fcb412011d570eda64b8181fb9d490f014cb7995c451594e01140d3f32050103e5bff5f61cc2369798db3efb63990965424ffc3c64deb8ef86d486e73e43570dc0d5ba84b2ccb8bf21e601ff6cc7555da42c736c050d7a09f8f1853177ec04aadfbdb5c69f36befd7f2f8741c5b8a46f0227107a6068eaf5458352ea7ff3"], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r9, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sched_setscheduler(0x0, 0x2, 0x0)
r10 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r10, 0xc034564b, &(0x7f0000000100)={0x0, 0x59455247, 0x280, 0x4b0, 0x0, @discrete={0x5, 0x6}})
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xb, 0x100, 0x3, {0x8000, 0x5, 0x20004, 0x4923}})

11.678955329s ago: executing program 0 (id=3301):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
set_mempolicy(0x4003, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
waitid(0x0, 0x0, &(0x7f0000000240), 0x80000000, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))

8.762525315s ago: executing program 8 (id=3303):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000540)={0x48, 0x8, r1, 0x0, 0x2fff, 0x1, &(0x7f0000000080)='z', 0x4})
r2 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r2, &(0x7f0000000980)=[{{&(0x7f00000002c0)={0xa, 0x4e22, 0x7, @loopback, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="2400000000000000290000003200000000000000000000670f10850000000001", @ANYRES32=0x0, @ANYBLOB="00000000140000000000000029000000080000000900000000000000"], 0x40}}], 0x1, 0x4044090)
r3 = syz_usb_connect$cdc_ncm(0x5, 0x114, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x102, 0x2, 0x1, 0x4, 0x30, 0x2e, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, "3bb5e0"}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x2800, 0x7, 0x27}, {0x6, 0x24, 0x1a, 0x9, 0x10}, [@mdlm_detail={0x86, 0x24, 0x13, 0xd, "00fe49d6cb8d1b6df28c5a5cd75d53efa0980ba344711755c0ffa38e6aea9f75ca6164dd5708ab7cc955f337e43328ba30826a92765d55eaf2593d970fdfcaeeaa45535ebb81cb0862aa3c0fac4d9385d553e276cd78304a515ea196dd8bfd82167ebe526f1406049ba9ea71645fdeade9d0a78ad6e76b179c2ad025c62d5d2b1c90"}, @mbim={0xc, 0x24, 0x1b, 0x0, 0xff, 0x1, 0x4e, 0x80, 0x5}, @obex={0x5, 0x24, 0x15, 0x8eb}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x7}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0xfe, 0x2, 0xbd}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0xfd, 0x5, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x3, 0xa, 0x9c}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x17, 0x5, 0x2f}}}}}}}]}}, &(0x7f00000005c0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x201, 0x8e, 0x3, 0x4f, 0x8, 0x7}, 0xc, &(0x7f0000000180)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x10, 0x2, 0x8, 0xff}]}, 0x9, [{0x9c, &(0x7f00000001c0)=@string={0x9c, 0x3, "ad569f99a6d3c54a1bf8e98c13167bce454c300d47ebefcc3dfd78b3574677837fa1e9fa65efb781eb63af9bcc139775dd659a389d46c4f7b797818d35578a11730057019d45ecbb6e1970dc02184e479c70d09e13df6aca139674ccc2a1159a97fcf08b7d204e02cd028a1fddb7648712c2c2d7f3cb65302c19fdecb03a94a6a1f22bdd00179b7e14a4a96865300da9a4e8550b02346b85a9a7"}}, {0x32, &(0x7f0000000b80)=@string={0x32, 0x3, "d84257d0c174e4a8e0d67965fc02787a1c7aa899576ff39bc3ebe483336a5601df0d81105301da6c9901e0d65249b764"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x416}}, {0x2f, &(0x7f0000000340)=@string={0x2f, 0x3, "2b3be4e600a3cb7f7110c6d1afecd929016e7b1ef94dcde6d058b24634e99f4c17a6bf7ba4b335e35fc0c6196d"}}, {0x55, &(0x7f0000000380)=@string={0x55, 0x3, "6060f734c5929fc3f6a8ee5ea873e468c873ae5bd7301f69f6bf8005780975e3bf6a6674f4565e5de449a876138f1f04732f63e6b96f74607c84212cb414c652a577d046df03b713dae891a1259cacee6fcb67"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x41b}}, {0x3c, &(0x7f0000000440)=@string={0x3c, 0x3, "a6e1b80d752248e3c386441ae06fdcf78d88391e344fa761582301d064d1bcd8cca6a797f87dc5be7088eea229133e48cf5d30c96baa7300ca44"}}, {0xd7, &(0x7f0000000480)=@string={0xd7, 0x3, "6c059281bbf7ec3e67e9fd8aa0352f9c98aa420b68900051df2b49db57249548025168284cbb26424cc2eaff5a2f87ddc0d557414cba877040f0537a6e9269a0057d37e9395eea72177e31cdc343fe99bf22e9aa05a5b462b0434b47c881afc0183eebb91eec39ff4363da5f8f590c75e6ea9da469ff62fee8a90e6839b984a10bd51d19ab222ed56a66e946d9477f18930d30d6b5651a8a643863812abda403e5626fde4652f2eec2787a7077b7c5021e00864594c0af6f365a6aa630523ca5abb93bbf32e2609f8ad76f9056aa74412b5d9eaa4f"}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x445}}]})
r4 = socket$inet(0x2, 0x80001, 0x84)
listen(r4, 0x3)
accept(r4, 0x0, 0x0)
shutdown(r4, 0x0)
syz_usb_control_io$cdc_ncm(r3, &(0x7f00000007c0)={0x14, &(0x7f0000000700)={0x40, 0x10, 0x90, {0x90, 0x8, "ef5a208534be296ec6e45dcb4641c8373543e4d1f44a03a65b9cda33fd95007e9bc9d535f00702202882df1482d4edca25ec4aa09654e3bad4971f4edb3846f7a0587cd3b5c20b6050fc3c02926915068e5a2c839d85ec07617592f4359655d506c171b2ee4edb31bfb24e607edfed6a73db9d185686373390e368a994e80933416180e81f092a13a648efbfcb3f"}}, &(0x7f0000000680)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000b00)={0x44, &(0x7f0000000800)={0x20, 0x7, 0xbd, "3169b8e90e51c87fe75ad823e13984b1064a528270ea38cf02bbf6ec116d9375ae5ecf377ddf6f57c01b8bf421a7a4fbed0a6a27fb2a03542c2028fa560efa61078ef94d69f447a467148e0ef3369019992e3f7f4d08e62399bb8f21918860fc214a1bd43448311f7673e5963a6027e9dc8cff311c81fb4622e0ac99392e46b098571ab0952e358ab2ad5779c9a47f9dba42afe0ee78c062bd2925376fcfe4373884a4529ce1c517463eebdb3899568fd7c9db700adea04b30e68c770a"}, &(0x7f0000000900)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000940)={0x0, 0x8, 0x1, 0x3}, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0x0, 0x5, 0x80, 0x3, 0x0, 0x7, 0x9, 0x6, 0x7, 0x0, 0x5, 0x9}}, &(0x7f0000000a00)={0x20, 0x85, 0x4, 0x4c6af9fc}, &(0x7f0000000a40)={0x20, 0x83, 0x2}, &(0x7f0000000a80)={0x20, 0x87, 0x2, 0x2}, &(0x7f0000000ac0)={0x20, 0x89, 0x2}})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000bc0)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})

7.609868865s ago: executing program 5 (id=3304):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, 0x31, 0x301, 0x270bd26, 0x25dfdbfd, {0x3, 0x0, 0x4000}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x480c1}, 0xc014)

7.45749055s ago: executing program 0 (id=3305):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000007880)={0x1, 0x58, &(0x7f0000007800)}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000078c0)=ANY=[], 0x50)
ioctl$TCXONC(r1, 0x540a, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x2)
socket(0x400000000010, 0x3, 0x0)
r2 = mq_open(0x0, 0x42, 0x1f0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syslog(0x2, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x8, 0x11, r3, 0x0)
syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
r4 = syz_open_dev$mouse(0x0, 0x4, 0x200000)
ioctl$MEDIA_IOC_ENUM_ENTITIES(r4, 0xc1007c01, &(0x7f0000000100))
syslog(0x4, &(0x7f00000000c0)=""/27, 0x1b)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000240)=<r6=>0x0)
sched_setscheduler(r6, 0x5, &(0x7f00000002c0)=0x2)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0xfd, 0x0}, 0x4623, 0x0, 'dh\x00', 0x1, 0x10001, 0x49}, 0x2c)

7.282304073s ago: executing program 5 (id=3306):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100"], 0x64}}, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, 0x0, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.284875388s ago: executing program 5 (id=3307):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x60, 0x3e, 0x1, 0x80000, 0x700, {0x1}, [@typed={0x4}, @nested={0x3c, 0x1, 0x0, 0x1, [@nested={0x38, 0x10, 0x0, 0x1, [@nested={0x31, 0xb, 0x0, 0x1, [@generic="ea16cd75d4b7fef9ae54f5768dd2ea9602911c2060314fadcfe614fbdda38a913108f92492b28cf060e0287a89"]}]}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c841}, 0x4008094)

6.222900239s ago: executing program 0 (id=3308):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x3}, 0x50)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x404882, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0xc61f, 0x7fff, 0x7, 0x800, r0, 0x7, '\x00', 0x0, r1, 0x3}, 0x50)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000a40)='./file1\x00', 0x104)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r2 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r2, &(0x7f00000002c0)='./file1\x00', 0x4, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f0000000400000008000000a72c4a6d01000000fafb57b1ee9ff572eee003ea6c37eeb151c856a7b3405911fec8d0ab034c9f46e3906ca6c087c2dc24e1c8838348b844835252b309a1066ce952ad92f89d408446b0e3779cccadf4020c25cc80ff6ad28250f7b3a7", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r6, 0x5}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r7, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000001000000080001003f00"], 0x6c}}, 0x0)
syz_create_resource$binfmt(&(0x7f0000000280)='./file0\x00')
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r7, 0x84, 0x16, &(0x7f00000000c0)={0x3, [0x3, 0x1, 0x3]}, 0xa)
linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x400)

5.19081173s ago: executing program 5 (id=3309):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xa, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x4}}}]}, 0x3c}}, 0x4000010)
sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000080)=0x9, 0x4)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

5.103651449s ago: executing program 8 (id=3310):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xc3afe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000), 0x2, 0x8}}, 0x20)
capset(&(0x7f0000000240)={0x20080522, r0}, &(0x7f00000001c0)={0x2, 0x7, 0x87, 0x7f, 0x1000, 0x5})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x6, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x5000)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r6, 0x8004e500, &(0x7f0000000040)=r5)

4.817364543s ago: executing program 4 (id=3311):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100"], 0x64}}, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x2208004, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x220a00}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x24, 0x4, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.812815664s ago: executing program 0 (id=3312):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="489f658265a744aab2f60b06d631497cf710c5f0", @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf252700000008000300", @ANYRES32=r4, @ANYBLOB="0a00060008021100000000001d102a001001c77206030303030303710701fffd10ff0101260302800e3041c47ec55e4158b1b4304481b1fcbe5b935da5afde27d7e75885f91267bb1453135d06e2bc84e6aa6687fb2250f30a2b54522466efb1482e0a0e63f755d2b87e4a2857489366177ca2f5a8bb68b44a79935816dfc967adb3a898c29c397aaf81b4ed0516d934b9bdc44dc011e60e63051bbdaba11207493af8852d19c763caf01d9b6cdb5b37f46f7edb700a07829e5b0babd510bbc0aa904fa42184b3432c4209f23fb286c321a77a6382cc2b0ce2406fe94be1d258abbf3715aab5dcdc21a9d931debdd1d1cbb5619b91787e52defa4e4d44bd835455266aa70a27c9d7aebbe1f545aa764569bc34d52e7a20fb6cf33de43c0ff8daf0762f942c30050f85321669b98cf0772b3f6d40f44936d3b29c68f5096c0696aada74f9bba937861fcc23977dd69f7d3128ae6fc3c9ad29291431d94952d3a361c2a45aefc6a7f46d34d21cc884b48c184d58fac946299022f6168d44b95985daed1c15b6a6090f34380233df7d998f22d416c15d785f56453eec9b61c3b42e0b86d9be5a3d132471565d535c3a450cabccf9337622a379f4659fb2aa212a811d97db67d4f2918b0d6874f13d9bbd13145e7f82c88929cbda45128ce993bf1e99e76900a3fefb4b8189f7be6ca562c9893c27fcd8a1f55c983c06aff5cd146abcf3d2af9eddc3472b1eda99a24e0faf2062c739142841030fdf3a5e864dc4275d0c0485f92afb2299d592eb92f3036b0c83e0af58f77d4452b2089ea7b72009fcc60eea54795226bae7dd2f89995d9cc835ef55a7a4d1647d22c687a873ce532dd7a6a9835621939cd8115b3931180b4c7827de5af6cdd6e207d4b6b8205380d8ebc3ccb7670abec163ba9553a3fab1368f1e609668a3c86bc895a7e2bea571767a5a10d4c53474a9589bf37e1e489ad8710dd5e1ab301d50c5a882ba4cec8d3bb5db5c2bcbf55cf83e8df7fb3e8842fdc08c83233ca6dc05a0c08ad106026ac6bcf6421e0204d94c8f3317a3c3c779db5e3429118a0d5f509d46a35f7fadac0381c15515a005c04cb6d7728a510508da3bcf42b9a56062a337c9b0a95e0eb93f6f07e8bec86c6e4618d179110c11e6ced87086522437de6209bedecc654cae2b43998a6535d39fee2ce4e75b7888ecbe5d62a063d3cc3120093521ec0dedb3c233dcf97d717b801f5e180c321fb9370f62add424a4528d87d9bd4e6b320c09827b0d530f60065208f9718d42a8977fbf462bb716ed3abd5a2959c4015939a58cab88d90aceeec2958e5f137d823bd79925ea1ed981ef5d88db32e54552c2a95d7cccfd9b889f9e5222e271076fd804db93b0a4a2545c18520eccd1b054c3623019d5432a2d4cdb1408d49f086b95243fdd7d54ba7e584917392b95db57f1d200b51c8f6725ae7eb5adf1a3dda48b5879fcb53878b919fa25ec688294b5d2229fb5a3a3354b316dca1729064b67712218bff1cf72e79347b459a5bb0cd12babcd37d813854d6fb9675ac72a842f2ed5eb5340722c5b926cdbf4dbdab46fe345df900d007e261bf74ffba3d870fbbc0d16896df022be758a5f5abd9e5af646174413e8a6ff20c6ec6219c450426e9d188d622b664a8da458051097184562b29346ce3180316914f5a53758e35d5ff502da7b01307ddc336ce45c1608874cd569af40cf6d75fb148b369a366c175e5d0e22845b26f4685f82a626d89a925aefb1f09e5f680cad131d7c0da31f74ab06faf24e796cabcdf6b7a3aaafb65daedc0c9f9aed511aeff202a2b32ca9b323f2ca440d8afe3b9842ff445e30abefc932c60d5459e0046e151139b2e363c01cf7d0e22c39c6e0dc27370e8aa2fb0c4ed238df0f0110d276c1e0d7e770497ed44b07090261ea9e92acbf56adfd27a931db3257aca85612321bdf22b367652bba78bd80aed3c6a6de89be2f18ab4d367fb5fc7d1d722bb88e2dbca331d3cfab6bdd15efb49a3acb37fe29f521f891b58e1dc95c26ed909c1e2c9284e9f7f390cd4f70f1a86e9454fd9a34ffda5945f14b13b835b7757ea1f85c53cbfc6848284084e4cb5c15f312c7899c65f4e9a19e2367e08930d76a87fabb677c17b31b4329daaef81c567656466b6d47d5d1a579ae5092a67b27843a99908b4603bd2d389985763189b8c7d3094d7bddd49971fb75cd5047100b2687da36942226d0371bc8ce0e59bef9fc3560866720058494b7847f28eab86f64f42cb73b3fe329ab66a27211165c63bc8e2abfd819027c4ba070a64bbc2692c80f4c11616d4851dbcc358a552f0ce4210f2b2c40cb8b35fb1afedc187323520811d74c53d6581ff7b4a8a2cdbb6fede4134cd6e11549ede0a1d617aa4dc7c820873af06684bd4c7cc0e463081c9c991aeb2e8a088760c3ac6374132f01fea9edbb6ff5e930a2b2ca40ae592942a3a8973c1783bcad899bc23f6f57c8f7b3031514d8b4ecb52a442b103c3bf443b49622f82b53c078132ff97ef5bd207c299c87df6a3c10a5a0b92f056eb12b0ea7aba5606e0675e75c0b44790e0234b700f72dc2e89583161440b0cf5984efd4a237ff8ee65ddcbafac162920a7abeacb92605aa487d0275c325f940be7e727664241b31eae45ae6ee99875943ae11ac03ae7dab812c628c46ac306f933aeb594724cd60514c55c09df440a5fefb98aa89ede88f243d65f3afeef61712cebf44acea32e4390e5bdd79532c4586e181dcbd80bf5bd52dadc885926cb4ecdd21adaeb266b333f9471382e4f5ae9c17bbb4c5f2ab4c070dadbbeec5ef66db3194ddd4c54fcc442e2402dbefe949f6aad647b4cf61266ad327ee8059462e1c84477d92edce4c1301a90daebcfab92d05971b3045324024bed8a97007c0c6cd66afc8ebbef084799f3ceaffe5ab7a1826e7e384254d9ebcc1d17250a53385fdf2ce90ccf409f54c84fa78ffb5dfd3373a0d1fac0dbefa4a4ed9f46e16058b6cb972da03307c4c15b6c5d847699ea7915024ed9ee85fb4c2752a5da31bd220dfb9df9b65ca8187f8fd093625b8a8a63ce381fc646daba897e66e7c90d50f09740c5556a4862249168c5e6a7744a67a973ab877b410de5f9c744e3e0724baceb798f7de40790fea1aad47af45d133dd5b389a474077c1b3c495678f655db02b38f246c799e601d77848d938f1e9e0ed43f4a5b730ddd7261898057d22d2a491ebc466463599e2aefc4be870dc60fa1c46c7d20e46b275083d798567592a7cde1d352234b54b3161cb2c45386d1c6a34dafc67ae71d87a607a63cfdf9dc92659d341698a8c1b626521796e5b0d13e5a3ddc6ea8293e209e1a9383a25bc2ac51c0f2c7dc2b6cf05ea4e0ac7ed236794fb498c369c778a0fe689255b6592766e0d58bc5fcb994348cdbb375d8669e895e0221371e093938d691c7c131d77d588012a2bb8243364fc920574a1683df268198332b90f7ca9306ac718012290708464f909b11c9bcf42c843f65b3cd88f7efd7cc944fb8cbe2590167d3a8d5c7640c6184691e16c0dd713ff1a550584a503af27d09cd0b581762615dd3b8927e701f3bc023952a263c2103573767ed14e182a726da123c6f5f4b7dbaa146e024815e7fa677580c0ac65a802848d074b4fd819f5d8e9e7266097386f79e833fe5c8346666eda3c73c0a5bf8f9f66abcf87121c03a9891d59ed42cc384868eeb45341022824437c6f612f1ce35346e8e1b6e3f322a747ae08e8102aa827b437f4e32e6161f855225a680f8985c6105a4a3df086343fa0e3f1e6e1058e8caaae2c9c6e93d3f0a43ed59c88daee16f412d357a9bf3b384b6432f25f46e0df68107f427ed4d3f60dbd40f9f645208cf1488b2e1815b51ef65004fa84053e6d54fe58abaf5db75c65aac50e451e8e20b45f45041c7da99943f64e18b66ef96d96e6da93af77bc7c264156d7cb8cb27348b3cdcd62982e747aed6380c25e8583b27ea28b1ccfc26a4be19dd5df0f65225a593f3526701f94afb5f782602a3e6914f265fc7a110c3ca083ce2838108049b2d91ddf4ac63a0b260a1a4ae7bd57941c887e7318fee169f0beb73c9c3f1720b9444fae7088c9fa33892fe56a6c9669baa0125e95012844dbfcf93a4adb57ee6022545e18095ec9a7c7fbd4c88aec54a5ae237196c3c89dc92cff534b037efce7b7c111404b5abd723820de7e3213283cb13c9973b8ebb9fb013337dcad50a8cc8b78133ec761099284484fdf806b7cf183befa3c70d214ea8f934dc8403c9cf4bde7ee8bd271283df83d5378619ba13e2b35cd0647a861be765a4baabce39ad6d4d843ad32aa768ca3ea864292a4b495d82352315ca1df9116bda5490555e0c08a0d218898990765d8a0c266f68ca0afb6cf80fb3eb7b0751bc3cf956044936e989868aba1e1a80c5505444e4eedbcd2d9c11ed206c9735ec86ddc5a1d31cd12edd6969d8b6b828db6b3acf477e92b8ebb8d65956aef3f7bf436948d6cf1247006f0eb788ada122c015d9173b9553f215e7ed7a57e7738051a87a094572952007435368d996d52bb231a411f844ce7eb9b0b031368709e3ae29a4ffb628559101d68208c9560336703ea436285d505dfc06fa6759fc0b72beced57d965467cd63cc0af8170b073f8db76755256cce74a215a55825fc315661295c62d66788fb31283df8d417ff4c6f069b9918b9b4baa551757188028b733cc9ce1cc631e96fd21073c68e77a9830961142aa8773a9df1935bd7e40f5ffb22be7e5e0f41740fff5baecfda5d8faa6c4337a3e8fcddb7a492c47e0681e08ea632dd0d001c1366fa0a624b7007b4361c149303adfa1e44cb578f26660f6b7642a8c93bb5a994385cef1b3d6b4fe9ef5737797becbd60516d6026afc84c77a95fa2996a1f40207193f3ec99ddf8a9d4320646f5eebeb45db7ee84e346f035d11725fb68037a5052c3b4a7b8bdd62a32769c804bc92cb3ffa237bfd21b5d93b30603d341fb9733527331f87b0d368677e26c1b6e2c5b9eb2bfaad56724a0d7a9ff72ec279d152b49e0b329aa1dc1d364d87f014f9408eb441f0acf69878fb7af5f9284567e23367d72369551e798abb3c7b1c7c6138df1019bc1b43ac3afc6428c3e3d982e7246866c607c190ef6832f7f07e5f477b95566c35c2c033a6069671010fde36212aa4af528cda7a8adeabacd5ea6f6275b6570f93f3d88059e00c591e66933590bf616e59d6018bff685b8f04ecf28948fa49fa554eecf28e6474bab9420cf7035f459eaf3eae0cde2dd4d09a3e78e48eb0d5e1db5d11cf6652e866b1fcbf8c8fb9fe33b11486daa0f19113c51e532d696234c1baa0dfe67b1ddd985efe5571adb63c45ea0ff387fbc7053d8df2b1ed75f99594a60bc406270c6e8206c6550d0b18ba6061303bf0df9cc89dba394e46c5b83d50aa0f4602117a5719e7d7ec777e9a9fd2a910398bf8ac627edf3d8aca3ce7132846cadef4df31b5a829d3f5e1a7b5b64dd96b9cb35daef4409e39352f4fcf6e89c01c89205304cf448db6acc6bf0b4968ef145002b29acc87dabba169d16cd5fac6a9a45ba342117848b6b7d2810bb37816cf5bc0fbf111a26b61111aa9399f7aa317544180ff1b8776eacde6a088f93eb4414c92ca890b38ed33819cc4ded98ecbf71f162be61737fd6a0f79a5c5207588ff14124aaab3a9afe1379f2e7305b3aba47be6d05756bb9f58daadc7ade802b26d7694e51912510ff5bd2148b3cd1248550c784e765cff662393a5f07d13d4d26fa8a490c5508ee7762441f951f33848b065aaf43cad3bfd70b985ebcbe5799b269a2465b5a2c1e1ec937e42be94c34e000000"], 0x1048}, 0x1, 0x0, 0x0, 0x20044840}, 0x2000c074)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x54, 0x0, 0x1, 0x70bd2b, 0x25dfdbf8, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x2a, 0xb, 0xfffffff8}, {0x6}, {0x8, 0x13, 0x5}, {0x5, 0x14, 0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x8090}, 0x4040000)
prlimit64(0x0, 0x0, &(0x7f0000000900)={0x7, 0xf0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000140), 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r7, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_COPY(r6, 0x3b83, &(0x7f0000000280)={0x28, 0x7, r7, r7, 0x1c, 0x14d, 0xa})
r8 = creat(0x0, 0xecf86c37d53049cc)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$kcm(0xa, 0x2, 0x3a)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
ioctl$BLKPBSZGET(r8, 0x127b, &(0x7f0000000280))
setsockopt$ALG_SET_KEY(r9, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4)
r10 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r10, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)

4.060867236s ago: executing program 8 (id=3313):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

3.839716386s ago: executing program 5 (id=3314):
syz_open_dev$cec(&(0x7f00000002c0), 0x0, 0x181800)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000001a40)=0x100000000)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000e45100000000000004000400185a0000010000000000000000000000f81300000095000000000000004dae14108371af9c5336e4119908efb0250810062ad2d5ee3b9d72f7881383d6a9a14d7f9caadf45cd3f4393103ae137dca31643449a1fa2d6f0cc7209b6235df08f7fddcf7ee8594f8fe94744422afe8e3dc1af6b79783ca45b8f9f7d0f5b21b5388bbef5b53f1182efd0e256fe0ffd7b10bf5ff0237af7b7bc9740aa38608194c4395e9b1b97c269fd3b0628862912589bc5e4e20daa8d5215efa4a319c989d58559e6edc5286daa4397349529ec6512431bd535e076cd5b91a39d883ab6a128d096daefda39bed4adab90443e1b19862d48bb971427074359f44a8165d1987f39371e5f05a2d64ef842221d1bbcd192f0e19fc11750f0050a5e800845854a50d44f4823ad58e8e5a8f4354645301ed4781a470fff"], &(0x7f0000000040)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r2}, 0x10)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x4800, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r3, 0xc008551a, &(0x7f0000001100)={0x3})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pipe2$9p(&(0x7f0000000240), 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, 0x0, 0x0)
sendmsg$inet6(r5, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000029000000040000002b00000000000007120000000000"], 0x30}, 0x0)
dup(0xffffffffffffffff)
fanotify_init(0x2, 0x40000)
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000000)=0x1)
ppoll(&(0x7f0000000180)=[{r6, 0x1}], 0x1, 0x0, 0x0, 0x0)
close(0x3)

2.618935418s ago: executing program 8 (id=3315):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}], 0x1, 0x10)
close(0x3)

2.598941473s ago: executing program 4 (id=3316):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
set_mempolicy(0x4003, 0x0, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
waitid(0x0, 0x0, &(0x7f0000000240), 0x80000000, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))

2.476333493s ago: executing program 5 (id=3317):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="09032dbd7000fedbdf251f"], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x220a00}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x24, 0x4, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 8 (id=3318):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x413f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x54}, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100"], 0x64}}, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, 0x0, 0x820)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

ing as an active interface with an up link
[ 1354.857877][T17191] team0: Port device team_slave_0 added
[ 1354.867649][T17191] team0: Port device team_slave_1 added
[ 1354.901192][T17251] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1354.909251][T17251] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[ 1354.917847][T17251] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1354.925992][T17251] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[ 1355.035000][T17191] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1355.073234][T17191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1355.188216][T17191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1355.211743][T17191] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1355.227667][T17191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1355.366243][T17191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1356.400582][T14739] Bluetooth: hci0: command tx timeout
[ 1357.282475][T17191] hsr_slave_0: entered promiscuous mode
[ 1357.415060][T17273] binder_alloc: 17272: pid 17272 spamming oneway? 1 buffers allocated for a total size of 4096
[ 1357.430473][T17191] hsr_slave_1: entered promiscuous mode
[ 1357.436965][T17273] binder_alloc: 17272: pid 17272 spamming oneway? 2 buffers allocated for a total size of 5120
[ 1357.448721][T17191] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1357.462919][T17191] Cannot create hsr debugfs directory
[ 1358.571330][T14739] Bluetooth: hci0: command tx timeout
[ 1360.036026][T17294] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3056'.
[ 1360.903728][T17191] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1360.979006][T17191] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1361.038381][T17191] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1361.062722][T10944] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 1361.132302][T17191] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1361.740922][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.296123][T17314] FAULT_INJECTION: forcing a failure.
[ 1362.296123][T17314] name failslab, interval 1, probability 0, space 0, times 0
[ 1362.322822][T17314] CPU: 0 UID: 0 PID: 17314 Comm: syz.0.3061 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1362.322854][T17314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1362.322867][T17314] Call Trace:
[ 1362.322877][T17314]  <TASK>
[ 1362.322887][T17314]  dump_stack_lvl+0x189/0x250
[ 1362.322917][T17314]  ? __pfx____ratelimit+0x10/0x10
[ 1362.322950][T17314]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1362.322974][T17314]  ? __pfx__printk+0x10/0x10
[ 1362.323008][T17314]  ? __pfx___might_resched+0x10/0x10
[ 1362.323031][T17314]  ? fs_reclaim_acquire+0x7d/0x100
[ 1362.323060][T17314]  should_fail_ex+0x414/0x560
[ 1362.323096][T17314]  should_failslab+0xa8/0x100
[ 1362.323130][T17314]  __kmalloc_noprof+0xcb/0x4f0
[ 1362.323158][T17314]  ? kfree+0x4d/0x440
[ 1362.323183][T17314]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1362.323212][T17314]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1362.323238][T17314]  ? tomoyo_domain+0xda/0x130
[ 1362.323268][T17314]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1362.323300][T17314]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1362.323334][T17314]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1362.323423][T17314]  ? d_alloc_parallel+0x2e0/0x14e0
[ 1362.323450][T17314]  ? __pfx_current_check_access_path+0x10/0x10
[ 1362.323488][T17314]  tomoyo_path_mknod+0x142/0x190
[ 1362.323518][T17314]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[ 1362.323557][T17314]  security_path_mknod+0x17e/0x3a0
[ 1362.323588][T17314]  path_openat+0xd56/0x3830
[ 1362.323613][T17314]  ? arch_stack_walk+0xfc/0x150
[ 1362.323678][T17314]  ? __pfx_path_openat+0x10/0x10
[ 1362.323702][T17314]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.323748][T17314]  do_filp_open+0x1fa/0x410
[ 1362.323773][T17314]  ? __lock_acquire+0xab9/0xd20
[ 1362.323795][T17314]  ? __pfx_do_filp_open+0x10/0x10
[ 1362.323848][T17314]  ? _raw_spin_unlock+0x28/0x50
[ 1362.323877][T17314]  ? alloc_fd+0x64c/0x6c0
[ 1362.323921][T17314]  do_sys_openat2+0x121/0x1c0
[ 1362.323950][T17314]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1362.323975][T17314]  ? ksys_write+0x22a/0x250
[ 1362.324006][T17314]  ? __pfx_ksys_write+0x10/0x10
[ 1362.324031][T17314]  ? rcu_is_watching+0x15/0xb0
[ 1362.324061][T17314]  __x64_sys_creat+0x8f/0xc0
[ 1362.324091][T17314]  do_syscall_64+0xfa/0x3b0
[ 1362.324110][T17314]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1362.324142][T17314]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.324163][T17314]  ? clear_bhb_loop+0x60/0xb0
[ 1362.324189][T17314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.324210][T17314] RIP: 0033:0x7fb98cd8e929
[ 1362.324230][T17314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1362.324248][T17314] RSP: 002b:00007fb98dc07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 1362.324270][T17314] RAX: ffffffffffffffda RBX: 00007fb98cfb5fa0 RCX: 00007fb98cd8e929
[ 1362.324286][T17314] RDX: 0000000000000000 RSI: 000000000000002c RDI: 0000200000000100
[ 1362.324300][T17314] RBP: 00007fb98dc07090 R08: 0000000000000000 R09: 0000000000000000
[ 1362.324314][T17314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1362.324326][T17314] R13: 0000000000000000 R14: 00007fb98cfb5fa0 R15: 00007ffe35e01d98
[ 1362.324360][T17314]  </TASK>
[ 1362.324371][T17314] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1362.801496][T17328] netlink: 76 bytes leftover after parsing attributes in process `syz.8.3060'.
[ 1363.986574][T17191] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1364.100931][T17191] 8021q: adding VLAN 0 to HW filter on device team0
[ 1364.136212][T17338] sctp: [Deprecated]: syz.8.3066 (pid 17338) Use of int in max_burst socket option deprecated.
[ 1364.136212][T17338] Use struct sctp_assoc_value instead
[ 1364.163509][T17339] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3067'.
[ 1364.179980][T17338] : entered promiscuous mode
[ 1364.187422][T17338] tmpfs: Unknown parameter 'grpquota 0
[ 1364.187422][T17338] '
[ 1364.314655][T16930] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1364.321877][T16930] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1364.414033][T16930] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1364.421311][T16930] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1368.807582][T17191] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1368.915545][T17364] dvmrp8: left allmulticast mode
[ 1369.926855][T17191] veth0_vlan: entered promiscuous mode
[ 1369.957406][T17191] veth1_vlan: entered promiscuous mode
[ 1370.044398][T17191] veth0_macvtap: entered promiscuous mode
[ 1370.114256][T17191] veth1_macvtap: entered promiscuous mode
[ 1370.141114][T17191] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1371.116532][T17191] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1371.134785][T17191] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1371.143738][T17191] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1371.154954][T17191] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.108963][T17191] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1372.484732][T14739] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1372.496246][T14739] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1372.506744][T14739] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1372.516075][T14739] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1372.525343][T14739] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1372.636558][T14139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1372.647064][T14139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1372.655317][T17408] lo speed is unknown, defaulting to 1000
[ 1372.675474][T17408] lo speed is unknown, defaulting to 1000
[ 1372.690287][T16516] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 1372.701156][ T5997] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1372.723027][ T5997] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1372.885296][T16516] usb 9-1: Using ep0 maxpacket: 32
[ 1372.908197][T16516] usb 9-1: config 1 has an invalid interface number: 50 but max is 0
[ 1372.937867][T16516] usb 9-1: config 1 has no interface number 0
[ 1372.965128][T16516] usb 9-1: config 1 interface 50 has no altsetting 0
[ 1372.988290][T16516] usb 9-1: New USB device found, idVendor=04f1, idProduct=3012, bcdDevice=b5.94
[ 1373.010100][T16516] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1373.049875][T16516] usb 9-1: Product: syz
[ 1373.281890][T16516] usb 9-1: Manufacturer: syz
[ 1373.288779][T16516] usb 9-1: SerialNumber: syz
[ 1373.634501][T16516] ipaq 9-1:1.50: PocketPC PDA converter detected
[ 1373.728188][T17424] xt_socket: unknown flags 0xc
[ 1373.811431][T17407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1373.845939][T17407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1373.998933][T17429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3088'.
[ 1374.612926][   T51] Bluetooth: hci2: command tx timeout
[ 1375.021591][T17408] chnl_net:caif_netlink_parms(): no params data found
[ 1375.996740][T17408] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.022812][T17408] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1376.030353][T17408] bridge_slave_0: entered allmulticast mode
[ 1376.045141][T17408] bridge_slave_0: entered promiscuous mode
[ 1376.277585][T17408] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.290792][T17408] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1376.300076][T17408] bridge_slave_1: entered allmulticast mode
[ 1376.308162][T17408] bridge_slave_1: entered promiscuous mode
[ 1376.698200][   T51] Bluetooth: hci2: command tx timeout
[ 1377.770185][T17464] FAULT_INJECTION: forcing a failure.
[ 1377.770185][T17464] name failslab, interval 1, probability 0, space 0, times 0
[ 1377.784256][T17464] CPU: 0 UID: 0 PID: 17464 Comm: syz.5.3095 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1377.784287][T17464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1377.784300][T17464] Call Trace:
[ 1377.784315][T17464]  <TASK>
[ 1377.784324][T17464]  dump_stack_lvl+0x189/0x250
[ 1377.784350][T17464]  ? __pfx____ratelimit+0x10/0x10
[ 1377.784373][T17464]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1377.784390][T17464]  ? __pfx__printk+0x10/0x10
[ 1377.784412][T17464]  ? __pfx___might_resched+0x10/0x10
[ 1377.784428][T17464]  ? fs_reclaim_acquire+0x7d/0x100
[ 1377.784447][T17464]  should_fail_ex+0x414/0x560
[ 1377.784473][T17464]  should_failslab+0xa8/0x100
[ 1377.784497][T17464]  __kmalloc_noprof+0xcb/0x4f0
[ 1377.784518][T17464]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1377.784547][T17464]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1377.784576][T17464]  genl_family_rcv_msg_doit+0xb8/0x300
[ 1377.784605][T17464]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1377.784631][T17464]  ? __pfx_genl_get_cmd+0x10/0x10
[ 1377.784651][T17464]  ? __pfx_fou_nl_get_doit+0x10/0x10
[ 1377.784669][T17464]  ? __pfx_fou_nl_get_dumpit+0x10/0x10
[ 1377.784687][T17464]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1377.784718][T17464]  genl_rcv_msg+0x60e/0x790
[ 1377.784746][T17464]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1377.784767][T17464]  ? __pfx_fou_nl_get_doit+0x10/0x10
[ 1377.784796][T17464]  netlink_rcv_skb+0x208/0x470
[ 1377.784815][T17464]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1377.784839][T17464]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1377.784870][T17464]  ? down_read+0x1ad/0x2e0
[ 1377.784887][T17464]  genl_rcv+0x28/0x40
[ 1377.784908][T17464]  netlink_unicast+0x75c/0x8e0
[ 1377.784932][T17464]  netlink_sendmsg+0x805/0xb30
[ 1377.784958][T17464]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1377.784985][T17464]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1377.785004][T17464]  __sock_sendmsg+0x219/0x270
[ 1377.785030][T17464]  ____sys_sendmsg+0x505/0x830
[ 1377.785054][T17464]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1377.785081][T17464]  ? import_iovec+0x74/0xa0
[ 1377.785101][T17464]  ___sys_sendmsg+0x21f/0x2a0
[ 1377.785122][T17464]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1377.785176][T17464]  ? __fget_files+0x2a/0x420
[ 1377.785190][T17464]  ? __fget_files+0x3a0/0x420
[ 1377.785212][T17464]  __x64_sys_sendmsg+0x19b/0x260
[ 1377.785234][T17464]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1377.785261][T17464]  ? __pfx_ksys_write+0x10/0x10
[ 1377.785286][T17464]  ? do_syscall_64+0xbe/0x3b0
[ 1377.785304][T17464]  do_syscall_64+0xfa/0x3b0
[ 1377.785319][T17464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.785334][T17464]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1377.785349][T17464]  ? clear_bhb_loop+0x60/0xb0
[ 1377.785368][T17464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1377.785383][T17464] RIP: 0033:0x7fbad798e929
[ 1377.785397][T17464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1377.785410][T17464] RSP: 002b:00007fbad87c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1377.785426][T17464] RAX: ffffffffffffffda RBX: 00007fbad7bb6160 RCX: 00007fbad798e929
[ 1377.785437][T17464] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1377.785447][T17464] RBP: 00007fbad87c3090 R08: 0000000000000000 R09: 0000000000000000
[ 1377.785456][T17464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1377.785465][T17464] R13: 0000000000000000 R14: 00007fbad7bb6160 R15: 00007ffdb7b3e8e8
[ 1377.785489][T17464]  </TASK>
[ 1378.734487][T16516] ipaq 9-1:1.50: probe with driver ipaq failed with error -110
[ 1378.772767][   T51] Bluetooth: hci2: command tx timeout
[ 1378.857393][T17408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1378.869507][T17408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1378.893136][T16516] usb 9-1: USB disconnect, device number 29
[ 1379.070038][T17408] team0: Port device team_slave_0 added
[ 1379.083528][T17408] team0: Port device team_slave_1 added
[ 1379.277895][T17473] syz.0.3098: attempt to access beyond end of device
[ 1379.277895][T17473] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1379.293617][T17473] gfs2: error -5 reading superblock
[ 1379.323270][T16516] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[ 1379.850888][T16516] usb 9-1: Using ep0 maxpacket: 8
[ 1380.053761][T16516] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1380.095071][T16516] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1380.181076][T16516] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1380.240701][T16516] pvrusb2: **********
[ 1380.262465][T16516] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1380.286621][T16516] pvrusb2: Important functionality might not be entirely working.
[ 1380.301928][T16516] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1380.326052][T17408] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1380.336656][T17408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1380.391675][T16516] pvrusb2: **********
[ 1380.421525][ T2344] pvrusb2: Invalid write control endpoint
[ 1380.529889][T17408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1380.744275][T17408] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1380.832164][T17408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1380.862730][   T51] Bluetooth: hci2: command tx timeout
[ 1380.870523][T17467] pvrusb2: Invalid write control endpoint
[ 1381.128491][T16516] usb 9-1: USB disconnect, device number 30
[ 1381.170129][T17408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1381.613786][ T2344] pvrusb2: Invalid write control endpoint
[ 1381.619606][ T2344] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1381.680849][ T2344] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1381.703364][ T2344] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1381.722073][ T2344] pvrusb2: Device being rendered inoperable
[ 1381.729446][ T2344] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1381.742193][ T2344] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1381.782256][ T2344] pvrusb2: Attached sub-driver cx25840
[ 1381.798537][ T2344] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1381.842860][ T2344] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1381.859436][T17408] hsr_slave_0: entered promiscuous mode
[ 1381.869082][T17408] hsr_slave_1: entered promiscuous mode
[ 1381.880336][T17408] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1381.898688][T17408] Cannot create hsr debugfs directory
[ 1383.045490][T17504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3106'.
[ 1383.051643][T17408] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.181572][T17504] syz.0.3106: attempt to access beyond end of device
[ 1383.181572][T17504] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1383.199563][T17504] gfs2: error -5 reading superblock
[ 1383.549226][T17408] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1383.778681][T17408] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1385.052138][T17408] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1385.118298][   T30] kauditd_printk_skb: 43 callbacks suppressed
[ 1385.118318][   T30] audit: type=1326 audit(1752693854.550:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1385.157575][T17524] Bluetooth: MGMT ver 1.23
[ 1385.231497][   T30] audit: type=1326 audit(1752693854.570:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1385.307467][   T30] audit: type=1326 audit(1752693854.570:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1385.401459][   T30] audit: type=1326 audit(1752693854.570:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1385.631456][T17408] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1385.722802][T17532] netlink: 76 bytes leftover after parsing attributes in process `syz.8.3111'.
[ 1386.288268][T17408] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1386.332706][   T30] audit: type=1326 audit(1752693854.580:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1386.409513][   T30] audit: type=1326 audit(1752693854.580:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1386.468788][   T30] audit: type=1326 audit(1752693854.580:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1386.522180][T17408] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1386.541250][T17408] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1386.549591][   T30] audit: type=1326 audit(1752693854.580:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1386.727228][   T30] audit: type=1326 audit(1752693854.580:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1386.789894][   T30] audit: type=1326 audit(1752693854.580:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17523 comm="syz.7.3110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaf5f8e929 code=0x7ffc0000
[ 1387.169082][T17548] overlayfs: failed to resolve './file1': -2
[ 1387.772397][T17408] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1387.812434][T17408] 8021q: adding VLAN 0 to HW filter on device team0
[ 1387.838907][T13771] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1387.846096][T13771] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1387.910874][T16258] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1387.918117][T16258] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1388.198127][T17408] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1388.213579][T17408] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1388.883538][T10939] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 1389.052737][T10939] usb 6-1: Using ep0 maxpacket: 16
[ 1389.060202][T10939] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1389.094735][T10939] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1389.112805][T10939] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1389.119622][T10939] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[ 1389.153111][T10939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.176456][T10939] usb 6-1: config 0 descriptor??
[ 1389.326298][T17408] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1389.483344][T17408] veth0_vlan: entered promiscuous mode
[ 1389.524757][T17408] veth1_vlan: entered promiscuous mode
[ 1391.852511][T17551] xt_CT: No such helper "snmp"
[ 1392.292363][T17408] veth0_macvtap: entered promiscuous mode
[ 1392.606898][T17408] veth1_macvtap: entered promiscuous mode
[ 1392.648620][T10939] usbhid 6-1:0.0: can't add hid device: -71
[ 1392.680832][T10939] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1392.720200][T10939] usb 6-1: USB disconnect, device number 67
[ 1394.858970][T17408] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1394.955276][T17408] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1395.098797][T17408] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1395.146043][T17408] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1395.167905][T17408] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1395.180751][T17408] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1395.491717][T17605] ptrace attach of "./syz-executor exec"[17608] was attempted by "./syz-executor exec"[17605]
[ 1395.707781][T14181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1395.746649][T14181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1395.944457][ T6008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1395.952349][ T6008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1396.619008][T17614] syz_tun: tun_net_xmit 42
[ 1396.624088][T17614] syz_tun: tun_net_xmit 42
[ 1396.628746][T17614] syz_tun: tun_net_xmit 42
[ 1396.633374][T17614] syz_tun: tun_net_xmit 42
[ 1396.637950][T17614] syz_tun: tun_net_xmit 42
[ 1396.651567][T17614] syz_tun: tun_net_xmit 42
[ 1396.666672][T17614] syz_tun: tun_net_xmit 42
[ 1396.677797][T17614] syz_tun: tun_net_xmit 42
[ 1396.720668][T17617] syz_tun: tun_net_xmit 78
[ 1396.752227][T17614] syz_tun: tun_net_xmit 42
[ 1396.767272][T17614] syz_tun: tun_net_xmit 42
[ 1396.782820][T17618] syz_tun: tun_net_xmit 54
[ 1396.793102][T17614] syz_tun: tun_net_xmit 42
[ 1396.804175][    C0] syz_tun: tun_net_xmit 74
[ 1396.820448][T17614] syz_tun: tun_net_xmit 42
[ 1396.825448][T17614] syz_tun: tun_net_xmit 42
[ 1396.830100][T17614] syz_tun: tun_net_xmit 42
[ 1396.836857][T17614] syz_tun: tun_net_xmit 42
[ 1396.843972][T17614] syz_tun: tun_net_xmit 42
[ 1396.858057][T17614] syz_tun: tun_net_xmit 42
[ 1396.880556][T17614] syz_tun: tun_net_xmit 42
[ 1396.896277][T17614] syz_tun: tun_net_xmit 42
[ 1396.910596][T17614] syz_tun: tun_net_xmit 42
[ 1396.924458][T17614] syz_tun: tun_net_xmit 42
[ 1396.940159][T17614] syz_tun: tun_net_xmit 42
[ 1396.960853][T17614] syz_tun: tun_net_xmit 42
[ 1396.981750][T17614] syz_tun: tun_net_xmit 42
[ 1396.994873][T17614] syz_tun: tun_net_xmit 42
[ 1397.007497][T17614] syz_tun: tun_net_xmit 42
[ 1397.027964][T17614] syz_tun: tun_net_xmit 42
[ 1397.043033][T17614] syz_tun: tun_net_xmit 42
[ 1397.048202][T17614] syz_tun: tun_net_xmit 42
[ 1397.097370][T17614] syz_tun: tun_net_xmit 42
[ 1397.118255][T17614] syz_tun: tun_net_xmit 42
[ 1397.149235][T17614] syz_tun: tun_net_xmit 42
[ 1397.198932][T17614] syz_tun: tun_net_xmit 42
[ 1397.224300][T17614] syz_tun: tun_net_xmit 42
[ 1397.243569][T17614] syz_tun: tun_net_xmit 42
[ 1397.260325][T17614] syz_tun: tun_net_xmit 42
[ 1397.282912][T17614] syz_tun: tun_net_xmit 42
[ 1397.297854][T17614] syz_tun: tun_net_xmit 42
[ 1397.321491][T17614] syz_tun: tun_net_xmit 42
[ 1397.331996][T17614] syz_tun: tun_net_xmit 42
[ 1397.337362][T17614] syz_tun: tun_net_xmit 42
[ 1397.342220][T17614] syz_tun: tun_net_xmit 42
[ 1397.347037][T17614] syz_tun: tun_net_xmit 42
[ 1397.353046][T17614] syz_tun: tun_net_xmit 42
[ 1397.357665][T17614] syz_tun: tun_net_xmit 42
[ 1397.362396][T17614] syz_tun: tun_net_xmit 42
[ 1397.368211][T17614] syz_tun: tun_net_xmit 42
[ 1397.374374][T17614] syz_tun: tun_net_xmit 42
[ 1397.378965][T17614] syz_tun: tun_net_xmit 42
[ 1397.384383][T17614] syz_tun: tun_net_xmit 42
[ 1397.389225][T17614] syz_tun: tun_net_xmit 42
[ 1397.394132][T17614] syz_tun: tun_net_xmit 42
[ 1397.398774][T17614] syz_tun: tun_net_xmit 42
[ 1397.403677][T17614] syz_tun: tun_net_xmit 42
[ 1397.408419][T17614] syz_tun: tun_net_xmit 42
[ 1397.413908][T17614] syz_tun: tun_net_xmit 42
[ 1397.419810][T17614] syz_tun: tun_net_xmit 42
[ 1397.462961][T17614] syz_tun: tun_net_xmit 42
[ 1397.505675][T17614] syz_tun: tun_net_xmit 42
[ 1397.510373][T17614] syz_tun: tun_net_xmit 42
[ 1397.521273][T17614] syz_tun: tun_net_xmit 42
[ 1397.562860][T17614] syz_tun: tun_net_xmit 42
[ 1397.567563][T17614] syz_tun: tun_net_xmit 42
[ 1397.588454][T17623] FAULT_INJECTION: forcing a failure.
[ 1397.588454][T17623] name failslab, interval 1, probability 0, space 0, times 0
[ 1397.595755][T17614] syz_tun: tun_net_xmit 42
[ 1397.656329][T17623] CPU: 1 UID: 0 PID: 17623 Comm: syz.8.3131 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1397.656363][T17623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1397.656378][T17623] Call Trace:
[ 1397.656388][T17623]  <TASK>
[ 1397.656398][T17623]  dump_stack_lvl+0x189/0x250
[ 1397.656438][T17623]  ? __pfx____ratelimit+0x10/0x10
[ 1397.656471][T17623]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1397.656496][T17623]  ? __pfx__printk+0x10/0x10
[ 1397.656531][T17623]  ? __pfx___might_resched+0x10/0x10
[ 1397.656554][T17623]  ? fs_reclaim_acquire+0x7d/0x100
[ 1397.656581][T17623]  should_fail_ex+0x414/0x560
[ 1397.656617][T17623]  should_failslab+0xa8/0x100
[ 1397.656651][T17623]  __kmalloc_noprof+0xcb/0x4f0
[ 1397.656679][T17623]  ? kfree+0x4d/0x440
[ 1397.656703][T17623]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1397.656733][T17623]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1397.656758][T17623]  ? tomoyo_domain+0xda/0x130
[ 1397.656788][T17623]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1397.656820][T17623]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1397.656853][T17623]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1397.656904][T17623]  ? __lock_acquire+0xab9/0xd20
[ 1397.656947][T17623]  ? __fget_files+0x2a/0x420
[ 1397.656971][T17623]  ? __fget_files+0x2a/0x420
[ 1397.656989][T17623]  ? __fget_files+0x3a0/0x420
[ 1397.657007][T17623]  ? __fget_files+0x2a/0x420
[ 1397.657031][T17623]  security_file_ioctl+0xcb/0x2d0
[ 1397.657067][T17623]  __se_sys_ioctl+0x47/0x170
[ 1397.657097][T17623]  do_syscall_64+0xfa/0x3b0
[ 1397.657118][T17623]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1397.657149][T17623]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.657171][T17623]  ? clear_bhb_loop+0x60/0xb0
[ 1397.657197][T17623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.657218][T17623] RIP: 0033:0x7f8a6998e929
[ 1397.657237][T17623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1397.657255][T17623] RSP: 002b:00007f8a6a744038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1397.657278][T17623] RAX: ffffffffffffffda RBX: 00007f8a69bb5fa0 RCX: 00007f8a6998e929
[ 1397.657295][T17623] RDX: 0000200000000000 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1397.657309][T17623] RBP: 00007f8a6a744090 R08: 0000000000000000 R09: 0000000000000000
[ 1397.657323][T17623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1397.657336][T17623] R13: 0000000000000000 R14: 00007f8a69bb5fa0 R15: 00007ffd5e8b6c98
[ 1397.657375][T17623]  </TASK>
[ 1397.659372][T17623] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1398.204277][T17614] syz_tun: tun_net_xmit 42
[ 1398.323759][T17614] syz_tun: tun_net_xmit 42
[ 1398.353220][T17614] syz_tun: tun_net_xmit 42
[ 1398.475145][T17614] syz_tun: tun_net_xmit 42
[ 1398.479859][T17614] syz_tun: tun_net_xmit 42
[ 1398.523033][T17614] syz_tun: tun_net_xmit 42
[ 1398.527925][T17614] syz_tun: tun_net_xmit 42
[ 1398.577799][T17614] syz_tun: tun_net_xmit 42
[ 1398.582509][T17614] syz_tun: tun_net_xmit 42
[ 1398.635033][T17614] syz_tun: tun_net_xmit 42
[ 1398.639739][T17614] syz_tun: tun_net_xmit 42
[ 1398.662980][T17614] syz_tun: tun_net_xmit 42
[ 1398.682591][T17614] syz_tun: tun_net_xmit 42
[ 1398.702235][T17614] syz_tun: tun_net_xmit 42
[ 1398.737739][T17614] syz_tun: tun_net_xmit 42
[ 1398.742433][T17614] syz_tun: tun_net_xmit 42
[ 1398.790203][T17614] syz_tun: tun_net_xmit 42
[ 1398.823981][T17614] syz_tun: tun_net_xmit 42
[ 1398.849137][T17614] syz_tun: tun_net_xmit 42
[ 1398.872902][T10944] usb 6-1: new high-speed USB device number 68 using dummy_hcd
[ 1398.888875][T17614] syz_tun: tun_net_xmit 42
[ 1399.007044][T17614] syz_tun: tun_net_xmit 42
[ 1399.402755][T10944] usb 6-1: Using ep0 maxpacket: 16
[ 1399.426380][T17614] syz_tun: tun_net_xmit 42
[ 1399.431171][T17614] syz_tun: tun_net_xmit 42
[ 1399.444395][T10944] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1399.473618][T10944] usb 6-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1399.489315][T10944] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1399.506076][T17614] syz_tun: tun_net_xmit 42
[ 1399.530861][T17614] syz_tun: tun_net_xmit 42
[ 1399.536112][T10944] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[ 1399.552837][T17614] syz_tun: tun_net_xmit 42
[ 1399.564099][T17614] syz_tun: tun_net_xmit 42
[ 1399.578881][T10944] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.600066][T17614] syz_tun: tun_net_xmit 42
[ 1399.609485][T17614] syz_tun: tun_net_xmit 42
[ 1399.683596][T10944] usb 6-1: config 0 descriptor??
[ 1399.690458][T17614] syz_tun: tun_net_xmit 42
[ 1399.713473][T17614] syz_tun: tun_net_xmit 42
[ 1399.733704][T17614] syz_tun: tun_net_xmit 42
[ 1399.748869][T17614] syz_tun: tun_net_xmit 42
[ 1399.773327][T17614] syz_tun: tun_net_xmit 42
[ 1399.788713][T17614] syz_tun: tun_net_xmit 42
[ 1399.809654][T17614] syz_tun: tun_net_xmit 42
[ 1399.843013][T17614] syz_tun: tun_net_xmit 42
[ 1399.854906][T17614] syz_tun: tun_net_xmit 42
[ 1399.866229][T17614] syz_tun: tun_net_xmit 42
[ 1399.870890][T17614] syz_tun: tun_net_xmit 42
[ 1399.907545][T17614] syz_tun: tun_net_xmit 42
[ 1399.917071][T14739] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1399.928266][T17614] syz_tun: tun_net_xmit 42
[ 1399.954207][T14739] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1399.975265][T14739] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1399.975604][T17614] syz_tun: tun_net_xmit 42
[ 1400.019654][T17646] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3137'.
[ 1400.033531][T17646] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3137'.
[ 1400.083212][T14739] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1400.084269][T17614] syz_tun: tun_net_xmit 42
[ 1400.133636][T17614] syz_tun: tun_net_xmit 42
[ 1400.173237][T14739] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1400.269061][T17614] syz_tun: tun_net_xmit 42
[ 1400.369428][T17614] syz_tun: tun_net_xmit 42
[ 1400.464473][T17614] syz_tun: tun_net_xmit 42
[ 1400.567995][T17614] syz_tun: tun_net_xmit 42
[ 1400.678151][T17614] syz_tun: tun_net_xmit 42
[ 1400.762861][T17614] syz_tun: tun_net_xmit 42
[ 1400.768943][T17614] syz_tun: tun_net_xmit 42
[ 1400.798567][T17614] syz_tun: tun_net_xmit 42
[ 1400.811516][T17644] lo speed is unknown, defaulting to 1000
[ 1400.849024][T17614] syz_tun: tun_net_xmit 42
[ 1400.868870][T17644] lo speed is unknown, defaulting to 1000
[ 1400.869614][T17632] xt_CT: No such helper "snmp"
[ 1400.879983][T17614] syz_tun: tun_net_xmit 42
[ 1400.886566][T17614] syz_tun: tun_net_xmit 42
[ 1400.891373][T17614] syz_tun: tun_net_xmit 42
[ 1400.901654][T17614] syz_tun: tun_net_xmit 42
[ 1400.911650][T17614] syz_tun: tun_net_xmit 42
[ 1400.921178][T17614] syz_tun: tun_net_xmit 42
[ 1400.940708][T17614] syz_tun: tun_net_xmit 42
[ 1400.950436][T17614] syz_tun: tun_net_xmit 42
[ 1400.959022][T17614] syz_tun: tun_net_xmit 42
[ 1400.964096][T17614] syz_tun: tun_net_xmit 42
[ 1400.968887][T17614] syz_tun: tun_net_xmit 42
[ 1400.973860][T17614] syz_tun: tun_net_xmit 42
[ 1400.978600][T17614] syz_tun: tun_net_xmit 42
[ 1400.983654][T17614] syz_tun: tun_net_xmit 42
[ 1400.988341][T17614] syz_tun: tun_net_xmit 42
[ 1400.993066][T17614] syz_tun: tun_net_xmit 42
[ 1400.997875][T17614] syz_tun: tun_net_xmit 42
[ 1401.002596][T17614] syz_tun: tun_net_xmit 42
[ 1401.030278][T17614] syz_tun: tun_net_xmit 42
[ 1401.035254][T10944] usbhid 6-1:0.0: can't add hid device: -71
[ 1401.041329][T10944] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1401.058822][T17614] syz_tun: tun_net_xmit 42
[ 1401.066520][T17614] syz_tun: tun_net_xmit 42
[ 1401.071179][T17614] syz_tun: tun_net_xmit 42
[ 1401.084435][T10944] usb 6-1: USB disconnect, device number 68
[ 1401.090899][T17614] syz_tun: tun_net_xmit 42
[ 1401.098863][T17614] syz_tun: tun_net_xmit 42
[ 1401.113064][T17614] syz_tun: tun_net_xmit 42
[ 1401.117761][T17614] syz_tun: tun_net_xmit 42
[ 1401.122469][T17614] syz_tun: tun_net_xmit 42
[ 1401.127281][T17614] syz_tun: tun_net_xmit 42
[ 1401.131965][T17614] syz_tun: tun_net_xmit 42
[ 1401.142974][T17614] syz_tun: tun_net_xmit 42
[ 1401.147639][T17614] syz_tun: tun_net_xmit 42
[ 1401.152302][T17614] syz_tun: tun_net_xmit 42
[ 1401.164691][T17614] syz_tun: tun_net_xmit 42
[ 1401.173146][T17614] syz_tun: tun_net_xmit 42
[ 1401.177829][T17614] syz_tun: tun_net_xmit 42
[ 1401.194179][T17614] syz_tun: tun_net_xmit 42
[ 1401.198886][T17614] syz_tun: tun_net_xmit 42
[ 1401.203892][T17614] syz_tun: tun_net_xmit 42
[ 1401.208620][T17614] syz_tun: tun_net_xmit 42
[ 1401.218766][T17614] syz_tun: tun_net_xmit 42
[ 1401.228922][T17614] syz_tun: tun_net_xmit 42
[ 1401.234004][T17614] syz_tun: tun_net_xmit 42
[ 1401.238634][T17614] syz_tun: tun_net_xmit 42
[ 1401.253409][T17614] syz_tun: tun_net_xmit 42
[ 1401.273220][T17614] syz_tun: tun_net_xmit 42
[ 1401.278008][T17614] syz_tun: tun_net_xmit 42
[ 1401.283763][T17614] syz_tun: tun_net_xmit 42
[ 1401.288445][T17614] syz_tun: tun_net_xmit 42
[ 1401.303017][T17614] syz_tun: tun_net_xmit 42
[ 1401.307856][T17614] syz_tun: tun_net_xmit 42
[ 1401.312480][T17614] syz_tun: tun_net_xmit 42
[ 1401.317209][T17614] syz_tun: tun_net_xmit 42
[ 1401.332221][T17614] syz_tun: tun_net_xmit 42
[ 1401.337404][T17614] syz_tun: tun_net_xmit 42
[ 1401.342029][T17614] syz_tun: tun_net_xmit 42
[ 1401.346810][T17614] syz_tun: tun_net_xmit 42
[ 1401.356951][T17614] syz_tun: tun_net_xmit 42
[ 1401.367140][T17614] syz_tun: tun_net_xmit 42
[ 1401.371784][T17614] syz_tun: tun_net_xmit 42
[ 1401.382993][T16515] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[ 1401.389101][T17614] syz_tun: tun_net_xmit 42
[ 1401.404836][T17614] syz_tun: tun_net_xmit 42
[ 1401.411492][T17614] syz_tun: tun_net_xmit 42
[ 1401.491139][T17639] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3136'.
[ 1401.672779][T16515] usb 9-1: Using ep0 maxpacket: 32
[ 1401.682847][T17614] syz_tun: tun_net_xmit 42
[ 1401.693361][T17614] syz_tun: tun_net_xmit 42
[ 1401.701073][T16515] usb 9-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[ 1401.712821][T17614] syz_tun: tun_net_xmit 42
[ 1401.717541][T17614] syz_tun: tun_net_xmit 42
[ 1401.720569][T16515] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1401.736555][T17614] syz_tun: tun_net_xmit 42
[ 1401.741265][T17614] syz_tun: tun_net_xmit 42
[ 1401.757531][T16515] usb 9-1: Product: syz
[ 1401.761774][T16515] usb 9-1: Manufacturer: syz
[ 1401.772989][T17614] syz_tun: tun_net_xmit 42
[ 1401.787106][T16515] usb 9-1: SerialNumber: syz
[ 1401.796060][T17614] syz_tun: tun_net_xmit 42
[ 1401.808071][T16515] usb 9-1: config 0 descriptor??
[ 1401.824368][T16515] usb 9-1: no audio or video endpoints found
[ 1401.828375][T17614] syz_tun: tun_net_xmit 42
[ 1401.863034][T17614] syz_tun: tun_net_xmit 42
[ 1401.867737][T17614] syz_tun: tun_net_xmit 42
[ 1401.906574][T17614] syz_tun: tun_net_xmit 42
[ 1401.911235][T17614] syz_tun: tun_net_xmit 42
[ 1401.953570][T17614] syz_tun: tun_net_xmit 42
[ 1401.958349][T17614] syz_tun: tun_net_xmit 42
[ 1401.974693][T17614] syz_tun: tun_net_xmit 42
[ 1401.979469][T17614] syz_tun: tun_net_xmit 42
[ 1401.984987][T17614] syz_tun: tun_net_xmit 42
[ 1402.003345][T17614] syz_tun: tun_net_xmit 42
[ 1402.079500][T16515] usb 9-1: USB disconnect, device number 31
[ 1402.091720][T17614] syz_tun: tun_net_xmit 42
[ 1402.127405][T17614] syz_tun: tun_net_xmit 42
[ 1402.132256][T17614] syz_tun: tun_net_xmit 42
[ 1402.149594][T17614] syz_tun: tun_net_xmit 42
[ 1402.170719][T17614] syz_tun: tun_net_xmit 42
[ 1402.200724][T17614] syz_tun: tun_net_xmit 42
[ 1402.234935][T17614] syz_tun: tun_net_xmit 42
[ 1402.239604][T17614] syz_tun: tun_net_xmit 42
[ 1402.256181][T17614] syz_tun: tun_net_xmit 42
[ 1402.261280][T17614] syz_tun: tun_net_xmit 42
[ 1402.266545][T17614] syz_tun: tun_net_xmit 42
[ 1402.271198][T17614] syz_tun: tun_net_xmit 42
[ 1402.281582][T17614] syz_tun: tun_net_xmit 42
[ 1402.287245][T17614] syz_tun: tun_net_xmit 42
[ 1402.291870][T17614] syz_tun: tun_net_xmit 42
[ 1402.297224][T14739] Bluetooth: hci2: command tx timeout
[ 1402.317696][T17614] syz_tun: tun_net_xmit 42
[ 1402.322428][T17614] syz_tun: tun_net_xmit 42
[ 1402.327943][T17614] syz_tun: tun_net_xmit 42
[ 1402.333113][T17614] syz_tun: tun_net_xmit 42
[ 1402.337768][T17614] syz_tun: tun_net_xmit 42
[ 1402.352980][T17614] syz_tun: tun_net_xmit 42
[ 1402.357638][T17614] syz_tun: tun_net_xmit 42
[ 1402.392095][T17644] chnl_net:caif_netlink_parms(): no params data found
[ 1402.408808][T17614] syz_tun: tun_net_xmit 42
[ 1402.429830][T17614] syz_tun: tun_net_xmit 42
[ 1402.443362][T17614] syz_tun: tun_net_xmit 42
[ 1402.460224][T17614] syz_tun: tun_net_xmit 42
[ 1402.470395][T17614] syz_tun: tun_net_xmit 42
[ 1402.483525][T17614] syz_tun: tun_net_xmit 42
[ 1402.497237][T17614] syz_tun: tun_net_xmit 42
[ 1402.512381][T17614] syz_tun: tun_net_xmit 42
[ 1402.517478][T17614] syz_tun: tun_net_xmit 42
[ 1402.522114][T17614] syz_tun: tun_net_xmit 42
[ 1402.537227][T17614] syz_tun: tun_net_xmit 42
[ 1402.541898][T17614] syz_tun: tun_net_xmit 42
[ 1402.551287][T17614] syz_tun: tun_net_xmit 42
[ 1402.557035][T17614] syz_tun: tun_net_xmit 42
[ 1402.561806][T17614] syz_tun: tun_net_xmit 42
[ 1402.568942][T17614] syz_tun: tun_net_xmit 42
[ 1402.573905][T17614] syz_tun: tun_net_xmit 42
[ 1402.579659][T17614] syz_tun: tun_net_xmit 42
[ 1402.584736][T17614] syz_tun: tun_net_xmit 42
[ 1402.644705][T17614] syz_tun: tun_net_xmit 42
[ 1402.649419][T17614] syz_tun: tun_net_xmit 42
[ 1402.682184][T17614] syz_tun: tun_net_xmit 42
[ 1402.709026][T17614] syz_tun: tun_net_xmit 42
[ 1402.714297][T17614] syz_tun: tun_net_xmit 42
[ 1402.718933][T17614] syz_tun: tun_net_xmit 42
[ 1402.748360][T17614] syz_tun: tun_net_xmit 42
[ 1402.769230][T17614] syz_tun: tun_net_xmit 42
[ 1402.794063][T17614] syz_tun: tun_net_xmit 42
[ 1402.810170][   T30] kauditd_printk_skb: 98 callbacks suppressed
[ 1402.810187][   T30] audit: type=1326 audit(1752693872.210:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb98cd858e7 code=0x7ffc0000
[ 1402.846287][T17614] syz_tun: tun_net_xmit 42
[ 1402.853673][T17614] syz_tun: tun_net_xmit 42
[ 1402.865290][T17614] syz_tun: tun_net_xmit 42
[ 1402.869953][T17614] syz_tun: tun_net_xmit 42
[ 1402.940182][   T30] audit: type=1326 audit(1752693872.270:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb98cd2ab19 code=0x7ffc0000
[ 1402.942802][T17614] syz_tun: tun_net_xmit 42
[ 1403.083301][T17614] syz_tun: tun_net_xmit 42
[ 1403.088032][T17614] syz_tun: tun_net_xmit 42
[ 1403.107510][T17644] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1403.123662][T17614] syz_tun: tun_net_xmit 42
[ 1403.128338][T17614] syz_tun: tun_net_xmit 42
[ 1403.133226][T17644] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1403.140461][   T30] audit: type=1326 audit(1752693872.270:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb98cd858e7 code=0x7ffc0000
[ 1403.181340][T17644] bridge_slave_0: entered allmulticast mode
[ 1403.193738][T17644] bridge_slave_0: entered promiscuous mode
[ 1403.211620][T17614] syz_tun: tun_net_xmit 42
[ 1403.216113][T17644] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1403.216427][T17644] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1403.241188][   T30] audit: type=1326 audit(1752693872.270:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb98cd2ab19 code=0x7ffc0000
[ 1403.280285][T17644] bridge_slave_1: entered allmulticast mode
[ 1403.287741][T17614] syz_tun: tun_net_xmit 42
[ 1403.335604][T17644] bridge_slave_1: entered promiscuous mode
[ 1403.351109][   T30] audit: type=1326 audit(1752693872.270:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1403.362890][T17614] syz_tun: tun_net_xmit 42
[ 1403.384976][T17614] syz_tun: tun_net_xmit 42
[ 1403.389674][T17614] syz_tun: tun_net_xmit 42
[ 1403.395312][T17614] syz_tun: tun_net_xmit 42
[ 1403.400052][T17614] syz_tun: tun_net_xmit 42
[ 1403.410612][T17614] syz_tun: tun_net_xmit 42
[ 1403.438167][T17614] syz_tun: tun_net_xmit 42
[ 1403.457771][T17614] syz_tun: tun_net_xmit 42
[ 1403.479598][T17614] syz_tun: tun_net_xmit 166
[ 1403.493977][T17614] syz_tun: tun_net_xmit 42
[ 1403.520746][T17614] syz_tun: tun_net_xmit 42
[ 1403.530819][T17614] syz_tun: tun_net_xmit 42
[ 1403.543240][T17614] syz_tun: tun_net_xmit 42
[ 1403.547957][   T30] audit: type=1326 audit(1752693872.270:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1403.765161][   T30] audit: type=1326 audit(1752693872.330:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1403.765824][T17614] syz_tun: tun_net_xmit 42
[ 1403.787466][   T30] audit: type=1326 audit(1752693872.330:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1403.905972][T17614] syz_tun: tun_net_xmit 42
[ 1404.044411][T17614] syz_tun: tun_net_xmit 42
[ 1404.153861][T17614] syz_tun: tun_net_xmit 42
[ 1404.269910][T17614] syz_tun: tun_net_xmit 42
[ 1404.291808][   T30] audit: type=1326 audit(1752693872.350:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1404.373306][T17614] syz_tun: tun_net_xmit 42
[ 1404.385178][T14739] Bluetooth: hci2: command tx timeout
[ 1404.392980][T17614] syz_tun: tun_net_xmit 42
[ 1404.397644][T17614] syz_tun: tun_net_xmit 42
[ 1404.402297][T17614] syz_tun: tun_net_xmit 42
[ 1404.407905][   T30] audit: type=1326 audit(1752693872.350:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17674 comm="syz.0.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fb98cd8e929 code=0x7ffc0000
[ 1404.443243][T17614] syz_tun: tun_net_xmit 42
[ 1404.449386][T17614] syz_tun: tun_net_xmit 42
[ 1404.454872][T17614] syz_tun: tun_net_xmit 42
[ 1404.459485][T17614] syz_tun: tun_net_xmit 42
[ 1404.472830][T17614] syz_tun: tun_net_xmit 42
[ 1404.477839][T17614] syz_tun: tun_net_xmit 42
[ 1404.482526][T17614] syz_tun: tun_net_xmit 42
[ 1404.489086][T17614] syz_tun: tun_net_xmit 42
[ 1404.500122][T17614] syz_tun: tun_net_xmit 42
[ 1404.504912][T17614] syz_tun: tun_net_xmit 42
[ 1404.509694][T17614] syz_tun: tun_net_xmit 42
[ 1404.514717][T17614] syz_tun: tun_net_xmit 42
[ 1404.525396][T17614] syz_tun: tun_net_xmit 42
[ 1404.530121][T17614] syz_tun: tun_net_xmit 42
[ 1404.541407][T17614] syz_tun: tun_net_xmit 42
[ 1404.545966][T17644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1404.560921][T17614] syz_tun: tun_net_xmit 42
[ 1404.568990][T17614] syz_tun: tun_net_xmit 42
[ 1404.588729][T17614] syz_tun: tun_net_xmit 42
[ 1404.598327][T17614] syz_tun: tun_net_xmit 42
[ 1404.599115][T17644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1404.608518][T17614] syz_tun: tun_net_xmit 42
[ 1404.628768][T17614] syz_tun: tun_net_xmit 42
[ 1404.634018][T17614] syz_tun: tun_net_xmit 42
[ 1404.649879][T17614] syz_tun: tun_net_xmit 42
[ 1404.657769][T17614] syz_tun: tun_net_xmit 42
[ 1404.672994][T17614] syz_tun: tun_net_xmit 42
[ 1404.677788][T17614] syz_tun: tun_net_xmit 42
[ 1404.682414][T17614] syz_tun: tun_net_xmit 42
[ 1404.695039][T17614] syz_tun: tun_net_xmit 42
[ 1404.710012][T17614] syz_tun: tun_net_xmit 42
[ 1404.714884][T17614] syz_tun: tun_net_xmit 42
[ 1404.719512][T17614] syz_tun: tun_net_xmit 42
[ 1404.734961][T17614] syz_tun: tun_net_xmit 42
[ 1404.748524][T17614] syz_tun: tun_net_xmit 42
[ 1404.828484][T17614] syz_tun: tun_net_xmit 42
[ 1404.856629][T17614] syz_tun: tun_net_xmit 42
[ 1404.874673][T17614] syz_tun: tun_net_xmit 42
[ 1404.883880][T17614] syz_tun: tun_net_xmit 42
[ 1404.902099][T17614] syz_tun: tun_net_xmit 42
[ 1404.922820][T17614] syz_tun: tun_net_xmit 42
[ 1404.933951][T17614] syz_tun: tun_net_xmit 42
[ 1404.938584][T17614] syz_tun: tun_net_xmit 42
[ 1404.954203][T17614] syz_tun: tun_net_xmit 42
[ 1404.963653][T17614] syz_tun: tun_net_xmit 42
[ 1404.968208][T17614] syz_tun: tun_net_xmit 42
[ 1404.980125][T17689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3145'.
[ 1404.989840][T17614] syz_tun: tun_net_xmit 42
[ 1404.999341][T17614] syz_tun: tun_net_xmit 42
[ 1405.016313][T17689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3145'.
[ 1405.026425][T17614] syz_tun: tun_net_xmit 42
[ 1405.031104][T17614] syz_tun: tun_net_xmit 42
[ 1405.041224][T17614] syz_tun: tun_net_xmit 42
[ 1405.054882][T17614] syz_tun: tun_net_xmit 42
[ 1405.056364][T17644] team0: Port device team_slave_0 added
[ 1405.065733][T17614] syz_tun: tun_net_xmit 42
[ 1405.088243][T17614] syz_tun: tun_net_xmit 42
[ 1405.103061][T17614] syz_tun: tun_net_xmit 42
[ 1405.107939][T17614] syz_tun: tun_net_xmit 42
[ 1405.114723][T17689] dummy0: entered promiscuous mode
[ 1405.122942][T17614] syz_tun: tun_net_xmit 42
[ 1405.130792][T17614] syz_tun: tun_net_xmit 42
[ 1405.144576][T17689] bond0: entered promiscuous mode
[ 1405.151912][T17614] syz_tun: tun_net_xmit 42
[ 1405.156941][T17614] syz_tun: tun_net_xmit 42
[ 1405.162851][T10950] usb 9-1: new full-speed USB device number 32 using dummy_hcd
[ 1405.178830][T17689] bond_slave_0: entered promiscuous mode
[ 1405.189703][T17689] bond_slave_1: entered promiscuous mode
[ 1405.195887][T17614] syz_tun: tun_net_xmit 42
[ 1405.203679][T17614] syz_tun: tun_net_xmit 42
[ 1405.225344][T17614] syz_tun: tun_net_xmit 42
[ 1405.230938][T17644] team0: Port device team_slave_1 added
[ 1405.232901][T17614] syz_tun: tun_net_xmit 42
[ 1405.241791][T17614] syz_tun: tun_net_xmit 42
[ 1405.264126][T17614] syz_tun: tun_net_xmit 42
[ 1405.268972][T17614] syz_tun: tun_net_xmit 42
[ 1405.274317][T17614] syz_tun: tun_net_xmit 42
[ 1405.279046][T17614] syz_tun: tun_net_xmit 42
[ 1405.293284][T17614] syz_tun: tun_net_xmit 42
[ 1405.298120][T17614] syz_tun: tun_net_xmit 42
[ 1405.314523][T10950] usb 9-1: not running at top speed; connect to a high speed hub
[ 1405.320780][T17614] syz_tun: tun_net_xmit 42
[ 1405.327208][T17614] syz_tun: tun_net_xmit 42
[ 1405.328287][T10950] usb 9-1: config 6 has an invalid interface number: 215 but max is 1
[ 1405.332336][T17614] syz_tun: tun_net_xmit 42
[ 1405.346814][T10950] usb 9-1: config 6 has an invalid interface number: 195 but max is 1
[ 1405.372245][T10950] usb 9-1: config 6 has no interface number 0
[ 1405.390991][T10950] usb 9-1: config 6 has no interface number 1
[ 1405.394689][T17614] syz_tun: tun_net_xmit 42
[ 1405.412983][T10950] usb 9-1: config 6 interface 195 has no altsetting 0
[ 1405.429784][T10950] usb 9-1: New USB device found, idVendor=054c, idProduct=0154, bcdDevice=ca.4e
[ 1405.430213][T17614] syz_tun: tun_net_xmit 42
[ 1405.444143][T10950] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.452398][T10950] usb 9-1: Product: syz
[ 1405.470361][T10950] usb 9-1: Manufacturer: syz
[ 1405.483630][T17614] syz_tun: tun_net_xmit 42
[ 1405.493472][T17614] syz_tun: tun_net_xmit 42
[ 1405.508867][T17614] syz_tun: tun_net_xmit 42
[ 1405.514277][T10950] usb 9-1: SerialNumber: syz
[ 1405.516227][T17614] syz_tun: tun_net_xmit 42
[ 1405.542067][T17614] syz_tun: tun_net_xmit 42
[ 1405.550678][T17614] syz_tun: tun_net_xmit 42
[ 1405.555494][T17614] syz_tun: tun_net_xmit 42
[ 1405.563130][T17614] syz_tun: tun_net_xmit 42
[ 1405.569080][T17614] syz_tun: tun_net_xmit 42
[ 1405.595189][T17614] syz_tun: tun_net_xmit 42
[ 1405.601173][T17614] syz_tun: tun_net_xmit 42
[ 1405.617692][T17614] syz_tun: tun_net_xmit 42
[ 1405.620987][T17644] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1405.635959][T17614] syz_tun: tun_net_xmit 42
[ 1405.638631][T17644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.648758][T17614] syz_tun: tun_net_xmit 42
[ 1405.666523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1405.681221][T17644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1405.727520][T17644] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1405.734857][T17644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1405.756925][T17614] syz_tun: tun_net_xmit 42
[ 1405.787682][T17614] syz_tun: tun_net_xmit 42
[ 1405.810468][T17644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1405.863427][T17614] syz_tun: tun_net_xmit 42
[ 1405.883192][T17614] syz_tun: tun_net_xmit 42
[ 1405.902925][T17614] syz_tun: tun_net_xmit 42
[ 1405.917814][T17614] syz_tun: tun_net_xmit 42
[ 1405.931160][T17614] syz_tun: tun_net_xmit 42
[ 1405.937066][T17614] syz_tun: tun_net_xmit 42
[ 1405.942345][T17614] syz_tun: tun_net_xmit 42
[ 1405.953901][T17614] syz_tun: tun_net_xmit 42
[ 1405.958556][T17614] syz_tun: tun_net_xmit 42
[ 1405.970855][T10950] usb 9-1: USB disconnect, device number 32
[ 1405.971030][T17614] syz_tun: tun_net_xmit 42
[ 1405.987685][T17614] syz_tun: tun_net_xmit 42
[ 1406.003414][T17614] syz_tun: tun_net_xmit 42
[ 1406.114219][T17614] syz_tun: tun_net_xmit 42
[ 1406.138984][T17614] syz_tun: tun_net_xmit 42
[ 1406.342897][T17614] syz_tun: tun_net_xmit 42
[ 1406.347588][T17614] syz_tun: tun_net_xmit 42
[ 1406.352217][T17614] syz_tun: tun_net_xmit 42
[ 1406.567246][T14739] Bluetooth: hci2: command tx timeout
[ 1406.615787][T17614] syz_tun: tun_net_xmit 42
[ 1406.638084][T17614] syz_tun: tun_net_xmit 42
[ 1406.652856][T17644] hsr_slave_0: entered promiscuous mode
[ 1406.657139][T17614] syz_tun: tun_net_xmit 42
[ 1406.659945][T17644] hsr_slave_1: entered promiscuous mode
[ 1406.670093][T17644] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1406.677934][T17644] Cannot create hsr debugfs directory
[ 1406.681926][T17614] syz_tun: tun_net_xmit 42
[ 1406.711923][T17614] syz_tun: tun_net_xmit 42
[ 1406.716657][T17614] syz_tun: tun_net_xmit 42
[ 1406.721291][T17614] syz_tun: tun_net_xmit 42
[ 1406.726274][T17614] syz_tun: tun_net_xmit 42
[ 1406.743064][T17614] syz_tun: tun_net_xmit 42
[ 1406.763934][T17614] syz_tun: tun_net_xmit 42
[ 1406.771265][T17614] syz_tun: tun_net_xmit 42
[ 1406.783178][T17614] syz_tun: tun_net_xmit 42
[ 1406.789793][T17614] syz_tun: tun_net_xmit 42
[ 1406.802957][T17614] syz_tun: tun_net_xmit 42
[ 1406.807704][T17614] syz_tun: tun_net_xmit 42
[ 1406.812312][T17614] syz_tun: tun_net_xmit 42
[ 1406.818155][T17614] syz_tun: tun_net_xmit 42
[ 1406.823080][T17614] syz_tun: tun_net_xmit 42
[ 1406.827707][T17614] syz_tun: tun_net_xmit 42
[ 1406.832319][T17614] syz_tun: tun_net_xmit 42
[ 1406.843449][T17614] syz_tun: tun_net_xmit 42
[ 1406.852965][T17614] syz_tun: tun_net_xmit 42
[ 1406.857806][T17614] syz_tun: tun_net_xmit 42
[ 1406.862569][T17614] syz_tun: tun_net_xmit 42
[ 1406.869342][T17614] syz_tun: tun_net_xmit 42
[ 1406.874415][T17614] syz_tun: tun_net_xmit 42
[ 1406.879130][T17614] syz_tun: tun_net_xmit 42
[ 1406.884145][T17614] syz_tun: tun_net_xmit 42
[ 1406.890508][T17614] syz_tun: tun_net_xmit 42
[ 1406.903073][T17614] syz_tun: tun_net_xmit 42
[ 1406.903149][T10950] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[ 1406.907725][T17614] syz_tun: tun_net_xmit 42
[ 1406.962809][T17614] syz_tun: tun_net_xmit 42
[ 1406.968509][T17614] syz_tun: tun_net_xmit 42
[ 1406.977887][T17614] syz_tun: tun_net_xmit 42
[ 1406.987948][T17614] syz_tun: tun_net_xmit 42
[ 1406.998189][T17614] syz_tun: tun_net_xmit 42
[ 1407.060189][T17614] syz_tun: tun_net_xmit 42
[ 1407.077071][T17614] syz_tun: tun_net_xmit 42
[ 1407.082100][T17614] syz_tun: tun_net_xmit 42
[ 1407.130025][T10950] usb 6-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[ 1407.164742][T17614] syz_tun: tun_net_xmit 42
[ 1407.169874][T17614] syz_tun: tun_net_xmit 42
[ 1407.172812][T10950] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 204
[ 1407.184642][T17614] syz_tun: tun_net_xmit 42
[ 1407.189383][T17614] syz_tun: tun_net_xmit 42
[ 1407.216959][T17614] syz_tun: tun_net_xmit 42
[ 1407.234029][T17614] syz_tun: tun_net_xmit 42
[ 1407.286933][T17614] syz_tun: tun_net_xmit 42
[ 1407.292074][T17614] syz_tun: tun_net_xmit 42
[ 1407.367995][T10950] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1407.373350][T17614] syz_tun: tun_net_xmit 42
[ 1407.512824][T17614] syz_tun: tun_net_xmit 42
[ 1407.535551][T17614] syz_tun: tun_net_xmit 42
[ 1407.542732][T10950] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1407.550882][T17614] syz_tun: tun_net_xmit 42
[ 1407.608126][T10950] usb 6-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[ 1407.632508][T17614] syz_tun: tun_net_xmit 42
[ 1407.672747][T17614] syz_tun: tun_net_xmit 42
[ 1407.726854][T10950] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1407.732998][T17614] syz_tun: tun_net_xmit 42
[ 1407.789594][T10950] usb 6-1: config 0 descriptor??
[ 1407.793593][T17614] syz_tun: tun_net_xmit 42
[ 1407.816724][T17614] syz_tun: tun_net_xmit 42
[ 1407.824489][T17614] syz_tun: tun_net_xmit 42
[ 1407.829191][T17614] syz_tun: tun_net_xmit 42
[ 1407.870903][T17614] syz_tun: tun_net_xmit 42
[ 1407.876307][T17614] syz_tun: tun_net_xmit 42
[ 1407.880977][T17614] syz_tun: tun_net_xmit 42
[ 1407.893216][T17614] syz_tun: tun_net_xmit 42
[ 1407.898065][T17614] syz_tun: tun_net_xmit 42
[ 1407.920191][T17644] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.943647][T17614] syz_tun: tun_net_xmit 42
[ 1407.948469][T17614] syz_tun: tun_net_xmit 42
[ 1407.953910][T17614] syz_tun: tun_net_xmit 42
[ 1407.968039][T17614] syz_tun: tun_net_xmit 42
[ 1408.056320][T17614] syz_tun: tun_net_xmit 42
[ 1408.061004][T17614] syz_tun: tun_net_xmit 42
[ 1408.127786][T17712] netlink: 'syz.8.3151': attribute type 1 has an invalid length.
[ 1408.559279][T17614] syz_tun: tun_net_xmit 42
[ 1408.693686][T14739] Bluetooth: hci2: command tx timeout
[ 1408.776817][T17614] syz_tun: tun_net_xmit 42
[ 1408.790246][T17713] netlink: 'syz.5.3148': attribute type 4 has an invalid length.
[ 1408.791224][T10950] usbhid 6-1:0.0: can't add hid device: -71
[ 1408.804970][T10950] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1408.817076][T17614] syz_tun: tun_net_xmit 42
[ 1408.821749][T17614] syz_tun: tun_net_xmit 42
[ 1409.015603][T17614] syz_tun: tun_net_xmit 42
[ 1409.024362][T10950] usb 6-1: USB disconnect, device number 69
[ 1409.031686][T17614] syz_tun: tun_net_xmit 42
[ 1409.045617][T17614] syz_tun: tun_net_xmit 42
[ 1409.050354][T17614] syz_tun: tun_net_xmit 42
[ 1409.094800][T17614] syz_tun: tun_net_xmit 42
[ 1409.108821][T17614] syz_tun: tun_net_xmit 42
[ 1409.123131][T17614] syz_tun: tun_net_xmit 42
[ 1409.152229][T17614] syz_tun: tun_net_xmit 42
[ 1409.164379][T17644] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1409.170249][T17614] syz_tun: tun_net_xmit 42
[ 1409.201319][T17614] syz_tun: tun_net_xmit 42
[ 1409.220158][T17614] syz_tun: tun_net_xmit 42
[ 1409.226031][T17614] syz_tun: tun_net_xmit 42
[ 1409.236697][T17614] syz_tun: tun_net_xmit 42
[ 1409.244662][T17614] syz_tun: tun_net_xmit 42
[ 1409.258778][T17614] syz_tun: tun_net_xmit 42
[ 1409.270265][T17716] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3152'.
[ 1409.280334][T17614] syz_tun: tun_net_xmit 42
[ 1409.290558][T17614] syz_tun: tun_net_xmit 42
[ 1409.301670][T17614] syz_tun: tun_net_xmit 42
[ 1409.310323][T17614] syz_tun: tun_net_xmit 42
[ 1409.325569][T17614] syz_tun: tun_net_xmit 42
[ 1409.330238][T17614] syz_tun: tun_net_xmit 42
[ 1409.353480][T17614] syz_tun: tun_net_xmit 42
[ 1409.372799][T17614] syz_tun: tun_net_xmit 42
[ 1409.389262][T17614] syz_tun: tun_net_xmit 42
[ 1409.405194][T17614] syz_tun: tun_net_xmit 42
[ 1409.420209][T17614] syz_tun: tun_net_xmit 42
[ 1409.445029][T17614] syz_tun: tun_net_xmit 42
[ 1409.449578][T17644] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1409.461902][T17614] syz_tun: tun_net_xmit 42
[ 1409.470520][T17614] syz_tun: tun_net_xmit 42
[ 1409.622007][T17614] syz_tun: tun_net_xmit 42
[ 1409.627270][T17614] syz_tun: tun_net_xmit 42
[ 1409.631903][T17614] syz_tun: tun_net_xmit 42
[ 1409.638096][T17614] syz_tun: tun_net_xmit 42
[ 1409.642790][T17614] syz_tun: tun_net_xmit 42
[ 1409.647418][T17614] syz_tun: tun_net_xmit 42
[ 1409.652051][T17614] syz_tun: tun_net_xmit 42
[ 1409.658411][T17614] syz_tun: tun_net_xmit 42
[ 1409.673061][T17614] syz_tun: tun_net_xmit 42
[ 1409.680190][T17614] syz_tun: tun_net_xmit 42
[ 1409.693049][T17614] syz_tun: tun_net_xmit 42
[ 1409.701626][T17614] syz_tun: tun_net_xmit 42
[ 1409.743377][T17614] syz_tun: tun_net_xmit 42
[ 1409.771516][T17614] syz_tun: tun_net_xmit 42
[ 1409.784254][T17614] syz_tun: tun_net_xmit 42
[ 1409.802880][T17614] syz_tun: tun_net_xmit 42
[ 1409.807587][T17614] syz_tun: tun_net_xmit 42
[ 1409.812264][T17614] syz_tun: tun_net_xmit 42
[ 1409.885531][T17614] syz_tun: tun_net_xmit 42
[ 1410.105432][T17614] syz_tun: tun_net_xmit 42
[ 1410.116888][T17614] syz_tun: tun_net_xmit 42
[ 1410.148866][T17614] syz_tun: tun_net_xmit 42
[ 1410.187691][T17614] syz_tun: tun_net_xmit 42
[ 1410.197979][T17614] syz_tun: tun_net_xmit 42
[ 1410.216233][T17644] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.229021][T17614] syz_tun: tun_net_xmit 42
[ 1410.249795][T17614] syz_tun: tun_net_xmit 42
[ 1410.286241][T17614] syz_tun: tun_net_xmit 42
[ 1410.312862][T17614] syz_tun: tun_net_xmit 42
[ 1410.317535][T17614] syz_tun: tun_net_xmit 42
[ 1410.322151][T17614] syz_tun: tun_net_xmit 42
[ 1410.341320][T17614] syz_tun: tun_net_xmit 42
[ 1410.350927][T17614] syz_tun: tun_net_xmit 42
[ 1410.462887][T17614] syz_tun: tun_net_xmit 42
[ 1410.467521][T17614] syz_tun: tun_net_xmit 42
[ 1410.540534][T17727] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3156'.
[ 1410.550092][T17727] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3156'.
[ 1411.026471][T17614] syz_tun: tun_net_xmit 42
[ 1411.031155][T17614] syz_tun: tun_net_xmit 42
[ 1411.035892][T17614] syz_tun: tun_net_xmit 42
[ 1411.040587][T17614] syz_tun: tun_net_xmit 42
[ 1411.045550][T17614] syz_tun: tun_net_xmit 42
[ 1411.053104][T17614] syz_tun: tun_net_xmit 42
[ 1411.057746][T17614] syz_tun: tun_net_xmit 42
[ 1411.062875][T17614] syz_tun: tun_net_xmit 42
[ 1411.067423][T17614] syz_tun: tun_net_xmit 42
[ 1411.071932][T17614] syz_tun: tun_net_xmit 42
[ 1411.078574][T17614] syz_tun: tun_net_xmit 42
[ 1411.083548][T17614] syz_tun: tun_net_xmit 42
[ 1411.091650][T17614] syz_tun: tun_net_xmit 42
[ 1411.096672][T17614] syz_tun: tun_net_xmit 42
[ 1411.128254][T17614] syz_tun: tun_net_xmit 42
[ 1411.138242][T17614] syz_tun: tun_net_xmit 42
[ 1411.158809][T17614] syz_tun: tun_net_xmit 42
[ 1411.173192][T17614] syz_tun: tun_net_xmit 42
[ 1411.180303][T17614] syz_tun: tun_net_xmit 42
[ 1411.197985][T17614] syz_tun: tun_net_xmit 42
[ 1411.222769][T17614] syz_tun: tun_net_xmit 42
[ 1411.227361][T17614] syz_tun: tun_net_xmit 42
[ 1411.231880][T17614] syz_tun: tun_net_xmit 42
[ 1411.249127][T17614] syz_tun: tun_net_xmit 42
[ 1411.268128][T17614] syz_tun: tun_net_xmit 42
[ 1411.279621][T17614] syz_tun: tun_net_xmit 42
[ 1411.292684][T17614] syz_tun: tun_net_xmit 42
[ 1411.297271][T17614] syz_tun: tun_net_xmit 42
[ 1411.317906][T17614] syz_tun: tun_net_xmit 42
[ 1411.322499][T17614] syz_tun: tun_net_xmit 42
[ 1411.383086][T17614] syz_tun: tun_net_xmit 42
[ 1411.387652][T17614] syz_tun: tun_net_xmit 42
[ 1411.392232][T17614] syz_tun: tun_net_xmit 42
[ 1411.450556][T17614] syz_tun: tun_net_xmit 42
[ 1411.640491][T17614] syz_tun: tun_net_xmit 42
[ 1411.663929][T17614] syz_tun: tun_net_xmit 42
[ 1411.668588][T17614] syz_tun: tun_net_xmit 42
[ 1411.687274][T17614] syz_tun: tun_net_xmit 42
[ 1411.697320][T17614] syz_tun: tun_net_xmit 42
[ 1411.712392][T17614] syz_tun: tun_net_xmit 42
[ 1411.904921][T17614] syz_tun: tun_net_xmit 42
[ 1411.914807][T17614] syz_tun: tun_net_xmit 42
[ 1412.087692][T17614] syz_tun: tun_net_xmit 42
[ 1412.154556][T17614] syz_tun: tun_net_xmit 42
[ 1412.161574][T17614] syz_tun: tun_net_xmit 42
[ 1412.169719][T17614] syz_tun: tun_net_xmit 42
[ 1412.175892][T17614] syz_tun: tun_net_xmit 42
[ 1412.182011][T17614] syz_tun: tun_net_xmit 42
[ 1412.191938][T17614] syz_tun: tun_net_xmit 42
[ 1412.205110][T17644] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1412.221031][T10973] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 1412.253269][T17614] syz_tun: tun_net_xmit 42
[ 1412.257943][T17614] syz_tun: tun_net_xmit 42
[ 1412.298734][T17614] syz_tun: tun_net_xmit 42
[ 1412.316429][T17614] syz_tun: tun_net_xmit 42
[ 1412.331506][T17614] syz_tun: tun_net_xmit 42
[ 1412.333480][T17644] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1412.347471][T17614] syz_tun: tun_net_xmit 42
[ 1412.359426][T17614] syz_tun: tun_net_xmit 42
[ 1412.376650][T17614] syz_tun: tun_net_xmit 42
[ 1412.381293][T17614] syz_tun: tun_net_xmit 42
[ 1412.401680][T17644] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1412.407088][T17614] syz_tun: tun_net_xmit 42
[ 1412.415469][T10973] usb 6-1: Using ep0 maxpacket: 32
[ 1412.425364][T17614] syz_tun: tun_net_xmit 42
[ 1412.440331][T17614] syz_tun: tun_net_xmit 42
[ 1412.459656][T10973] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1412.480684][T10973] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1412.501042][T10973] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1412.516396][T17614] syz_tun: tun_net_xmit 42
[ 1412.523147][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1412.533641][T10973] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1412.534153][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1412.547320][T17614] syz_tun: tun_net_xmit 42
[ 1412.556128][T17644] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1412.560204][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1412.563369][T10973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1412.581805][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1412.589681][T17614] syz_tun: tun_net_xmit 42
[ 1412.598385][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1412.606291][T17614] syz_tun: tun_net_xmit 42
[ 1412.646566][T17614] syz_tun: tun_net_xmit 42
[ 1412.652074][T10973] usb 6-1: Product: Ж
[ 1412.660508][T17614] syz_tun: tun_net_xmit 42
[ 1412.662638][T10973] usb 6-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1412.685087][T10973] usb 6-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1412.687429][T17614] syz_tun: tun_net_xmit 42
[ 1412.772219][T17614] syz_tun: tun_net_xmit 42
[ 1412.815644][T17614] syz_tun: tun_net_xmit 42
[ 1412.828971][T17614] syz_tun: tun_net_xmit 42
[ 1412.849158][T17614] syz_tun: tun_net_xmit 42
[ 1412.856666][T17741] lo speed is unknown, defaulting to 1000
[ 1412.994717][T17614] syz_tun: tun_net_xmit 42
[ 1413.067336][T17644] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1413.086303][T17644] 8021q: adding VLAN 0 to HW filter on device team0
[ 1413.122080][T17614] syz_tun: tun_net_xmit 42
[ 1413.129228][T17614] syz_tun: tun_net_xmit 42
[ 1413.138435][T16927] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1413.145683][T16927] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1413.156949][T17614] syz_tun: tun_net_xmit 42
[ 1413.161678][T17614] syz_tun: tun_net_xmit 42
[ 1413.192825][T17741] lo speed is unknown, defaulting to 1000
[ 1413.198977][T17614] syz_tun: tun_net_xmit 42
[ 1413.215479][T13778] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1413.222767][T13778] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1413.240992][T17614] syz_tun: tun_net_xmit 42
[ 1413.252511][T10973] cdc_ncm 6-1:1.0: bind() failure
[ 1413.257326][T17614] syz_tun: tun_net_xmit 42
[ 1413.280318][T17614] syz_tun: tun_net_xmit 42
[ 1413.280495][T10973] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[ 1413.293822][T17614] syz_tun: tun_net_xmit 42
[ 1413.308703][T17614] syz_tun: tun_net_xmit 42
[ 1413.350202][T17614] syz_tun: tun_net_xmit 42
[ 1413.359309][T10973] cdc_ncm 6-1:1.1: bind() failure
[ 1413.376032][T17614] syz_tun: tun_net_xmit 42
[ 1413.383104][T17614] syz_tun: tun_net_xmit 42
[ 1413.401583][T17614] syz_tun: tun_net_xmit 42
[ 1413.417468][T10973] usb 6-1: USB disconnect, device number 70
[ 1413.425194][T17614] syz_tun: tun_net_xmit 42
[ 1413.465004][T17614] syz_tun: tun_net_xmit 42
[ 1413.469742][T17614] syz_tun: tun_net_xmit 42
[ 1413.491671][T17614] syz_tun: tun_net_xmit 42
[ 1413.500774][T17614] syz_tun: tun_net_xmit 42
[ 1413.514874][T17614] syz_tun: tun_net_xmit 42
[ 1413.540281][T17614] syz_tun: tun_net_xmit 42
[ 1413.564338][T17614] syz_tun: tun_net_xmit 42
[ 1413.571877][T17614] syz_tun: tun_net_xmit 42
[ 1413.594751][T17614] syz_tun: tun_net_xmit 42
[ 1413.599478][T17614] syz_tun: tun_net_xmit 42
[ 1413.623510][T17614] syz_tun: tun_net_xmit 42
[ 1413.633671][T17614] syz_tun: tun_net_xmit 42
[ 1413.645408][T17614] syz_tun: tun_net_xmit 42
[ 1413.679341][T17614] syz_tun: tun_net_xmit 42
[ 1413.713817][T17614] syz_tun: tun_net_xmit 42
[ 1413.730226][T17614] syz_tun: tun_net_xmit 42
[ 1413.762868][T17614] syz_tun: tun_net_xmit 42
[ 1413.793707][T17614] syz_tun: tun_net_xmit 42
[ 1414.606753][T17644] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1414.713072][T14739] Bluetooth: hci4: command tx timeout
[ 1416.881614][   T51] Bluetooth: hci4: command tx timeout
[ 1418.244748][T17779] netlink: 'syz.5.3165': attribute type 21 has an invalid length.
[ 1418.810167][T17644] veth0_vlan: entered promiscuous mode
[ 1418.826764][T17779] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3165'.
[ 1419.615161][T14739] Bluetooth: hci4: command tx timeout
[ 1419.692045][T17644] veth1_vlan: entered promiscuous mode
[ 1420.021598][T17644] veth0_macvtap: entered promiscuous mode
[ 1420.107282][T17741] chnl_net:caif_netlink_parms(): no params data found
[ 1420.157521][T17644] veth1_macvtap: entered promiscuous mode
[ 1420.374955][T17797] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3170'.
[ 1420.429739][T17797] syz.0.3170: attempt to access beyond end of device
[ 1420.429739][T17797] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1420.444683][T17797] gfs2: error -5 reading superblock
[ 1421.014905][T17644] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1421.130870][T17644] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1421.203524][T17741] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1421.210737][T17741] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1421.255818][T17800] netlink: 244 bytes leftover after parsing attributes in process `syz.8.3171'.
[ 1421.262344][T17741] bridge_slave_0: entered allmulticast mode
[ 1421.308003][T17741] bridge_slave_0: entered promiscuous mode
[ 1421.369576][T17644] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.408089][T17644] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.438021][T17644] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.456894][T17644] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.503975][T17741] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1421.521785][T17741] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1421.543171][T17741] bridge_slave_1: entered allmulticast mode
[ 1421.559316][T17741] bridge_slave_1: entered promiscuous mode
[ 1421.632851][T16516] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 1421.653131][   T51] Bluetooth: hci4: command tx timeout
[ 1421.674656][T17741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1421.694136][T17741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1421.807071][T17741] team0: Port device team_slave_0 added
[ 1421.820430][T16516] usb 1-1: Using ep0 maxpacket: 32
[ 1421.829226][T16516] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1421.850805][T16516] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1421.861072][T16516] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1421.874244][T16516] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1421.888762][T16516] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1421.904996][T16516] usb 1-1: Product: Ж
[ 1421.909357][T16516] usb 1-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1421.936774][T16516] usb 1-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1421.953815][T17741] team0: Port device team_slave_1 added
[ 1422.104160][T17741] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1422.115532][T17741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1422.377512][T17741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1422.465583][T17741] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1422.484910][T17741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1422.514101][T16516] cdc_ncm 1-1:1.0: bind() failure
[ 1422.528491][T16516] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1422.529638][T17741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1422.578732][T16516] cdc_ncm 1-1:1.1: bind() failure
[ 1422.609825][T16516] usb 1-1: USB disconnect, device number 6
[ 1422.679955][T16927] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1422.701418][T16927] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1422.797783][T17741] hsr_slave_0: entered promiscuous mode
[ 1422.811399][T17741] hsr_slave_1: entered promiscuous mode
[ 1422.820139][T17741] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1422.832736][T17741] Cannot create hsr debugfs directory
[ 1422.945368][ T6494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1422.974210][ T6494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1423.181482][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1424.619064][T17824] overlay: Unknown parameter '/'
[ 1425.132968][T16516] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 1425.143443][T17741] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1425.254350][T14739] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1425.265938][T14739] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1425.274168][T14739] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1425.284475][T14739] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1425.307111][T16516] usb 6-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1425.333123][T16516] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1425.343730][T14739] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1425.355037][T16516] usb 6-1: config 0 descriptor??
[ 1425.364321][T16516] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1425.394493][T17741] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1425.443727][T17741] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1425.485860][T17741] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1425.551160][T17828] lo speed is unknown, defaulting to 1000
[ 1425.585723][T17828] lo speed is unknown, defaulting to 1000
[ 1426.276697][T17839] [U] ��M٭��q&�� K�4
[ 1426.281289][T17839] [U] [�)�U�}��ǔ��J�}N�sef*�	�����nZ��f[F_h��'��W"�x�~����;vA�)^�`�1C':z�������FOb�	*?۟c�z�s��<8zN񷐚���Ey�	T�T<$c�R�斻/Vg���{y�~Y5\�
;�z��Dx���y�A��"xI�f�{��`A$㭡55?�
��s�a�m��o������*K��
[ 1426.376340][T16516] gspca_cpia1: usb_control_msg 05, error -110
[ 1426.403466][T16516] gspca_cpia1: usb_control_msg 01, error -32
[ 1426.438362][T16516] gspca_cpia1: usb_control_msg 01, error -32
[ 1426.455941][T16516] gspca_cpia1: usb_control_msg 01, error -71
[ 1426.461960][T16516] cpia1 6-1:0.0: only firmware version 1 is supported (got: 0)
[ 1426.483205][T17741] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1426.501478][T16516] usb 6-1: USB disconnect, device number 71
[ 1426.569232][T17741] 8021q: adding VLAN 0 to HW filter on device team0
[ 1426.605452][ T6494] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1426.612700][ T6494] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1426.686609][ T6494] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1426.693883][ T6494] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1427.413297][T14739] Bluetooth: hci2: command tx timeout
[ 1427.719130][T17828] chnl_net:caif_netlink_parms(): no params data found
[ 1428.062695][T10939] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1428.248138][T10939] usb 1-1: Using ep0 maxpacket: 32
[ 1428.328980][T10939] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1428.343033][T10939] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1428.353396][T10939] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1428.370104][T10939] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1428.379962][T17828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1428.387443][T17828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1428.397353][T17828] bridge_slave_0: entered allmulticast mode
[ 1428.403709][T10939] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1428.411741][T10939] usb 1-1: Product: Ж
[ 1428.417999][T17828] bridge_slave_0: entered promiscuous mode
[ 1428.427283][T17828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1428.434761][T10939] usb 1-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1428.453147][T17828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1428.460476][T17828] bridge_slave_1: entered allmulticast mode
[ 1428.472624][T10939] usb 1-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1428.508221][T17828] bridge_slave_1: entered promiscuous mode
[ 1428.529121][T17741] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1429.394487][T10939] cdc_ncm 1-1:1.0: bind() failure
[ 1429.422265][T10939] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1429.460464][T17828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1429.473417][T10939] cdc_ncm 1-1:1.1: bind() failure
[ 1429.502723][T14739] Bluetooth: hci2: command tx timeout
[ 1429.530239][T17828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1429.577650][T10939] usb 1-1: USB disconnect, device number 7
[ 1429.793565][T17828] team0: Port device team_slave_0 added
[ 1429.821829][T17828] team0: Port device team_slave_1 added
[ 1429.953002][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 1429.953018][   T30] audit: type=1326 audit(1752693899.380:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.033069][T17828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1430.047126][   T30] audit: type=1326 audit(1752693899.380:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.059233][T17828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1430.070248][   T30] audit: type=1326 audit(1752693899.410:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.148936][T17828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1430.300338][   T30] audit: type=1326 audit(1752693899.410:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.323602][   T30] audit: type=1326 audit(1752693899.410:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.349448][   T30] audit: type=1326 audit(1752693899.420:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.363202][T17828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1430.379034][T17828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1430.491731][T17828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1430.501887][   T30] audit: type=1326 audit(1752693899.420:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.558018][   T30] audit: type=1326 audit(1752693899.420:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.589542][   T30] audit: type=1326 audit(1752693899.420:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.617626][   T30] audit: type=1326 audit(1752693899.420:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17879 comm="syz.8.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a6998e929 code=0x7ffc0000
[ 1430.735314][T17828] hsr_slave_0: entered promiscuous mode
[ 1430.752229][T17828] hsr_slave_1: entered promiscuous mode
[ 1430.769194][T17828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1430.787039][T17828] Cannot create hsr debugfs directory
[ 1430.966481][T17741] veth0_vlan: entered promiscuous mode
[ 1431.106966][T17741] veth1_vlan: entered promiscuous mode
[ 1431.575307][T14739] Bluetooth: hci2: command tx timeout
[ 1432.884202][T17741] veth0_macvtap: entered promiscuous mode
[ 1432.923426][T17902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3193'.
[ 1432.940346][T17902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3193'.
[ 1432.984980][T17741] veth1_macvtap: entered promiscuous mode
[ 1433.310593][T17911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3194'.
[ 1433.390503][T17911] syz.0.3194: attempt to access beyond end of device
[ 1433.390503][T17911] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1433.497576][T17911] gfs2: error -5 reading superblock
[ 1433.653117][T14739] Bluetooth: hci2: command tx timeout
[ 1433.747251][T17828] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1433.808384][T17741] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1433.954163][T17828] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1434.021916][T17741] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1434.087399][T17741] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.121591][T17741] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.172909][T17741] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.181696][T17741] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.216262][T17828] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1434.362736][T10934] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[ 1435.122680][T10934] usb 9-1: Using ep0 maxpacket: 32
[ 1435.144451][T10934] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1435.160452][T17921] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3198'.
[ 1435.205679][T10934] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1435.233028][T17828] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1435.245156][T10934] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1435.282399][T10934] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1435.315719][T10934] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1435.371050][T10934] usb 9-1: Product: Ж
[ 1435.375431][T10934] usb 9-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1435.396270][ T6494] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1435.414867][ T6494] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1435.425692][T10934] usb 9-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1435.538352][ T5982] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1435.566185][ T5982] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1436.025634][T10934] cdc_ncm 9-1:1.0: bind() failure
[ 1436.035688][T17828] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1436.046652][T10934] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1436.054602][T10934] cdc_ncm 9-1:1.1: bind() failure
[ 1436.067282][T10934] usb 9-1: USB disconnect, device number 33
[ 1436.097172][T17828] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1436.200319][T17938] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3155'.
[ 1436.210771][T17938] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3155'.
[ 1436.423655][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1436.457960][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1436.678792][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1436.791066][T17828] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1436.823652][T17828] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1437.067746][T17828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1437.135519][T17828] 8021q: adding VLAN 0 to HW filter on device team0
[ 1437.176582][T14176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1437.183893][T14176] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1437.325032][ T5970] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1437.332297][ T5970] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1437.803170][T10934] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 1437.985174][T10934] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1438.342976][T17828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1438.353649][T17828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1438.805764][T10934] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1438.887635][T10934] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1438.990174][T10934] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1439.067841][T10934] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1439.236165][T10934] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1439.253615][T17828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1439.315903][T10934] usb 6-1: invalid MIDI out EP 0
[ 1439.465507][T17828] veth0_vlan: entered promiscuous mode
[ 1439.547485][T17828] veth1_vlan: entered promiscuous mode
[ 1439.708538][T10934] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1439.726772][T17828] veth0_macvtap: entered promiscuous mode
[ 1439.828651][T17828] veth1_macvtap: entered promiscuous mode
[ 1440.457801][T16515] IPVS: starting estimator thread 0...
[ 1440.573189][T17828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1440.616724][   T51] Bluetooth: hci1: command 0x0405 tx timeout
[ 1440.695390][T17962] IPVS: using max 27 ests per chain, 64800 per kthread
[ 1440.703895][T17828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1440.714043][T10950] usb 6-1: USB disconnect, device number 72
[ 1440.779071][T17828] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.830458][T17828] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.882675][T17828] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1440.914567][T17828] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1441.774261][T16516] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[ 1441.983470][T16516] usb 9-1: Using ep0 maxpacket: 32
[ 1442.005987][T16516] usb 9-1: config 1 has an invalid interface number: 242 but max is 0
[ 1442.018591][T17975] Invalid source name
[ 1442.022772][T17975] UBIFS error (pid: 17975): cannot open "ubifs", error -22
[ 1442.692147][T17971] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3208'.
[ 1442.745743][T14177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1442.762881][T14177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1442.762905][T16516] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1442.792914][T16516] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[ 1442.802686][T16516] usb 9-1: config 1 has no interface number 1
[ 1442.810623][T16516] usb 9-1: config 1 interface 242 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1442.824193][T16516] usb 9-1: config 1 interface 242 has no altsetting 0
[ 1442.850438][T16516] usb 9-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df
[ 1442.860521][T16516] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1442.870317][T16516] usb 9-1: Product: syz
[ 1442.888441][T16516] usb 9-1: Manufacturer: syz
[ 1442.893384][T16516] usb 9-1: SerialNumber: syz
[ 1442.972924][ T5970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1442.980820][ T5970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1443.355200][T16516] aqc111 9-1:1.242: probe with driver aqc111 failed with error -22
[ 1443.663358][T17968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1443.703310][T17968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1443.769182][T10973] usb 9-1: USB disconnect, device number 34
[ 1443.826349][T17987] syz.5.3212: attempt to access beyond end of device
[ 1443.826349][T17987] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1443.839694][T17987] gfs2: error -5 reading superblock
[ 1444.142615][T16516] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1444.293969][T16516] usb 1-1: Using ep0 maxpacket: 32
[ 1444.310359][T16516] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1444.321675][T16516] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1444.333125][T16516] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1444.347041][T16516] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1444.356386][T16516] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1444.364912][T16516] usb 1-1: Product: Ж
[ 1444.371132][T16516] usb 1-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1444.381926][T16516] usb 1-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1444.844783][T18002] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3216'.
[ 1445.118769][T16516] cdc_ncm 1-1:1.0: bind() failure
[ 1445.361687][T16516] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1445.368962][T16516] cdc_ncm 1-1:1.1: bind() failure
[ 1445.394080][T16516] usb 1-1: USB disconnect, device number 8
[ 1447.506143][T18006] syz.5.3217: attempt to access beyond end of device
[ 1447.506143][T18006] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1447.519504][T18006] gfs2: error -5 reading superblock
[ 1447.675533][T18010] syz.0.3219: attempt to access beyond end of device
[ 1447.675533][T18010] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1447.688873][T18010] gfs2: error -5 reading superblock
[ 1447.894140][T18020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3220'.
[ 1447.939773][T18020] syz.4.3220: attempt to access beyond end of device
[ 1447.939773][T18020] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1448.049096][T18020] gfs2: error -5 reading superblock
[ 1448.109537][T18028] batadv_slave_1: entered promiscuous mode
[ 1449.994756][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1450.023574][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1450.191659][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1450.217080][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1450.233451][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1450.546113][T18033] lo speed is unknown, defaulting to 1000
[ 1450.563186][T18019] batadv_slave_1: left promiscuous mode
[ 1450.585456][T18033] lo speed is unknown, defaulting to 1000
[ 1452.390721][   T51] Bluetooth: hci2: command tx timeout
[ 1453.012368][T18033] chnl_net:caif_netlink_parms(): no params data found
[ 1453.089020][T18065] FAULT_INJECTION: forcing a failure.
[ 1453.089020][T18065] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1453.112622][T10934] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[ 1453.120771][T10949] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1453.121192][T18065] CPU: 0 UID: 0 PID: 18065 Comm: syz.0.3231 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1453.121227][T18065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1453.121241][T18065] Call Trace:
[ 1453.121252][T18065]  <TASK>
[ 1453.121265][T18065]  dump_stack_lvl+0x189/0x250
[ 1453.121297][T18065]  ? __pfx____ratelimit+0x10/0x10
[ 1453.121334][T18065]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1453.121383][T18065]  ? __pfx__printk+0x10/0x10
[ 1453.121416][T18065]  ? __pfx_migrate_enable+0x10/0x10
[ 1453.121454][T18065]  should_fail_ex+0x414/0x560
[ 1453.121494][T18065]  _copy_to_user+0x31/0xb0
[ 1453.121524][T18065]  generic_map_lookup_batch+0x8e8/0xcc0
[ 1453.121573][T18065]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[ 1453.121602][T18065]  ? __fget_files+0x2a/0x420
[ 1453.121630][T18065]  ? __pfx_generic_map_lookup_batch+0x10/0x10
[ 1453.121663][T18065]  bpf_map_do_batch+0x25e/0x5f0
[ 1453.121686][T18065]  ? security_bpf+0x7e/0x300
[ 1453.121721][T18065]  __sys_bpf+0x70c/0x860
[ 1453.121758][T18065]  ? __pfx___sys_bpf+0x10/0x10
[ 1453.121807][T18065]  ? ksys_write+0x22a/0x250
[ 1453.121842][T18065]  ? __pfx_ksys_write+0x10/0x10
[ 1453.121870][T18065]  ? rcu_is_watching+0x15/0xb0
[ 1453.121906][T18065]  __x64_sys_bpf+0x7c/0x90
[ 1453.121937][T18065]  do_syscall_64+0xfa/0x3b0
[ 1453.121959][T18065]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1453.121994][T18065]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.122018][T18065]  ? clear_bhb_loop+0x60/0xb0
[ 1453.122047][T18065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.122069][T18065] RIP: 0033:0x7fb98cd8e929
[ 1453.122092][T18065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1453.122112][T18065] RSP: 002b:00007fb98dc07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1453.122138][T18065] RAX: ffffffffffffffda RBX: 00007fb98cfb5fa0 RCX: 00007fb98cd8e929
[ 1453.122155][T18065] RDX: 0000000000000038 RSI: 00002000000003c0 RDI: 0000000000000018
[ 1453.122170][T18065] RBP: 00007fb98dc07090 R08: 0000000000000000 R09: 0000000000000000
[ 1453.122185][T18065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1453.122199][T18065] R13: 0000000000000000 R14: 00007fb98cfb5fa0 R15: 00007ffe35e01d98
[ 1453.122235][T18065]  </TASK>
[ 1453.179381][T18068] syz.5.3225: attempt to access beyond end of device
[ 1453.179381][T18068] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1453.352749][T10934] usb 9-1: Using ep0 maxpacket: 32
[ 1453.357000][T18068] gfs2: error -5 reading superblock
[ 1453.401390][T10949] usb 5-1: config 0 has an invalid interface number: 25 but max is 0
[ 1453.468738][T10934] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1453.479613][T18033] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1453.489519][T10949] usb 5-1: config 0 has no interface number 0
[ 1453.489616][T10949] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1453.489643][T10949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1453.496234][T10934] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1453.496328][T10934] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1453.499631][T10934] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1453.506440][T18033] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.533268][T10949] usb 5-1: config 0 descriptor??
[ 1453.535544][T18033] bridge_slave_0: entered allmulticast mode
[ 1453.579809][T18033] bridge_slave_0: entered promiscuous mode
[ 1453.621888][T18033] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1453.624328][T10949] cp210x 5-1:0.25: cp210x converter detected
[ 1453.629776][T18033] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1453.643272][T18033] bridge_slave_1: entered allmulticast mode
[ 1453.651552][T10934] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1453.654578][T18033] bridge_slave_1: entered promiscuous mode
[ 1453.684172][T10934] usb 9-1: Product: Ж
[ 1453.718351][T10934] usb 9-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1453.730183][T10934] usb 9-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1453.965559][T18057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1453.968275][T18033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1453.976384][T18057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1453.996342][T18057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1454.069274][T18057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1454.111063][T18057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1454.122108][T18057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1454.154460][T18033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1454.165281][T18057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1454.188526][T18057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1454.214273][T18057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1454.231548][T18057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1454.318763][T18033] team0: Port device team_slave_0 added
[ 1454.327280][T10934] cdc_ncm 9-1:1.0: bind() failure
[ 1454.354709][T18033] team0: Port device team_slave_1 added
[ 1454.362820][T10934] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1454.387864][T10934] cdc_ncm 9-1:1.1: bind() failure
[ 1454.436669][T10934] usb 9-1: USB disconnect, device number 35
[ 1454.463342][   T51] Bluetooth: hci2: command tx timeout
[ 1454.508572][T18033] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1454.516776][T10949] cp210x 5-1:0.25: failed to get vendor val 0x000e size 3: -71
[ 1454.527460][T10949] usb 5-1: cp210x converter now attached to ttyUSB0
[ 1454.539332][T10949] usb 5-1: USB disconnect, device number 16
[ 1454.549260][T10949] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1454.553582][T18033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1454.569205][T10949] cp210x 5-1:0.25: device disconnected
[ 1454.612104][T18033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1454.627078][T18033] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1454.635272][T18033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1454.677879][T18033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1456.008887][T18033] hsr_slave_0: entered promiscuous mode
[ 1456.050250][T18033] hsr_slave_1: entered promiscuous mode
[ 1456.090830][T18033] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1456.121708][T18033] Cannot create hsr debugfs directory
[ 1456.543222][   T51] Bluetooth: hci2: command tx timeout
[ 1457.219569][T18115] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3243'.
[ 1458.623179][   T51] Bluetooth: hci2: command tx timeout
[ 1458.707035][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1458.717519][   T51] CPU: 1 UID: 0 PID: 51 Comm: kworker/u9:0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1458.717543][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1458.717555][   T51] Workqueue: hci0 hci_rx_work
[ 1458.717583][   T51] Call Trace:
[ 1458.717590][   T51]  <TASK>
[ 1458.717597][   T51]  dump_stack_lvl+0x189/0x250
[ 1458.717618][   T51]  ? kernfs_path_from_node+0x2c/0x260
[ 1458.717636][   T51]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1458.717654][   T51]  ? __pfx__printk+0x10/0x10
[ 1458.717677][   T51]  ? kernfs_path_from_node+0x2c/0x260
[ 1458.717692][   T51]  ? kernfs_path_from_node+0x2c/0x260
[ 1458.717709][   T51]  ? kernfs_path_from_node+0x22c/0x260
[ 1458.717723][   T51]  ? kernfs_path_from_node+0x2c/0x260
[ 1458.717742][   T51]  sysfs_create_dir_ns+0x259/0x280
[ 1458.717771][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1458.717797][   T51]  ? do_raw_spin_unlock+0x122/0x240
[ 1458.717822][   T51]  kobject_add_internal+0x59f/0xb40
[ 1458.717847][   T51]  kobject_add+0x155/0x220
[ 1458.717867][   T51]  ? __pfx_kobject_add+0x10/0x10
[ 1458.717883][   T51]  ? _raw_spin_unlock+0x28/0x50
[ 1458.717909][   T51]  ? get_device_parent+0x366/0x3a0
[ 1458.717932][   T51]  device_add+0x408/0xb50
[ 1458.717954][   T51]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1458.717979][   T51]  le_conn_complete_evt+0xc3a/0x1220
[ 1458.718008][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1458.718027][   T51]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1458.718041][   T51]  ? __asan_memcpy+0x40/0x70
[ 1458.718061][   T51]  ? __pfx___mutex_lock+0x10/0x10
[ 1458.718077][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1458.718102][   T51]  ? skb_pull_data+0xfb/0x200
[ 1458.718131][   T51]  hci_le_conn_complete_evt+0x187/0x450
[ 1458.718155][   T51]  hci_event_packet+0x78c/0x1200
[ 1458.718183][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1458.718202][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[ 1458.718228][   T51]  ? kcov_remote_start+0x4d3/0x7f0
[ 1458.718251][   T51]  ? lockdep_hardirqs_on+0x90/0x150
[ 1458.718277][   T51]  ? hci_send_to_monitor+0xe2/0x570
[ 1458.718299][   T51]  hci_rx_work+0x46a/0xe80
[ 1458.718329][   T51]  ? process_scheduled_works+0x9ef/0x17b0
[ 1458.718349][   T51]  process_scheduled_works+0xade/0x17b0
[ 1458.718389][   T51]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1458.718419][   T51]  worker_thread+0x8a0/0xda0
[ 1458.718458][   T51]  kthread+0x711/0x8a0
[ 1458.718482][   T51]  ? __pfx_worker_thread+0x10/0x10
[ 1458.718499][   T51]  ? __pfx_kthread+0x10/0x10
[ 1458.718521][   T51]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1458.718543][   T51]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1458.718565][   T51]  ? __pfx_kthread+0x10/0x10
[ 1458.718587][   T51]  ret_from_fork+0x3fc/0x770
[ 1458.718605][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[ 1458.718630][   T51]  ? __switch_to_asm+0x39/0x70
[ 1458.718648][   T51]  ? __switch_to_asm+0x33/0x70
[ 1458.718666][   T51]  ? __pfx_kthread+0x10/0x10
[ 1458.718687][   T51]  ret_from_fork_asm+0x1a/0x30
[ 1458.718720][   T51]  </TASK>
[ 1458.718743][   T51] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1459.031885][   T51] Bluetooth: hci0: failed to register connection device
[ 1460.352676][T10949] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[ 1461.202729][T10949] usb 9-1: Using ep0 maxpacket: 32
[ 1461.281530][T10949] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1461.327389][T10949] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1461.902630][T10949] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1461.957811][T10949] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1461.988008][T18033] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1461.999462][T10949] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1462.031266][T10949] usb 9-1: Product: Ж
[ 1462.054958][T10949] usb 9-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1462.111284][T10949] usb 9-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1462.340721][   T30] kauditd_printk_skb: 45 callbacks suppressed
[ 1462.340741][   T30] audit: type=1326 audit(1752693931.770:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.440714][T18033] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1462.465987][   T30] audit: type=1326 audit(1752693931.770:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.538164][   T30] audit: type=1326 audit(1752693931.770:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.599264][   T30] audit: type=1326 audit(1752693931.770:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.630877][T10949] cdc_ncm 9-1:1.0: bind() failure
[ 1462.651966][T10949] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1462.684371][   T30] audit: type=1326 audit(1752693931.770:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.684921][T10949] cdc_ncm 9-1:1.1: bind() failure
[ 1462.751375][   T30] audit: type=1326 audit(1752693931.770:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.777750][T18033] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1462.823320][   T30] audit: type=1326 audit(1752693931.770:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1462.894143][   T30] audit: type=1326 audit(1752693931.770:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1463.147891][   T30] audit: type=1326 audit(1752693931.770:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1463.172764][   T30] audit: type=1326 audit(1752693931.770:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18153 comm="syz.4.3256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7e0d8e929 code=0x7ffc0000
[ 1463.258682][T18033] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1463.999152][T10949] usb 9-1: USB disconnect, device number 36
[ 1464.324141][T10944] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1464.353474][T18033] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1464.405629][T18033] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1464.523198][T10944] usb 1-1: Using ep0 maxpacket: 32
[ 1464.553958][T10944] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1464.604989][T10944] usb 1-1: config 0 has no interface number 0
[ 1464.637598][T10944] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1464.639454][T18033] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1464.696710][T10944] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1464.777611][T10944] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1464.799209][T18033] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1464.802094][T10944] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1464.990562][T10944] usb 1-1: Product: syz
[ 1465.020025][T10944] usb 1-1: Manufacturer: syz
[ 1465.160722][T10944] usb 1-1: SerialNumber: syz
[ 1465.232267][T10944] usb 1-1: config 0 descriptor??
[ 1466.113160][T10944] appletouch 1-1:0.85: Geyser mode initialized.
[ 1466.149253][T10944] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input31
[ 1466.285054][T18033] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1466.525208][T18199] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3266'.
[ 1468.036675][T18033] 8021q: adding VLAN 0 to HW filter on device team0
[ 1468.062796][T10966] usb 1-1: USB disconnect, device number 9
[ 1468.158554][T14138] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1468.165823][T14138] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1468.253115][T10966] appletouch 1-1:0.85: input: appletouch disconnected
[ 1468.271002][T14138] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1468.278221][T14138] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1468.579540][T18212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3269'.
[ 1469.476229][T18033] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1469.504944][T18215] loop2: detected capacity change from 0 to 7
[ 1469.524306][T18033] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1469.544689][T18215] Dev loop2: unable to read RDB block 7
[ 1469.577414][T18215]  loop2: AHDI p1 p2 p3
[ 1469.595032][T18215] loop2: partition table partially beyond EOD, truncated
[ 1469.615416][T18212] IPVS: Unknown mcast interface: vcan0
[ 1469.662852][T18215] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1469.678446][T18215] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1471.667862][T10947] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1471.903100][T10947] usb 1-1: Using ep0 maxpacket: 32
[ 1471.954329][T10947] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1471.966300][T10947] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1472.006246][T10947] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1472.024152][T18033] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1472.048045][T10947] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1472.074512][T10947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1472.108719][T10947] usb 1-1: Product: Ж
[ 1472.139315][T10947] usb 1-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1472.191148][T10947] usb 1-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1472.212151][T18033] veth0_vlan: entered promiscuous mode
[ 1472.343887][T18033] veth1_vlan: entered promiscuous mode
[ 1472.435513][T18239] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1472.504416][T18241] syzkaller0: entered promiscuous mode
[ 1472.542646][T18241] syzkaller0: entered allmulticast mode
[ 1472.745683][T10947] cdc_ncm 1-1:1.0: bind() failure
[ 1473.110869][T10947] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1474.193142][T18238] tipc: Resetting bearer <eth:syzkaller0>
[ 1474.199768][T10947] cdc_ncm 1-1:1.1: bind() failure
[ 1474.228755][T18238] tipc: Disabling bearer <eth:syzkaller0>
[ 1474.366961][T18247] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3277'.
[ 1474.573999][T18033] veth0_macvtap: entered promiscuous mode
[ 1474.595010][T18033] veth1_macvtap: entered promiscuous mode
[ 1474.620596][T18033] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1474.632192][T18033] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1474.645613][T18033] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1474.665975][T18033] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1474.680131][T18033] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1474.718614][T18033] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1475.080360][T13769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1475.121651][T13769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1475.813711][T10947] usb 1-1: USB disconnect, device number 10
[ 1476.084647][T18242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1476.160047][T18255] sp0: Synchronizing with TNC
[ 1476.184740][T18242] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1476.330303][T18257] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3280'.
[ 1476.912917][T16516] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[ 1477.075295][T16516] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1477.112706][T16516] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1477.142915][T16516] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 1477.182976][T16516] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1477.210124][T16516] usb 9-1: config 0 descriptor??
[ 1477.833324][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1477.860637][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1477.886191][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1477.920613][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1478.183557][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1478.190415][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1478.197609][T16516] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0
[ 1478.899750][T16516] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.8-1/input0
[ 1479.116317][T16516] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device
[ 1479.124648][T16516] pyra 0003:1E7D:2CF6.000C: couldn't install mouse
[ 1479.133498][T16516] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -5
[ 1479.181972][T18280] kvm: kvm [18267]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010005) = 0xaf
[ 1481.930707][T10947] usb 9-1: USB disconnect, device number 37
[ 1482.163211][T10934] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1482.349806][T18299] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3288'.
[ 1482.942617][T10934] usb 1-1: Using ep0 maxpacket: 32
[ 1483.739845][T10934] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1483.761504][T10934] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1483.782046][T10934] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1483.815781][T10934] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1483.825227][T10934] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1483.851175][T10934] usb 1-1: Product: Ж
[ 1483.857571][T10934] usb 1-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1483.876364][T10934] usb 1-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1484.620796][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.850075][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1484.861584][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1484.876157][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1484.886697][T10934] usb 1-1: can't set config #1, error -71
[ 1484.905843][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1484.913836][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1484.925880][T10934] usb 1-1: USB disconnect, device number 11
[ 1485.034653][T18307] FAULT_INJECTION: forcing a failure.
[ 1485.034653][T18307] name failslab, interval 1, probability 0, space 0, times 0
[ 1485.081899][T18304] lo speed is unknown, defaulting to 1000
[ 1485.153152][T18307] CPU: 1 UID: 0 PID: 18307 Comm: syz.0.3293 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1485.153186][T18307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1485.153199][T18307] Call Trace:
[ 1485.153209][T18307]  <TASK>
[ 1485.153218][T18307]  dump_stack_lvl+0x189/0x250
[ 1485.153247][T18307]  ? __pfx____ratelimit+0x10/0x10
[ 1485.153278][T18307]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1485.153302][T18307]  ? __pfx__printk+0x10/0x10
[ 1485.153335][T18307]  ? __pfx___might_resched+0x10/0x10
[ 1485.153363][T18307]  should_fail_ex+0x414/0x560
[ 1485.153398][T18307]  should_failslab+0xa8/0x100
[ 1485.153433][T18307]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1485.153465][T18307]  ? __alloc_skb+0x112/0x2d0
[ 1485.153493][T18307]  __alloc_skb+0x112/0x2d0
[ 1485.153521][T18307]  netlink_sendmsg+0x5c6/0xb30
[ 1485.153558][T18307]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1485.153593][T18307]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1485.153622][T18307]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1485.153647][T18307]  __sock_sendmsg+0x219/0x270
[ 1485.153683][T18307]  ____sys_sendmsg+0x505/0x830
[ 1485.153714][T18307]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1485.153749][T18307]  ? import_iovec+0x74/0xa0
[ 1485.153785][T18307]  ___sys_sendmsg+0x21f/0x2a0
[ 1485.153813][T18307]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1485.153878][T18307]  ? __fget_files+0x2a/0x420
[ 1485.153896][T18307]  ? __fget_files+0x3a0/0x420
[ 1485.153927][T18307]  __x64_sys_sendmsg+0x19b/0x260
[ 1485.153958][T18307]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1485.153995][T18307]  ? __pfx_ksys_write+0x10/0x10
[ 1485.154022][T18307]  ? rcu_is_watching+0x15/0xb0
[ 1485.154051][T18307]  ? do_syscall_64+0xbe/0x3b0
[ 1485.154075][T18307]  do_syscall_64+0xfa/0x3b0
[ 1485.154094][T18307]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1485.154123][T18307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1485.154143][T18307]  ? clear_bhb_loop+0x60/0xb0
[ 1485.154167][T18307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1485.154186][T18307] RIP: 0033:0x7fb98cd8e929
[ 1485.154204][T18307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1485.154222][T18307] RSP: 002b:00007fb98dc07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1485.154245][T18307] RAX: ffffffffffffffda RBX: 00007fb98cfb5fa0 RCX: 00007fb98cd8e929
[ 1485.154260][T18307] RDX: 0000000000000004 RSI: 0000200000001080 RDI: 0000000000000004
[ 1485.154274][T18307] RBP: 00007fb98dc07090 R08: 0000000000000000 R09: 0000000000000000
[ 1485.154286][T18307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1485.154298][T18307] R13: 0000000000000000 R14: 00007fb98cfb5fa0 R15: 00007ffe35e01d98
[ 1485.154327][T18307]  </TASK>
[ 1485.434832][T18304] lo speed is unknown, defaulting to 1000
[ 1485.569520][T18312] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3291'.
[ 1485.579893][T18312] syz.4.3291: attempt to access beyond end of device
[ 1485.579893][T18312] nbd4: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1485.593212][T18312] gfs2: error -5 reading superblock
[ 1487.012656][   T51] Bluetooth: hci2: command tx timeout
[ 1487.910585][T18342] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3298'.
[ 1489.092700][   T51] Bluetooth: hci2: command tx timeout
[ 1489.682781][T10949] usb 9-1: new high-speed USB device number 38 using dummy_hcd
[ 1492.155829][   T51] Bluetooth: hci2: command tx timeout
[ 1492.202990][T10949] usb 9-1: device descriptor read/64, error -71
[ 1492.257664][T18304] chnl_net:caif_netlink_parms(): no params data found
[ 1492.540110][T18362] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3302'.
[ 1493.613404][T18304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1493.633104][T18304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1493.653204][T18304] bridge_slave_0: entered allmulticast mode
[ 1493.671645][T18304] bridge_slave_0: entered promiscuous mode
[ 1493.681295][T18304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1493.689058][T18304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1493.696547][T18304] bridge_slave_1: entered allmulticast mode
[ 1493.703122][T10966] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[ 1493.705022][T18304] bridge_slave_1: entered promiscuous mode
[ 1493.944743][T10966] usb 9-1: Using ep0 maxpacket: 32
[ 1494.158902][T18304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1494.169574][T10966] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 1494.233860][T14739] Bluetooth: hci2: command tx timeout
[ 1494.242194][T10966] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1494.257889][T18304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1494.286129][T10966] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1494.433185][T10966] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1494.459319][T10966] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1494.478267][T10966] usb 9-1: Product: Ж
[ 1494.482450][T10966] usb 9-1: Manufacturer: 䋘큗瓁꣤훠敹˼穸稜馨潗鯳菤樳Ŗෟႁœ泚ƙ훠䥒撷
[ 1494.582773][T10966] usb 9-1: SerialNumber: 㬫ꌀ翋ၱ퇆⧙渁ṻ䷹壐䚲䲟ꘗ箿뎤쁟ᧆ
[ 1494.603680][T18377] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3306'.
[ 1494.614326][T18377] syz.5.3306: attempt to access beyond end of device
[ 1494.614326][T18377] nbd5: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1494.627758][T18377] gfs2: error -5 reading superblock
[ 1494.830612][T18304] team0: Port device team_slave_0 added
[ 1494.886178][T18304] team0: Port device team_slave_1 added
[ 1495.148661][T10966] cdc_ncm 9-1:1.0: bind() failure
[ 1495.264387][T18385] openvswitch: netlink: VXLAN extension message has 45 unknown bytes.
[ 1495.921347][T10966] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1495.942907][T10966] cdc_ncm 9-1:1.1: bind() failure
[ 1495.968493][T18387] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1496.011732][T10966] usb 9-1: USB disconnect, device number 40
[ 1496.087578][T18304] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1496.259084][T18304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1496.923843][T18304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1496.933573][T18380] Bluetooth: hci0: command 0x0406 tx timeout
[ 1496.950636][T18304] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1496.957683][T18304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1497.071138][T18304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1497.249154][T18304] hsr_slave_0: entered promiscuous mode
[ 1497.276023][T18304] hsr_slave_1: entered promiscuous mode
[ 1497.292059][T18304] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1497.300264][T18304] Cannot create hsr debugfs directory
[ 1497.369459][T18404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3311'.
[ 1502.542786][   T31] INFO: task kworker/u8:28:14180 blocked for more than 144 seconds.
[ 1502.551303][   T31]       Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0
[ 1502.591802][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1502.612948][   T31] task:kworker/u8:28   state:D stack:21888 pid:14180 tgid:14180 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1502.652901][   T31] Workqueue: netns cleanup_net
[ 1502.672713][   T31] Call Trace:
[ 1502.676097][   T31]  <TASK>
[ 1502.724732][   T31]  __schedule+0x16a2/0x4cb0
[ 1502.729350][   T31]  ? schedule+0x165/0x360
[ 1502.781513][   T31]  ? __pfx___schedule+0x10/0x10
[ 1502.792592][   T31]  ? schedule+0x91/0x360
[ 1502.796930][   T31]  schedule+0x165/0x360
[ 1502.861658][T18427] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3318'.
[ 1502.874674][T18427] syz.8.3318: attempt to access beyond end of device
[ 1502.874674][T18427] nbd8: rw=6144, sector=128, nr_sectors = 8 limit=0
[ 1502.887920][T18427] gfs2: error -5 reading superblock
[ 1502.903295][   T31]  afs_cell_purge+0x3d9/0x540
[ 1502.908074][   T31]  ? __pfx_afs_cell_purge+0x10/0x10
[ 1502.913431][   T31]  ? __pfx_var_wake_function+0x10/0x10
[ 1502.919729][   T31]  ? afs_net+0x45/0x270
[ 1502.924372][   T31]  ? afs_net+0x45/0x270
[ 1502.928617][   T31]  afs_net_exit+0x50/0x100
[ 1502.933590][   T31]  ops_undo_list+0x49a/0x990
[ 1502.938248][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1502.956939][   T31]  cleanup_net+0x4c5/0x800
[ 1502.961467][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1502.973743][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1502.979025][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1502.992562][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1503.001550][   T31]  process_scheduled_works+0xade/0x17b0
[ 1503.007810][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1503.014694][   T31]  worker_thread+0x8a0/0xda0
[ 1503.019376][   T31]  kthread+0x711/0x8a0
[ 1503.023557][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1503.028711][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.033418][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1503.038668][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1503.047471][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.052168][   T31]  ret_from_fork+0x3fc/0x770
[ 1503.056895][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1503.062061][   T31]  ? __switch_to_asm+0x39/0x70
[ 1503.066904][   T31]  ? __switch_to_asm+0x33/0x70
[ 1503.071714][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.076705][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1503.081534][   T31]  </TASK>
[ 1503.089829][   T31] 
[ 1503.089829][   T31] Showing all locks held in the system:
[ 1503.109780][   T31] 1 lock held by khungtaskd/31:
[ 1503.134446][   T31]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1503.160313][   T31] 2 locks held by getty/5601:
[ 1503.166969][   T31]  #0: ffff8880308a30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1503.230697][   T31]  #1: ffffc9000332e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1503.260906][   T31] 3 locks held by kworker/1:4/10934:
[ 1503.268521][   T31] 3 locks held by kworker/u8:28/14180:
[ 1503.281582][   T31]  #0: ffff88801b2fb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1503.302596][   T31]  #1: ffffc9000413fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1503.322409][   T31]  #2: ffffffff8f4feb50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 1503.332191][   T31] 9 locks held by syz-executor/18304:
[ 1503.340509][   T31]  #0: ffff888035b8c428 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x211/0xa90
[ 1503.353209][   T31]  #1: ffff88804b2ec888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e0/0x4f0
[ 1503.363120][   T31]  #2: ffff8880277f15a8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x203/0x4f0
[ 1503.373416][   T31]  #3: ffffffff8ed98f08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x360
[ 1503.384149][   T31]  #4: ffff8880770590e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0
[ 1503.394928][   T31]  #5: ffff88807705a250 (&devlink->lock_key#17){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
[ 1503.405152][   T31]  #6: ffffffff8f50b748 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0xdb/0x670
[ 1503.415204][   T31]  #7: ffff888058b00d30 (&dev_instance_lock_key#20){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x5a1/0x2320
[ 1503.427478][   T31]  #8: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[ 1503.438582][   T31] 1 lock held by syz.8.3318/18426:
[ 1503.445499][   T31]  #0: ffffffff8e144ac0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 1503.460259][   T31] 
[ 1503.483590][   T31] =============================================
[ 1503.483590][   T31] 
[ 1503.507825][   T31] NMI backtrace for cpu 0
[ 1503.507848][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1503.507872][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1503.507894][   T31] Call Trace:
[ 1503.507902][   T31]  <TASK>
[ 1503.507911][   T31]  dump_stack_lvl+0x189/0x250
[ 1503.507939][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1503.507969][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1503.507992][   T31]  ? __pfx__printk+0x10/0x10
[ 1503.508032][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1503.508063][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1503.508088][   T31]  ? _printk+0xcf/0x120
[ 1503.508118][   T31]  ? __pfx__printk+0x10/0x10
[ 1503.508154][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1503.508188][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1503.508217][   T31]  watchdog+0xfee/0x1030
[ 1503.508248][   T31]  ? watchdog+0x1de/0x1030
[ 1503.508287][   T31]  kthread+0x711/0x8a0
[ 1503.508318][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1503.508346][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.508375][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1503.508403][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1503.508432][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.508460][   T31]  ret_from_fork+0x3fc/0x770
[ 1503.508484][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1503.508511][   T31]  ? __switch_to_asm+0x39/0x70
[ 1503.508536][   T31]  ? __switch_to_asm+0x33/0x70
[ 1503.508560][   T31]  ? __pfx_kthread+0x10/0x10
[ 1503.508588][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1503.508630][   T31]  </TASK>
[ 1503.508638][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1503.677097][    C1] NMI backtrace for cpu 1
[ 1503.677114][    C1] CPU: 1 UID: 0 PID: 14181 Comm: kworker/u8:29 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1503.677136][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1503.677149][    C1] Workqueue: bat_events batadv_nc_worker
[ 1503.677180][    C1] RIP: 0010:__lock_acquire+0x80c/0xd20
[ 1503.677201][    C1] Code: d2 e9 c4 00 00 00 48 c7 c7 f0 04 01 8e 48 89 de e8 79 e7 51 03 eb c2 44 89 e0 25 ff 1f 00 00 41 c1 ec 03 41 81 e4 00 60 00 00 <41> 09 c4 4c 89 f9 48 c1 e9 20 89 ca c1 c2 04 41 29 cc 44 31 e2 44
[ 1503.677217][    C1] RSP: 0018:ffffc9000b4a78f0 EFLAGS: 00000006
[ 1503.677232][    C1] RAX: 0000000000000007 RBX: 0000000000000002 RCX: 0000000000000000
[ 1503.677244][    C1] RDX: 0000000000000000 RSI: ffff888020f8c740 RDI: ffff888020f8bc00
[ 1503.677256][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8b360092
[ 1503.677268][    C1] R10: dffffc0000000000 R11: ffffffff8b35ffc0 R12: 0000000000004000
[ 1503.677282][    C1] R13: ffff888020f8c6f0 R14: ffff888020f8c740 R15: 59ec4b3d740c3bfb
[ 1503.677296][    C1] FS:  0000000000000000(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[ 1503.677310][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1503.677324][    C1] CR2: 00007f8a69b7f2d8 CR3: 0000000078654000 CR4: 00000000003526f0
[ 1503.677341][    C1] Call Trace:
[ 1503.677349][    C1]  <TASK>
[ 1503.677361][    C1]  ? batadv_nc_worker+0xd2/0x610
[ 1503.677387][    C1]  lock_acquire+0x120/0x360
[ 1503.677403][    C1]  ? batadv_nc_worker+0xd2/0x610
[ 1503.677430][    C1]  ? batadv_nc_worker+0xd2/0x610
[ 1503.677453][    C1]  ? batadv_nc_worker+0xd2/0x610
[ 1503.677476][    C1]  batadv_nc_worker+0xef/0x610
[ 1503.677498][    C1]  ? batadv_nc_worker+0xd2/0x610
[ 1503.677521][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1503.677541][    C1]  process_scheduled_works+0xade/0x17b0
[ 1503.677573][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1503.677599][    C1]  worker_thread+0x8a0/0xda0
[ 1503.677619][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1503.677648][    C1]  ? __kthread_parkme+0x7b/0x200
[ 1503.677673][    C1]  kthread+0x711/0x8a0
[ 1503.677697][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1503.677715][    C1]  ? __pfx_kthread+0x10/0x10
[ 1503.677738][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1503.677761][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1503.677786][    C1]  ? __pfx_kthread+0x10/0x10
[ 1503.677809][    C1]  ret_from_fork+0x3fc/0x770
[ 1503.677827][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1503.677846][    C1]  ? __switch_to_asm+0x39/0x70
[ 1503.677867][    C1]  ? __switch_to_asm+0x33/0x70
[ 1503.677887][    C1]  ? __pfx_kthread+0x10/0x10
[ 1503.677910][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1503.677939][    C1]  </TASK>
[ 1503.678431][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1503.946277][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1503.958098][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1503.968176][   T31] Call Trace:
[ 1503.971469][   T31]  <TASK>
[ 1503.974416][   T31]  dump_stack_lvl+0x99/0x250
[ 1503.979027][   T31]  ? __asan_memcpy+0x40/0x70
[ 1503.983641][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1503.988852][   T31]  ? __pfx__printk+0x10/0x10
[ 1503.993471][   T31]  panic+0x2db/0x790
[ 1503.997387][   T31]  ? __pfx_panic+0x10/0x10
[ 1504.001816][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1504.007644][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1504.013039][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 1504.019226][   T31]  watchdog+0x102d/0x1030
[ 1504.023581][   T31]  ? watchdog+0x1de/0x1030
[ 1504.028024][   T31]  kthread+0x711/0x8a0
[ 1504.032120][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1504.036817][   T31]  ? __pfx_kthread+0x10/0x10
[ 1504.041427][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1504.046642][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1504.051858][   T31]  ? __pfx_kthread+0x10/0x10
[ 1504.056468][   T31]  ret_from_fork+0x3fc/0x770
[ 1504.061083][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1504.066237][   T31]  ? __switch_to_asm+0x39/0x70
[ 1504.071044][   T31]  ? __switch_to_asm+0x33/0x70
[ 1504.075834][   T31]  ? __pfx_kthread+0x10/0x10
[ 1504.080461][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1504.085284][   T31]  </TASK>
[ 1504.088589][   T31] Kernel Offset: disabled
[ 1504.092931][   T31] Rebooting in 86400 seconds..