last executing test programs:

35.62920496s ago: executing program 0 (id=2404):
syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read(r0, &(0x7f0000000440)=""/151, 0x97)
pwrite64(r0, &(0x7f0000000040)="7da2e7", 0x3, 0x4)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a300000000030000000090a010400000000000000000700000008000a40000000000900010073797a300000000008000540000000212c0000000c0a01030000000000000000070000080900020073797a31000000000900010073441806cbce3a05e2797a3000000000140000001000010000000000000000000084000a"], 0xa4}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg1\x00'})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYBLOB="6e6174000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000e9ffffffffffffff00"/116], 0x74)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xa6, &(0x7f0000000140)=""/166, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)

32.264547957s ago: executing program 0 (id=2423):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r2=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r2, 0x2000000}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="04000000000000000000000008000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=r2, @ANYBLOB="0000000001"], 0x48}}, 0x0)

32.152088663s ago: executing program 0 (id=2424):
syz_clone3(&(0x7f0000000100)={0x801400, &(0x7f00000000c0)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close_range(r0, r0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
openat(r1, &(0x7f0000000280)='./file0\x00', 0x472680, 0x70)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%pi6   \x00'}, 0x1c)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x5)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r5, 0x6, 0x2, &(0x7f00000000c0)={0x1, '{=\f'}, 0x6)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000f9000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffff57, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r7, 0x4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000001b00)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbec, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f00000000c0)={'sit0\x00', <r9=>0x0, 0x80, 0x7800, 0x7, 0x101, {{0x1d, 0x4, 0x2, 0x17, 0x74, 0x65, 0x0, 0x9, 0x2b, 0x0, @multicast2, @multicast2, {[@timestamp_prespec={0x44, 0x3c, 0xce, 0x3, 0x0, [{@local, 0x7}, {@loopback, 0x8}, {@empty, 0x6}, {@broadcast, 0x3}, {@empty}, {@loopback}, {@local, 0x4}]}, @end, @lsrr={0x83, 0x23, 0x42, [@loopback, @private=0xa010101, @rand_addr=0x64010102, @remote, @loopback, @rand_addr=0x64010102, @broadcast, @empty]}]}}}}})
r10 = signalfd4(r3, &(0x7f00000002c0)={[0x8, 0xb560]}, 0x8, 0x800)
ioctl$AUTOFS_IOC_PROTOVER(r10, 0x80049363, &(0x7f0000000300))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r12 = openat$cgroup_devices(r11, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r12, &(0x7f0000000180)={'b', ' *:* ', 'rwm\x00'}, 0xa)
r13 = openat$cgroup_devices(r11, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r13, &(0x7f0000000100)={'a', ' *:* ', 'rwm\x00'}, 0xa)
r14 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x2, '\x00', r9, r14, 0x3, 0x5, 0x5}, 0x50)
ioctl$KDFONTOP_COPY(r2, 0x4b72, 0x0)
ioctl$TCFLSH(r2, 0x5608, 0x0)

31.965038327s ago: executing program 0 (id=2427):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x0, 0x2)
r2 = openat$tun(0xffffff9c, &(0x7f0000000080), 0x80000, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x4000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYINDEX(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x24, 0xf, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x45, &(0x7f0000000100)={0x0, 0x0}, 0x64)
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0x0, 0x0, 0x8, 0x8, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x0, 0xc, 0x8, 0x0, 0xfd, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x3, 0x0, 0x3, 0x0, 0x0, 0xfa}, {0xdddd0000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0x5000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0x80}, {0x8080000, 0x2, 0xa, 0x6, 0x5, 0x0, 0x3}, {0x80a0000, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000000)=@t={0x4, 0x8, 0x1, 0x2})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'wlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
init_module(&(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0xff, 0x4, 0xfc, 0xffffffffffffffff, 0x3, 0x6, 0x8, 0x190, 0x40, 0x278, 0x10, 0x4, 0x38, 0x2, 0xe9, 0x8, 0xc}, [], "8202bdbe1aeb0f28648055f1d5740d47"}, 0xfffd8, 0x0)
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r1], 0xfd6c)

30.817286738s ago: executing program 0 (id=2440):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000140)={r0})
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000040)=0xcde, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000000)="b9fe030768045c8c989a14f088a8657986dda8c6e96fd9d5a77080d1016ac1eb01639fa5680155e0b2c6ed515651056c705918431d6a", 0x0, 0x9e, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

30.723441633s ago: executing program 0 (id=2441):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = syz_open_dev$dri(&(0x7f0000001500), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r5, 0xc02864c3, &(0x7f0000001800)={0x0})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x44100, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='qnx6\x00', 0x208800, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r9, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0xc}], 0x4)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
r10 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r6)
r11 = socket$unix(0x1, 0x1, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@delchain={0x490, 0x65, 0x300, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r13, {0xffe0, 0x1}, {0x0, 0xb}, {0x10}}, [@TCA_RATE={0x6, 0x5, {0x1, 0xfb}}, @filter_kind_options=@f_basic={{0xa}, {0x450, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x5, 0xe}}, @TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x2, 0x3, 0x1, 0x3, {0x15, 0x0, 0xa, 0x8, 0x4, 0x8}, {0x80, 0x2, 0x1, 0x3, 0x3, 0x1}, 0x5, 0x4, 0x6}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x10000, 0x8, 0x86a, 0x1, 0x5, 0x7, 0x8, 0xfffffc00, 0xa9, 0x7, 0x100, 0x6, 0x2, 0xfffffffe, 0x7, 0x55b, 0x1, 0x5, 0x3, 0x7, 0xffffffff, 0x800, 0x8c7, 0x3c, 0x8, 0xe2a, 0x7, 0x0, 0x4, 0x1, 0xae96, 0x2, 0x8, 0x4, 0x3, 0x7fffffff, 0x4, 0xc, 0x8, 0x1, 0xffffffff, 0xffff, 0xfff, 0x8, 0x960, 0x0, 0x6, 0xffff, 0x0, 0x81, 0x6, 0x0, 0x3, 0x401, 0x3c, 0x8, 0x4, 0x3, 0x7fe00000, 0x6f7, 0x2, 0x400, 0x401, 0x4, 0x1, 0x7, 0x80, 0xd9f1, 0x7f, 0x4, 0x8, 0x1, 0xffffffff, 0x3, 0x401, 0x2, 0x4, 0x6, 0xa8c, 0x6, 0x3ff, 0x3, 0xce12, 0x9, 0x82, 0x2, 0x0, 0x8, 0xfffffff7, 0x40, 0x200, 0x6, 0x8, 0xb04, 0x800, 0x7, 0xffff, 0x400, 0x7, 0x3dbe, 0xd8cf, 0x1, 0x8, 0x7, 0x6, 0x7, 0xffffffef, 0xfffffff7, 0x0, 0x4, 0x1807, 0x9, 0x618, 0x7, 0x8, 0x8000000, 0x5, 0x7f, 0x9, 0x1d0, 0xfffff001, 0x4, 0x7cc, 0x1, 0x7, 0x2, 0x3, 0x3, 0x5, 0xb5, 0x7, 0xffffffff, 0x5, 0x1, 0x6, 0x6, 0xb4000000, 0x86a1, 0x4, 0x5, 0x1, 0x3ff, 0x9a, 0x200, 0x1000, 0xfffffffc, 0x6, 0x10836cf7, 0x80000000, 0x8, 0x7, 0x2, 0x4, 0x9, 0x1, 0x2, 0x2, 0x8001, 0x6, 0x0, 0xde16, 0x10000, 0xb119, 0x3, 0x8, 0x101, 0x0, 0x4, 0xe6, 0xde1, 0x4, 0x2, 0x1000, 0x7f, 0xd, 0x1, 0x7e3, 0xf8, 0x0, 0xba8, 0xffff, 0x5, 0x9, 0x40, 0x400, 0x9, 0xffff0, 0x80000001, 0x6, 0x5, 0x800, 0x3, 0x8b, 0x38000, 0x1, 0x6, 0x400, 0x6, 0x3, 0x7, 0x5, 0x5, 0x4, 0x4, 0x7, 0x401, 0xec28, 0x5afa14c0, 0x4, 0x5, 0x2, 0xffffffff, 0x55a2, 0xffffffff, 0x1, 0xa2b, 0x0, 0x7f, 0x7, 0x9, 0xffffffff, 0x9, 0x10000, 0x0, 0x1, 0x1000, 0xffffff80, 0x4, 0x0, 0x2, 0x4, 0x3, 0x2, 0x3c, 0x4, 0xfffffffc, 0x7, 0x9, 0x746d, 0x3, 0x1, 0x8, 0x8, 0x5, 0xffffff4d, 0x4, 0x80, 0x7fff, 0x0, 0x6, 0x4fbf70ed, 0x8df, 0x7, 0x3, 0xb4, 0x170]}]}]}}, @TCA_RATE={0x6, 0x5, {0xc3, 0x5}}]}, 0x490}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r13, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000071}, 0x4008000)
fspick(r7, &(0x7f0000000240)='./cgroup\x00', 0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

15.199211425s ago: executing program 1 (id=2540):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0xa8, r0, 0x4, 0x20, 0x0, {0x54}, [{{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0xfffffffffffffdb1}}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8001}, 0x10) (async)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x2802, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r3, 0x40045701, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0, 0x1000, &(0x7f0000000040), &(0x7f0000000a00)=""/4096, 0x7, 0x0, 0x0, 0x600, &(0x7f0000001a00), &(0x7f0000002a00)="224c4c57ed427b49f980a0ba68148bc858da6c51b74afb24efe9c05f6668d1d8174747aa2bfc7273bf32e3b1d71b78b7973c97c4a0abd2d3b6772d59084ef63d4053c7a948630179d4ce9fca5284f375d6ffdd622d14eda5a51812133fcd1a4cc78d077a74fcadaf6c85988017066759389d1cf8e9d0fc5ac3f3af00f38d26be536689494f79f44e6674166ae0723e4ce50b9459fa36cb983da61215dca38e73c5c60a880201bd4cc9a130a6977e4f978a02b417d5cb75aa0678edd8a50597208f961499c1b8da4de277e9ccd83e6ed680a9307e7e9fb35b44febe8358b7408dfafc7c889f2e5dadc72775d3fc534e7d913ce0fc1a531a4f773750d8a46bced56fa85733eed886bd326e43b59fd650ae8291965b90ca0a47b35a2c3d37ed4dd1bc50b6f43e56591d646da8e4dff3e282d34093f41a6c7c3408ae768d3f46576605471ce9665fe7ab2fc026c3e7b188a3a267b97e3e7e198f8752e39a336331ab7c3add52a4468b5b277fdc23f3f0572f47e405c3f9f5a4ef66b98c2891e694c700a835735f93c457188dd38fceebad8721cfe1ec6abd5d3462ad4e8d9850f90f36e3e27621fbff8a20f7421e685b2548d6710a306767d7550a9166f3f544e062538cdf670e889ef5342bb04e51127bf3a0188f90bd408f5846ac980fff6188302fc00e292442efb18685e4564ae35e0c6cc8807efc0c20cb7edae15094b9b7fa08b0cc616ac3533bc9a96b885153b20685a856a3f00bb33c90f59531a3cb5169c13b430825b5e12d42e988b2dc3d2ba9b59db49dfa12ee589157cd45b7fa2d55673001373c8067a30e28589eb6b0db45cb456b212d36db9ed46f43bad0d6a4aaefefbfa6c1bac81310280c4cafbe2b8985e88b949da06b7a45e8de438bc4c96f768f8e30bf6b696321496b63440a9d2c03986dd61f31677bcf45e6dbdec429eedae8792a4f6c3731030278a1128cc5d00f1445108b0ea0a4a2330a82ec83a8edd5deeb7e2c141643daa3127df95d9e18007085c9380be262e8e42ca3db77d0ce592961de09b18ef5cd5d1678823ead6e3cc41a095ff0da2d57999ac0f9d95723d37751837fb958e96dae8079cfe45042fcbcc7a22de06e59b4b781118de874429c9a41175ccb5896b479c26d7012a1d212f1b9c1a8d910252c016de1691dca25a5312554cb58bfb57f072bca990678bf91482c1c8a57d0dedb5e01fd0a84854aee22795af9b4f40d0c1824e2902185263c854b4f71cb017b6e3c654439fc90e7da3cdccaebf6becfe8edccbe366d479daf0a83a89d3ca0711197d6aaaa9b71a3732081d33606dd963cf508ce8d6668cb569367b7a969fcbe83e69dab054437420aec66ea57166ac8237f56fd7344b3f0d1daa1e474d0047dfd67cba3638d249ec135e4e45cfc62faefbc74fb8e89fef29e3b15cc9c67e5f1a31cebafc97c4ee4511e3a3b055f7afb249ab8031b1f212d94dda7b8ea560f637bd3a276bdaf46a4cfdc24d62accd6a3856405d22308db145a2c2bfe57eb239f424c89c2cff842d192211ade04988a97aa1057b7c5c72937ed26af2260ec243d8f6158bf845100806f5eaa97e0de93998847e75251bd8b0bf344c66a65acf08403a149c8ade18a46627f8e700453f94465f6ee418164a645858fd9d7dcd94e4f27b63384b864c2aecdb141c02804e0ae9a6a358d5a85e13de9de41af0a12a4b1057fafd9a5321158bb153a2872717c0ce68f324c6a30cebd2b9681038bc290b0b002c2e2c23db32a7f600b6150dd3425c668cb0fae01ba28372e0c0316c4783240d59852c0b778d9db17666538d398e9f41bbdfe3b8f4c5df8972fc54aa6031d2f2e1ca487c30df70b7f5bd4cd0199ea068d519bd35cc7461554a55ce20d2ebf87b207e14af4d7353dbc0a34afe6e1f1fd58c50c017c677e95ad2b7acedec5e23045d051911cebfcae3faa2edcb9d691ec10db27a4d593fd3c3700d7774e3747500a58743ac5ff28a6345c2235be43a4fec60eb9da4fb39d381c41374915782546d2d8585e4c8a4c77abe3a52f9c8ece575280cd8b302354f7facecc18f9e3bb0d9b684011e0d0cf5f63383a63fe1fb1c92a613ffa2a594dde0664abf473ecea494cd46c48fb18a8f908606cfa4a92789d7dc0f94f09da63340208a89df04f46bc9d1375ab20a42d", 0x4, 0x0, 0x2}, 0x4c) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async)
prctl$PR_SET_SECUREBITS(0x1c, 0x25) (async)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0) (async)
socket$key(0xf, 0x3, 0x2)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
openat$ptmx(0xffffff9c, 0x0, 0x200, 0x0) (async)
r6 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r7=>0x0, &(0x7f00000006c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r6, 0x0, 0x0, 0x0, 0x2}) (async)
io_uring_enter(r6, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0) (async)
io_uring_enter(r6, 0x627, 0x4c1, 0x43, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x108, &(0x7f0000000040)=0x5, 0x0, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f00000000c0)=ANY=[@ANYBLOB="050000000000000071112400000000008510000002000000850000000e00000095000000000000009500a5050000000081d9bff3fafd2c849ac925c5d40200000000000000e3bf541029f6"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

15.062578749s ago: executing program 1 (id=2542):
timer_create(0x0, 0x0, &(0x7f0000000100))
keyctl$join(0x1, 0x0)
r0 = socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0)
r1 = openat$tun(0xffffff9c, &(0x7f0000000180), 0x2401, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pimreg\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0xd0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000000240)=""/112, 0x349b7f55)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000000c0)="7fe6bb2e0f4a41dc6856a1a43d6f8239", 0x10)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x5, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_matchall={{0xd}, {0x60, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x3e, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0x100d87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x10}, 0x0)

14.626364799s ago: executing program 32 (id=2441):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = syz_open_dev$dri(&(0x7f0000001500), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r5, 0xc02864c3, &(0x7f0000001800)={0x0})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x44100, 0x0)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='qnx6\x00', 0x208800, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r9, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0xc}], 0x4)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})
r10 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r6)
r11 = socket$unix(0x1, 0x1, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@delchain={0x490, 0x65, 0x300, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, r13, {0xffe0, 0x1}, {0x0, 0xb}, {0x10}}, [@TCA_RATE={0x6, 0x5, {0x1, 0xfb}}, @filter_kind_options=@f_basic={{0xa}, {0x450, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x5, 0xe}}, @TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x2, 0x3, 0x1, 0x3, {0x15, 0x0, 0xa, 0x8, 0x4, 0x8}, {0x80, 0x2, 0x1, 0x3, 0x3, 0x1}, 0x5, 0x4, 0x6}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x10000, 0x8, 0x86a, 0x1, 0x5, 0x7, 0x8, 0xfffffc00, 0xa9, 0x7, 0x100, 0x6, 0x2, 0xfffffffe, 0x7, 0x55b, 0x1, 0x5, 0x3, 0x7, 0xffffffff, 0x800, 0x8c7, 0x3c, 0x8, 0xe2a, 0x7, 0x0, 0x4, 0x1, 0xae96, 0x2, 0x8, 0x4, 0x3, 0x7fffffff, 0x4, 0xc, 0x8, 0x1, 0xffffffff, 0xffff, 0xfff, 0x8, 0x960, 0x0, 0x6, 0xffff, 0x0, 0x81, 0x6, 0x0, 0x3, 0x401, 0x3c, 0x8, 0x4, 0x3, 0x7fe00000, 0x6f7, 0x2, 0x400, 0x401, 0x4, 0x1, 0x7, 0x80, 0xd9f1, 0x7f, 0x4, 0x8, 0x1, 0xffffffff, 0x3, 0x401, 0x2, 0x4, 0x6, 0xa8c, 0x6, 0x3ff, 0x3, 0xce12, 0x9, 0x82, 0x2, 0x0, 0x8, 0xfffffff7, 0x40, 0x200, 0x6, 0x8, 0xb04, 0x800, 0x7, 0xffff, 0x400, 0x7, 0x3dbe, 0xd8cf, 0x1, 0x8, 0x7, 0x6, 0x7, 0xffffffef, 0xfffffff7, 0x0, 0x4, 0x1807, 0x9, 0x618, 0x7, 0x8, 0x8000000, 0x5, 0x7f, 0x9, 0x1d0, 0xfffff001, 0x4, 0x7cc, 0x1, 0x7, 0x2, 0x3, 0x3, 0x5, 0xb5, 0x7, 0xffffffff, 0x5, 0x1, 0x6, 0x6, 0xb4000000, 0x86a1, 0x4, 0x5, 0x1, 0x3ff, 0x9a, 0x200, 0x1000, 0xfffffffc, 0x6, 0x10836cf7, 0x80000000, 0x8, 0x7, 0x2, 0x4, 0x9, 0x1, 0x2, 0x2, 0x8001, 0x6, 0x0, 0xde16, 0x10000, 0xb119, 0x3, 0x8, 0x101, 0x0, 0x4, 0xe6, 0xde1, 0x4, 0x2, 0x1000, 0x7f, 0xd, 0x1, 0x7e3, 0xf8, 0x0, 0xba8, 0xffff, 0x5, 0x9, 0x40, 0x400, 0x9, 0xffff0, 0x80000001, 0x6, 0x5, 0x800, 0x3, 0x8b, 0x38000, 0x1, 0x6, 0x400, 0x6, 0x3, 0x7, 0x5, 0x5, 0x4, 0x4, 0x7, 0x401, 0xec28, 0x5afa14c0, 0x4, 0x5, 0x2, 0xffffffff, 0x55a2, 0xffffffff, 0x1, 0xa2b, 0x0, 0x7f, 0x7, 0x9, 0xffffffff, 0x9, 0x10000, 0x0, 0x1, 0x1000, 0xffffff80, 0x4, 0x0, 0x2, 0x4, 0x3, 0x2, 0x3c, 0x4, 0xfffffffc, 0x7, 0x9, 0x746d, 0x3, 0x1, 0x8, 0x8, 0x5, 0xffffff4d, 0x4, 0x80, 0x7fff, 0x0, 0x6, 0x4fbf70ed, 0x8df, 0x7, 0x3, 0xb4, 0x170]}]}]}}, @TCA_RATE={0x6, 0x5, {0xc3, 0x5}}]}, 0x490}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r13, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000071}, 0x4008000)
fspick(r7, &(0x7f0000000240)='./cgroup\x00', 0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

14.078315804s ago: executing program 1 (id=2547):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
setfsgid(0xee00)
r0 = syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000480)='net/sockstat\x00')
iopl(0x3)
setitimer(0x0, 0x0, 0xffffffffffffffff)
fchdir(r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x300, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e77, 0x20000000, 0x94a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x10000}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = gettid()
sched_setscheduler(r2, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}, {0xa}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8050}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002040)=@newtfilter={0x48, 0x2c, 0x800, 0x70bd24, 0x2000000, {0x0, 0x0, 0x0, r8, {0x4}, {0xffff}, {0x9, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_ADDEND={0x8}, @TCA_FLOW_ACT={0x4}, @TCA_FLOW_KEYS={0x8, 0x1, 0xaaa4}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20028801}, 0x20040054)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000300)=[{{&(0x7f0000000400)=@l2tp={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000000280)=[{&(0x7f00000006c0)=""/248, 0xf8}, {&(0x7f0000000180)=""/5, 0x5}, {&(0x7f00000007c0)=""/202, 0xca}], 0x3, &(0x7f0000000940)=""/100, 0x64}, 0xfffffffe}], 0x1, 0x10101, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1f00000000000000000000000010000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000008a8b722d4e74635569f1ca7b360e8bf8f6d3a80a9eea97d1abbd3b9600496bcc5cbde7b30b4592265f5af68f58b17b2934d772a9"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0x6, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000850000008600000095000000000000001b958b536a991aae3c72d0d789346eeb910edfd9712dcbdc2ae32e211d844dde64d096c58532fb1cf149f801463fe1674b69da12f4a846f5d74e062999865fc6de40b1af6b4949770db212772ad76c32bcc23e4da87cb4b1780e0f70e4840dff092ecc4bac51f7174656d2ad6bdf4fb9cfba18b0f7290b2072e88238b028bffbd75d6131b2c10ea07f4f8355ff9e5a792d682b799fa0edb25b06eef7b3d1b5324b97633062a3f934c1a65d5721bf5caa17b13d4c29b6a9a394f0107bc5e317fee64fc674d76efa4368cdbf5ea6d7758c94a8d788"], &(0x7f0000000000)='GPL\x00'}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)

13.746878689s ago: executing program 1 (id=2549):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_QBUF(r0, 0xc04c560f, &(0x7f0000000280)=@multiplanar_userptr={0x7, 0xd, 0x4, 0x8, 0x2, {<r1=>0x0, 0xea60}, {0x4, 0x0, 0x3a, 0xe4, 0xf9, 0x1, "1f4552c9"}, 0x0, 0x2, {&(0x7f0000000200)=[{0xff, 0x9c8, {&(0x7f00000000c0)}, 0x9}, {0x1, 0xd1d6, {&(0x7f0000000140)}, 0x7}]}, 0x3, 0x0, r0})
mkdir(&(0x7f0000002200)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',group_id=', @ANYBLOB="2c726f6f746d6f243030303030303034303030302c90454ae8b42a816700"/42, @ANYRESDEC=0x0, @ANYRESHEX=r2, @ANYRESDEC=0x0])
write$FUSE_NOTIFY_STORE(r2, &(0x7f00000003c0)={0x28, 0x4, 0x0, {0x1, 0x1}}, 0x28)
ioctl$FS_IOC_SETFLAGS(r0, 0x40046f41, &(0x7f0000000440)=0x10)

13.65220584s ago: executing program 1 (id=2550):
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@beacon={{{}, {}, @device_b}, 0xfffffffffffffffd, @default, 0x1001, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0xb}]}, @void, @void, @void, @val={0x5, 0x3, {0x5, 0xdd}}, @void, @val={0x2a, 0x1, {0x1, 0x1}}, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfd}}, @val={0x76, 0x6, {0x1, 0x9, 0x25, 0xe}}}, 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0x3}, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000400)={0xf9, 0x2, {0xffffffffffffffff}, {<r6=>0xffffffffffffffff}, 0x2, 0x1})
quotactl_fd$Q_QUOTAOFF(r3, 0xffffffff80000300, r6, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001780)={0xfdda, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x0, 0x118, 0x2e}]}, 0x28}}, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00')
fchdir(r10)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r13=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000090400"/20, @ANYRES32=r13, @ANYBLOB="020000000000000024001280110001006272696467655f736c617665000000000c00058005002b"], 0x44}, 0x1, 0x0, 0x0, 0x4801}, 0x80)
setsockopt$inet_IP_XFRM_POLICY(r10, 0x0, 0x11, &(0x7f0000000440)={{{@in=@broadcast, @in=@private=0xa010102, 0x4e23, 0x0, 0x4e21, 0x9, 0xa, 0xa0, 0x0, 0x67, r13, r6}, {0x6, 0x7e, 0x985d, 0x2d6, 0x6, 0x5, 0x10000, 0x2}, {0x6c4, 0x80000001, 0x350, 0x8}, 0xccb0, 0x6e6bb0, 0x1, 0x0, 0x2, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}, 0x4d5, 0xff}, 0xa, @in=@broadcast, 0x3507, 0x0, 0x3, 0x80, 0x2, 0x7, 0xe}}, 0xe4)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_STATION(r14, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)={0x4c, r1, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x18, 0x26}}}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0xc, 0x13, [{0xb, 0x1}, {0x6}, {0x1, 0x1}, {0x48, 0x1}, {0x1}, {0x60}, {0x48}, {0x2, 0x1}]}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x3}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x1}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x9048439c430d477b}, 0x4060080)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_ASSOCIATE(r0, 0x0, 0x850)

13.029231453s ago: executing program 1 (id=2554):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
setpgid(0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x3, &(0x7f0000002480))
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r4=>0x0})
quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000000280)=@rnullb, r2, &(0x7f00000002c0))
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000010c0)=ANY=[@ANYBLOB="c8010000eb000100"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000a8011a80400002803c000180080021000000000008001800000000003800030000000000080009000000000008000c0000000000380012000000000008001f000000000060000a8014000700fc01000000000000000000000000000000000700fe800000000000000000000000000000b3fd0700200100000000000000000000000000010500080000000000050008000000000014000700fc02000000000000000000000000000005000800000000000400070000001c002c000a8014000700fc00000000000000000000000000000014000700ff0100000000000000000000000000012800028056000180080000000000000008000000000000000800000000000000080000000000000004001c0000000700"], 0x1c8}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sync()
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f00000000c0)=@v={0x93, 0x9, 0x80, 0xd, @MIDI_NOTEON=@note=0x43, 0x5, 0x8d2d})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x5, 0x81, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
read$FUSE(r5, &(0x7f0000008880)={0x2020}, 0x2020)

2.061703074s ago: executing program 4 (id=2607):
r0 = userfaultfd(0x801)
syz_io_uring_setup(0x14c4, &(0x7f0000000140)={0x0, 0x42fc, 0x200, 0x8, 0x10a}, 0x0, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
r1 = socket$kcm(0x10, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040f047901065596682c772e3afa60bd04e1170d8a51fda9b4035077d0b7ac6c1d77725b143693ebb862c894ecbffdf73993469936950dd6b103d21f657978b72951990abb4d0900b47c12a6b0fd0d87d52e6e76e1981a6aec6674885e64c860de5bba536fc7d34471e42a60fe4094a69956cc4a61eee015aa3072b577c88665b6233ad96a65c533cd6da1c8140dc9"], 0x7)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba", 0x29}], 0x1, 0x0, 0x0, 0xc9e}, 0x80)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = socket$caif_seqpacket(0x25, 0x5, 0x3)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x8901, &(0x7f0000000040)={r3})
sendmsg$inet(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)='h', 0x1}], 0x1}, 0x4815)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x6ea, 0x7, 0x1, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000015006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket(0x8, 0x1, 0x2)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r6, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1b, 0x0, &(0x7f0000000240))
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x1, 0x5, 0x9}}, 0x28)

2.059004652s ago: executing program 4 (id=2608):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$CDROM_LOCKDOOR(r0, 0x5329, 0x0)
ioctl$CDROMEJECT(r0, 0x5309)
bpf$MAP_CREATE(0x0, &(0x7f00000024c0)=ANY=[], 0x50)
ioctl$CDROMEJECT_SW(r0, 0x530f, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000140), 0xffffffff, 0x0)

1.862028578s ago: executing program 4 (id=2609):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000900)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "768fc5d0efb7f82cc9a57b4f9746bcbc88c1cc681c88f3a113a38e12e2332f10d481a5076eed91de9f6aea516e0e6599fd9c9022436cab017b5cc0435ae6508737978d76a52acee9285348feff6a1bd44ef680ecdcc7f9f03d5f13736d09247683f52146ec81bff38cd29ef7a452ffff4681f6f872ae1c9e742503cf83d3a0f6ba605bec0528b8b8ae1fc5c7c4a5619739acac1df0dd32346c75429e3899968ee07612aa52a05a1b6ba109d24861e108fe7d364d197bc535216cef12f2bd64d6ed252d1f5b46f752eb81792cb7d39e4b1f31cded98b4871e53b2cae7d241b3448d8067e77e7b912207fd73ca6212a77edb197c83dae343b6bf1070783cc1fc45"}, @TCA_RED_PARMS={0x14, 0x1, {0x8, 0x3ff, 0x80, 0x12, 0x20, 0x17, 0x1}}]}}]}, 0x148}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x15)
writev(r5, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff060000000100", 0x16}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b", 0x19}], 0x2)
socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(0x0, 0xffffffffffffff2b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a", 0x1)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x2000, 0x202, 0x158}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1002, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r9, 0xc0145608, &(0x7f00000000c0)={0x8, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r9, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x0, 0x700, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2063569a"}, 0x700})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r6, 0x8000000006, 0x0, 0xe448})

943.132903ms ago: executing program 3 (id=2615):
r0 = socket(0x10, 0x3, 0x0)
ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000040))
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000405000000000800040001000000", 0x24)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xf, r1, 0x0, &(0x7f00000003c0))

881.707945ms ago: executing program 3 (id=2616):
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

866.428817ms ago: executing program 4 (id=2617):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000003040)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x80, 0x0, 0x0, &(0x7f0000003080)=[{0xc, 0x0, 0x1}], 0xc}}], 0x1, 0x1100)

821.477344ms ago: executing program 4 (id=2618):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$urandom(0xffffff9c, &(0x7f0000000000), 0x88800, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

820.926577ms ago: executing program 3 (id=2619):
r0 = syz_open_dev$cec(&(0x7f0000000200), 0xffffffffffffffff, 0x4ae60)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000140)={"4497a16a", 0xb, 0x0, 0x0, 0x3, 0x1000004, "550096060032854654db00", "1575a859", "0725eade", '\'q6M', ["aabe8459c62224475793e8a7", "7f9ce2d2c4f439ff80e1d1c8", "fa0700f22b42a3023be516d1", "000000fc00"]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='attr/fscreate\x00')
pread64(r2, 0x0, 0x0, 0x1000000300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000000600000000000000000000d31800000001000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x40}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {0x7fffffffffffffff}}, './file0\x00'})
r4 = getpid()
syz_pidfd_open(r4, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x6})
r5 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x1}, 0xc)
setns(r3, 0x20000)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64], &(0x7f0000000300)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = openat$vcsa(0xffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r9, {0x6}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r7, 0xb, &(0x7f0000000340)=[@ioring_restriction_sqe_flags_required={0x3, 0x10}, @ioring_restriction_sqe_flags_allowed={0x2, 0x8}, @ioring_restriction_sqe_flags_required={0x3, 0xb}, @ioring_restriction_register_op={0x0, 0x2}, @ioring_restriction_sqe_op={0x1, 0x16}, @ioring_restriction_sqe_op={0x1, 0x19}], 0x6)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x884}, 0x40090)

820.205741ms ago: executing program 4 (id=2620):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0xae}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76"])
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000280)=[{{0x2, 0x0, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2}, {0x3, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x0, 0x1}, {0x3}}, {{0x3, 0x0, 0x0, 0x1}, {0x2, 0x1}}, {{}, {0x1, 0x0, 0x1, 0x1}}, {{0x4, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x30)
r7 = dup(r6)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
r8 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1})
sendmsg$inet6(r6, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, 0x0, 0x0)
r9 = dup(r6)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x3, 0xfffc, 0xe652, 0x2, 0x85, 0x8, 0xff}, 0x9c)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}}, 0x1c}}, 0x0)

814.535741ms ago: executing program 3 (id=2621):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="c10e000018001f06", 0x8, 0x4000000, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000010a"], 0x14}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
recvmmsg(r0, &(0x7f00000058c0)=[{{0x0, 0x0, 0x0}, 0x1a}], 0x1, 0x40002160, 0x0)

737.751422ms ago: executing program 3 (id=2622):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000040000000000000000000095000000000000009c3fd9e3783ce18cd2024d3c871f4d8413b187d0c96a649b7f658b197e47bbe946d8a52170fb62352edd35fe2ff5cdc4d49b9b041e97986cc998d938925a01c7b115082cb1f82c018b4de59ad726a6aba8806dc2951f79359555e1b880c0d3a562f741332738b0b789eff8bbc6a6e7e624c76ccfc747ddfb57e75876344bce54cec2af42d8f14c5a0608dfa7ca4562df5c3172a34975b77e63ec0a2f7cda408ea001808dde5e29e834bee4a39291581cd132bba156c059f8a4f29588aeb1f88dd42cd8ec570c3341cb6a1d75f789f499be76f7e234dbb80f45f4d29032ebfcea000000000000000000eb16b915ab97987bda390fa7754873816d752f04334ead9283993aa719cd393ee28c83de30d1577a"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000000)={0x24, @none={0x0, 0x2}}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="003409fa", @ANYRES16=r3, @ANYBLOB="01000000000000000000530000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00000000000600110000000000"], 0x44}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@deltaction={0x24, 0x30, 0xec1ba69ffcd4df1, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x24}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='contention_begin\x00', r0}, 0x18)
r5 = fsopen(&(0x7f0000000440)='nfsd\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$unix(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000180)="bc14", 0x2}], 0x1, 0x0, 0x0, 0x4000010}, 0x20004011)
recvmsg$unix(r6, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40002002)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r8}})
close_range(r5, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080)={<r10=>0xffffffffffffffff})
r11 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r11, 0x0, 0x0)
r12 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x6404c0, 0x0)
splice(r10, 0x0, r12, 0x0, 0x33fe0, 0x0)

554.395361ms ago: executing program 3 (id=2623):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x81)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000002c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000640)=0x10)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = socket$inet6(0xa, 0x3, 0xa)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r4, 0x0, 0x0)
sendmmsg(r4, &(0x7f00000039c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1000000084008dbc334de7f973645a3c8d9e7f035a00000000"], 0x10}}], 0x1, 0x400c0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
recvmsg$kcm(r5, 0x0, 0x0)
recvmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x40000100)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x40)
open_tree(0xffffffffffffffff, 0x0, 0x89101)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

254.599431ms ago: executing program 2 (id=2625):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='mm_shrink_slab_end\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
setpriority(0x0, 0x0, 0xacf0165)
r1 = openat$btrfs_control(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000300)={0x2020, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
setfsgid(r2)

164.438564ms ago: executing program 2 (id=2626):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r1}, 0x18)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prlimit64(0x0, 0x0, 0x0, &(0x7f00000000c0))
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
dup(r0)

162.149695ms ago: executing program 2 (id=2627):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

84.465798ms ago: executing program 2 (id=2628):
setuid(0xee00)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xffffffff, 0x0, 0x1002, 0x80000000}})
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x70, 0x2, 0x3, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x1}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x54}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x5, 0x2}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x10}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x0, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x2, 0x0, 0x26}}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x21}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x9}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0xf}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0xa}]}, 0x70}, 0x1, 0x0, 0x0, 0x1d}, 0x0)
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000100), r1)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b0027"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000005c0)=0x1f, 0x4)

80.485612ms ago: executing program 2 (id=2629):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001980)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a34000000060a0b0400000000000000000200000008000940000000010900010073797a30000000000900020073797a3200000000540000001c0a01010000000000000000020000020c00034000000000000000011c000580080001400000005c080002400000000308000140000088480900020073797a32000000000900010073797a30"], 0x3ed4}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
syz_emit_ethernet(0xa6, &(0x7f00000002c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\b\x00', 0x70, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, [{0x3, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "ffffffffff60000000000000"}]}}}}}}, 0x0)

0s ago: executing program 2 (id=2630):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000002000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001e40)={0x1c, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000c40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0xc40, 0x0)
ioctl$CDROMREADAUDIO(r4, 0x530e, &(0x7f0000000180)={@msf={0x4}, 0x3, 0x0, 0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @multicast1}}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0xb00, 0x12)

kernel console output (not intermixed with test programs):

44.704735][   T40] audit: type=1326 audit(1760001165.620:24179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.707954][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1926'.
[  444.714378][   T40] audit: type=1326 audit(1760001165.620:24180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.717492][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1926'.
[  444.728558][   T40] audit: type=1326 audit(1760001165.620:24181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.739486][   T40] audit: type=1326 audit(1760001165.620:24182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.747482][   T40] audit: type=1326 audit(1760001165.620:24183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.755226][   T40] audit: type=1326 audit(1760001165.620:24184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.764702][   T40] audit: type=1326 audit(1760001165.620:24185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12697 comm="syz.0.1923" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  444.879330][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  444.972895][T12709] Mount JFS Failure: -22
[  444.974849][T12709] jfs_mount failed w/return code = -22
[  445.392363][ T5957] Bluetooth: hci4: command 0x0c1a tx timeout
[  445.435152][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  445.669677][T12721] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1930'.
[  445.675108][T12721] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1930'.
[  445.685042][T12721] hsr_slave_0: left promiscuous mode
[  445.688257][T12721] hsr_slave_1: left promiscuous mode
[  445.980817][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  446.233454][T12732] raw_sendmsg: syz.2.1932 forgot to set AF_INET. Fix it!
[  446.536785][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  446.701547][T12734] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1933'.
[  446.977609][T12741] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1934'.
[  446.999373][T12740] batadv_slave_0: entered promiscuous mode
[  447.083195][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  447.309333][T12758] bridge0: port 3(syz_tun) entered blocking state
[  447.312927][T12758] bridge0: port 3(syz_tun) entered disabled state
[  447.316149][T12758] syz_tun: entered allmulticast mode
[  447.323361][T12758] syz_tun: entered promiscuous mode
[  447.328280][T12758] bridge0: port 3(syz_tun) entered blocking state
[  447.331832][T12758] bridge0: port 3(syz_tun) entered forwarding state
[  447.626807][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  447.635330][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  447.886369][T12767] FAULT_INJECTION: forcing a failure.
[  447.886369][T12767] name failslab, interval 1, probability 0, space 0, times 0
[  447.891944][T12767] CPU: 1 UID: 0 PID: 12767 Comm: syz.0.1944 Not tainted syzkaller #0 PREEMPT(full) 
[  447.891970][T12767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  447.891981][T12767] Call Trace:
[  447.891990][T12767]  <TASK>
[  447.891999][T12767]  dump_stack_lvl+0x16c/0x1f0
[  447.892029][T12767]  should_fail_ex+0x512/0x640
[  447.892053][T12767]  ? fs_reclaim_acquire+0xae/0x150
[  447.892079][T12767]  should_failslab+0xc2/0x120
[  447.892107][T12767]  __kmalloc_noprof+0xdd/0x880
[  447.892137][T12767]  ? tomoyo_encode2+0x100/0x3e0
[  447.892162][T12767]  ? tomoyo_encode2+0x100/0x3e0
[  447.892181][T12767]  tomoyo_encode2+0x100/0x3e0
[  447.892204][T12767]  tomoyo_encode+0x29/0x50
[  447.892223][T12767]  tomoyo_realpath_from_path+0x18f/0x6e0
[  447.892254][T12767]  ? tomoyo_profile+0x47/0x60
[  447.892280][T12767]  tomoyo_path_number_perm+0x245/0x580
[  447.892308][T12767]  ? tomoyo_path_number_perm+0x237/0x580
[  447.892339][T12767]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  447.892396][T12767]  ? find_held_lock+0x2b/0x80
[  447.892416][T12767]  ? hook_file_ioctl_common+0x145/0x410
[  447.892452][T12767]  ? __fget_files+0x20e/0x3c0
[  447.892476][T12767]  security_file_ioctl_compat+0x9b/0x240
[  447.892509][T12767]  __ia32_compat_sys_ioctl+0xc3/0x370
[  447.892542][T12767]  __do_fast_syscall_32+0x7c/0x300
[  447.892603][T12767]  do_fast_syscall_32+0x32/0x80
[  447.892626][T12767]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  447.892651][T12767] RIP: 0023:0xf7fe7579
[  447.892667][T12767] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  447.892687][T12767] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  447.892706][T12767] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80
[  447.892718][T12767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  447.892730][T12767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  447.892741][T12767] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  447.892753][T12767] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  447.892781][T12767]  </TASK>
[  447.892808][T12767] ERROR: Out of memory at tomoyo_realpath_from_path.
[  448.076299][T12772] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1946'.
[  448.182640][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  448.194019][T12769] netlink: 'syz.3.1945': attribute type 1 has an invalid length.
[  448.218612][T12769] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1945'.
[  448.279600][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1948'.
[  448.459278][T12798] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan1, syncid = 0, id = 0
[  448.732289][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  448.797256][T12809] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1955'.
[  448.869122][T12809] batadv1: entered allmulticast mode
[  448.878864][T12812] overlayfs: missing 'lowerdir'
[  448.969186][T12815] netlink: 'syz.3.1961': attribute type 3 has an invalid length.
[  449.053310][T12817] IPVS: stopping backup sync thread 12798 ...
[  449.284076][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  449.829048][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  449.839832][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  450.411750][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  450.962527][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  451.307071][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  451.307117][   T40] audit: type=1400 audit(1760001171.813:24221): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=12835 comm="syz.1.1968"
[  451.351856][   T40] audit: type=1400 audit(1760001171.831:24222): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=12835 comm="syz.1.1968"
[  451.508511][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  452.248369][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  452.393851][T12853] Mount JFS Failure: -22
[  452.407011][T12853] jfs_mount failed w/return code = -22
[  452.802561][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  452.986718][T12863] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  452.993882][   T68] block nbd0: Possible stuck request ffff8880260a5080: control (read@0,1024B). Runtime 60 seconds
[  452.998386][   T68] block nbd0: Possible stuck request ffff8880260a5240: control (read@1024,1024B). Runtime 60 seconds
[  453.003535][   T68] block nbd0: Possible stuck request ffff8880260a5400: control (read@2048,1024B). Runtime 60 seconds
[  453.007406][   T68] block nbd0: Possible stuck request ffff8880260a55c0: control (read@3072,1024B). Runtime 60 seconds
[  453.015611][T12863] Invalid ELF header type: 3 != 1
[  453.346233][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  453.905358][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  454.169975][   T40] audit: type=1326 audit(1760001174.488:24223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.180359][   T40] audit: type=1326 audit(1760001174.488:24224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.191212][   T40] audit: type=1326 audit(1760001174.488:24225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.203419][   T40] audit: type=1326 audit(1760001174.488:24226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.213624][   T40] audit: type=1326 audit(1760001174.488:24227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.223303][   T40] audit: type=1326 audit(1760001174.488:24228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.231522][   T40] audit: type=1326 audit(1760001174.488:24229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.241263][   T40] audit: type=1326 audit(1760001174.488:24230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12877 comm="syz.3.1978" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  454.447962][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  454.824867][T12884] overlayfs: failed to resolve './file1': -2
[  454.892412][T12886] netlink: 'syz.0.1981': attribute type 1 has an invalid length.
[  454.895858][T12886] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1981'.
[  455.004017][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  455.548458][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  455.840326][T12901] Mount JFS Failure: -22
[  455.842482][T12901] jfs_mount failed w/return code = -22
[  456.021879][T12906] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1986'.
[  456.025798][T12906] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1986'.
[  456.108180][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  456.649706][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  456.664858][T12919] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  456.679962][T12919] Invalid ELF header type: 3 != 1
[  457.195125][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  457.447973][T12921] Mount JFS Failure: -22
[  457.450059][T12921] jfs_mount failed w/return code = -22
[  457.797027][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  458.073413][T12927] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1990'.
[  458.241958][T12929] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  458.330929][T12938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1990'.
[  458.338971][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  458.489293][T12945] 9pnet_fd: Insufficient options for proto=fd
[  458.610904][T12952] bridge_slave_0: entered promiscuous mode
[  458.617720][ T5957] Bluetooth: hci2: unexpected event for opcode 0x0c2d
[  458.620500][   T40] kauditd_printk_skb: 52 callbacks suppressed
[  458.620515][   T40] audit: type=1326 audit(1760001178.650:24283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.635409][   T40] audit: type=1326 audit(1760001178.660:24284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.643671][   T40] audit: type=1326 audit(1760001178.660:24285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.643723][T12952] siw: device registration error -23
[  458.652539][   T40] audit: type=1326 audit(1760001178.660:24286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.662919][   T40] audit: type=1326 audit(1760001178.660:24287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.670258][   T40] audit: type=1326 audit(1760001178.660:24288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.676669][T12951] bridge_slave_0: left promiscuous mode
[  458.677836][   T40] audit: type=1326 audit(1760001178.660:24289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.687826][   T40] audit: type=1326 audit(1760001178.660:24290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.696549][   T40] audit: type=1326 audit(1760001178.660:24291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.704344][   T40] audit: type=1326 audit(1760001178.660:24292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12942 comm="syz.0.1991" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  458.884706][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  459.431599][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  459.836038][T12973] Invalid ELF header type: 3 != 1
[  459.965117][T12975] dummy0: entered promiscuous mode
[  459.976631][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  460.157993][T12974] dummy0: left promiscuous mode
[  460.519709][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  461.066234][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  461.190031][T12989] autofs4:pid:12989:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.768), cmd(0xc0189375)
[  461.212910][T12989] autofs4:pid:12989:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375)
[  461.327683][T12988] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2006'.
[  461.360421][T12993] netlink: 'syz.0.2004': attribute type 4 has an invalid length.
[  462.167102][ T8549] net_ratelimit: 1 callbacks suppressed
[  462.167118][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  462.281545][T13006] veth1_to_bond: entered allmulticast mode
[  462.291472][T13006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2011'.
[  462.293073][T13005] siw: device registration error -23
[  462.401760][T13008] fuse: Unknown parameter '0x0000000000000003'
[  462.722313][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  462.925052][ T5960] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  462.928350][ T5960] Bluetooth: hci2: Injecting HCI hardware error event
[  462.933404][ T5957] Bluetooth: hci2: hardware error 0x00
[  463.177662][T13006] bond0: (slave bond_slave_1): Releasing backup interface
[  463.220716][T13014] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2012'.
[  463.267471][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  463.378860][T13021] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  463.390451][T13021] Invalid ELF header type: 3 != 1
[  463.812509][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  463.944113][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  464.817954][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  465.057105][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  465.057121][   T40] audit: type=1804 audit(1760001184.665:24349): pid=13040 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2017" name="/newroot/34/file0/file0" dev="9p" ino=72876341 res=1 errno=0
[  465.138657][ T5957] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  465.335434][T13049] overlayfs: missing 'lowerdir'
[  465.373471][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  465.401586][T13051] 9pnet_fd: Insufficient options for proto=fd
[  465.918578][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  466.443620][T13062] autofs: Unknown parameter '­ŠÃÂVJ'
[  466.463889][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  466.472174][T13064] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  466.474799][T13064] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  466.479778][T13064] vhci_hcd vhci_hcd.0: Device attached
[  466.485447][T13064] Device name cannot be null; rc = [-22]
[  466.730275][T13065] vhci_hcd: connection closed
[  466.730817][ T1134] usb 41-1: new low-speed USB device number 4 using vhci_hcd
[  466.731070][ T8555] vhci_hcd: stop threads
[  466.737985][ T8555] vhci_hcd: release socket
[  466.740361][ T8555] vhci_hcd: disconnect device
[  467.020680][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  467.039867][T13077] Invalid ELF header type: 3 != 1
[  467.566198][T13081] ieee802154 phy1 wpan1: encryption failed: -22
[  467.575503][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  467.788180][T13084] FAULT_INJECTION: forcing a failure.
[  467.788180][T13084] name failslab, interval 1, probability 0, space 0, times 0
[  467.795550][T13084] CPU: 3 UID: 0 PID: 13084 Comm: syz.0.2029 Not tainted syzkaller #0 PREEMPT(full) 
[  467.795575][T13084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  467.795585][T13084] Call Trace:
[  467.795592][T13084]  <TASK>
[  467.795599][T13084]  dump_stack_lvl+0x16c/0x1f0
[  467.795644][T13084]  should_fail_ex+0x512/0x640
[  467.795666][T13084]  ? __kmalloc_cache_noprof+0x5f/0x780
[  467.795695][T13084]  should_failslab+0xc2/0x120
[  467.795716][T13084]  __kmalloc_cache_noprof+0x72/0x780
[  467.795741][T13084]  ? bpf_raw_tp_link_attach+0x191/0x630
[  467.795763][T13084]  ? bpf_raw_tp_link_attach+0x191/0x630
[  467.795779][T13084]  bpf_raw_tp_link_attach+0x191/0x630
[  467.795796][T13084]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  467.795812][T13084]  ? find_held_lock+0x2b/0x80
[  467.795829][T13084]  ? __fget_files+0x204/0x3c0
[  467.795856][T13084]  ? fput+0x9b/0xd0
[  467.795877][T13084]  ? __bpf_prog_get+0x97/0x2a0
[  467.795900][T13084]  __sys_bpf+0x20c1/0x4980
[  467.795921][T13084]  ? __pfx___sys_bpf+0x10/0x10
[  467.795937][T13084]  ? find_held_lock+0x2b/0x80
[  467.795957][T13084]  ? find_held_lock+0x2b/0x80
[  467.795980][T13084]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  467.796013][T13084]  ? fput+0x9b/0xd0
[  467.796037][T13084]  ? ksys_write+0x1ac/0x250
[  467.796052][T13084]  ? __pfx_ksys_write+0x10/0x10
[  467.796072][T13084]  __ia32_sys_bpf+0x76/0xe0
[  467.796090][T13084]  __do_fast_syscall_32+0x7c/0x300
[  467.796112][T13084]  do_fast_syscall_32+0x32/0x80
[  467.796131][T13084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  467.796151][T13084] RIP: 0023:0xf7fe7579
[  467.796165][T13084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  467.796180][T13084] RSP: 002b:00000000f54d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  467.796196][T13084] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000040
[  467.796205][T13084] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  467.796215][T13084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  467.796223][T13084] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  467.796233][T13084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  467.796254][T13084]  </TASK>
[  468.168330][T13091] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  468.357699][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  468.415195][T13099] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2033'.
[  468.419654][T13099] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2033'.
[  468.701741][T13118] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2037'.
[  468.705945][T13115] lo speed is unknown, defaulting to 1000
[  468.748681][   T40] audit: type=1326 audit(1760001188.117:24350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  468.757624][   T40] audit: type=1326 audit(1760001188.117:24351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  468.776094][T13125] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2038'.
[  468.780781][T13125] IPv6: Can't replace route, no match found
[  468.901421][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  468.925005][T13122] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  468.928557][T13122] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  468.943768][T13122] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  468.944030][   T40] audit: type=1326 audit(1760001188.276:24352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.065699][   T40] audit: type=1326 audit(1760001188.276:24353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.077163][   T40] audit: type=1326 audit(1760001188.276:24354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.092034][   T40] audit: type=1326 audit(1760001188.276:24355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.103729][   T40] audit: type=1326 audit(1760001188.276:24356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.155332][   T40] audit: type=1326 audit(1760001188.276:24357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.184957][   T40] audit: type=1326 audit(1760001188.276:24358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.2036" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  469.392821][   T29] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  469.478698][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  469.553134][   T29] usb 6-1: Using ep0 maxpacket: 8
[  469.575612][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  469.578248][   T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  469.604460][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  469.636764][   T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.644114][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  469.664082][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  469.681948][   T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  469.687479][   T29] usb 6-1: config 168 interface 0 has no altsetting 0
[  469.692263][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  469.700974][   T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  469.707481][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  469.713122][   T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.720139][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  469.724872][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  469.730359][   T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  469.737472][   T29] usb 6-1: config 168 interface 0 has no altsetting 0
[  469.741787][   T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  469.746180][   T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  469.750928][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  469.757713][   T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  469.769906][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  469.775002][   T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  469.780441][   T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  469.784879][   T29] usb 6-1: config 168 interface 0 has no altsetting 0
[  469.790456][   T29] usb 6-1: string descriptor 0 read error: -22
[  469.792763][   T29] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  469.795613][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  469.804898][   T29] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  469.899174][T13143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2044'.
[  470.025460][   T29] usb 6-1: USB disconnect, device number 5
[  470.043537][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  470.475937][T13155] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2047'.
[  470.480035][T13155] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2047'.
[  470.484575][T13155] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2047'.
[  470.591002][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  470.636835][T13160] tmpfs: Unknown parameter 'nos�ap'
[  471.135654][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  471.630339][T13178] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  471.691435][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  472.225805][ T1134] vhci_hcd: vhci_device speed not set
[  472.236930][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  473.327029][ T8555] net_ratelimit: 1 callbacks suppressed
[  473.327097][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  473.464759][T13196] Mount JFS Failure: -22
[  473.467213][T13196] jfs_mount failed w/return code = -22
[  473.884504][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  474.098152][T13230] --map-set only usable from mangle table
[  474.428235][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  474.539547][T13223] Mount JFS Failure: -22
[  474.541790][T13223] jfs_mount failed w/return code = -22
[  474.984646][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  475.246487][T13256] tipc: Enabled bearer <ib:caif0>, priority 10
[  475.540058][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  476.021547][T13271] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2076'.
[  476.096020][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  476.108259][T13273] bond0: entered promiscuous mode
[  476.112169][T13273] batadv0: entered promiscuous mode
[  476.116105][T13273] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  476.121257][T13273] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  476.125385][T13273] hsr1: entered allmulticast mode
[  476.127536][T13273] bond0: entered allmulticast mode
[  476.130057][T13273] batadv0: entered allmulticast mode
[  476.132866][T13273] 8021q: adding VLAN 0 to HW filter on device hsr1
[  476.140067][T13273] bond0: left promiscuous mode
[  476.190107][T13273] batadv0: left promiscuous mode
[  476.315762][T13267] Mount JFS Failure: -22
[  476.317593][T13267] jfs_mount failed w/return code = -22
[  476.320916][ T6009] tipc: Node number set to 4269801473
[  476.651812][T13284] syzkaller0: entered promiscuous mode
[  476.654396][T13284] syzkaller0: entered allmulticast mode
[  476.662827][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  477.240849][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  477.785722][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  478.060447][T13300] VFS: Warning: syz.0.2085 using old stat() call. Recompile your binary.
[  478.340917][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  478.886124][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  479.480534][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  480.033890][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  480.575283][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  480.972449][T13332] Mount JFS Failure: -22
[  480.974634][T13332] jfs_mount failed w/return code = -22
[  481.422637][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  481.578388][T13339] mmap: syz.0.2094 (13339): VmData 37400576 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  481.970067][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  482.535666][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  482.811982][T13348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2096'.
[  483.077613][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  483.150023][T13305] bridge0: port 1(erspan0) entered blocking state
[  483.153324][T13305] bridge0: port 1(erspan0) entered disabled state
[  483.156309][T13305] erspan0: entered allmulticast mode
[  483.160040][T13305] erspan0: entered promiscuous mode
[  483.167000][T13308] erspan0: left allmulticast mode
[  483.169609][T13308] erspan0: left promiscuous mode
[  483.172263][T13308] bridge0: port 1(erspan0) entered disabled state
[  483.838238][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  484.082525][T13370] Mount JFS Failure: -22
[  484.084847][T13370] jfs_mount failed w/return code = -22
[  484.313502][T13382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2106'.
[  484.381830][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  484.498480][T13388] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2110'.
[  484.502143][T13388] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2110'.
[  484.784050][T13399] input: syz1 as /devices/virtual/input/input16
[  484.937416][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  485.437668][   T68] block nbd0: Possible stuck request ffff8880260a5080: control (read@0,1024B). Runtime 90 seconds
[  485.442820][   T68] block nbd0: Possible stuck request ffff8880260a5240: control (read@1024,1024B). Runtime 90 seconds
[  485.447652][   T68] block nbd0: Possible stuck request ffff8880260a5400: control (read@2048,1024B). Runtime 90 seconds
[  485.452554][   T68] block nbd0: Possible stuck request ffff8880260a55c0: control (read@3072,1024B). Runtime 90 seconds
[  485.465631][T13405] mkiss: ax0: crc mode is auto.
[  485.482715][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  486.012327][T13423] [U] 
[  486.014149][T13423] [U] K{‘
[  486.015730][T13423] [U] ät Ž1ÊàŠªFìÇÄfËŠî`GÊJç˜Ügö毹¬¡—þÈoÕñ/ümCç
[  486.019359][T13423] [U] tžØ–/,�~ˆÄœ­‹jõÿÊ}8îÊþ'o1�Ü"™7-î‚JQœK—¤Wºïqé5c%"¬H12–¦Y“„‰ž€ÊXÍ`ˆ‚íè¼`+³û(·â¿!(éûéz'àtXln»I®gÅj– °üÝ­·på~÷7í!‘Õò"ø¨Î¾ª(È5ˆObü¤‡ÍƒJÖ
[  486.025937][T13423] [U] ±k\&—}6£6œXîHX�¥ôµ„Ìþ.`¸a“$Û40|϶¿�9°øÞ¨„¯ÀÏU‚ò4�ôä®VbzÃð}ÌwÔM”TºŽíQŸýΦr’4”ÿ
[  486.038483][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  486.049103][T13423] [U] ".h6øÞ"Ökã‡[›‰¤ŒJá4çØI�n¨™[Z(•„C|Të]z{�â3Ÿc=»¨xîôžë…î4ßw‰)\T‘XJø�SH{q;ì¹¢…ötÔÇ+‹¦÷gíèÿ®d„.Ë‚³>yž�÷éwUh„fN—Ž�Çhl]SÔ2ŠÇÙ\g%ŠO¼&z)µðš'¨pul‚_<ã	¢Ø°‰ò®Ôå`Ò±TÔÁþœÐËþ;_ô"(‘u{7jœ¿2X ‘/€'ÝÙcÑÌõIº©ÀÏH¿c�Õ³žV¦=�‘AiÇ%w¼Esž RšŸjŠîœƒÚ”gÂ÷rÁ¹í¡hI
˜¢œaïì6-úD�úV¨á i"øånæ¨ þÚAsc~4Áª¹8cø*­OO5/ÿœJš~º§¡w—vK+¬®‰Œ3èÇY)Ž¹M°¸æv¶Ìyqæ½€DTr¯
Otpem%f×ÊejÍA5æÔT_-X~ ^aaÛ‚ò˜½qÖå
[  486.074311][T13423] [U] 	+�w‰G?]£Ó'a:	»Ú)Õ
ïó™“' B>t¢ ¡f/™÷<'èUÓ'–¼h§ié.+]eŸ.½-É¿ÿ¿Ò%÷è>2`¶^Uÿ8F.Š6¤Å3ÓØ+ËA¾Â««„°g3ÓpÂó6:�^0À�téèv÷'Eõt¼€ûâYC‰n¾þrÏ©ÞnèPj×;æZ†êôñû‘8!¯È\ù…¸AØÊ–2Á£$ðµ™Â­wi.Íç#ŠÈ/Bai¼�Ä`ðá4j’ôdîy@Óz„ügW÷5Ë¿Bĵٜ Nóy"vI2ûÌ
[  486.092067][T13423] [U] ôT¦_K5¸t¬YJÐþÎ9ðÕcÊ$brŸLúNul¶ü9wÈýÍ|žGå"ʃÆ%Çú¶êCªØ�°¶ºqîÙ
 ŸÇ3‹Æq¯ôN^HP*½Ü$	µ.Î7yÓ±œ2³
[  486.103480][T13423] [U] ½?�©ÿhüä*ÙÁ”Î3í�7Üé�¾^#Q�"0~‡‚ð(éoïXLŒb£,'vîÓ=‹ÝëCÌS«…’G‚S¶Þ0•Ö‚‹Ù`˜›žÙ‡Ÿ†=1(÷î¾™÷p#ò2DO*Ƀ
[  486.108519][T13423] [U] ©s¹“gžµ²¶“˜GuÐÔd-{¸™â|&“�®ŸŸñ�2µ›LÞc_©œ!`¨ÍozÖ¥¢B¶³%>êrñ¶öwï‡ýŽSsÂH"£yA4£O.šYÙÛä�„RTÔ¶ŒBÚ[+/<<R�B�Êäõ|ФeŽžÑÛ –V96#ûúÑͤê¦jºUº%
s851ƒ�þÒ©s�P±¨\£ƒ?qª|L�´QXµ0ÂKÔ1orÉ´2¡½|ÖüdÖFÌ¿»ù�ÚË2Þ”–¨×0ÌåH•}C[/¤»“Ÿpx^¼èo
[  486.120127][T13423] [U] ÖØ›·Ü—(JÅЛ•§mÛüxz˜;œ½±ÓÿØ�_¹»µÔ*3÷3…ß5¸\ƒxm³ÚU�‰AK!aQ`ß
[  486.646168][T13431] Mount JFS Failure: -22
[  486.648391][T13431] jfs_mount failed w/return code = -22
[  486.659055][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  486.739404][T13427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2119'.
[  486.743280][T13427] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2119'.
[  487.204141][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  487.749439][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  488.201732][T13464] sp0: Synchronizing with TNC
[  488.315552][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  488.864499][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  488.913481][T13474] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2132'.
[  489.416487][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  489.679029][T13491] Mount JFS Failure: -22
[  489.681256][T13491] jfs_mount failed w/return code = -22
[  489.975481][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  490.280196][T13512] bridge_slave_0: left allmulticast mode
[  490.282785][T13512] bridge_slave_0: left promiscuous mode
[  490.285506][T13512] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.291853][T13512] bridge_slave_1: left allmulticast mode
[  490.295133][T13512] bridge_slave_1: left promiscuous mode
[  490.297902][T13512] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.312211][T13512] bond0: (slave bond_slave_0): Releasing backup interface
[  490.315769][T13514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2140'.
[  490.324796][T13512] batman_adv: batadv0: Removing interface: batadv_slave_0
[  490.330368][T13512] batman_adv: batadv0: Removing interface: batadv_slave_1
[  490.337690][T13512] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  490.468338][T13515] vlan0: entered promiscuous mode
[  490.471717][T13515] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  490.528202][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  490.612472][T13528] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  490.847238][T13529] ptrace attach of "/syz-executor exec"[5956] was attempted by "                                                                ú“\x0c¬¹H;¤'ýëãSde/È�|¥zPüÚиWåÌ\x0b”PŠ<ÇI7ô{‚ŸûWr•×¢Ó‡am�L5Ûï{ô„Þ¶-Ú¨ÜøžØ¸­…›¼»E“fŽYSõ7£?šVê½sˆëŒ\x0b†MÈüÚáÐ÷Æ`ÖÓðg‰ï°Ø±/â—’ýäUéµCŽÎ�öOGËDn›û\x07Âæw™¹m}O²ñq¦ã�¬�p×]ŒðK|I(Ùïó‹9¯/èk¾ìY_¡Ö¤vqyØóÿ×rƲÈ.+/ñnîyŠ]§6ÖB\x5c
*‰ÈõLo§Ÿ× …\x0a ¢BÚ\x0dáÛAnÿë¬õ\x0bptQU�olLê„ÓobBàÀM¦ñÖãóȹ.š»T3#(Dª\x1bªº˜™ä?-íMóŠMÞ\x0dÅ{ÞX¯óâ˜Lhl1G‡J(°ï‰Ÿ™\x0a˜«À¹\x07ê‚b\x0cf¸Û\x5c–L™e#ç½y„wÝO%Ë0õ¥,Ž¨zÇ‚œrÏ\x5cHô\x22ý@)EâlĪoª´=æÉ0}Æ|šö�¶—m ÀÉ~ŽM÷ÏUK\x0býQoDU1h$étïQf‘\x0b½;\x0bvNõT/ñörP£Àx0mþ؇dG>Ît5QêI§¡šÝ0kŸópžì”;†€Èî©tÒ>?7~ðéÕžþç8ç)>‡\x0a.Fâv\x5c0CPª{©\x07Ô­4OT)®¥ü%ù³DkfCkF ç±¥�;¡Ðm\x0c•vä\x0cTʪz5©ñmÖ¢´�—ïvÜÄà‰Ä«'c®üß^ت°g_\x0bÆ��…8±)c,¨(qøáeäB¾ðãã‘»SPt4äo¹ 
¾I„HwL#©–@mU¡pªE¢^aÒÉgh~d¬_ö­9\x07r|ÖçGJj+&Ò½k(‘\x07”êërnéE§4¼(ŸõÇó#ë×\x0b YÅβBÇäˆ\x0aЦ&ÆþRý�`µ?èóL1t¸Ž÷ÎÕ«wËÑ.Mç=3ª|G‹÷ƒ“sùmƒgî4`|\x22{б�춋¬½†1â[{�þȯw/B‹_g»6-òqyk*™o¯’\x0d\x5cc8ÀèÌÿ\x5c
[  490.936208][T13530] overlay: ./file1 is not a directory
[  491.084095][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  491.535303][T13535] overlayfs: failed to resolve './bus': -2
[  491.630204][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  492.185601][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  492.575741][T13551] Mount JFS Failure: -22
[  492.577757][T13551] jfs_mount failed w/return code = -22
[  492.763148][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  493.307719][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  493.408527][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  493.408551][   T40] audit: type=1326 audit(1760001467.034:24394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.501164][   T40] audit: type=1326 audit(1760001467.034:24395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.510334][   T40] audit: type=1326 audit(1760001467.034:24396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.520767][   T40] audit: type=1326 audit(1760001467.034:24397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.530111][   T40] audit: type=1326 audit(1760001467.034:24398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.543531][   T40] audit: type=1326 audit(1760001467.034:24399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.553931][   T40] audit: type=1326 audit(1760001467.034:24400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.563512][   T40] audit: type=1326 audit(1760001467.034:24401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.574556][   T40] audit: type=1326 audit(1760001467.034:24402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.584831][   T40] audit: type=1326 audit(1760001467.034:24403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.2.2155" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  493.851585][T13567] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  493.863927][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  494.282251][T13583] overlayfs: failed to resolve './bus': -2
[  494.408933][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  494.951451][T13588] lo speed is unknown, defaulting to 1000
[  495.000161][T13579] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  495.136006][T13591] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2160'.
[  495.137129][T13587] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  495.208465][T13598] random: crng reseeded on system resumption
[  495.531761][ T8555] net_ratelimit: 1 callbacks suppressed
[  495.531773][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  496.109895][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  496.654000][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  497.213216][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  497.405690][T13624] overlayfs: overlapping lowerdir path
[  497.756846][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  498.315102][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  498.867014][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  499.423023][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  499.968199][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  500.513233][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  501.059021][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  501.604301][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  501.990366][ T5353] udevd[5353]: worker [6787] /devices/virtual/block/nbd0 is taking a long time
[  502.148991][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  502.566139][T13640] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2173'.
[  502.576839][   T40] kauditd_printk_skb: 42 callbacks suppressed
[  502.576856][   T40] audit: type=1326 audit(1760001475.771:24446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.589817][   T40] audit: type=1326 audit(1760001475.771:24447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.611013][   T40] audit: type=1326 audit(1760001475.771:24448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.621697][   T40] audit: type=1326 audit(1760001475.771:24449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.631511][   T40] audit: type=1326 audit(1760001475.771:24450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.641945][   T40] audit: type=1326 audit(1760001475.771:24451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.651781][   T40] audit: type=1326 audit(1760001475.771:24452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.661836][   T40] audit: type=1326 audit(1760001475.771:24453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.671471][   T40] audit: type=1326 audit(1760001475.771:24454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.682685][   T40] audit: type=1326 audit(1760001475.771:24455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13653 comm="syz.3.2177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000
[  502.715623][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  503.180220][T13660] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2179'.
[  503.275401][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  503.275493][T13664] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  503.290730][T13664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2176'.
[  503.301850][ T6009] libceph: connect (1)[c::]:6789 error -101
[  503.304805][ T6009] libceph: mon0 (1)[c::]:6789 connect error
[  503.315918][T13659] delete_channel: no stack
[  503.383803][T13657] ceph: No mds server is up or the cluster is laggy
[  503.738216][T13674] overlayfs: failed to clone upperpath
[  503.827304][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  504.395446][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  504.940492][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  505.267028][T13700] netlink: 'syz.3.2189': attribute type 1 has an invalid length.
[  505.273991][T13700] overlayfs: failed to clone upperpath
[  505.495180][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  505.723698][T13704] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2191'.
[  505.829909][T13704] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  505.840688][T13704] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  505.845537][T13704] bond0 (unregistering): Released all slaves
[  506.061626][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  506.163796][T13709] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  506.262255][T13722] MPI: mpi too large (129928 bits)
[  506.606893][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  507.152109][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  507.708044][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  508.263917][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  508.819859][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  508.875362][T13766] fuse: Unknown parameter 'fe'
[  509.368784][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  509.910301][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  509.943816][T13783] fuse: Bad value for 'fd'
[  510.201226][T13789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2214'.
[  510.204787][T13789] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2214'.
[  510.455522][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  510.517885][T13792] fuse: Unknown parameter 'group_i00000000000000000000'
[  510.729571][T13797] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2217'.
[  511.011528][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  511.557836][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  511.575011][T13809] 9pnet_fd: Insufficient options for proto=fd
[  511.722321][T13795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2216'.
[  511.739939][T13795] netlink: 'syz.0.2216': attribute type 5 has an invalid length.
[  511.742654][T13795] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2216'.
[  511.775376][T13795] geneve2: entered promiscuous mode
[  511.777992][T13795] geneve2: entered allmulticast mode
[  511.786123][ T8547] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  511.790135][ T8547] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  511.794939][ T8547] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  511.799740][ T8547] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  512.054902][T13820] fuse: Unknown parameter 'group_i00000000000000000000'
[  512.108814][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  512.657914][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  513.000653][T12567] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  513.203574][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  513.470449][T12567] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  513.575324][ T6184] IPVS: starting estimator thread 0...
[  513.606588][T13852] fuse: Unknown parameter 'group_id00000000000000000000'
[  513.748427][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  513.759327][T13849] IPVS: using max 29 ests per chain, 69600 per kthread
[  514.204800][T13862] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  514.293569][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  514.584737][T13872] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2240'.
[  514.842565][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  515.175899][T13883] 9pnet_fd: Insufficient options for proto=fd
[  515.243358][T13884] fuse: Unknown parameter 'group_id00000000000000000000'
[  515.400411][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  516.025592][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  516.054660][T13901] overlay: ./file1 is not a directory
[  516.143397][T13895] syzkaller0: entered promiscuous mode
[  516.146319][T13895] syzkaller0: entered allmulticast mode
[  516.907889][T13916] 9pnet_fd: Insufficient options for proto=fd
[  516.934126][T13919] fuse: Unknown parameter 'group_id00000000000000000000'
[  517.703693][ T8550] net_ratelimit: 2 callbacks suppressed
[  517.703710][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  518.003781][   T68] block nbd0: Possible stuck request ffff8880260a5080: control (read@0,1024B). Runtime 120 seconds
[  518.013666][   T68] block nbd0: Possible stuck request ffff8880260a5240: control (read@1024,1024B). Runtime 120 seconds
[  518.020317][   T68] block nbd0: Possible stuck request ffff8880260a5400: control (read@2048,1024B). Runtime 120 seconds
[  518.026146][   T68] block nbd0: Possible stuck request ffff8880260a55c0: control (read@3072,1024B). Runtime 120 seconds
[  518.259677][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  518.318913][T13944] Invalid ELF header type: 3 != 1
[  518.805620][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  519.350964][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  519.650475][T13950] Mount JFS Failure: -22
[  519.652415][T13950] jfs_mount failed w/return code = -22
[  519.906169][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  520.258043][T13965] lo speed is unknown, defaulting to 1000
[  520.515527][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  521.060574][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  521.605845][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  521.679570][T13986] lo speed is unknown, defaulting to 1000
[  521.835068][T13998] RDS: rds_bind could not find a transport for fe80::30, load rds_tcp or rds_rdma?
[  522.083438][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  522.083456][   T40] audit: type=1800 audit(1760001502.008:24471): pid=13990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2273" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  522.162978][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  522.479349][   T40] audit: type=1326 audit(1760001502.373:24472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.504650][   T40] audit: type=1326 audit(1760001502.373:24473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.525640][   T40] audit: type=1326 audit(1760001502.373:24474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.549512][   T40] audit: type=1326 audit(1760001502.373:24475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.568206][   T40] audit: type=1326 audit(1760001502.438:24476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.588915][T14006] 9pnet_fd: Insufficient options for proto=fd
[  522.598753][   T40] audit: type=1326 audit(1760001502.438:24477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.728322][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  522.755618][   T40] audit: type=1326 audit(1760001502.438:24478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14003 comm="syz.1.2279" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[  522.994190][T14017] bond8 (unregistering): Released all slaves
[  523.201001][T14015] 9pnet_fd: Insufficient options for proto=fd
[  523.273903][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  523.416357][   T40] audit: type=1326 audit(1760001503.261:24479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14026 comm="syz.2.2286" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  523.427512][   T40] audit: type=1326 audit(1760001503.261:24480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14026 comm="syz.2.2286" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  523.494035][T14025] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  523.888486][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  524.439278][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  524.601516][T14056] Mount JFS Failure: -22
[  524.603384][T14056] jfs_mount failed w/return code = -22
[  524.888118][T14069] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2299'.
[  524.888296][T14066] netlink: 'syz.0.2298': attribute type 2 has an invalid length.
[  524.984199][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  525.348521][T14080] vxfs: WRONG superblock magic 00000000 at 1
[  525.351364][T14080] vxfs: WRONG superblock magic 00000000 at 8
[  525.353519][T14080] vxfs: can't find superblock.
[  525.524678][ T5957] Bluetooth: hci4: command 0x0c1a tx timeout
[  525.529219][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  525.538815][T14078] ceph: No mds server is up or the cluster is laggy
[  525.541684][ T6184] libceph: connect (1)[c::]:6789 error -101
[  525.543821][ T6184] libceph: mon0 (1)[c::]:6789 connect error
[  526.085756][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  526.647867][T14114] input: syz0 as /devices/virtual/input/input18
[  526.660925][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  527.218721][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  527.492043][T14130] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2317'.
[  527.651594][T14147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2323'.
[  527.774441][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  527.915256][T14162] syzkaller1: entered promiscuous mode
[  527.917084][T14162] syzkaller1: entered allmulticast mode
[  528.114072][T14167] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  528.165513][T14174] sch_fq: defrate 53322 ignored.
[  528.330187][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  528.703769][T14189] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2337'.
[  528.812863][T14192] netlink: 'syz.1.2338': attribute type 1 has an invalid length.
[  528.886064][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  529.431365][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  529.637898][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  529.811291][T14228] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2346'.
[  529.888096][T14233] netlink: 'syz.1.2348': attribute type 1 has an invalid length.
[  529.890692][T14233] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2348'.
[  529.965064][T14244] random: crng reseeded on system resumption
[  529.987364][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  530.120264][T14247] binder: 14236:14247 ioctl c0306201 800001c0 returned -14
[  530.124061][T14247] binder: 14236:14247 ioctl c0189371 800000c0 returned -22
[  530.320582][T14256] overlayfs: failed to clone upperpath
[  530.390495][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ad17400: rx timeout, send abort
[  530.532558][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  530.718453][T14254] Mount JFS Failure: -22
[  530.720283][T14254] jfs_mount failed w/return code = -22
[  530.925105][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ad17800: rx timeout, send abort
[  530.928697][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ad17400: abort rx timeout. Force session deactivation
[  531.041187][T14267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2358'.
[  531.046436][T14267] fuse: Unknown parameter 'g'
[  531.077963][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  531.239824][T14275] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  531.241948][T14275] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  531.245732][T14275] vhci_hcd vhci_hcd.0: Device attached
[  531.463098][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ad17800: abort rx timeout. Force session deactivation
[  531.500336][T14282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2360'.
[  531.503475][T14282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2360'.
[  531.540584][   T29] usb 38-1: SetAddress Request (18) to port 0
[  531.542569][   T29] usb 38-1: new SuperSpeed USB device number 18 using vhci_hcd
[  531.547126][T14282] virtio-fs: tag </dev/md0> not found
[  531.633610][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  531.809443][T14277] vhci_hcd: connection reset by peer
[  531.811388][ T8547] vhci_hcd: stop threads
[  531.812741][ T8547] vhci_hcd: release socket
[  531.815216][ T8547] vhci_hcd: disconnect device
[  531.817983][T14289] overlayfs: failed to clone upperpath
[  532.146403][T14294] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2364'.
[  532.178867][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  532.735548][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  533.032652][T14322] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2374'.
[  533.174433][T14332] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2377'.
[  533.291559][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  533.802988][T14348] fuse: Bad value for 'fd'
[  533.846513][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  534.391766][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  534.669844][ T5960] Bluetooth: hci1: command 0x1003 tx timeout
[  534.672818][ T5957] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  534.947727][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  535.493015][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  535.918038][   T73] libceph: connect (1)[c::]:6789 error -101
[  535.920044][   T73] libceph: mon0 (1)[c::]:6789 connect error
[  535.981429][T12567] libceph: connect (1)[b::]:6789 error -101
[  535.983473][T12567] libceph: mon0 (1)[b::]:6789 connect error
[  536.059539][   T73] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  536.059698][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  536.273654][T12567] libceph: connect (1)[b::]:6789 error -101
[  536.275610][T12567] libceph: mon0 (1)[b::]:6789 connect error
[  536.487784][ T6009] libceph: connect (1)[c::]:6789 error -101
[  536.489729][ T6009] libceph: mon0 (1)[c::]:6789 connect error
[  536.509652][   T73] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  536.512200][   T73] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  536.515179][   T73] usb 6-1: config 0 interface 0 has no altsetting 0
[  536.519109][   T73] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  536.521922][   T73] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  536.524445][   T73] usb 6-1: Product: syz
[  536.525758][   T73] usb 6-1: Manufacturer: syz
[  536.527216][   T73] usb 6-1: SerialNumber: syz
[  536.530591][   T73] usb 6-1: config 0 descriptor??
[  536.533291][   T73] hub 6-1:0.0: bad descriptor, ignoring hub
[  536.535211][   T73] hub 6-1:0.0: probe with driver hub failed with error -5
[  536.538747][   T73] usb 6-1: selecting invalid altsetting 0
[  536.615419][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  536.800007][T14388] ceph: No mds server is up or the cluster is laggy
[  536.800298][T14391] ceph: No mds server is up or the cluster is laggy
[  536.863406][   T54] libceph: connect (1)[b::]:6789 error -101
[  536.865379][   T54] libceph: mon0 (1)[b::]:6789 connect error
[  537.001776][   T29] usb 38-1: device descriptor read/8, error -110
[  537.177131][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  537.322326][T14413] fuse: Unknown parameter 'd'
[  537.549854][   T29] usb usb38-port1: attempt power cycle
[  537.600493][T14419] trusted_key: encrypted_key: master key parameter is missing
[  537.944554][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  537.996133][T14424] ceph: No mds server is up or the cluster is laggy
[  537.999588][   T54] libceph: connect (1)[c::]:6789 error -101
[  538.002629][   T54] libceph: mon0 (1)[c::]:6789 connect error
[  538.159579][   T29] usb usb38-port1: unable to enumerate USB device
[  538.496961][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  538.840883][T14454] netlink: 'syz.3.2409': attribute type 21 has an invalid length.
[  538.844239][T14454] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2409'.
[  539.053209][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  539.598112][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  539.850794][T14471] 9pnet_fd: Insufficient options for proto=fd
[  539.857093][T14472] Invalid ELF header type: 3 != 1
[  540.154066][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  540.229142][   T54] usb 6-1: USB disconnect, device number 6
[  540.326557][T14478] syzkaller0: entered promiscuous mode
[  540.328432][T14478] syzkaller0: entered allmulticast mode
[  540.335425][T14478] syzkaller0: left allmulticast mode
[  540.690733][T14487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2419'.
[  540.699278][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  540.714450][T14487] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  540.833062][T14495] Mount JFS Failure: -22
[  540.834948][T14495] jfs_mount failed w/return code = -22
[  541.244443][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  541.257625][T14500] nfs: Unknown parameter 'syzkaller1'
[  541.794250][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  541.807867][T14521] Invalid ELF header type: 3 != 1
[  542.319068][T14536] fuse: Unknown parameter 'use00000000000000000000'
[  542.356515][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  542.470949][T14543] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  542.472977][T14543] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  542.481330][T14543] vhci_hcd vhci_hcd.0: Device attached
[  542.494899][T14547] overlayfs: failed to resolve './bus': -2
[  542.522156][T14543] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2432'.
[  542.545033][T14543] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2432'.
[  542.831264][T14564] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  542.901544][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  542.931424][   T54] usb 40-1: SetAddress Request (2) to port 0
[  542.935901][   T54] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  542.970524][T14566] 9pnet_fd: Insufficient options for proto=fd
[  543.062608][T14570] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  543.375330][T14544] vhci_hcd: connection reset by peer
[  543.377514][ T8551] vhci_hcd: stop threads
[  543.380149][ T8551] vhci_hcd: release socket
[  543.382182][ T8551] vhci_hcd: disconnect device
[  543.446687][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  543.612811][T14572] fuse: Unknown parameter 'use00000000000000000000'
[  543.839821][T14577] overlayfs: failed to resolve './bus': -2
[  543.887553][T14580] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2443'.
[  543.917652][T14582] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  544.002859][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  544.349124][T14586] /dev/nullb0: Can't lookup blockdev
[  544.476351][T14596] fuse: Unknown parameter 'user_i00000000000000000000'
[  544.558659][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  544.569680][T14602] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  544.571966][T14602] overlayfs: failed to set xattr on upper
[  544.573780][T14602] overlayfs: ...falling back to redirect_dir=nofollow.
[  544.707337][T14592] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  544.763926][T14617] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  544.793872][  T841] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  545.069934][T14631] /dev/nullb0: Can't lookup blockdev
[  545.273019][T14650] fuse: Unknown parameter 'user_i00000000000000000000'
[  545.303311][T14657] comedi comedi3: das16m1: I/O port conflict (0x4f2a,16)
[  545.355132][T14655] /dev/nullb0: Can't lookup blockdev
[  545.437229][  T841] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  545.519410][T14676] x_tables: duplicate underflow at hook 2
[  545.649778][T14681] syzkaller0: entered promiscuous mode
[  545.652121][T14681] syzkaller0: entered allmulticast mode
[  545.660219][ T8555] net_ratelimit: 1 callbacks suppressed
[  545.660234][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  546.044804][    C3] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  546.205191][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  546.257073][T14719] block nbd1: not configured, cannot reconfigure
[  546.266674][T14721] wireguard0: entered promiscuous mode
[  546.268564][T14721] wireguard0: entered allmulticast mode
[  546.315655][T14722] cgroup: Invalid name
[  546.726142][T14746] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  546.761376][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  546.958170][T14755] comedi comedi3: das16m1: I/O port conflict (0x4f2a,16)
[  547.327580][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  547.883294][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  548.067079][T14780] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2503'.
[  548.070804][T14780] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2503'.
[  548.074176][T14780] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2503'.
[  548.087949][T14780] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2503'.
[  548.212564][T14788] "syz.3.2506" (14788) uses obsolete ecb(arc4) skcipher
[  548.220692][T14788] 9pnet_fd: Insufficient options for proto=fd
[  548.421998][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  548.425778][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  548.429272][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  548.432046][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  548.434488][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  548.457173][T14800] lo speed is unknown, defaulting to 1000
[  548.487747][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  548.504947][   T54] usb 40-1: device descriptor read/8, error -110
[  548.554470][T14800] chnl_net:caif_netlink_parms(): no params data found
[  548.819691][T14800] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.823188][T14800] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.829323][T14800] bridge_slave_0: entered allmulticast mode
[  548.836003][T14800] bridge_slave_0: entered promiscuous mode
[  548.847229][T14800] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.852857][T14800] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.856271][T14800] bridge_slave_1: entered allmulticast mode
[  548.859064][T14800] bridge_slave_1: entered promiscuous mode
[  548.908875][T14800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  548.916094][T14800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.920810][   T54] usb usb40-port1: attempt power cycle
[  548.958822][T14800] team0: Port device team_slave_0 added
[  548.962119][T14800] team0: Port device team_slave_1 added
[  548.993279][T14800] batman_adv: batadv0: Adding interface: batadv_slave_0
[  548.996692][T14800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  549.007040][T14800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  549.013046][T14800] batman_adv: batadv0: Adding interface: batadv_slave_1
[  549.015923][T14800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  549.026599][T14800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  549.031107][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  549.078412][T14800] hsr_slave_0: entered promiscuous mode
[  549.081190][T14800] hsr_slave_1: entered promiscuous mode
[  549.083576][T14800] debugfs: 'hsr0' already exists in 'hsr'
[  549.085356][T14800] Cannot create hsr debugfs directory
[  549.179516][T14800] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.182854][T14800] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.269846][T14800] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.273416][T14800] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.330555][T14800] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.334467][T14800] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.386478][T14800] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  549.390401][T14800] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.490851][T14800] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  549.494971][T14800] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  549.499413][T14800] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  549.503321][T14800] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  549.530280][   T54] usb usb40-port1: unable to enumerate USB device
[  549.558913][T14800] 8021q: adding VLAN 0 to HW filter on device bond0
[  549.573390][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  549.575694][T14800] 8021q: adding VLAN 0 to HW filter on device team0
[  549.587317][ T8555] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.589687][ T8555] bridge0: port 1(bridge_slave_0) entered forwarding state
[  549.600480][ T8550] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.603423][ T8550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  549.754594][T14800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.778920][T14800] veth0_vlan: entered promiscuous mode
[  549.791513][T14800] veth1_vlan: entered promiscuous mode
[  549.807139][T14800] veth0_macvtap: entered promiscuous mode
[  549.812701][T14800] veth1_macvtap: entered promiscuous mode
[  549.821921][T14800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  549.873784][T14800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  549.882280][ T8555] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.887307][ T8555] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.890161][ T8555] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.895223][ T8555] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  549.947900][ T8554] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  549.950217][ T8554] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  549.953544][T14821] tmpfs: Bad value for 'mpol'
[  549.975945][ T8550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  549.979006][ T8550] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.117815][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  550.131208][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  550.131219][   T40] audit: type=1326 audit(1760001529.250:24503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.149190][   T40] audit: type=1326 audit(1760001529.250:24504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.158721][   T40] audit: type=1326 audit(1760001529.250:24505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.158783][   T68] block nbd0: Possible stuck request ffff8880260a5080: control (read@0,1024B). Runtime 150 seconds
[  550.172190][   T68] block nbd0: Possible stuck request ffff8880260a5240: control (read@1024,1024B). Runtime 150 seconds
[  550.176868][   T68] block nbd0: Possible stuck request ffff8880260a5400: control (read@2048,1024B). Runtime 150 seconds
[  550.182150][   T68] block nbd0: Possible stuck request ffff8880260a55c0: control (read@3072,1024B). Runtime 150 seconds
[  550.187750][   T40] audit: type=1326 audit(1760001529.259:24506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.200308][   T40] audit: type=1326 audit(1760001529.259:24507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.211834][   T40] audit: type=1326 audit(1760001529.259:24508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.219273][   T40] audit: type=1326 audit(1760001529.259:24509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.226435][   T40] audit: type=1326 audit(1760001529.259:24510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.233185][   T40] audit: type=1326 audit(1760001529.259:24511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.243101][   T40] audit: type=1326 audit(1760001529.259:24512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.2.2508" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  550.365012][ T5960] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  550.369607][ T5960] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  550.373016][ T5960] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  550.377462][ T5960] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  550.380477][ T5960] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  550.427678][T14828] lo speed is unknown, defaulting to 1000
[  550.572720][T14828] chnl_net:caif_netlink_parms(): no params data found
[  550.646605][T14828] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.648869][T14828] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.651100][T14828] bridge_slave_0: entered allmulticast mode
[  550.654807][T14828] bridge_slave_0: entered promiscuous mode
[  550.659608][T14828] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.662944][ T5960] Bluetooth: hci1: command tx timeout
[  550.663678][T14828] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.668413][T14828] bridge_slave_1: entered allmulticast mode
[  550.671528][T14828] bridge_slave_1: entered promiscuous mode
[  550.725553][T14828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  550.732763][T14828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  550.785504][T14828] team0: Port device team_slave_0 added
[  550.789891][T14828] team0: Port device team_slave_1 added
[  550.833636][T14828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  550.836596][T14828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  550.844759][T14828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  550.850082][T14828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  550.852562][T14828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  550.860744][T14828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  550.903675][T14828] hsr_slave_0: entered promiscuous mode
[  550.905903][T14828] hsr_slave_1: entered promiscuous mode
[  550.908024][T14828] debugfs: 'hsr0' already exists in 'hsr'
[  550.910297][T14828] Cannot create hsr debugfs directory
[  550.976538][T14837] team0: Device vxcan1 is of different type
[  551.036796][T14828] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  551.042330][T14828] netdevsim netdevsim3 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  551.108827][T14828] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  551.112445][T14828] netdevsim netdevsim3 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  551.169902][T14828] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  551.173973][T14828] netdevsim netdevsim3 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  551.208369][ T8550] net_ratelimit: 1 callbacks suppressed
[  551.208385][ T8550] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  551.237018][T14828] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[  551.241724][T14828] netdevsim netdevsim3 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  551.310701][T14843] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2514'.
[  551.410163][T14828] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  551.414720][T14828] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  551.419114][T14828] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  551.425493][T14828] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  551.485856][T14828] 8021q: adding VLAN 0 to HW filter on device bond0
[  551.494480][T14828] 8021q: adding VLAN 0 to HW filter on device team0
[  551.501889][ T8551] bridge0: port 1(bridge_slave_0) entered blocking state
[  551.504163][ T8551] bridge0: port 1(bridge_slave_0) entered forwarding state
[  551.510993][ T8554] bridge0: port 2(bridge_slave_1) entered blocking state
[  551.513283][ T8554] bridge0: port 2(bridge_slave_1) entered forwarding state
[  551.632508][T14828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  551.668429][T14828] veth0_vlan: entered promiscuous mode
[  551.673496][T14828] veth1_vlan: entered promiscuous mode
[  551.691125][T14828] veth0_macvtap: entered promiscuous mode
[  551.697726][T14828] veth1_macvtap: entered promiscuous mode
[  551.718147][T14828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  551.730586][T14828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  551.737936][ T8554] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  551.741578][ T8554] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  551.746686][ T8554] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  551.750349][ T8554] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  551.754255][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  551.795715][ T8550] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.799065][ T8550] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  551.841393][ T8550] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.844520][ T8550] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  551.929293][T14861] sctp: [Deprecated]: syz.3.2517 (pid 14861) Use of int in max_burst socket option deprecated.
[  551.929293][T14861] Use struct sctp_assoc_value instead
[  552.301762][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  552.555093][ T5960] Bluetooth: hci2: command tx timeout
[  552.865204][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  552.898057][ T5960] Bluetooth: hci1: command tx timeout
[  553.019542][T14868] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.132546][T14871] fuse: Unknown parameter '0xffffffffffffffff'
[  553.410481][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  553.939148][T14881] syzkaller1: entered promiscuous mode
[  553.941777][T14881] syzkaller1: entered allmulticast mode
[  553.955531][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  554.500968][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  554.666735][T14868] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.768049][ T5960] Bluetooth: hci2: command tx timeout
[  555.046002][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  555.120962][ T5960] Bluetooth: hci1: command tx timeout
[  555.591501][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  555.763696][T14903] Mount JFS Failure: -22
[  555.765174][T14903] jfs_mount failed w/return code = -22
[  556.136864][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  556.245834][T14906] netlink: 'syz.2.2531': attribute type 1 has an invalid length.
[  556.419369][T14868] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  556.567501][T14868] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  556.641192][ T5960] Bluetooth: hci4: hardware error 0x40
[  556.668418][ T8554] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  556.679381][ T8551] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  556.682611][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  556.689222][ T8554] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  556.697174][ T8554] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  556.992170][ T5957] Bluetooth: hci2: command tx timeout
[  557.001170][T14920] rdma_rxe: rxe_newlink: failed to add syz_tun
[  557.227121][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  557.344707][ T5957] Bluetooth: hci1: command tx timeout
[  557.568359][T14926] ip6gre1: entered promiscuous mode
[  557.570291][T14926] ip6gre1: entered allmulticast mode
[  557.772085][   T40] kauditd_printk_skb: 24 callbacks suppressed
[  557.772096][   T40] audit: type=1326 audit(1760001536.387:24537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14930 comm="syz.3.2538" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd7579 code=0x0
[  557.772872][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  558.328310][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  558.781555][   T40] audit: type=1326 audit(1760001537.341:24538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.788861][   T40] audit: type=1326 audit(1760001537.341:24539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.791970][T14955] pim6reg: entered allmulticast mode
[  558.795598][   T40] audit: type=1326 audit(1760001537.341:24540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.795622][   T40] audit: type=1326 audit(1760001537.341:24541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.798467][ T5960] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  558.806865][   T40] audit: type=1326 audit(1760001537.341:24542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.809564][T14954] pim6reg: left allmulticast mode
[  558.824002][   T40] audit: type=1326 audit(1760001537.341:24543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.831993][   T40] audit: type=1326 audit(1760001537.341:24544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.839179][   T40] audit: type=1326 audit(1760001537.341:24545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.846272][   T40] audit: type=1326 audit(1760001537.341:24546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14954 comm="syz.2.2544" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  558.875037][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  558.993253][ T9429] tipc: Resetting bearer <eth:syzkaller0>
[  559.021913][ T9429] tipc: Disabling bearer <eth:syzkaller0>
[  559.128617][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  559.132255][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  559.135096][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  559.138011][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  559.142281][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  559.164322][T14965] lo speed is unknown, defaulting to 1000
[  559.215792][ T5960] Bluetooth: hci2: command tx timeout
[  559.282687][T14965] chnl_net:caif_netlink_parms(): no params data found
[  559.357408][T14965] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.359812][T14965] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.362143][T14965] bridge_slave_0: entered allmulticast mode
[  559.364849][T14965] bridge_slave_0: entered promiscuous mode
[  559.369151][T14965] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.371461][T14965] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.373695][T14965] bridge_slave_1: entered allmulticast mode
[  559.376620][T14965] bridge_slave_1: entered promiscuous mode
[  559.417186][T14965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  559.422293][T14965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  559.429345][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  559.457771][T14965] team0: Port device team_slave_0 added
[  559.463074][T14965] team0: Port device team_slave_1 added
[  559.513249][T14965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.516033][T14965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  559.524048][T14965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  559.528628][T14965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  559.530929][T14965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  559.541766][T14965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  559.581185][T14965] hsr_slave_0: entered promiscuous mode
[  559.583418][T14965] hsr_slave_1: entered promiscuous mode
[  559.589070][T14965] debugfs: 'hsr0' already exists in 'hsr'
[  559.591399][T14965] Cannot create hsr debugfs directory
[  559.754767][T14965] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  559.759869][T14965] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  559.764169][T14965] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  559.781567][T14965] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  559.832945][T14965] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.836094][T14965] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.839261][T14965] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.842163][T14965] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.844134][T14990] fuse: Unknown parameter '0xffffffffffffffff'
[  559.869120][T14986] binder: 14980:14986 ioctl 8008f512 80000340 returned -22
[  559.883099][T14965] 8021q: adding VLAN 0 to HW filter on device bond0
[  559.902944][ T8554] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.907392][ T8554] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.940108][T14965] 8021q: adding VLAN 0 to HW filter on device team0
[  559.956849][ T8554] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.959134][ T8554] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.964352][ T8554] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.967438][ T8554] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.974451][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  559.990471][T14986] lo speed is unknown, defaulting to 1000
[  560.016546][T14994] netlink: 360 bytes leftover after parsing attributes in process `syz.3.2548'.
[  560.233806][T14965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  560.394974][T14965] veth0_vlan: entered promiscuous mode
[  560.399518][T14965] veth1_vlan: entered promiscuous mode
[  560.422915][T14965] veth0_macvtap: entered promiscuous mode
[  560.428731][T14965] veth1_macvtap: entered promiscuous mode
[  560.438014][T14965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  560.443982][T14965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  560.449450][ T8548] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  560.452312][ T8548] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  560.457872][ T8548] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  560.461736][ T8548] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  560.513118][ T8548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.516256][ T8548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  560.520204][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  560.532102][ T8549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.535356][ T8549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  560.611640][T15018] overlayfs: failed to resolve './file1': -2
[  561.065072][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  561.353518][ T5960] Bluetooth: hci0: command tx timeout
[  561.621961][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  562.166192][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  562.226318][ T5960] Bluetooth: hci1: Dropping invalid advertising data
[  562.228661][ T5960] Bluetooth: hci1: Malformed LE Event: 0x02
[  562.375870][T15042] fuse: Unknown parameter 'fd0x0000000000000003'
[  562.715201][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  563.048037][T15055] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input19
[  563.224432][T15067] overlayfs: missing 'lowerdir'
[  563.277924][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  563.374354][T15076] overlayfs: missing 'lowerdir'
[  563.467091][T15079] fuse: Unknown parameter '0xffffffffffffffff'
[  563.505753][T15078] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.577306][ T5960] Bluetooth: hci0: command tx timeout
[  563.823969][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  563.900357][T15078] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.043715][T15078] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.191890][T15078] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.204832][T15086] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  564.207510][T15086] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  564.211020][T15086] vhci_hcd vhci_hcd.0: Device attached
[  564.323741][ T8549] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  564.427095][ T8551] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  564.430190][ T8551] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  564.433624][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  564.440879][ T8551] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  564.493056][T15087] vhci_hcd: connection closed
[  564.493441][ T8555] vhci_hcd: stop threads
[  564.504518][ T8555] vhci_hcd: release socket
[  564.510117][ T8555] vhci_hcd: disconnect device
[  564.528723][   T29] usb 44-1: enqueue for inactive port 0
[  564.977745][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  565.052890][   T29] usb usb44-port1: attempt power cycle
[  565.533716][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  565.653316][   T29] usb usb44-port1: unable to enumerate USB device
[  565.684365][T15109] FAULT_INJECTION: forcing a failure.
[  565.684365][T15109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  565.690167][T15109] CPU: 1 UID: 0 PID: 15109 Comm: syz.4.2580 Not tainted syzkaller #0 PREEMPT(full) 
[  565.690189][T15109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  565.690200][T15109] Call Trace:
[  565.690206][T15109]  <TASK>
[  565.690213][T15109]  dump_stack_lvl+0x16c/0x1f0
[  565.690238][T15109]  should_fail_ex+0x512/0x640
[  565.690263][T15109]  _copy_to_user+0x32/0xd0
[  565.690287][T15109]  simple_read_from_buffer+0xcb/0x170
[  565.690316][T15109]  proc_fail_nth_read+0x197/0x240
[  565.690337][T15109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  565.690356][T15109]  ? rw_verify_area+0xcf/0x6c0
[  565.690383][T15109]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  565.690401][T15109]  vfs_read+0x1e1/0xcf0
[  565.690425][T15109]  ? __pfx_vfs_read+0x10/0x10
[  565.690441][T15109]  ? find_held_lock+0x2b/0x80
[  565.690467][T15109]  ? __fget_files+0x20e/0x3c0
[  565.690492][T15109]  ksys_read+0x12a/0x250
[  565.690509][T15109]  ? __pfx_ksys_read+0x10/0x10
[  565.690529][T15109]  ? rcu_is_watching+0x12/0xc0
[  565.690551][T15109]  __do_fast_syscall_32+0x7c/0x300
[  565.690575][T15109]  do_fast_syscall_32+0x32/0x80
[  565.690596][T15109]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  565.690618][T15109] RIP: 0023:0xf7f53579
[  565.690633][T15109] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  565.690649][T15109] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  565.690665][T15109] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5446620
[  565.690676][T15109] RDX: 000000000000000f RSI: 00000000f73e5ff4 RDI: 0000000000000000
[  565.690686][T15109] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  565.690697][T15109] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  565.690707][T15109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  565.690734][T15109]  </TASK>
[  565.801430][ T5960] Bluetooth: hci0: command tx timeout
[  566.078768][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  566.624297][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  567.013131][ T5960] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  567.083181][T15138] random: crng reseeded on system resumption
[  567.180755][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  567.511428][ T5960] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  567.515287][ T5960] Bluetooth: hci1: Injecting HCI hardware error event
[  567.519176][ T5957] Bluetooth: hci1: hardware error 0x00
[  567.736152][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  567.994717][T15152] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2594'.
[  568.025807][ T5960] Bluetooth: hci0: command tx timeout
[  568.264564][T15160] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.282433][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  568.360748][T15158] kvm: pic: non byte write
[  568.362354][T15158] kvm: pic: non byte write
[  568.363977][T15158] kvm: pic: non byte write
[  568.836939][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  568.992896][T15170] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2599'.
[  569.382176][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  569.735095][ T5957] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  569.861294][T15176] overlayfs: missing 'workdir'
[  569.933133][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  569.966721][   T40] kauditd_printk_skb: 32 callbacks suppressed
[  569.966737][   T40] audit: type=1326 audit(1760001547.799:24579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  569.976840][   T40] audit: type=1326 audit(1760001547.799:24580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  569.986140][   T40] audit: type=1326 audit(1760001547.799:24581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  569.995382][   T40] audit: type=1326 audit(1760001547.799:24582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.005203][   T40] audit: type=1326 audit(1760001547.799:24583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.012999][   T40] audit: type=1326 audit(1760001547.799:24584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.019902][   T40] audit: type=1326 audit(1760001547.799:24585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.030868][   T40] audit: type=1326 audit(1760001547.799:24586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.041513][   T40] audit: type=1326 audit(1760001547.799:24587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.052290][   T40] audit: type=1326 audit(1760001547.799:24588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15179 comm="syz.2.2604" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13598 code=0x7ffc0000
[  570.472967][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  571.028874][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  571.441965][T15188] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.573912][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  572.033934][T15199] use of bytesused == 0 is deprecated and will be removed in the future,
[  572.037514][T15199] use the actual size instead.
[  572.079951][T15201] FAULT_INJECTION: forcing a failure.
[  572.079951][T15201] name failslab, interval 1, probability 0, space 0, times 0
[  572.084917][T15201] CPU: 3 UID: 0 PID: 15201 Comm: syz.2.2610 Not tainted syzkaller #0 PREEMPT(full) 
[  572.084937][T15201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  572.084946][T15201] Call Trace:
[  572.084952][T15201]  <TASK>
[  572.084959][T15201]  dump_stack_lvl+0x16c/0x1f0
[  572.084979][T15201]  should_fail_ex+0x512/0x640
[  572.084996][T15201]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  572.085012][T15201]  should_failslab+0xc2/0x120
[  572.085029][T15201]  kmem_cache_alloc_noprof+0x75/0x6e0
[  572.085041][T15201]  ? auditd_test_task+0x131/0x2f0
[  572.085064][T15201]  ? audit_log_start+0x29b/0x950
[  572.085086][T15201]  ? audit_log_start+0x29b/0x950
[  572.085103][T15201]  audit_log_start+0x29b/0x950
[  572.085123][T15201]  ? __pfx_audit_log_start+0x10/0x10
[  572.085141][T15201]  ? _raw_spin_unlock_irq+0x2e/0x50
[  572.085154][T15201]  ? get_signal+0x183/0x26d0
[  572.085177][T15201]  audit_seccomp+0x60/0x1f0
[  572.085196][T15201]  __seccomp_filter+0xa74/0x11c0
[  572.085216][T15201]  ? __pfx___seccomp_filter+0x10/0x10
[  572.085240][T15201]  ? ksys_write+0x1ac/0x250
[  572.085257][T15201]  __secure_computing+0x215/0x320
[  572.085276][T15201]  syscall_trace_enter+0x89/0x240
[  572.085299][T15201]  __do_fast_syscall_32+0x1c7/0x300
[  572.085318][T15201]  do_fast_syscall_32+0x32/0x80
[  572.085335][T15201]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  572.085353][T15201] RIP: 0023:0xf7f13579
[  572.085365][T15201] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  572.085379][T15201] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  572.085394][T15201] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080003c00
[  572.085403][T15201] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  572.085411][T15201] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  572.085419][T15201] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  572.085427][T15201] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  572.085446][T15201]  </TASK>
[  572.140632][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  572.706922][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  572.817452][T15228] Unsupported ieee802154 address type: 0
[  572.942403][T15231] 9pnet_fd: Insufficient options for proto=fd
[  572.979994][T15232] 9pnet_virtio: no channels available for device syz
[  573.252274][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  573.697695][T15254] 
[  573.698800][T15254] ======================================================
[  573.701362][T15254] WARNING: possible circular locking dependency detected
[  573.703444][T15254] syzkaller #0 Not tainted
[  573.705030][T15254] ------------------------------------------------------
[  573.708822][T15254] syz.2.2630/15254 is trying to acquire lock:
[  573.711147][T15254] ffff888050925178 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}, at: walk_component+0x345/0x5b0
[  573.714160][T15254] 
[  573.714160][T15254] but task is already holding lock:
[  573.716378][T15254] ffff888012c1a488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570
[  573.719183][T15254] 
[  573.719183][T15254] which lock already depends on the new lock.
[  573.719183][T15254] 
[  573.722326][T15254] 
[  573.722326][T15254] the existing dependency chain (in reverse order) is:
[  573.725452][T15254] 
[  573.725452][T15254] -> #3 (&of->mutex){+.+.}-{4:4}:
[  573.727688][T15254]        __mutex_lock+0x193/0x1060
[  573.729273][T15254]        kernfs_fop_write_iter+0x28f/0x570
[  573.731185][T15254]        iter_file_splice_write+0xa21/0x12e0
[  573.733018][T15254]        do_splice+0x1475/0x1fc0
[  573.734621][T15254]        __do_splice+0x32a/0x360
[  573.736213][T15254]        __ia32_sys_splice+0x189/0x250
[  573.737938][T15254]        __do_fast_syscall_32+0x7c/0x300
[  573.739718][T15254]        do_fast_syscall_32+0x32/0x80
[  573.741384][T15254]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.743458][T15254] 
[  573.743458][T15254] -> #2 (&pipe->mutex){+.+.}-{4:4}:
[  573.745782][T15254]        __mutex_lock+0x193/0x1060
[  573.747402][T15254]        pipe_lock+0x64/0x80
[  573.748907][T15254]        iter_file_splice_write+0x1ea/0x12e0
[  573.751064][T15254]        do_splice+0x1475/0x1fc0
[  573.752637][T15254]        __do_splice+0x32a/0x360
[  573.754189][T15254]        __ia32_sys_splice+0x189/0x250
[  573.755958][T15254]        __do_fast_syscall_32+0x7c/0x300
[  573.757706][T15254]        do_fast_syscall_32+0x32/0x80
[  573.759406][T15254]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.761559][T15254] 
[  573.761559][T15254] -> #1 (sb_writers#5){.+.+}-{0:0}:
[  573.763875][T15254]        mnt_want_write+0x6f/0x450
[  573.765488][T15254]        ovl_xattr_set+0x137/0x550
[  573.767099][T15254]        __vfs_setxattr+0x172/0x1e0
[  573.768753][T15254]        __vfs_setxattr_noperm+0x127/0x660
[  573.770572][T15254]        __vfs_setxattr_locked+0x182/0x260
[  573.772438][T15254]        vfs_setxattr+0x145/0x360
[  573.774012][T15254]        do_setxattr+0x145/0x180
[  573.775564][T15254]        filename_setxattr+0x16b/0x1d0
[  573.777270][T15254]        path_setxattrat+0x1de/0x2a0
[  573.778918][T15254]        __ia32_sys_setxattr+0xc4/0x140
[  573.780642][T15254]        __do_fast_syscall_32+0x7c/0x300
[  573.782418][T15254]        do_fast_syscall_32+0x32/0x80
[  573.784059][T15254]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.786156][T15254] 
[  573.786156][T15254] -> #0 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}:
[  573.788837][T15254]        __lock_acquire+0x12a6/0x1ce0
[  573.790520][T15254]        lock_acquire+0x179/0x350
[  573.792128][T15254]        down_read+0x9b/0x480
[  573.793876][T15254]        walk_component+0x345/0x5b0
[  573.795523][T15254]        path_lookupat+0x142/0x6d0
[  573.797069][T15254]        filename_lookup+0x224/0x5f0
[  573.798638][T15254]        kern_path+0x35/0x50
[  573.800034][T15254]        lookup_bdev+0xd8/0x280
[  573.801531][T15254]        resume_store+0x1d6/0x460
[  573.803585][T15254]        kobj_attr_store+0x55/0x80
[  573.805683][T15254]        sysfs_kf_write+0xf2/0x150
[  573.807450][T15254]        kernfs_fop_write_iter+0x3af/0x570
[  573.809278][T15254]        vfs_write+0x7d3/0x11d0
[  573.811173][T15254]        ksys_write+0x12a/0x250
[  573.812952][T15254]        __do_fast_syscall_32+0x7c/0x300
[  573.815223][T15254]        do_fast_syscall_32+0x32/0x80
[  573.817430][T15254]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.820052][T15254] 
[  573.820052][T15254] other info that might help us debug this:
[  573.820052][T15254] 
[  573.823861][T15254] Chain exists of:
[  573.823861][T15254]   &ovl_i_mutex_dir_key[depth] --> &pipe->mutex --> &of->mutex
[  573.823861][T15254] 
[  573.829187][T15254]  Possible unsafe locking scenario:
[  573.829187][T15254] 
[  573.832217][T15254]        CPU0                    CPU1
[  573.834264][T15254]        ----                    ----
[  573.836457][T15254]   lock(&of->mutex);
[  573.838009][T15254]                                lock(&pipe->mutex);
[  573.840575][T15254]                                lock(&of->mutex);
[  573.843223][T15254]   rlock(&ovl_i_mutex_dir_key[depth]);
[  573.845217][T15254] 
[  573.845217][T15254]  *** DEADLOCK ***
[  573.845217][T15254] 
[  573.848374][T15254] 4 locks held by syz.2.2630/15254:
[  573.850259][T15254]  #0: ffff8880280b9278 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  573.853851][T15254]  #1: ffff888044fae420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  573.857375][T15254]  #2: ffff888012c1a488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570
[  573.861305][T15254]  #3: ffff88801c3f1b48 (kn->active#69){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570
[  573.865213][T15254] 
[  573.865213][T15254] stack backtrace:
[  573.867615][T15254] CPU: 3 UID: 0 PID: 15254 Comm: syz.2.2630 Not tainted syzkaller #0 PREEMPT(full) 
[  573.867635][T15254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  573.867648][T15254] Call Trace:
[  573.867655][T15254]  <TASK>
[  573.867662][T15254]  dump_stack_lvl+0x116/0x1f0
[  573.867684][T15254]  print_circular_bug+0x275/0x350
[  573.867709][T15254]  check_noncircular+0x14c/0x170
[  573.867734][T15254]  __lock_acquire+0x12a6/0x1ce0
[  573.867763][T15254]  lock_acquire+0x179/0x350
[  573.867785][T15254]  ? walk_component+0x345/0x5b0
[  573.867811][T15254]  ? __pfx___might_resched+0x10/0x10
[  573.867830][T15254]  ? try_to_unlazy+0x24e/0x660
[  573.867854][T15254]  down_read+0x9b/0x480
[  573.867875][T15254]  ? walk_component+0x345/0x5b0
[  573.867899][T15254]  ? __pfx_down_read+0x10/0x10
[  573.867919][T15254]  ? lookup_fast+0x156/0x610
[  573.867944][T15254]  walk_component+0x345/0x5b0
[  573.867970][T15254]  path_lookupat+0x142/0x6d0
[  573.867986][T15254]  filename_lookup+0x224/0x5f0
[  573.868003][T15254]  ? __pfx_filename_lookup+0x10/0x10
[  573.868027][T15254]  ? getname_kernel+0x52/0x370
[  573.868047][T15254]  ? __asan_memcpy+0x3c/0x60
[  573.868066][T15254]  kern_path+0x35/0x50
[  573.868087][T15254]  lookup_bdev+0xd8/0x280
[  573.868110][T15254]  ? __pfx_lookup_bdev+0x10/0x10
[  573.868136][T15254]  ? __asan_memcpy+0x3c/0x60
[  573.868154][T15254]  resume_store+0x1d6/0x460
[  573.868170][T15254]  ? __pfx_resume_store+0x10/0x10
[  573.868190][T15254]  ? find_held_lock+0x2b/0x80
[  573.868209][T15254]  ? __pfx_resume_store+0x10/0x10
[  573.868225][T15254]  kobj_attr_store+0x55/0x80
[  573.868244][T15254]  ? __pfx_kobj_attr_store+0x10/0x10
[  573.868261][T15254]  sysfs_kf_write+0xf2/0x150
[  573.868280][T15254]  kernfs_fop_write_iter+0x3af/0x570
[  573.868305][T15254]  ? __pfx_sysfs_kf_write+0x10/0x10
[  573.868324][T15254]  vfs_write+0x7d3/0x11d0
[  573.868342][T15254]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  573.868370][T15254]  ? __pfx_vfs_write+0x10/0x10
[  573.868384][T15254]  ? find_held_lock+0x2b/0x80
[  573.868409][T15254]  ksys_write+0x12a/0x250
[  573.868425][T15254]  ? __pfx_ksys_write+0x10/0x10
[  573.868444][T15254]  ? rcu_is_watching+0x12/0xc0
[  573.868461][T15254]  __do_fast_syscall_32+0x7c/0x300
[  573.868482][T15254]  do_fast_syscall_32+0x32/0x80
[  573.868501][T15254]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  573.868521][T15254] RIP: 0023:0xf7f13579
[  573.868534][T15254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  573.868550][T15254] RSP: 002b:00000000f540655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  573.868564][T15254] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000000
[  573.868576][T15254] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  573.868585][T15254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  573.868595][T15254] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  573.868606][T15254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  573.868623][T15254]  </TASK>
[  573.970759][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  574.110488][T15254] PM: Image not found (code -123)
[  574.387308][ T8549] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.524488][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  574.547668][ T8549] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.708502][ T8549] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.767757][ T8549] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.866371][ T8549] bridge_slave_1: left allmulticast mode
[  574.868675][ T8549] bridge_slave_1: left promiscuous mode
[  574.871027][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state
[  574.874693][ T8549] bridge_slave_0: left allmulticast mode
[  574.876809][ T8549] bridge_slave_0: left promiscuous mode
[  574.878602][ T8549] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.013585][ T8549] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  575.018998][ T8549] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  575.023537][ T8549] bond0 (unregistering): Released all slaves
[  575.080562][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  575.300496][ T8549] hsr_slave_0: left promiscuous mode
[  575.303167][ T8549] hsr_slave_1: left promiscuous mode
[  575.305687][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  575.308599][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_0
[  575.311971][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  575.314964][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_1
[  575.321194][ T8549] veth1_macvtap: left promiscuous mode
[  575.323277][ T8549] veth0_macvtap: left promiscuous mode
[  575.325553][ T8549] veth1_vlan: left promiscuous mode
[  575.328115][ T8549] veth0_vlan: left promiscuous mode
[  575.517549][ T8549] team0 (unregistering): Port device team_slave_1 removed
[  575.561804][ T8549] team0 (unregistering): Port device team_slave_0 removed
[  575.626426][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  576.181366][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  576.249354][ T8549] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.301915][ T8549] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.355680][ T8549] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.398127][ T8549] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.457849][ T8549] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.528313][ T8549] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.603709][ T8549] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.657752][ T8549] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.737328][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  576.753202][ T8549] bridge_slave_1: left allmulticast mode
[  576.754934][ T8549] bridge_slave_1: left promiscuous mode
[  576.756647][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.760797][ T8549] bridge_slave_0: left allmulticast mode
[  576.762531][ T8549] bridge_slave_0: left promiscuous mode
[  576.764392][ T8549] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.767798][ T8549] bridge_slave_1: left allmulticast mode
[  576.769978][ T8549] bridge_slave_1: left promiscuous mode
[  576.771733][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state
[  576.775289][ T8549] bridge_slave_0: left allmulticast mode
[  576.777619][ T8549] bridge_slave_0: left promiscuous mode
[  576.781520][ T8549] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.922868][ T8549] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  576.926621][ T8549] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  576.930690][ T8549] bond0 (unregistering): Released all slaves
[  577.010375][ T8549] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  577.013736][ T8549] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  577.018365][ T8549] bond0 (unregistering): Released all slaves
[  577.293213][ T8547] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  577.587943][ T8549] hsr_slave_0: left promiscuous mode
[  577.589930][ T8549] hsr_slave_1: left promiscuous mode
[  577.591846][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  577.594222][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_0
[  577.597665][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  577.600731][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_1
[  577.607655][ T8549] hsr_slave_0: left promiscuous mode
[  577.610237][ T8549] hsr_slave_1: left promiscuous mode
[  577.612781][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  577.616348][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_0
[  577.619637][ T8549] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  577.622627][ T8549] batman_adv: batadv0: Removing interface: batadv_slave_1
[  577.630130][ T8549] veth1_macvtap: left promiscuous mode
[  577.631933][ T8549] veth0_macvtap: left promiscuous mode
[  577.633613][ T8549] veth1_vlan: left promiscuous mode
[  577.635569][ T8549] veth0_vlan: left promiscuous mode
[  577.638493][ T8549] veth1_macvtap: left promiscuous mode
[  577.640726][ T8549] veth0_macvtap: left promiscuous mode
[  577.643034][ T8549] veth1_vlan: left promiscuous mode
[  577.645268][ T8549] veth0_vlan: left promiscuous mode
[  577.840768][ T8548] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  577.857409][ T8549] team0 (unregistering): Port device team_slave_1 removed
[  577.894645][ T8549] team0 (unregistering): Port device team_slave_0 removed
[  578.221071][ T8549] team0 (unregistering): Port device team_slave_1 removed
[  578.269345][ T8549] team0 (unregistering): Port device team_slave_0 removed
[  578.383625][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  578.929710][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  579.474173][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  580.030152][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  580.575393][ T8551] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  581.120442][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  581.665851][ T8554] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  582.210865][ T8555] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  582.307328][ T6042] block nbd0: Possible stuck request ffff8880260a5080: control (read@0,1024B). Runtime 180 seconds
[  582.311236][ T6042] block nbd0: Possible stuck request ffff8880260a5240: control (read@1024,1024B). Runtime 180 seconds
[  582.315609][ T6042] block nbd0: Possible stuck request ffff8880260a5400: control (read@2048,1024B). Runtime 180 seconds
[  582.319647][ T6042] block nbd0: Possible stuck request ffff8880260a55c0: control (read@3072,1024B). Runtime 180 seconds
[  582.383879][ T5353] udevd[5353]: worker [6787] /devices/virtual/block/nbd0 timeout; kill it
[  582.386626][ T5353] udevd[5353]: seq 17964 '/devices/virtual/block/nbd0' killed
[  582.756084][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01
[  583.311999][ T8549] batman_adv: batadv0: Local translation table size (60) exceeds maximum packet size (-320); Ignoring new local tt entry: 01:00:5e:00:00:01

VM DIAGNOSIS:
09:06:40  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=ffff88801d6dc900 RCX=0000000000000001 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8dda7f00 RBP=ffffffff8206ae73 RSP=ffffc9000316fa10
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffc9000316fa80 R14=ffffc9000316fb40 R15=000000008066ce80
RIP=ffffffff8206aeb6 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977e7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53e4528 CR3=0000000065a49000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000e23f1c RBX=0000000000000001 RCX=ffffffff8b61f2d9 RDX=ffffed1005666656
RSI=ffffffff8bf1d4c0 RDI=ffffffff81913bcd RBP=ffffed1003b5c490 RSP=ffffc9000046fde8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801dae2480 R14=ffffffff908358d0 R15=0000000000000000
RIP=ffffffff8b61dd8f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000033febff8 CR3=0000000065a49000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000055c1e4 RBX=0000000000000002 RCX=ffffffff8b61f2d9 RDX=ffffed1005686656
RSI=ffffffff8bf1d4c0 RDI=ffffffff81913bcd RBP=ffffed1003b5c920 RSP=ffffc9000047fde8
R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801dae4900 R14=ffffffff908358d0 R15=0000000000000000
RIP=ffffffff8b61dd8f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000560e171a8f40 CR3=00000000287c2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=81be26db15c89de9 7d68b63dffcd88a8 81be26db15c89de9 7d68b63dffcd88a8 81be26db15c89de9 7d68b63dffcd88a8 81be26db15c89de9 7d68b63dffcd88a8
ZMM18=81400c9b09db6985 70595b4266ffb61c 81400c9b09db6985 70595b4266ffb61c 81400c9b09db6985 70595b4266ffb61c 81400c9b09db6985 70595b4266ffb61c
ZMM19=7f1a000000000000 0000000000000004 7f1a000000000000 0000000000000003 7f1a000000000000 0000000000000002 7f1a000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 662f2e01ffffffff ffffffffef080183 8003000400018408 0007800201c70800
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080049ae00657375 662f7665642f01ff ffffffffffffffeb 080780031c824080
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 808088003ffe0800 058002060140fc00 30656c69662f2e01 ffffffffffffffff
ZMM24=66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c 66ffb61c66ffb61c
ZMM25=70595b4270595b42 70595b4270595b42 70595b4270595b42 70595b4270595b42 70595b4270595b42 70595b4270595b42 70595b4270595b42 70595b4270595b42
ZMM26=09db698509db6985 09db698509db6985 09db698509db6985 09db698509db6985 09db698509db6985 09db698509db6985 09db698509db6985 09db698509db6985
ZMM27=81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b 81400c9b81400c9b
ZMM28=000000b0000000af 000000ae000000ad 000000ac000000ab 000000aa000000a9 000000a8000000a7 000000a6000000a5 000000a4000000a3 000000a2000000a1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000 7e1a00007e1a0000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852ca695 RDI=ffffffff9adebe40 RBP=ffffffff9adebe00 RSP=ffffc900035df0c8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9adebe00 R15=ffffffff852ca630
RIP=ffffffff852ca6bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031ebdffc CR3=00000000645fc000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000009800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000