last executing test programs:

2m12.137372577s ago: executing program 32 (id=114):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000a00)={0x2020}, 0x2020)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
getsockopt$sock_int(r2, 0x1, 0x27, 0x0, &(0x7f0000000240))
r3 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_int(r3, 0x0, 0x21, 0x0, &(0x7f0000000080))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58)
r6 = accept$alg(r5, 0x0, 0x0)
getsockopt$sock_int(r6, 0x1, 0xa, 0x0, &(0x7f0000000080))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0xd)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9802c0028000100027f0400080005000d27cf41fd5fb2178eafd50800ff0f0100ff070200030b0800b6d166d639b3ea8200"/61], 0x31)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000040)={0x3, 0x1, 0x9, 0x4, 0x4, "da01e90f39c16a0761cdf60bb29bec177da362", 0x6, 0x8})
ioctl$VT_DISALLOCATE(r4, 0x5608)

2m5.643526483s ago: executing program 4 (id=199):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r2)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010013bd70100400000005000000080009000200000008000c00a80a0000060001000700000008000b"], 0x34}}, 0x20)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2}}, 0x2e)
r9 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r9, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r9, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r9, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x4e20, 0x80000, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000680)=[@dstopts_2292={{0x18}}, @hopopts_2292={{0x18}}], 0x30}, 0x0)
sendmmsg(r8, &(0x7f0000000280)=[{{0x0, 0x700003a, 0x0, 0x0, 0x0, 0x0, 0x700}, 0x4}], 0x400000000000085, 0x0)
sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x14, r3, 0x1, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r10, 0x4038ae7a, &(0x7f0000000100)={0x0, 0x119, &(0x7f0000000240)="a87c9f096cd50b568f652ff07b0e22153a265a8a55f924cd147a8e6f0b193a5751f7", 0x0, 0x22})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f00000001c0)="b979090000b80c000000ba000000000f30660f015d000f20e035800000000f22e08fc978c2e8640f01b304f4dc20650fc7a03fa5ad000f22850fc729d9fab8080000000f23c00f21f835000004000f23f8", 0x51}], 0x1, 0x9, 0x0, 0x0)
r12 = syz_open_dev$sg(&(0x7f00000002c0), 0xe5, 0x44000)
ioctl$SCSI_IOCTL_SEND_COMMAND(r12, 0x1, &(0x7f0000000300)={0xc2, 0x3, 0xe, "a6a3b557c5b9e19567435d23f2ca72563665f974c4b7966434874009cd8f5d427b3522229135a50acb9fa634a214fe96351ceed1d3c9263cfd9384a6e53f4ef2693db0084bf332f2a617927d83a515a5f938189966a9ffa0d7b5e5f09b691ce09ed1df8a74ba4d91cf03d660c17d025d136d3e11b1d71aac6d69184e4dbbfbe3ea9c6acd7ea64645f499285d7c5eaaddec75a6b754a161c481b9e67fa0f80bcad53280250380cc22dbe901cdb18da17939cd9c8b8d5874bcbdbcff194e85a2cbeb05"})
syz_kvm_setup_cpu$x86(r10, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)

2m5.423939443s ago: executing program 4 (id=200):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xa4}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
symlinkat(&(0x7f0000000140)='.\x00', r3, &(0x7f00000000c0)='./file0\x00')
openat(r3, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x0)
sendto$packet(r3, &(0x7f0000000140)="ff29d601fab36e", 0x7, 0x48840, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x6, 0x0, 0x2000, &(0x7f0000013000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2m5.293796044s ago: executing program 4 (id=201):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000500)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/138, 0x0, 0xffff1000})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000140)=""/98, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000ac0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2m5.239457639s ago: executing program 4 (id=203):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88) (async)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0) (async)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) (async)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) (async)
pivot_root(&(0x7f0000000340)='./file0/../file0/../file0/../file0\x00', &(0x7f00000003c0)='./file0\x00') (async)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) (async)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x1}], 0x1}}], 0x1, 0x22002884) (async)
r4 = accept4$unix(r2, 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000009, 0x12, r5, 0xffffc000) (async)
recvfrom$unix(r4, &(0x7f0000000140)=""/248, 0xf8, 0x0, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000008c0)="3cb7e9e5c30a05c41dd519ab070a9833851847c82c6d026f7b4ee0", 0x1b}, {&(0x7f0000000340)="0000b1571fdf4d2c772384fe455c651a51b2c39d0b83ec769f19cd675b6314f54f05", 0x22}], 0x2}, 0x80)

2m5.238623729s ago: executing program 4 (id=204):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000000)="0f01b8453b670f70665c00262e0f30baf80c66b8b0e6818f66efbafc0cec643626f7950000262e3e670f01cab848008ee866b80500000066b9008000000f01c1d2fd660f38804400", 0x48}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
r4 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
ioctl$VT_ACTIVATE(r4, 0x5606, 0x6)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
close(0x3)
socket$inet(0x2, 0x4000000000000001, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r2, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x3e, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x49, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000780)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xe, 0x8, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ldst={0x1, 0x0, 0x1, 0xa, 0x6, 0x1, 0x8}]}, &(0x7f0000000100)='GPL\x00', 0x5, 0xd2, &(0x7f0000000440)=""/210, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x0, 0x2, 0x10001}, 0x10, r7, r8, 0x5, &(0x7f00000007c0)=[r2, r5], &(0x7f0000000800)=[{0x2, 0x4, 0x1, 0x8}, {0x5, 0x1, 0xe, 0x3}, {0x1, 0x3, 0x8}, {0x2, 0x4, 0xf, 0xc}, {0x3, 0x5, 0x1, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
bind$netlink(r6, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
mq_notify(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x3, 0x2})
sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x30, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x4}]}], {0x14}}, 0xb8}}, 0x0)

2m4.931521798s ago: executing program 4 (id=217):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r1}, 0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000280)=[{{0x3, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x1}}], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0x200, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xe, 0xa}, {0x0, 0x8}, {0xc, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x7, 0x7}}, @TCA_RATE={0x6, 0x5, {0x7, 0x4}}]}, 0x34}}, 0x40044)

2m4.905510111s ago: executing program 33 (id=217):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r1}, 0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000280)=[{{0x3, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1}}, {{0x3, 0x1, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x1}}], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newqdisc={0x34, 0x24, 0x200, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xe, 0xa}, {0x0, 0x8}, {0xc, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x7, 0x7}}, @TCA_RATE={0x6, 0x5, {0x7, 0x4}}]}, 0x34}}, 0x40044)

1m52.010858662s ago: executing program 5 (id=394):
read$msr(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$vivid(0x0, 0x3, 0x2)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f0000000040)={0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f91f24fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x370, 0x180, 0xffffff80, 0x178, 0x0, 0x178, 0x2a0, 0x22b, 0x258, 0x2a0, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x160, 0x180, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@hl={{0x28}, {0x2, 0x5}}, @common=@srh1={{0x90}, {0xc, 0x9, 0x7, 0x0, 0xfc01, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x21}, [0x0, 0xff000000, 0xffff00, 0xffffff00], [0x0, 0xffffffff, 0xffffff00, 0xff], [0xffffff00, 0xff000000, 0xff0000ff, 0xffff00], 0x773112106688b153, 0x2}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x7}}, @common=@icmp6={{0x28}, {0xb, "2917", 0x1}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d0)

1m51.923758805s ago: executing program 5 (id=395):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_io_uring_setup(0x24f8, &(0x7f0000002ec0), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, 0x0, 0x40802)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x4b4e, 0xc)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r3 = epoll_create1(0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0xa, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x9}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x30}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0xaf}]}, 0x40}, 0x1, 0x0, 0x0, 0xc800}, 0x20000c00)
epoll_wait(r3, &(0x7f0000000000)=[{}], 0x1, 0x7ff)
ppoll(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001100)={0x40200, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1m51.072698166s ago: executing program 5 (id=401):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0xabd0}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000100)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x4, 0x0, 0x5}})

1m51.023713642s ago: executing program 5 (id=402):
r0 = fsopen(&(0x7f0000002200)='ramfs\x00', 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='\x00', 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
r3 = bpf$BPF_LINK_CREATE_XDP(0x9, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x5, 0x0, @val=@iter={0x0}}, 0x40)
socket(0x10, 0x803, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000304000000001ee5000000000000", @ANYRES32=0x0, @ANYRES64=r3], 0x3c}, 0x1, 0xba01}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x349a81, 0x126)
r5 = syz_io_uring_setup(0x3d4b, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001340)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r5, 0x567, 0x0, 0x0, 0x0, 0x0)
close_range(r5, r3, 0x2)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="0ad668f61c06c4ff140000001000009006000000000000000000000a3c000000090a050600000000000000000100000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000014140000001100010000000000"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c0000000b0a01010000000000000000010000000900010073797a30000000000c001040000000000000000114"], 0x54}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000200)=ANY=[], 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000100), 0x1, 0x2)
ioctl$VIDIOC_G_STD(r8, 0x80085617, 0x0)
syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2805011, 0x0)
mount$bind(0x0, &(0x7f0000000400)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_io_uring_submit(r9, r10, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xf, 0x30, 0xffffffffffffffff, 0x10000000)

1m50.963717674s ago: executing program 5 (id=403):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x1, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time={0x800, 0xb}, {}, {}, @quote}], 0x38)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000600))
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x801, 0x0, 0x0, 0xfffffffd, {0xa, 0x0, 0x200, @local}}}, 0x3a)
close_range(r2, 0xffffffffffffffff, 0x0)

1m50.771036979s ago: executing program 5 (id=406):
socket$key(0xf, 0x3, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2, 0x2, 0x0, 0x8, 0x2, 0x0, 0xfffffffc, 0x4}, 0x10}}, 0x40004)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f0000000100))
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0x2, '\x00', @p_u32=&(0x7f0000000040)=0xfffffffc}})

1m50.709500253s ago: executing program 34 (id=406):
socket$key(0xf, 0x3, 0x2)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2, 0x2, 0x0, 0x8, 0x2, 0x0, 0xfffffffc, 0x4}, 0x10}}, 0x40004)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f0000000100))
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0x2, '\x00', @p_u32=&(0x7f0000000040)=0xfffffffc}})

1m15.313299515s ago: executing program 6 (id=1064):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
pread64(r1, &(0x7f0000000080)=""/221, 0xdd, 0x7fffffffffffffff)
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000280))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000280)={@val={0x1c, 0xf6}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0xfe, 0x0, 0x0, 0x1c, {[@window={0xe, 0x3, 0x2}, @timestamp={0x5, 0xa}, @generic={0x0, 0x8, "d58838068b91"}]}}}}}}, 0x4e)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r5, @ANYBLOB="0012000000000000300016802c00018028000100000000000000000000000100"/56], 0x50}}, 0x20040850)
r6 = socket(0x10, 0x3, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r7, 0xc01064c8, &(0x7f00000001c0)={0x9, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0]})
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000200)=[r9], 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r8], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000040)})
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x52, 0x1, 0x10000, 0x0, {0x6}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x7}]}, 0x20}}, 0x0)

1m12.893259702s ago: executing program 6 (id=1090):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) (async, rerun: 32)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000011c0), 0x50000, 0x0) (async, rerun: 64)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0) (rerun: 64)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@bloom_filter={0x1e, 0xe97, 0x6, 0x9, 0x40030, r1, 0xc, '\x00', 0x0, r2, 0x0, 0x1, 0x1, 0xa, @void, @value, @void, @value}, 0x50) (async, rerun: 64)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) (rerun: 64)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r5, 0x9e235000)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async)
close_range(r6, 0xffffffffffffffff, 0x0) (async)
syz_open_dev$tty1(0xc, 0x4, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
r7 = add_key$user(&(0x7f00000006c0), &(0x7f0000000000)={'syz', 0x1}, &(0x7f0000000440)="3118a062c5e6f9b332e2f3006a9a29fcaff672ae900d6fa95c321004ea8844c7a92ca02b058250a07854dcfb2951b8ea60e3c13305cb31f9a5493befc04fb0be50cc07b31ecfb1baf775d8efd3f847d3392d421fe46244c6886cbb9ad6077b29e5fa3bfdf07a4515d5588050fde3c0f03ddda2ebe8649cf2a473b5069866bd0d8a78cf92c40574dd50446db139d9723e0d3753eb94c0fac0c409d1f208c29e115fba14d1e378ef478508ae2e37b64ca1826d14e1209183948dc754c1d92fdebf", 0xc0, 0xffffffffffffffff) (async)
r8 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000340)="8e", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r8, r7, r7}, &(0x7f0000000180)=""/84, 0x54, &(0x7f0000000340)={&(0x7f0000000240)={'crct10dif-pclmul\x00'}}) (async, rerun: 32)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x3, r3, 0x4}, 0x38) (async, rerun: 32)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001040)=ANY=[@ANYBLOB="ac000000", @ANYBLOB="57a296205cbac60ebe325bf5bdc2a314ffaab54a34ac54b0f83949015c5283f8f4eb1c3544ade43fd91e1bf3614973e8831f77a7500cc5ab27a5338736028d10299d0f0a2a18fb438f9a1f905fb533ba2b88969fcd44ba18b4317ae256e5a1ef41471138ccedb838e826a4c9a842b3d2e43169ffe098c353abae230098a37626065409e6b22bf9406cd95fbf753e0686ed33f51a472dde33b5770f333a9d9769fe466ed8231d1cbb5bf925bd8fb114a81a1769a5813fff4fe8f17a061a5596f332ad1207b1d3f6d355360bebc60678", @ANYRES64=r9], 0xac}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)

1m12.887696298s ago: executing program 6 (id=1091):
r0 = gettid()
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
sendmsg$netlink(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000580)=ANY=[], 0x1f88}], 0x1}, 0x0)
tkill(r0, 0x7)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=ANY=[@ANYBLOB="7002000010003704ffffffff0000000000000000", @ANYRES32=r7, @ANYBLOB="92010000000000000a000200000000000000000044021680100001800c000500"], 0x270}, 0x1, 0x0, 0x0, 0x24040015}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRES64=r4], 0x38}}, 0x40810)
r8 = syz_open_procfs(r0, &(0x7f0000000040)='task\x00')
getdents(r8, &(0x7f0000000000)=""/24, 0x18)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x2c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0xc890)
syz_open_procfs$namespace(r0, &(0x7f0000000340)='ns/user\x00')
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'team_slave_0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000c80)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11}}, 0x24}}, 0x0)
getdents64(r8, &(0x7f0000000140)=""/56, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r12 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000024307d0e90a2308e8798095c"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @alu={0x7, 0x1, 0xb, 0x7, 0x4, 0x100, 0xfffffffffffffffc}], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r12, 0xc, &(0x7f00000000c0), 0xfff1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
getdents64(r8, &(0x7f0000000080)=""/151, 0x97)
ioctl$EXT4_IOC_GETSTATE(r3, 0x4008af14, &(0x7f0000000080))
eventfd(0x200)

1m12.731435674s ago: executing program 6 (id=1094):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x44, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x57e}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0x44}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x1, 0xffffffffffffffff}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x44, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x57e}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0x44}}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x1, 0xffffffffffffffff}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)

1m12.730864438s ago: executing program 6 (id=1095):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)={0x0, 0x0, 0x3}, 0x65)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount(&(0x7f00000001c0)=@filename='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x224d080, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r1}, './file0\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@can_newroute={0x44, 0x18, 0x32025cb8e50ee45d, 0x70bd29, 0x25dfdbfc, {0x1d, 0x1, 0x3}, [@CGW_MOD_SET={0x15, 0x4, {{{0x3}, 0x2, 0x3, 0x0, 0x0, "3f1b95df9b2d0912"}, 0x7}}, @CGW_MOD_XOR={0x15, 0x3, {{{0x4, 0x1, 0x1, 0x1}, 0x1, 0x1, 0x0, 0x0, "a3873e95a4b32091"}, 0x7}}]}, 0x44}}, 0x40000)
socket$nl_route(0x10, 0x3, 0x0)

1m12.730595031s ago: executing program 6 (id=1096):
r0 = syz_io_uring_setup(0x27f3, &(0x7f0000000500)={0x0, 0x4, 0x0, 0xb, 0x269}, &(0x7f0000000300), &(0x7f0000000100)=<r1=>0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1) (async)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_ACCEPT={0xd, 0x45, 0x0, r2, &(0x7f0000000000)=0x80, &(0x7f0000000140)=@rc={0x1f, @none}, 0x0, 0x0, 0x0, {0x0, r3}}) (async)
r4 = io_uring_setup(0x3408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1c, 0x20000000, r5)

57.69415788s ago: executing program 35 (id=1096):
r0 = syz_io_uring_setup(0x27f3, &(0x7f0000000500)={0x0, 0x4, 0x0, 0xb, 0x269}, &(0x7f0000000300), &(0x7f0000000100)=<r1=>0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1) (async)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_ACCEPT={0xd, 0x45, 0x0, r2, &(0x7f0000000000)=0x80, &(0x7f0000000140)=@rc={0x1f, @none}, 0x0, 0x0, 0x0, {0x0, r3}}) (async)
r4 = io_uring_setup(0x3408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2})
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1c, 0x20000000, r5)

54.393297713s ago: executing program 0 (id=1360):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000230000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r1, 0x61, 0x40001002, r6, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx2\x00'}, 0x58)
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x2, 0x1}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
setreuid(r11, r11)
quotactl_fd$Q_QUOTAOFF(r8, 0xffffffff80000302, r11, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x2)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socket(0x1e, 0x4, 0x0)

54.25930083s ago: executing program 0 (id=1364):
r0 = syz_open_dev$vim2m(0x0, 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)

54.21286011s ago: executing program 0 (id=1366):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x9e20, 0xc, 0x134, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0xf5000000)

54.123044098s ago: executing program 0 (id=1369):
setreuid(0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000002c4400003c0000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

54.052046095s ago: executing program 0 (id=1372):
syz_80211_inject_frame(0x0, 0x0, 0x262)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r2=>0x0})
sendmsg$can_bcm(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x1d, r2}, 0x10, &(0x7f0000000480)={&(0x7f0000000980)=ANY=[], 0x48}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r3, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)={0x58, r4, 0x1, 0x8000, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x26, 0x33, @mgmt_frame=@assoc_resp={{{0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x8}, @device_b, @device_b, @random="9d2b2f5c82d9", {0x6, 0x8}, @value=@ver_80211n={0x0, 0x5, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1}}, 0xa80a, 0x4c, @random=0x3, @void, @void}}]}, 0x58}}, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r6=>0x0, <r7=>0x0})
nanosleep(&(0x7f00000000c0)={r6, r7+60000000}, &(0x7f0000000140))

54.051622795s ago: executing program 3 (id=1375):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000100001000000000039ff00000000000a20000000000a01080000000000000000010000000900010073797a300000000048000000030a0102000000000000000001000000080007006e6174000900030073796031000000000900010073797a3000000000140004800800024000000000080001"], 0x90}}, 0x0)

53.992567172s ago: executing program 3 (id=1377):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async, rerun: 32)
write(r0, &(0x7f0000000340)="07000000010003", 0x62) (rerun: 32)

53.991939224s ago: executing program 3 (id=1378):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x9e20, 0xc, 0x134, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0xfee00000)

53.872990927s ago: executing program 3 (id=1384):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r3)
tkill(r3, 0x12)
tkill(r3, 0x12)
ptrace(0x4208, r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x5, &(0x7f0000000040)=0x1e6e, 0x4)
r5 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000100)=<r7=>0x0)
r8 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000001140)=0xfff, 0x4)
ppoll(&(0x7f00000014c0)=[{r8, 0x20c0}], 0x1, 0x0, 0x0, 0x0)
timer_settime(r7, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r9 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x100)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x50, 0x30, 0x1, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_simple={0x38, 0x1d, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x5, 0x3, '\x00'}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x50}}, 0x404c000)
readv(r9, 0x0, 0x0)
r11 = syz_io_uring_setup(0x72ee, &(0x7f0000000200)={0x0, 0x93bb, 0x0, 0x0, 0x368}, &(0x7f00000000c0), &(0x7f0000000280))
syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x2000, 0x1, 0x0, 0x0, r11}, &(0x7f0000000140)=<r12=>0x0, &(0x7f0000000100)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})

53.323336612s ago: executing program 2 (id=1392):
setreuid(0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000002c440000600000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

53.322969191s ago: executing program 2 (id=1393):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x9e20, 0xc, 0x134, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0xff0f0000)

53.192678985s ago: executing program 2 (id=1394):
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x3f0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x1})
getresgid(&(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
r2 = getpid()
r3 = syz_clone(0x2a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r2, r3, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
memfd_create(&(0x7f0000000040)='security.selinux\x00\xab', 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x18000, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)={0x3ff}, 0x0, 0x0)
futex(&(0x7f0000000140)=0x2, 0x8, 0x1, &(0x7f0000000180)={0x77359400}, &(0x7f0000000200)=0x2, 0x2)

52.993261187s ago: executing program 3 (id=1395):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000010000000a20000000000a01080000000000000000010000000900010073797a300000000048000000030a0102000000000000000001000000080007006e6174000900030073796031000000000900010073797a3000000000140004800800024000000000080001"], 0x90}}, 0x0)

52.992943804s ago: executing program 3 (id=1396):
syz_open_dev$dri(&(0x7f0000000000), 0x200000, 0x101000)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0xe4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6400030000000000000000e100001000fd5d39c6b46f02f1d91ec728a00c06605fa7c4c4f96a7bf0775cbed58e832edc03971d3d30cd38e190dd1338b3d4873e3b2d88cc27dd3dc17ca84299815c4004049465aee8bcb3ef1ab8605a34b3d4dd47fc264f94744afb2c045991b617b92344db9c654a37699408f3a58757e7b07b1da6c533555f9c576d8db721faeee82a1c8727818e0079ac447fbc6eb2a7bce8b6a844c2732c5689e9b56e4eed2f848966501d6073bbeb78c614805c57d3e39bf31439f0317d182843df6b807fef09bae01a1849c0df45c91972b2747112da674d3b44a2aaa14a242f7ca565459898f2", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000"], 0x24}}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="11db81de02ce2ce907c7681d6c53721c000000", @ANYRES16=r4, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r2, @ANYBLOB], 0x1c}}, 0x0)
write$nci(r1, &(0x7f0000000040)=@NCI_OP_RF_DEACTIVATE_NTF={0x1, 0x1, 0x3, 0x6, 0x2, {0x2, 0x1}}, 0x5)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "b7ef1c3e568656655c186e"}, 0x16)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000005000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000005040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000ffdbdf250100000000004c8af20d00000b00"], 0x30}, 0x1, 0x0, 0x0, 0x24040805}, 0x20000080)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d00"], 0x1c}}, 0x0)
socket$isdn(0x22, 0x3, 0x26)
ioctl$IMCLEAR_L2(r1, 0x80044946, &(0x7f00000001c0)=0x9)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80442, 0x0)
pipe2$9p(&(0x7f0000000240)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r10, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r11 = dup(r10)
write$P9_RLERRORu(r11, &(0x7f0000000300)=ANY=[@ANYRESOCT=r8, @ANYRES32=r7, @ANYRES8, @ANYRES32=r6], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3f5715083887c98c2c7201646e6f3d", @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',k'])
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

52.692914472s ago: executing program 0 (id=1397):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xfffffff7, 0x0, 0xf2, 0x80000000}, 0x10) (async)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xfffffff7, 0x0, 0xf2, 0x80000000}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a008000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
syz_init_net_socket$ax25(0x3, 0x2, 0x0) (async)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) (async)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0) (async)
io_setup(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000000))

51.403234729s ago: executing program 2 (id=1398):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)

51.403040674s ago: executing program 2 (id=1399):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x204, 0x4) (async)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x204, 0x4)
bind$inet6(r1, &(0x7f0000f67fe4)={0xa, 0x4e22, 0x1000003, @private2={0xfc, 0x2, '\x00', 0x3}, 0x5}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000)=0x6, 0xa)
bind$inet6(r2, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000002010102000000000000000001000007040019800400028065bb6f6f99f872ed0692c9ceb68b5eb41566a86f8d55f2bbb3dd5e59eb67feefdfd0117fd0c3a1ffd5d911a672afc9e6d4d72ac35d86f62fc82c53e5dbb2ce356c6e1a57"], 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

51.351068882s ago: executing program 2 (id=1400):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xfff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x13, 0x1, 0x3, "d287202724ca4a4809867c003323de4e0b33e71c059706050000ae035b0e363f", 0x33363248})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0}, &(0x7f0000000140)=0xc)
prctl$PR_SET_PTRACER(0x59616d61, r1) (async)
prctl$PR_SET_PTRACER(0x59616d61, r1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = dup(r2)
accept4$vsock_stream(r3, 0x0, 0x58, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000009078"], 0x0) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000009078"], 0x0)
socketpair(0x11, 0x4, 0x81, &(0x7f0000000180)) (async)
socketpair(0x11, 0x4, 0x81, &(0x7f0000000180))
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = dup(r8)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000002000000ff000040"]) (async)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000002000000ff000040"])
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r10}, @call={0x85, 0x0, 0x0, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xec, &(0x7f0000000500)=""/236, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r10}, @call={0x85, 0x0, 0x0, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xec, &(0x7f0000000500)=""/236, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
select(0x40, &(0x7f00000000c0)={0x9, 0xca3, 0xfffffffffffffffb, 0x8d, 0x8000, 0x200, 0x3, 0x1}, 0x0, 0xffffffffffffffff, 0x0)
r11 = syz_open_dev$sg(&(0x7f0000000340), 0x276, 0x200)
ioctl$FIBMAP(r11, 0x1, &(0x7f00000000c0)=0x5)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x874a21d3ed36b493, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x4000})

37.313622547s ago: executing program 36 (id=1397):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xfffffff7, 0x0, 0xf2, 0x80000000}, 0x10) (async)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xfffffff7, 0x0, 0xf2, 0x80000000}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000a008000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
syz_init_net_socket$ax25(0x3, 0x2, 0x0) (async)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48) (async)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0) (async)
io_setup(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000000))

37.272710515s ago: executing program 37 (id=1396):
syz_open_dev$dri(&(0x7f0000000000), 0x200000, 0x101000)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0xe4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6400030000000000000000e100001000fd5d39c6b46f02f1d91ec728a00c06605fa7c4c4f96a7bf0775cbed58e832edc03971d3d30cd38e190dd1338b3d4873e3b2d88cc27dd3dc17ca84299815c4004049465aee8bcb3ef1ab8605a34b3d4dd47fc264f94744afb2c045991b617b92344db9c654a37699408f3a58757e7b07b1da6c533555f9c576d8db721faeee82a1c8727818e0079ac447fbc6eb2a7bce8b6a844c2732c5689e9b56e4eed2f848966501d6073bbeb78c614805c57d3e39bf31439f0317d182843df6b807fef09bae01a1849c0df45c91972b2747112da674d3b44a2aaa14a242f7ca565459898f2", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000"], 0x24}}, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="11db81de02ce2ce907c7681d6c53721c000000", @ANYRES16=r4, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r2, @ANYBLOB], 0x1c}}, 0x0)
write$nci(r1, &(0x7f0000000040)=@NCI_OP_RF_DEACTIVATE_NTF={0x1, 0x1, 0x3, 0x6, 0x2, {0x2, 0x1}}, 0x5)
syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "b7ef1c3e568656655c186e"}, 0x16)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000005000), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000005040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000ffdbdf250100000000004c8af20d00000b00"], 0x30}, 0x1, 0x0, 0x0, 0x24040805}, 0x20000080)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d00"], 0x1c}}, 0x0)
socket$isdn(0x22, 0x3, 0x26)
ioctl$IMCLEAR_L2(r1, 0x80044946, &(0x7f00000001c0)=0x9)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80442, 0x0)
pipe2$9p(&(0x7f0000000240)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r10, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r11 = dup(r10)
write$P9_RLERRORu(r11, &(0x7f0000000300)=ANY=[@ANYRESOCT=r8, @ANYRES32=r7, @ANYRES8, @ANYRES32=r6], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3f5715083887c98c2c7201646e6f3d", @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',k'])
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

36.285112312s ago: executing program 38 (id=1400):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xfff, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x13, 0x1, 0x3, "d287202724ca4a4809867c003323de4e0b33e71c059706050000ae035b0e363f", 0x33363248})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r1=>0x0}, &(0x7f0000000140)=0xc)
prctl$PR_SET_PTRACER(0x59616d61, r1) (async)
prctl$PR_SET_PTRACER(0x59616d61, r1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = dup(r2)
accept4$vsock_stream(r3, 0x0, 0x58, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000009078"], 0x0) (async)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000009078"], 0x0)
socketpair(0x11, 0x4, 0x81, &(0x7f0000000180)) (async)
socketpair(0x11, 0x4, 0x81, &(0x7f0000000180))
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = dup(r8)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000002000000ff000040"]) (async)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="8200000002000000ff000040"])
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r10}, @call={0x85, 0x0, 0x0, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xec, &(0x7f0000000500)=""/236, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r10}, @call={0x85, 0x0, 0x0, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xec, &(0x7f0000000500)=""/236, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
select(0x40, &(0x7f00000000c0)={0x9, 0xca3, 0xfffffffffffffffb, 0x8d, 0x8000, 0x200, 0x3, 0x1}, 0x0, 0xffffffffffffffff, 0x0)
r11 = syz_open_dev$sg(&(0x7f0000000340), 0x276, 0x200)
ioctl$FIBMAP(r11, 0x1, &(0x7f00000000c0)=0x5)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x874a21d3ed36b493, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f00000000c0)={'veth1_to_bond\x00', 0x4000})

1.922172006s ago: executing program 7 (id=1470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)={0x34, r1, 0x101, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x6, 0x34, @random="0cb1"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15cc}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}]]}, 0x34}}, 0x0)

1.92173848s ago: executing program 7 (id=1471):
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) (async)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000380)={'#! ', './file0'}, 0xb) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0x10) (async)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x69, 0x1, 0x10, '\x00', 0x4})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$qrtrtun(r4, &(0x7f0000003bc0)="9d8d645e53b6", 0x6) (async)
r5 = openat$cgroup_ro(r4, &(0x7f0000000300)='cpuset.memory_pressure\x00', 0x275a, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x800, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x100, 0xffffffffffffffff}) (async)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r8}, 0x10) (async)
io_uring_setup(0x154c, &(0x7f0000000200)={0x0, 0x20, 0x2, 0x0, 0x0, 0x0, r5})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000280)={0x44, 0x0, &(0x7f0000000500)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000600)={@flat=@weak_binder={0x77622a85, 0x800}, @fd={0x66642a85, 0x0, r7}, @fd={0x66642a85, 0x0, r7}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) (async)
r10 = dup3(r9, r7, 0x0) (async)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$VT_GETSTATE(r11, 0x5603, &(0x7f0000000440)={0xf36, 0x8860, 0x8}) (async)
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs2/custom1\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r12, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r12, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x100}) (async)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})

1.373583563s ago: executing program 8 (id=1487):
r0 = socket$inet(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x2a, 0x0, &(0x7f0000000340))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000005c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000004}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x4}]}}}]}, 0x48}}, 0x0)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000040))
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r2, 0x4b52, &(0x7f0000000040)={0x0, 0x0})
syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$isdn_base(0x22, 0x3, 0x0)
close_range(r4, r5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, @empty, @empty, 0x8, 0x80, 0xfee6, 0x20000000}})

1.292142774s ago: executing program 8 (id=1489):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000100)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x37, 0x65, 0x70, 0x2d, 0x25, 0x39]}}]})
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) (async)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'ip6gretap0\x00', &(0x7f0000000000)=@ethtool_rxnfc={0x2a, 0x0, 0x0, {0x0, @tcp_ip6_spec={@local, @private1}, {0x0, @link_local}, @tcp_ip6_spec={@private1, @ipv4={'\x00', '\xff\xff', @loopback}}}}})
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (async)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

1.012190717s ago: executing program 9 (id=1496):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40)
close(0xffffffffffffffff)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d0000be"], 0x1c}}, 0x0)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
modify_ldt$read_default(0x2, 0x0, 0x17)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x8}, {}, {0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="660f72d4013e440f09de3ec4e1fa16c9b9c80258000f322e65400f01c20f300f07460f30c4c1316c0e", 0x29}], 0x1, 0x0, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r4 = semget$private(0x0, 0x3, 0x420)
semop(r4, &(0x7f0000001140)=[{0x0, 0x8, 0x1000}], 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

941.514338ms ago: executing program 7 (id=1498):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) (async)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) (async)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x1, &(0x7f0000000200)=[{0x6}]}) (async)
unshare(0x68060200)

880.35266ms ago: executing program 9 (id=1502):
getpriority(0x2, 0x0) (async, rerun: 64)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0x2}}}, 0x24}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newtfilter={0x14c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x8}, {}, {0x5}}, [@filter_kind_options=@f_route={{0xa}, {0x11c, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0xeb}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_TO={0x8, 0x2, 0xb9}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x7f}, @TCA_ROUTE4_ACT={0xf8, 0x6, [@m_ct={0xf4, 0x9, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @mcast2}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @private0}]}, {0xa1, 0x6, "86fdc04873791388dae99a49b63559d83e2aa3ef869cc7885e0b0708d775f66817df3e7d54fe6cdaa81e09bec3577152d6f33ec022269a4aea0f5c798c6ab987fcc5e68f671a0bfd5d57772c6c286713ace9c73f902f898bc45311e0e602d3fa09e53736a5a98e8ed08a8e4ccf51a7ba05f492eefdcd2ffa54d60156c7caccac1c2b5f46e06fdb77e70ca0f4e43f986f60b957947ec735c414b62fd6e5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}]}, 0x14c}}, 0x0) (async, rerun: 64)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
r2 = socket$inet(0x2, 0xa, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0}) (async)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ppoll(&(0x7f0000000040)=[{r6, 0xa1c2}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$vim2m_VIDIOC_EXPBUF(r6, 0xc0405610, &(0x7f0000000180)={0x2}) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) (async)
r7 = socket$inet(0x2, 0x3, 0x33) (async)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r8, 0xc040565f, &(0x7f0000000000)={0x2, 0x100, 0x6, {0x0, 0x3, 0xffff, 0x3}})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async)
getsockopt$inet_mreqsrc(r7, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) (async, rerun: 32)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000740)='cgroup2\x00', 0x0, 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r9 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r9, &(0x7f0000001fc0)=""/184, 0x20002078)

880.223115ms ago: executing program 7 (id=1503):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) (async)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x2, 0x103) (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
socket(0x1, 0x6, 0x1)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='ext4\x00', 0x0, &(0x7f00000002c0)='grpquota')

822.352136ms ago: executing program 9 (id=1505):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) (fail_nth: 7)

702.018473ms ago: executing program 9 (id=1508):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) (fail_nth: 2)

581.133302ms ago: executing program 9 (id=1510):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1a, 0x3, &(0x7f0000000140)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = dup(r1)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000180)={0x46d60545cb775461, 0x1000})

580.983558ms ago: executing program 1 (id=1511):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40)
close(0xffffffffffffffff)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc491c6170000501d0000be"], 0x1c}}, 0x0)
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
modify_ldt$read_default(0x2, 0x0, 0x17)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x8}, {}, {0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="660f72d4013e440f09de3ec4e1fa16c9b9c80258000f322e65400f01c20f300f07460f30c4c1316c0e", 0x29}], 0x1, 0x0, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semget$private(0x0, 0x3, 0x420)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

432.748133ms ago: executing program 8 (id=1512):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000080)=@e={0xff, 0x9, 0x0, 0x0, @SEQ_NOTEON=@special, 0x0, 0x0, 0x4})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x2, 0x6, 0x301, 0x0, 0x0, {0x3, 0x0, 0x7}, [@IPSET_ATTR_REVISION={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x40004)
socket$alg(0x26, 0x5, 0x0)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="ee24b270992870e0f49a8b3f05f0e51c000000070605000400200700"/40], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

431.535058ms ago: executing program 8 (id=1513):
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0xe}}, './file0\x00'})
write$6lowpan_control(r0, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:11 0', 0x1b) (async)
sendmsg$IPSET_CMD_DEL(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0xa, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x1000}, 0x800) (async)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000001c0)={<r2=>0x0, 0x3}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000240)={r2, 0x64e4, 0x5, [0x6, 0x3, 0x6, 0x745, 0x8]}, &(0x7f0000000280)=0x12)
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f00000002c0)=0x5) (async)
fchmod(r1, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), r1)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x30, r3, 0x4, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4040040}, 0x800) (async, rerun: 32)
ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, &(0x7f0000000440)=0x7) (rerun: 32)
sendmsg$TIPC_CMD_SET_LINK_TOL(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x68, r3, 0x4, 0x70bd26, 0x25dfdbff, {{}, {}, {0x4c, 0x18, {0x4, @link='syz0\x00'}}}, ["", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4000008}, 0x24004040) (async)
getsockopt$llc_int(r1, 0x10c, 0x6, &(0x7f00000005c0), &(0x7f0000000600)=0x4)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000640))
connect$802154_dgram(r1, &(0x7f0000000680)={0x24, @none={0x0, 0xffff}}, 0x14) (async, rerun: 64)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f00000006c0)={r2, 0x6}, 0x8) (async, rerun: 64)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000700)=0x20, 0x4) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000780), r1)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x24, r5, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1b51}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4001) (async)
ioctl$KDSKBLED(r1, 0x4b65, 0x3100) (async)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000880)={{{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4e21, 0x0, 0x4e20, 0x0, 0xa, 0x20, 0x80, 0x5e}, {0x2, 0x9, 0x7, 0x0, 0x8, 0x8001, 0xc, 0x1}, {0x0, 0x5, 0x1, 0xd}, 0x2, 0x6e6bb4, 0x2, 0x1, 0x6, 0x1}, {{@in=@broadcast, 0x4d5, 0x2b}, 0xa, @in=@multicast2, 0x3501, 0x3, 0x1, 0xa, 0x5, 0x3, 0x1}}, 0xe8) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000001180)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001140)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELTABLE={0x2c, 0x2, 0xa, 0x301, 0x0, 0x0, {0x49804ea9a2ec1f44, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3b0, 0x6, 0xa, 0x701, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_RULE_USERDATA={0x5e, 0x7, 0x1, 0x0, "d8a0700dfb11e4e8ed30c5055f12443d8275a9d0bf79c39fd31cefa5019d19ada0a4d7b88ba08a11a773009d41324127fd2f043dac7ab38eaf8767c2931e3811546ba3cac53435efb55f1858a3f3849e39c108da693fd0f877ed"}, @NFTA_RULE_COMPAT={0x24, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xc}]}, @NFTA_RULE_USERDATA={0x8f, 0x7, 0x1, 0x0, "c06d91c3daa543b2241791f2579f29e902ed66a69a79baf4df0e666d97748c45c80807176ec2a9de742764c369dcc31ceaad15afc1e274befc77ff23d56f77a51b1da9e1a5b48ca4c474c2797422de46004d6e8582b8705a8f48c79ea605414a55d89398f87763053a9f094bc42b08f00828e513b8c0914aea3c6e92ec904a39ef3f8bf16e0faeaec77118"}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x80000000}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_RULE_USERDATA={0xaf, 0x7, 0x1, 0x0, "d0752988503090faae7e318a32c9846b29716d1a83ecca4658a6772bc75ad1361e2f696aa9dc010ec0aefc2b09a343220968ef04e46c9ba67c8adfcd72e7cc30a600abfd796ed3e8ed4e1b9a8514c83052621a6649456c221c29302b5969689c29a54d81ea18acee5b0a5beaacf33aa0c549ae625231ec9d1c5da42647cd61c684ce3160dd85acf70aceb96acb5212ca75fcb8895cb83800cbc4ecbd15cd6cca78c142f7ad3daf22f7ffcd"}, @NFTA_RULE_EXPRESSIONS={0x1b4, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}, {0x28, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x40, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}]}}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}, {0x54, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4b}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x30}, @NFTA_REDIR_FLAGS={0x8}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x9}]}}}, {0xc, 0x1, 0x0, 0x1, @dup={{0x8}, @void}}, {0x54, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}, {0x50, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x16}]}}}]}]}, @NFT_MSG_NEWFLOWTABLE={0x1e8, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0x1a0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'erspan0\x00'}, {0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'vcan0\x00'}, {0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'vxcan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'dvmrp0\x00'}, {0x14, 0x1, 'batadv_slave_0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}, {0x14, 0x1, 'veth1_to_team\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond0\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'ip6tnl0\x00'}, {0x14, 0x1, 'veth1_to_team\x00'}, {0x14, 0x1, 'syzkaller1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'virt_wifi0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x912b}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}]}, @NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x40}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @match={{0xa}, @void}}, @NFTA_SET_POLICY={0x8}]}, @NFT_MSG_DELOBJ={0xf8, 0x14, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_USERDATA={0x96, 0x8, "25d9a23be7ff0b881185bbf4636273e05712ff4a83fc26a87a8de7a2e14685fa7fdbf3061d1846625454f7c16d12f535615e1e6b7be5ac4ab89dffa9dce90bfde911ddc624bff1a19ed40a55349b9134928ff9ae04c3617d25737ba3e4a74c787f438454fd5151454b8a493d75dbffdac28382da1eeaea005b8bd26c14562032ee3740be968f5181da0666303e59530e882c"}]}, @NFT_MSG_DELCHAIN={0x50, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_COUNTERS={0x28, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7}, @NFTA_COUNTER_PACKETS={0xc}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x768}, 0x1, 0x0, 0x0, 0x4000}, 0x4080) (async)
r7 = socket$unix(0x1, 0x1, 0x0) (async)
getpeername$packet(r1, &(0x7f00000011c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001200)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000012c0)={'ip6tnl0\x00', &(0x7f0000001240)={'syztnl2\x00', r8, 0x29, 0x0, 0x16, 0x0, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x40, 0xf841, 0x3, 0x16c}}) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000001340)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000001440)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001400)={&(0x7f0000001380)={0x4c, r5, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r9}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x7}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400d000}, 0x8014)
ioctl$int_in(r6, 0x5452, &(0x7f0000001480)=0x3)

382.766073ms ago: executing program 8 (id=1514):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) (async)
sendmmsg(r0, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000040)="35b08730abfdc70c7e7388", 0xb}], 0x1}}], 0x1, 0x2c000011)

382.423001ms ago: executing program 1 (id=1515):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x23)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
readv(r6, &(0x7f0000003300)=[{&(0x7f0000000180)=""/194, 0xc2}], 0x1)
fcntl$setsig(r5, 0xa, 0xb)
readv(r4, 0x0, 0x0)
read$char_usb(r3, &(0x7f00000001c0)=""/4068, 0xfe4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x60}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0xfffffff7, 0x0, 0x6})
sendto$packet(r2, &(0x7f0000000180)='`', 0x1, 0x0, &(0x7f0000000240)={0x2f, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)

280.609223ms ago: executing program 9 (id=1516):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024a0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x9e88)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000005200010000000000000000000200000008000100", @ANYRES32], 0x1c}}, 0x0)
write$char_usb(r1, &(0x7f0000000180)='0', 0xfe64)
syz_usb_control_io$uac1(r0, &(0x7f0000000100)={0x14, &(0x7f0000000000)={0x40, 0x1, 0x8a, {0x8a, 0xd, "d7f57770f3566a65a3cc63f745c2d4f1e78bdac0622d289938036153c41e42544843cff70d6986b1b2694874f2dfd7015166e726d4354705d210dc40f9a3d7321f3abae18c905a7d4805c383d8ee91356b8f282e3fd3a11cb7381974b079ab205581745bde907a4261fb63caf1f1c38fd8ee932622ea768946076759493a622624caf1d0359aad21"}}, &(0x7f00000000c0)={0x0, 0x3, 0x33, @string={0x33, 0x3, "047b1e9b686d0aea63cd53625dbf37923e8345ebd91d904a60b747b84fe0680f8dbc5603fedc8bd8e90386fe4308a1e047"}}}, &(0x7f0000000400)={0x44, &(0x7f00000001c0)={0x20, 0x0, 0x47, "ff37ced16ddeceeea4ec7b626c53695f8fc8f8b74827c009de30c6af58bbd83941840ab2844d893bf576aa4aa812f0c17c6015013f4a144a52062c5cc96b9e9de6de734f2a78b5"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0xfe}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000002c0)={0x20, 0x81, 0x2, "0bfc"}, &(0x7f0000000300)=ANY=[@ANYBLOB="20d708946c20d5"], &(0x7f0000000340)={0x20, 0x83, 0x2, "f0b6"}, &(0x7f0000000380)={0x20, 0x84, 0x3, "f80fbe"}, &(0x7f00000003c0)={0x20, 0x85, 0x3, "ed460b"}})

279.075588ms ago: executing program 8 (id=1517):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) (fail_nth: 8)

223.003952ms ago: executing program 1 (id=1518):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, 0x0, 0x0)

222.851693ms ago: executing program 1 (id=1519):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)

186.707825ms ago: executing program 1 (id=1520):
pipe2$watch_queue(&(0x7f0000000080)={<r0=>0xffffffffffffffff}, 0x80)
r1 = syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r2}, 0x9)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x600000, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x4210}, {r1, 0x100}, {r2, 0x280}, {r4, 0x1206}, {r5, 0x228}], 0x5, &(0x7f0000000140)={0x77359400}, &(0x7f0000000180)={[0x6]}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000240), 0x520068, &(0x7f0000000c00)=ANY=[@ANYRES32=r3])
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000280))
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

2.73391ms ago: executing program 7 (id=1521):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

464.16µs ago: executing program 1 (id=1522):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0x9e20, 0xc, 0x134, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x500000000000000)

0s ago: executing program 7 (id=1523):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x30, r1, 0x1, 0x70bd2a, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa}]}, 0x30}}, 0x0) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000040601020000000000000000020000000500010007000000"], 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

s leftover after parsing attributes in process `syz.0.893'.
[  100.118275][ T9411] netlink: 8 bytes leftover after parsing attributes in process `syz.6.897'.
[  100.151547][ T9415] netlink: 12 bytes leftover after parsing attributes in process `syz.0.898'.
[  100.154238][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  100.255355][  T828] usb 8-1: USB disconnect, device number 4
[  100.266052][ T9427] netlink: 'syz.0.901': attribute type 9 has an invalid length.
[  100.266052][ T9426] netlink: 'syz.0.901': attribute type 9 has an invalid length.
[  100.266067][ T9426] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.901'.
[  100.268042][ T9427] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.901'.
[  100.363611][ T9434] 9p: Unknown uid 00000000004294967295
[  100.376497][ T9437] netlink: 24 bytes leftover after parsing attributes in process `syz.6.904'.
[  100.532945][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  100.546856][ T9452] veth0: entered allmulticast mode
[  100.709145][ T9475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.916'.
[  100.714474][ T9477] overlayfs: failed to resolve './file0': -2
[  100.794749][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  100.816643][ T9491] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  100.876628][ T9503] netlink: 'syz.2.925': attribute type 11 has an invalid length.
[  100.985857][ T9517] kvm: user requested TSC rate below hardware speed
[  100.990649][ T9517] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  100.997461][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d
[  101.089247][ T9536] syz.6.938: attempt to access beyond end of device
[  101.089247][ T9536] sr0: rw=0, sector=64, nr_sectors = 4 limit=0
[  101.138028][ T9542] 9p: Unknown Cache mode or invalid value mmap"
[  101.143373][ T9536] syz.6.938: attempt to access beyond end of device
[  101.143373][ T9536] sr0: rw=0, sector=1024, nr_sectors = 4 limit=0
[  101.146682][ T9536] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  101.149156][ T9536] syz.6.938: attempt to access beyond end of device
[  101.149156][ T9536] sr0: rw=0, sector=2048, nr_sectors = 4 limit=0
[  101.153422][ T9536] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  101.155955][ T9536] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  101.157849][ T9536] UDF-fs: Scanning with blocksize 2048 failed
[  101.160460][ T9536] syz.6.938: attempt to access beyond end of device
[  101.160460][ T9536] sr0: rw=0, sector=64, nr_sectors = 8 limit=0
[  101.200420][ T9536] syz.6.938: attempt to access beyond end of device
[  101.200420][ T9536] sr0: rw=0, sector=2048, nr_sectors = 8 limit=0
[  101.204316][ T9536] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=256, location=256
[  101.206839][ T9536] syz.6.938: attempt to access beyond end of device
[  101.206839][ T9536] sr0: rw=0, sector=4096, nr_sectors = 8 limit=0
[  101.210184][ T9536] UDF-fs: error (device sr0): udf_read_tagged: read failed, block=512, location=512
[  101.212544][ T9536] UDF-fs: warning (device sr0): udf_load_vrs: No anchor found
[  101.214588][ T9536] UDF-fs: Scanning with blocksize 4096 failed
[  101.217014][ T9536] UDF-fs: warning (device sr0): udf_fill_super: No partition found (1)
[  101.245930][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  101.245940][   T39] audit: type=1400 audit(1731554854.283:49532): avc:  denied  { ioctl } for  pid=9547 comm="syz.0.942" path="socket:[28444]" dev="sockfs" ino=28444 ioctlcmd=0x4947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  101.282481][   T39] audit: type=1400 audit(1731554854.323:49533): avc:  denied  { write } for  pid=9532 comm="syz.2.936" name="task" dev="proc" ino=29479 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  101.288223][   T39] audit: type=1400 audit(1731554854.323:49534): avc:  denied  { add_name } for  pid=9532 comm="syz.2.936" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  101.293374][   T39] audit: type=1400 audit(1731554854.323:49535): avc:  denied  { create } for  pid=9532 comm="syz.2.936" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  101.298588][   T39] audit: type=1400 audit(1731554854.323:49536): avc:  denied  { associate } for  pid=9532 comm="syz.2.936" name="cpu.stat" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  101.299610][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  101.325257][ T9556] sch_tbf: peakrate 9 is lower than or equals to rate 3486 !
[  101.378542][   T39] audit: type=1400 audit(1731554854.413:49537): avc:  denied  { ioctl } for  pid=9557 comm="syz.6.944" path="socket:[30943]" dev="sockfs" ino=30943 ioctlcmd=0x941b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  101.417491][ T9570] kvm: pic: non byte write
[  101.449624][   T55] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  101.601199][   T55] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  101.604042][   T55] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.608264][   T55] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  101.611584][   T55] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  101.614205][   T55] usb 8-1: Manufacturer: syz
[  101.624285][   T55] usb 8-1: config 0 descriptor??
[  101.669619][   T55] rc_core: IR keymap rc-hauppauge not found
[  101.671652][   T55] Registered IR keymap rc-empty
[  101.675126][   T55] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0
[  101.679304][   T55] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input16
[  101.887877][ T9586] input: syz1 as /devices/virtual/input/input17
[  101.916397][   T55] usb 8-1: USB disconnect, device number 5
[  101.961219][ T9588] netlink: 'syz.2.951': attribute type 10 has an invalid length.
[  101.970052][ T9588] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  102.144706][ T5943] Bluetooth: hci0: Malformed LE Event: 0x0d
[  102.370399][   T39] audit: type=1400 audit(1731554855.413:49538): avc:  denied  { read } for  pid=9601 comm="syz.2.956" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  102.430634][   T39] audit: type=1400 audit(1731554855.473:49539): avc:  denied  { unmount } for  pid=7594 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  102.502225][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  102.555729][   T39] audit: type=1400 audit(1731554855.593:49540): avc:  denied  { ioctl } for  pid=9630 comm="syz.3.964" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xf50f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  102.670849][   T39] audit: type=1400 audit(1731554855.713:49541): avc:  denied  { ioctl } for  pid=9643 comm="syz.2.968" path="socket:[30210]" dev="sockfs" ino=30210 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  102.685318][ T9644] ipvlan2: entered promiscuous mode
[  102.688867][ T9644] batman_adv: batadv0: Adding interface: ipvlan2
[  102.690841][ T9644] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.697481][ T9644] batman_adv: batadv0: Interface activated: ipvlan2
[  102.802555][ T9651] vxlan1: entered allmulticast mode
[  103.226273][ T5943] bt_err_ratelimited: 14 callbacks suppressed
[  103.226285][ T5943] Bluetooth: hci3: adv larger than maximum supported
[  103.227894][ T5943] Bluetooth: hci3: adv larger than maximum supported
[  103.229708][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  103.542399][ T5943] Bluetooth: hci3: adv larger than maximum supported
[  103.542416][ T5943] Bluetooth: hci3: adv larger than maximum supported
[  103.544083][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  103.668762][ T9691] Mount JFS Failure: -22
[  103.811184][ T9706] __nla_validate_parse: 8 callbacks suppressed
[  103.811195][ T9706] netlink: 12 bytes leftover after parsing attributes in process `syz.6.988'.
[  103.828950][ T9703] CIFS mount error: No usable UNC path provided in device string!
[  103.828950][ T9703] 
[  103.831487][ T9703] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  103.860994][ T5943] Bluetooth: hci0: adv larger than maximum supported
[  103.861010][ T5943] Bluetooth: hci0: adv larger than maximum supported
[  103.862700][ T5943] Bluetooth: hci0: Malformed LE Event: 0x0d
[  103.936757][ T9710] kvm: pic: single mode not supported
[  103.938954][ T9710] kvm: pic: non byte write
[  103.942439][ T9710] kvm: pic: non byte write
[  103.947510][ T9710] kvm: pic: non byte write
[  103.948919][ T9710] kvm: pic: non byte write
[  103.950359][ T9710] kvm: pic: single mode not supported
[  103.950525][ T9710] kvm: pic: level sensitive irq not supported
[  103.954452][ T9710] kvm: pic: non byte write
[  103.957442][ T9710] kvm: pic: non byte write
[  103.974697][ T9710] kvm: pic: non byte read
[  104.159655][ T1482] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  104.319672][ T1482] usb 7-1: Using ep0 maxpacket: 8
[  104.324090][ T1482] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  104.327407][ T1482] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  104.330595][ T1482] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  104.333573][ T1482] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  104.336677][ T1482] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  104.341228][ T1482] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  104.343553][ T1482] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.553178][ T1482] usb 7-1: GET_CAPABILITIES returned 0
[  104.556308][ T1482] usbtmc 7-1:16.0: can't read capabilities
[  104.619806][ T9731] sockfs: Unknown parameter 'grpquota'
[  104.804624][    T8] usb 7-1: USB disconnect, device number 12
[  105.148150][ T9737] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  105.160139][ T9737] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  105.353083][ T5943] Bluetooth: hci0: adv larger than maximum supported
[  105.353129][ T5943] Bluetooth: hci0: adv larger than maximum supported
[  105.355684][ T5943] Bluetooth: hci0: Malformed LE Event: 0x0d
[  105.869614][   T63] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  105.909586][   T55] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  106.022494][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.026173][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.029386][   T63] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  106.033528][   T63] usb 8-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00
[  106.036296][   T63] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.040469][   T63] usb 8-1: config 0 descriptor??
[  106.062652][   T55] usb 7-1: config 0 has no interfaces?
[  106.064174][   T55] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  106.066907][   T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.078359][   T55] usb 7-1: config 0 descriptor??
[  106.224268][ T5943] Bluetooth: hci3: adv larger than maximum supported
[  106.224288][ T5943] Bluetooth: hci3: Malformed LE Event: 0x0d
[  106.283693][   T55] usb 7-1: USB disconnect, device number 13
[  106.319375][ T9777] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.401272][ T9777] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.413795][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  106.413805][   T39] audit: type=1400 audit(1731554859.453:49552): avc:  denied  { map } for  pid=9780 comm="syz.0.1014" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  106.421386][   T39] audit: type=1400 audit(1731554859.453:49553): avc:  denied  { execute } for  pid=9780 comm="syz.0.1014" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  106.456767][ T9777] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.459378][   T63] wacom 0003:056A:0043.0006: Unknown device_type for 'HID 056a:0043'. Assuming pen.
[  106.465765][   T63] wacom 0003:056A:0043.0006: hidraw1: USB HID v0.00 Device [HID 056a:0043] on usb-dummy_hcd.3-1/input0
[  106.471675][   T63] input: Wacom Intuos2 9x12 Pen as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:056A:0043.0006/input/input18
[  106.517112][ T9777] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.597752][   T39] audit: type=1400 audit(1731554859.633:49554): avc:  denied  { create } for  pid=9790 comm="syz.0.1016" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  106.604396][   T39] audit: type=1400 audit(1731554859.633:49555): avc:  denied  { write } for  pid=9790 comm="syz.0.1016" name="file0" dev="tmpfs" ino=1315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  106.611794][   T39] audit: type=1400 audit(1731554859.633:49556): avc:  denied  { open } for  pid=9790 comm="syz.0.1016" path="/239/file0" dev="tmpfs" ino=1315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  106.617609][   T39] audit: type=1400 audit(1731554859.643:49557): avc:  denied  { ioctl } for  pid=9790 comm="syz.0.1016" path="/239/file0" dev="tmpfs" ino=1315 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  106.644137][ T9791] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  106.647612][ T9777] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.650340][   T39] audit: type=1400 audit(1731554859.693:49558): avc:  denied  { write } for  pid=5344 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  106.655698][   T39] audit: type=1400 audit(1731554859.693:49559): avc:  denied  { remove_name } for  pid=5344 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  106.656516][ T9777] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.663348][   T39] audit: type=1400 audit(1731554859.693:49560): avc:  denied  { rename } for  pid=5344 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  106.668212][ T9777] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.669391][   T39] audit: type=1400 audit(1731554859.693:49561): avc:  denied  { add_name } for  pid=5344 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  106.674845][ T9777] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.686689][ T9764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.691602][ T9764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.797233][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.799146][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.802878][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.804785][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.806650][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.808488][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.810871][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.812760][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.814592][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.816433][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.818294][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.820723][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.822594][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.824429][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.826261][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.828058][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.830072][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.832449][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.834338][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.836878][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.839386][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.842110][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.843939][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.845807][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.847652][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.849732][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.851603][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.853416][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.855311][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.858415][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.860647][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.862530][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.864407][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.866316][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.868182][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.870284][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.872114][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.873971][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.875875][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.877704][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.879599][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.881408][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.883261][   T63] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  106.889252][   T63] hid-generic 0000:0000:0000.0007: hidraw2: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  106.957540][ T5943] Bluetooth: hci0: adv larger than maximum supported
[  106.957557][ T5943] Bluetooth: hci0: Malformed LE Event: 0x0d
[  106.960081][ T9822] batadv_slave_1: entered promiscuous mode
[  106.963879][ T9822] batadv_slave_1: left promiscuous mode
[  106.967427][ T9822] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1024'.
[  106.967765][ T1482] usb 8-1: USB disconnect, device number 6
[  107.022795][ T9829] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  107.022805][ T9830] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  107.027240][ T9829] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  107.031098][ T9832] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  107.051368][ T9832] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1027'.
[  107.088710][ T9839] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  107.088710][ T9839]    program syz.0.1030 not setting count and/or reply_len properly
[  107.093117][ T9841] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  107.111304][ T9842] netlink: 16126 bytes leftover after parsing attributes in process `syz.2.1027'.
[  107.113599][ T9842] netlink: 183228 bytes leftover after parsing attributes in process `syz.2.1027'.
[  107.271064][ T9866] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1037'.
[  107.273407][ T9866] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1037'.
[  107.511405][ T9874] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1042'.
[  107.513767][ T9874] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1042'.
[  107.686959][ T9882] veth0_vlan: left allmulticast mode
[  107.783470][ T9897] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1049'.
[  107.788442][ T9897] netlink: 'syz.3.1049': attribute type 10 has an invalid length.
[  107.790937][ T9897] bridge0: left allmulticast mode
[  107.792923][ T9897] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.794691][ T9897] bridge0: port 2(bridge_slave_1) entered listening state
[  107.796557][ T9897] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.798348][ T9897] bridge0: port 1(bridge_slave_0) entered listening state
[  107.803040][ T9897] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  107.940394][ T9900] kvm: kvm [9888]: vcpu0, guest rIP: 0x1b Unhandled WRMSR(0xc1) = 0xd
[  107.943012][ T9900] kvm: kvm [9888]: vcpu0, guest rIP: 0x1d Unhandled WRMSR(0xc1) = 0xd
[  108.007019][ T9905] tc_dump_action: action bad kind
[  108.142901][ T9913] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60032 sclass=netlink_route_socket pid=9913 comm=syz.3.1055
[  108.205146][ T9925] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  108.208732][ T9925] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  108.524857][ T9953] syzkaller0: entered allmulticast mode
[  108.594494][ T9953] input: syz1 as /devices/virtual/input/input21
[  108.835001][ T9969] netlink: 'syz.0.1075': attribute type 13 has an invalid length.
[  108.839127][ T9969] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  108.842895][ T9969] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  108.844881][ T9969] gretap1: entered promiscuous mode
[  108.846301][ T9969] gretap1: entered allmulticast mode
[  108.849185][ T9970] netlink: 'syz.0.1075': attribute type 13 has an invalid length.
[  108.876611][ T9976] rdma_op ffff88804e9071f0 conn xmit_rdma 0000000000000000
[  108.893827][ T9978] __nla_validate_parse: 2 callbacks suppressed
[  108.893837][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1078'.
[  108.897637][ T9978] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1078'.
[  108.948823][ T9984] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1080'.
[  109.025275][   T57] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  109.029304][   T57] hid-generic 0000:0000:0000.0008: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  109.888098][T10005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1086'.
[  109.898295][T10010] binder: BINDER_SET_CONTEXT_MGR already set
[  109.917965][T10010] binder: 10009:10010 ioctl 4018620d 20000100 returned -16
[  109.919883][T10010] binder: BINDER_SET_CONTEXT_MGR already set
[  109.921363][T10010] binder: 10009:10010 ioctl 4018620d 20000100 returned -16
[  109.923182][T10010] binder: BINDER_SET_CONTEXT_MGR already set
[  109.924646][T10010] binder: 10009:10010 ioctl 4018620d 20000100 returned -16
[  110.089637][   T57] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  110.199675][ T1482] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  110.240987][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 32, changing to 9
[  110.244042][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.246935][   T57] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[  110.249241][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.252822][   T57] usb 5-1: config 0 descriptor??
[  110.359647][ T1482] usb 7-1: Using ep0 maxpacket: 8
[  110.362785][ T1482] usb 7-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  110.365858][ T1482] usb 7-1: config 2 interface 0 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  110.370406][ T1482] usb 7-1: config 2 interface 0 has no altsetting 0
[  110.374440][ T1482] usb 7-1: New USB device found, idVendor=04e2, idProduct=1411, bcdDevice=ca.10
[  110.377123][ T1482] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.379407][ T1482] usb 7-1: Product: syz
[  110.380793][ T1482] usb 7-1: Manufacturer: syz
[  110.382147][ T1482] usb 7-1: SerialNumber: syz
[  110.457336][   T57] usbhid 5-1:0.0: can't add hid device: -71
[  110.459000][   T57] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  110.462439][   T57] usb 5-1: USB disconnect, device number 4
[  110.596864][ T1482] usb 7-1: USB disconnect, device number 14
[  110.840764][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.844138][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.846823][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.849452][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.852042][T10055] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.854690][T10055] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.858932][T10055] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.862254][T10055] batadv_slave_0: entered promiscuous mode
[  112.114064][T10092] netlink: 236 bytes leftover after parsing attributes in process `syz.2.1103'.
[  112.179887][ T5954] Bluetooth: hci3: command 0x0406 tx timeout
[  112.207213][T10101] IPv6: sit1: Disabled Multicast RS
[  112.209911][T10101] sit1: entered allmulticast mode
[  112.215394][T10103] xt_hashlimit: size too large, truncated to 1048576
[  112.265813][T10103] xt_CT: No such helper "syz1"
[  112.567505][T10120] misc userio: No port type given on /dev/userio
[  112.667440][T10121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.674191][T10121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.679527][T10121] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  112.683278][T10121] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.685154][T10121] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.688882][T10121] bond0 (unregistering): Released all slaves
[  112.792478][ T5943] Bluetooth: hci0: unexpected event for opcode 0x0000
[  112.814287][T10128] No such timeout policy "syz1"
[  112.835464][   T39] kauditd_printk_skb: 29 callbacks suppressed
[  112.835475][   T39] audit: type=1400 audit(1731554865.873:49591): avc:  denied  { map } for  pid=10125 comm="syz.3.1114" path="/dev/ptyqa" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  112.876127][T10140] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'.
[  112.880611][T10140] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  112.883117][T10140] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  112.885910][T10140] bridge3: entered promiscuous mode
[  112.921742][T10145] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  112.996802][T10156] (syz.2.1123,10156,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  112.999446][T10156] (syz.2.1123,10156,1):ocfs2_fill_super:1178 ERROR: status = -22
[  113.030860][T10156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1123'.
[  113.077633][T10160] input: syz0 as /devices/virtual/input/input22
[  113.850856][T10184] netlink: 'syz.2.1125': attribute type 11 has an invalid length.
[  113.852875][T10184] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.1125'.
[  113.855285][T10184] openvswitch: netlink: Message has 8 unknown bytes.
[  113.904676][   T39] audit: type=1400 audit(1731554866.943:49592): avc:  denied  { write } for  pid=10187 comm="syz.2.1126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  113.955565][   T39] audit: type=1400 audit(1731554866.993:49593): avc:  denied  { bind } for  pid=10196 comm="syz.3.1128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  113.991011][   T39] audit: type=1400 audit(1731554867.033:49594): avc:  denied  { listen } for  pid=10205 comm="syz.2.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  113.997576][   T39] audit: type=1400 audit(1731554867.033:49595): avc:  denied  { accept } for  pid=10205 comm="syz.2.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.000791][T10206] xt_connbytes: Forcing CT accounting to be enabled
[  114.004716][T10206] No such timeout policy "syz0"
[  114.067614][T10221] hpfs: Bad magic ... probably not HPFS
[  114.299047][T10244] netlink: 'syz.0.1139': attribute type 1 has an invalid length.
[  114.433163][T10258] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  114.435794][T10258] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  114.440479][T10258] bond1: (slave vxcan3): making interface the new active one
[  114.442968][T10258] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  114.490484][T10269] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1143'.
[  114.530638][T10271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1144'.
[  114.565241][   T39] audit: type=1400 audit(1731554867.603:49596): avc:  denied  { mount } for  pid=10272 comm="syz.2.1145" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  114.572372][   T39] audit: type=1400 audit(1731554867.603:49597): avc:  denied  { search } for  pid=10272 comm="syz.2.1145" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  114.579733][   T39] audit: type=1400 audit(1731554867.603:49598): avc:  denied  { read } for  pid=10272 comm="syz.2.1145" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  114.586828][   T39] audit: type=1400 audit(1731554867.603:49599): avc:  denied  { open } for  pid=10272 comm="syz.2.1145" path="/302/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  114.595238][   T39] audit: type=1400 audit(1731554867.623:49600): avc:  denied  { unmount } for  pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  114.761000][T10278] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  114.762716][T10278] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  114.764289][T10278] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  114.765831][T10278] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  114.772641][T10278] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  114.997469][T10285] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1150'.
[  115.468755][T10303] bridge0: entered allmulticast mode
[  115.707218][T10332] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10332 comm=syz.3.1164
[  115.863516][T10341] netlink: 'syz.3.1168': attribute type 11 has an invalid length.
[  115.865685][T10341] netlink: 196784 bytes leftover after parsing attributes in process `syz.3.1168'.
[  115.951123][T10342] kvm: pic: non byte write
[  115.963609][T10342] kvm: pic: non byte write
[  115.993074][   T57] hid (null): report_id 2445601295 is invalid
[  115.994728][   T57] hid (null): report_id 0 is invalid
[  115.996457][   T57] hid (null): global environment stack underflow
[  115.998115][   T57] hid (null): unknown global tag 0xe
[  116.004034][   T57] hid-generic 2BD5:3849DFF5:F76C68F0.0009: report_id 2445601295 is invalid
[  116.006284][   T57] hid-generic 2BD5:3849DFF5:F76C68F0.0009: item 0 4 1 8 parsing failed
[  116.008566][   T57] hid-generic 2BD5:3849DFF5:F76C68F0.0009: probe with driver hid-generic failed with error -22
[  116.364940][ T5943] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  116.369271][ T5943] bt_err_ratelimited: 1 callbacks suppressed
[  116.369282][ T5943] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  116.371456][ T5943] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  116.829790][ T5943] Bluetooth: hci3: command 0x0406 tx timeout
[  116.829821][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[  116.829844][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  117.313654][T10423] netlink: 'syz.0.1190': attribute type 10 has an invalid length.
[  117.448735][T10425] netlink: 133552 bytes leftover after parsing attributes in process `syz.2.1192'.
[  117.492312][T10429] sp0: Synchronizing with TNC
[  117.609896][T10446] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  117.611913][T10446] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  117.614605][T10446] vhci_hcd vhci_hcd.0: Device attached
[  117.622003][T10448] vhci_hcd: cannot find the pending unlink 4095
[  117.741086][T10448] vhci_hcd: connection closed
[  117.745856][   T68] vhci_hcd: stop threads
[  117.748580][   T68] vhci_hcd: release socket
[  117.753300][   T68] vhci_hcd: disconnect device
[  117.870006][T10466] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1204'.
[  117.932210][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  117.932221][   T39] audit: type=1400 audit(1731554870.973:49613): avc:  denied  { bind } for  pid=10472 comm="syz.2.1207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  118.005450][   T39] audit: type=1400 audit(1731554871.043:49614): avc:  denied  { setopt } for  pid=10477 comm="syz.3.1209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  118.067509][   T39] audit: type=1400 audit(1731554871.103:49615): avc:  denied  { connect } for  pid=10484 comm="syz.2.1211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.073719][   T39] audit: type=1400 audit(1731554871.113:49616): avc:  denied  { shutdown } for  pid=10484 comm="syz.2.1211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.079134][   T39] audit: type=1400 audit(1731554871.113:49617): avc:  denied  { read } for  pid=10484 comm="syz.2.1211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  118.126752][T10491] syzkaller0: entered promiscuous mode
[  118.128228][T10491] syzkaller0: entered allmulticast mode
[  118.150027][   T30] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  118.176971][   T39] audit: type=1400 audit(1731554871.213:49618): avc:  denied  { append } for  pid=10495 comm="syz.2.1214" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  118.309657][   T30] usb 5-1: Using ep0 maxpacket: 8
[  118.313430][   T30] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.315389][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  118.318241][   T30] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.334276][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  118.337209][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  118.346755][   T30] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.348771][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  118.351964][   T30] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.365605][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  118.368546][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  118.371575][   T63] usb usb38-port1: attempt power cycle
[  118.373785][   T30] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.375689][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  118.378575][   T30] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.381697][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  118.384478][   T30] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  118.402443][   T30] usb 5-1: string descriptor 0 read error: -22
[  118.404106][   T30] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  118.406422][   T30] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.418139][   T30] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  118.743431][   T30] usb 5-1: USB disconnect, device number 5
[  118.743889][T10500] usb 5-1: Couldn't submit interrupt_out_urb -19
[  118.909670][ T5954] Bluetooth: hci3: command 0x0406 tx timeout
[  118.930118][   T63] usb usb38-port1: unable to enumerate USB device
[  119.378963][ T1239] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  119.590097][T10503] fuse: Bad value for 'group_id'
[  119.591192][T10500] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.591435][T10503] fuse: Bad value for 'group_id'
[  119.597384][T10503] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1215'.
[  119.602541][T10503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1215'.
[  119.634746][   T39] audit: type=1400 audit(1731554872.673:49619): avc:  denied  { mount } for  pid=10504 comm="syz.2.1216" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  119.638730][T10505] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  119.658613][   T39] audit: type=1400 audit(1731554872.693:49620): avc:  denied  { unmount } for  pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  119.680365][T10510] overlayfs: failed to resolve './file0': -2
[  119.692446][T10515] sp0: Synchronizing with TNC
[  119.734640][T10500] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.785079][T10526] raw_sendmsg: syz.2.1221 forgot to set AF_INET. Fix it!
[  119.788681][T10515] CUSE: zero length info key specified
[  119.823725][T10500] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.873141][T10533] SELinux:  policydb string  does not match my string SE Linux
[  119.875196][T10533] SELinux: failed to load policy
[  119.930645][T10537] IPv6: addrconf: prefix option has invalid lifetime
[  119.946434][T10500] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.952576][T10538] netlink: 'syz.2.1224': attribute type 10 has an invalid length.
[  119.956648][T10538] team0: Device batadv0 is already an upper device of the team interface
[  120.014462][T10500] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.024014][T10500] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.031827][T10500] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.036523][T10500] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.067721][T10542] fuse: Unknown parameter 'fd_†)ͦÐ+ùö¼ÚÅN>[2Fb‡íõˆ¨¬Âj½&Ç#°Á4œA×�m™�$ª­<‰°rÏDÝÁŒ0•ù&Ÿ˜I’í‚Ý‹WÞ1?�L#¸¦n1éß‹�›Ä$¤Ÿø†EŠ�j'
[  120.215306][   T39] audit: type=1400 audit(1731554873.253:49621): avc:  denied  { bind } for  pid=10554 comm="syz.3.1232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  120.458199][T10569] VFS: unable to find oldfs superblock on device nullb0
[  120.494702][ T5954] Bluetooth: hci0: Malformed LE Event: 0x0d
[  120.711806][T10581] netlink: 'syz.2.1240': attribute type 1 has an invalid length.
[  120.731401][T10581] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  120.733978][T10581] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  120.738767][T10581] bond1: (slave vxcan3): making interface the new active one
[  120.741680][T10581] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  120.768290][T10587] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  120.769977][T10587] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  120.772424][T10587] vhci_hcd vhci_hcd.0: Device attached
[  120.774867][T10588] vhci_hcd: connection closed
[  120.776366][  T161] vhci_hcd: stop threads
[  120.778685][  T161] vhci_hcd: release socket
[  120.781221][  T161] vhci_hcd: disconnect device
[  120.979717][ T5954] Bluetooth: hci3: command 0x0406 tx timeout
[  121.314970][   T39] audit: type=1400 audit(1731554874.353:49622): avc:  denied  { create } for  pid=10597 comm="syz.2.1244" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  121.328627][    T9] libceph: connect (1)[c::]:6789 error -99
[  121.330554][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  121.373270][   T63] libceph: connect (1)[c::]:6789 error -22
[  121.375369][   T63] libceph: mon0 (1)[c::]:6789 connect error
[  121.448186][T10605] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.1245'.
[  121.451519][T10605] netlink: 4436 bytes leftover after parsing attributes in process `syz.0.1245'.
[  121.558252][T10610] fuse: Bad value for 'group_id'
[  121.559796][T10610] fuse: Bad value for 'group_id'
[  121.592429][    T9] libceph: connect (1)[c::]:6789 error -99
[  121.594023][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  121.630072][   T30] libceph: connect (1)[c::]:6789 error -22
[  121.632947][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  122.102105][T10591] ceph: No mds server is up or the cluster is laggy
[  122.106721][T10599] ceph: No mds server is up or the cluster is laggy
[  122.111729][    T9] libceph: connect (1)[c::]:6789 error -99
[  122.114576][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  122.247974][T10625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1251'.
[  122.579216][T10648] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1255'.
[  122.581675][T10648] openvswitch: netlink: VXLAN extension message has 5 unknown bytes.
[  122.635420][T10653] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1257'.
[  123.323735][T10747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1267'.
[  123.370015][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  123.370026][   T39] audit: type=1804 audit(1731554876.413:49629): pid=10750 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1268" name="/newroot/308/bus/bus" dev="overlay" ino=1707 res=1 errno=0
[  123.579264][   T39] audit: type=1400 audit(1731554876.613:49630): avc:  denied  { map } for  pid=10762 comm="syz.3.1272" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  123.585893][   T39] audit: type=1400 audit(1731554876.613:49631): avc:  denied  { execute } for  pid=10762 comm="syz.3.1272" path="/dev/fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  123.622162][T10761] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  123.626485][T10761] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  123.822492][T10782] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=10782 comm=syz.0.1277
[  124.329438][T10795] input: syz0 as /devices/virtual/input/input23
[  124.427435][T10800] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  124.433098][T10800] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  124.619606][ T1482] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  124.781414][ T1482] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  124.784316][ T1482] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  124.787446][ T1482] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  124.790468][ T1482] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  124.793747][ T1482] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  124.796024][ T1482] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.808809][ T1482] usb 7-1: config 0 descriptor??
[  124.810594][T10797] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  124.858285][   T39] audit: type=1400 audit(1731554877.893:49632): avc:  denied  { getopt } for  pid=10812 comm="syz.3.1287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  124.864427][   T39] audit: type=1400 audit(1731554877.903:49633): avc:  denied  { setattr } for  pid=10812 comm="syz.3.1287" name="PACKET" dev="sockfs" ino=38617 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  124.914872][T10819] 9pnet_virtio: no channels available for device syz
[  124.939071][T10821] xt_HMARK: spi-set and port-set can't be combined
[  125.008570][T10826] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  125.013596][T10826] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  125.123369][T10833] IPv6: sit2: Disabled Multicast RS
[  125.125155][T10833] sit2: entered allmulticast mode
[  125.216714][ T1482] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  125.218654][ T1482] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  125.220878][ T1482] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  125.222927][ T1482] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  125.224946][ T1482] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  125.227316][ T1482] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  125.233306][ T1482] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  125.549655][T10840] overlay: ./file1 is not a directory
[  125.663399][T10842] input: syz0 as /devices/virtual/input/input25
[  125.674569][   T39] audit: type=1400 audit(1731554878.713:49634): avc:  denied  { setopt } for  pid=10841 comm="syz.0.1296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  126.250404][T10857] erspan1: entered promiscuous mode
[  126.298198][T10861] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  126.302757][T10861] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  126.372849][T10865] xt_bpf: check failed: parse error
[  126.388307][T10865] syz.3.1303: attempt to access beyond end of device
[  126.388307][T10865] sr0: rw=0, sector=0, nr_sectors = 8 limit=0
[  126.429564][ T5954] Bluetooth: hci1: adv larger than maximum supported
[  126.429584][ T5954] Bluetooth: hci1: Malformed LE Event: 0x0d
[  126.676178][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1310'.
[  126.861607][T10904] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1319'.
[  126.936108][T10906] syz.0.1320: attempt to access beyond end of device
[  126.936108][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.942539][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.944153][T10906] unable to read squashfs_super_block
[  126.945993][T10906] syz.0.1320: attempt to access beyond end of device
[  126.945993][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.951206][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.953265][T10906] unable to read squashfs_super_block
[  126.956414][T10906] syz.0.1320: attempt to access beyond end of device
[  126.956414][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.960891][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.962998][T10906] unable to read squashfs_super_block
[  126.964743][T10906] syz.0.1320: attempt to access beyond end of device
[  126.964743][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.967995][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.970273][T10906] unable to read squashfs_super_block
[  126.972549][T10906] syz.0.1320: attempt to access beyond end of device
[  126.972549][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.976142][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.977708][T10906] unable to read squashfs_super_block
[  126.979608][T10906] syz.0.1320: attempt to access beyond end of device
[  126.979608][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.982981][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.984575][T10906] unable to read squashfs_super_block
[  126.986283][T10906] syz.0.1320: attempt to access beyond end of device
[  126.986283][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.990254][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.992388][T10906] unable to read squashfs_super_block
[  126.994602][T10906] syz.0.1320: attempt to access beyond end of device
[  126.994602][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  126.997960][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  126.999982][T10906] unable to read squashfs_super_block
[  127.001842][T10906] syz.0.1320: attempt to access beyond end of device
[  127.001842][T10906] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  127.005183][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.006789][T10906] unable to read squashfs_super_block
[  127.008551][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.011154][T10906] unable to read squashfs_super_block
[  127.013245][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.014799][T10906] unable to read squashfs_super_block
[  127.016529][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.018182][T10906] unable to read squashfs_super_block
[  127.020201][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.021875][T10906] unable to read squashfs_super_block
[  127.023585][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.025237][T10906] unable to read squashfs_super_block
[  127.027011][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.028564][T10906] unable to read squashfs_super_block
[  127.030894][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.032924][T10906] unable to read squashfs_super_block
[  127.034581][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.036269][T10906] unable to read squashfs_super_block
[  127.037901][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.039678][T10906] unable to read squashfs_super_block
[  127.041357][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.042959][T10906] unable to read squashfs_super_block
[  127.044793][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.046462][T10906] unable to read squashfs_super_block
[  127.048245][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.050655][T10906] unable to read squashfs_super_block
[  127.052753][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.054430][T10906] unable to read squashfs_super_block
[  127.056105][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.059669][T10906] unable to read squashfs_super_block
[  127.061474][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.063099][T10906] unable to read squashfs_super_block
[  127.064839][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.066477][T10906] unable to read squashfs_super_block
[  127.068214][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.080128][T10906] unable to read squashfs_super_block
[  127.082230][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.083959][T10906] unable to read squashfs_super_block
[  127.085987][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.087636][T10906] unable to read squashfs_super_block
[  127.090948][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.092567][T10906] unable to read squashfs_super_block
[  127.094304][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.095952][T10906] unable to read squashfs_super_block
[  127.097654][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.099255][T10906] unable to read squashfs_super_block
[  127.101003][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.102614][T10906] unable to read squashfs_super_block
[  127.105040][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.106645][T10906] unable to read squashfs_super_block
[  127.108263][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.110265][T10906] unable to read squashfs_super_block
[  127.111915][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.113476][T10906] unable to read squashfs_super_block
[  127.115114][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.116703][T10906] unable to read squashfs_super_block
[  127.118363][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.120654][T10906] unable to read squashfs_super_block
[  127.122383][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.123949][T10906] unable to read squashfs_super_block
[  127.125609][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.127203][T10906] unable to read squashfs_super_block
[  127.128863][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.131731][T10906] unable to read squashfs_super_block
[  127.134032][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.135611][T10906] unable to read squashfs_super_block
[  127.137261][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.138842][T10906] unable to read squashfs_super_block
[  127.140735][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.142320][T10906] unable to read squashfs_super_block
[  127.143957][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.145547][T10906] unable to read squashfs_super_block
[  127.147137][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.148716][T10906] unable to read squashfs_super_block
[  127.150524][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.152135][T10906] unable to read squashfs_super_block
[  127.153836][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.155414][T10906] unable to read squashfs_super_block
[  127.157300][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.158924][T10906] unable to read squashfs_super_block
[  127.160674][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.162359][T10906] unable to read squashfs_super_block
[  127.164072][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.165655][T10906] unable to read squashfs_super_block
[  127.167313][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.168922][T10906] unable to read squashfs_super_block
[  127.171800][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.173410][T10906] unable to read squashfs_super_block
[  127.175118][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.176728][T10906] unable to read squashfs_super_block
[  127.178106][   T39] audit: type=1400 audit(1731554880.213:49635): avc:  denied  { map } for  pid=10915 comm="syz.2.1324" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  127.178461][ T5954] Bluetooth: hci0: adv larger than maximum supported
[  127.184108][ T5954] Bluetooth: hci0: Malformed LE Event: 0x0d
[  127.184692][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.188910][T10906] unable to read squashfs_super_block
[  127.191502][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.193078][T10906] unable to read squashfs_super_block
[  127.194704][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.196317][T10906] unable to read squashfs_super_block
[  127.197970][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.199590][T10906] unable to read squashfs_super_block
[  127.201503][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.203080][T10906] unable to read squashfs_super_block
[  127.204669][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.206231][T10906] unable to read squashfs_super_block
[  127.207841][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.209386][T10906] unable to read squashfs_super_block
[  127.211209][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.212767][T10906] unable to read squashfs_super_block
[  127.214376][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.216078][T10906] unable to read squashfs_super_block
[  127.217740][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.219335][T10906] unable to read squashfs_super_block
[  127.222762][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.224348][T10906] unable to read squashfs_super_block
[  127.225956][T10906] SQUASHFS error: Failed to read block 0x0: -5
[  127.227537][T10906] unable to read squashfs_super_block
[  127.373568][ T5982] usb 7-1: USB disconnect, device number 15
[  127.649800][T10941] binder: 10940:10941 ioctl c0286687 20000300 returned -22
[  127.661380][T10941] binder: 10940:10941 ioctl c0306201 20000680 returned -14
[  127.711744][T10948] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.714946][T10948] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.731388][ T5954] Bluetooth: hci1: adv larger than maximum supported
[  127.731415][ T5954] Bluetooth: hci1: adv larger than maximum supported
[  127.733699][ T5954] Bluetooth: hci1: Malformed LE Event: 0x0d
[  127.797162][ T5954] Bluetooth: hci0: command 0x0c1a tx timeout
[  127.797349][    T9] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  127.801802][    T9] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  127.809062][T10948] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.812028][T10948] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.865370][   T39] audit: type=1400 audit(1731554880.903:49636): avc:  denied  { write } for  pid=10957 comm="syz.0.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  127.891323][T10948] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.894840][T10948] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.960899][T10948] bond0: (slave netdevsim0): Releasing backup interface
[  127.964301][T10948] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  127.967648][T10948] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.070950][T10948] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  128.073547][T10948] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.081416][T10948] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  128.083678][T10948] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.089355][T10948] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  128.091700][T10948] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.099278][T10948] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  128.101497][T10948] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.680642][T10968] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1341'.
[  128.683292][T10968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7424 sclass=netlink_route_socket pid=10968 comm=syz.3.1341
[  128.867821][ T5943] Bluetooth: hci1: unexpected event for opcode 0x2041
[  128.873454][T10999] overlayfs: missing 'lowerdir'
[  128.874759][   T39] audit: type=1400 audit(1731554881.913:49637): avc:  denied  { mounton } for  pid=10998 comm="syz.3.1347" path="/367/file0/bus" dev="ramfs" ino=40266 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  128.924961][ T5943] Bluetooth: hci1: adv larger than maximum supported
[  128.924990][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d
[  128.932262][T11005] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1350'.
[  128.935544][T11005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1350'.
[  128.974202][T11009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1352'.
[  129.003300][T11015] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1353'.
[  129.065848][   T39] audit: type=1400 audit(1731554882.103:49638): avc:  denied  { append } for  pid=11024 comm="syz.3.1357" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  129.133919][T11028] QAT: failed to copy from user.
[  129.135834][T11028] hub 4-0:1.0: USB hub found
[  129.137464][T11028] hub 4-0:1.0: 2 ports detected
[  129.143646][T11028] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11028 comm=syz.3.1358
[  129.355522][T11043] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1363'.
[  129.358148][T11043] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1363'.
[  129.520003][ T5943] Bluetooth: hci1: adv larger than maximum supported
[  129.520024][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d
[  129.687324][T11087] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1380'.
[  129.869530][    T9] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  129.871174][    T9] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  130.278539][T11115] sd 0:0:0:0: PR command failed: 1026
[  130.280559][T11115] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  130.282284][T11115] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  130.411256][T11067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  130.772183][ T5943] Bluetooth: hci1: adv larger than maximum supported
[  130.772202][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0d
[  132.331514][T11149] program syz.2.1400 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.334013][T11149] ata1.00: invalid command format 0
[  132.501148][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  132.901921][ T5943] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  132.904497][ T5943] Bluetooth: hci1: Injecting HCI hardware error event
[  150.406015][ T1131] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  170.267794][ T5954] Bluetooth: hci1: hardware error 0x00
[  170.390021][ T5943] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  170.395545][ T5943] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  170.398804][ T5943] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  170.412507][ T8358] bridge0: port 1(syz_tun) entered disabled state
[  170.416214][ T5943] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  170.428509][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  170.436275][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  170.439887][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  170.441817][ T5950] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  170.444863][   T65] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  170.448989][   T65] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  170.455148][   T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  170.457290][   T65] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  170.461055][   T65] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  170.463484][   T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  170.465602][   T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  170.469173][   T65] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  170.475556][   T65] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  170.478429][   T65] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  170.484565][ T5312] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  170.489578][ T5312] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  170.494939][ T5312] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  170.497169][ T5312] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  170.499178][ T5312] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  170.501103][ T5312] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  170.578818][ T8358] syz_tun (unregistering): left allmulticast mode
[  170.582184][ T8358] syz_tun (unregistering): left promiscuous mode
[  170.584506][ T8358] bridge0: port 1(syz_tun) entered disabled state
[  170.603858][ T5953] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  170.607152][ T5953] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  170.611456][ T5953] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  170.614677][ T5953] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  170.629637][ T5953] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  170.632363][ T5953] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  170.710897][   T75] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.888873][   T75] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.935870][T11156] chnl_net:caif_netlink_parms(): no params data found
[  170.956402][T11154] chnl_net:caif_netlink_parms(): no params data found
[  170.961075][T10854] chnl_net:caif_netlink_parms(): no params data found
[  170.995609][   T75] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.042585][T11153] chnl_net:caif_netlink_parms(): no params data found
[  171.087622][T10854] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.089455][T10854] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.092365][T10854] bridge_slave_0: entered allmulticast mode
[  171.094315][T10854] bridge_slave_0: entered promiscuous mode
[  171.096749][T10854] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.098503][T10854] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.100503][T10854] bridge_slave_1: entered allmulticast mode
[  171.102478][T10854] bridge_slave_1: entered promiscuous mode
[  171.113418][   T75] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.124475][T11156] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.126360][T11156] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.128175][T11156] bridge_slave_0: entered allmulticast mode
[  171.131629][T11156] bridge_slave_0: entered promiscuous mode
[  171.134458][T11156] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.136246][T11156] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.138075][T11156] bridge_slave_1: entered allmulticast mode
[  171.140444][T11156] bridge_slave_1: entered promiscuous mode
[  171.235875][T10854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.240990][T10854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.243436][T11154] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.245184][T11154] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.247005][T11154] bridge_slave_0: entered allmulticast mode
[  171.249102][T11154] bridge_slave_0: entered promiscuous mode
[  171.252583][T11154] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.254456][T11154] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.256367][T11154] bridge_slave_1: entered allmulticast mode
[  171.258385][T11154] bridge_slave_1: entered promiscuous mode
[  171.264224][T11153] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.266018][T11153] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.267863][T11153] bridge_slave_0: entered allmulticast mode
[  171.270345][T11153] bridge_slave_0: entered promiscuous mode
[  171.274480][T11156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.309756][T11153] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.311927][T11153] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.314089][T11153] bridge_slave_1: entered allmulticast mode
[  171.316302][T11153] bridge_slave_1: entered promiscuous mode
[  171.320107][T11156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.342238][T11154] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.346790][T11154] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.377932][T10854] team0: Port device team_slave_0 added
[  171.382513][T10854] team0: Port device team_slave_1 added
[  171.395977][T11153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.401578][T11156] team0: Port device team_slave_0 added
[  171.450643][T11153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.456196][T11156] team0: Port device team_slave_1 added
[  171.471880][T11154] team0: Port device team_slave_0 added
[  171.499809][T11156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.502147][T11156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.511109][T11156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.515827][T10854] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.518118][T10854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.525085][T10854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.528945][T11154] team0: Port device team_slave_1 added
[  171.561697][T11153] team0: Port device team_slave_0 added
[  171.563980][T11156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.566332][T11156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.575067][T11156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.579010][T10854] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.580797][T10854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.586998][T10854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.598437][   T75] bridge_slave_1: left allmulticast mode
[  171.600621][   T75] bridge_slave_1: left promiscuous mode
[  171.602180][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.605599][   T75] bridge_slave_0: left allmulticast mode
[  171.607040][   T75] bridge_slave_0: left promiscuous mode
[  171.608517][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.052110][   T75] bond1 (unregistering): Released all slaves
[  172.056480][   T75] bond2 (unregistering): Released all slaves
[  172.061109][T11153] team0: Port device team_slave_1 added
[  172.069612][T11154] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.071356][T11154] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.077579][T11154] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.101998][T11153] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.104205][T11153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.111612][T11153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.132601][T11154] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.134458][T11154] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.141051][T11154] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.158343][T11153] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.160441][T11153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.168180][T11153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.182007][   T75] tipc: Disabling bearer <udp:syz1>
[  172.183783][   T75] tipc: Left network mode
[  172.214977][T11156] hsr_slave_0: entered promiscuous mode
[  172.216900][T11156] hsr_slave_1: entered promiscuous mode
[  172.218761][T11156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.220956][T11156] Cannot create hsr debugfs directory
[  172.264727][T10854] hsr_slave_0: entered promiscuous mode
[  172.266908][T10854] hsr_slave_1: entered promiscuous mode
[  172.268677][T10854] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.272234][T10854] Cannot create hsr debugfs directory
[  172.277653][T11154] hsr_slave_0: entered promiscuous mode
[  172.280812][T11154] hsr_slave_1: entered promiscuous mode
[  172.283225][T11154] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.285212][T11154] Cannot create hsr debugfs directory
[  172.296734][T11153] hsr_slave_0: entered promiscuous mode
[  172.298796][T11153] hsr_slave_1: entered promiscuous mode
[  172.301590][T11153] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.303808][T11153] Cannot create hsr debugfs directory
[  172.495052][   T75] hsr_slave_0: left promiscuous mode
[  172.497046][   T75] hsr_slave_1: left promiscuous mode
[  172.499190][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.500130][   T65] Bluetooth: hci6: command tx timeout
[  172.502490][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.506296][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.508508][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.538083][   T75] veth1_macvtap: left promiscuous mode
[  172.540584][   T75] veth0_macvtap: left promiscuous mode
[  172.542416][   T75] veth1_vlan: left promiscuous mode
[  172.544080][   T75] veth0_vlan: left promiscuous mode
[  172.579772][   T65] Bluetooth: hci3: command tx timeout
[  172.579794][ T5953] Bluetooth: hci4: command tx timeout
[  172.742295][ T5953] Bluetooth: hci5: command tx timeout
[  173.308155][   T75] team0 (unregistering): Port device team_slave_1 removed
[  173.398296][   T75] team0 (unregistering): Port device team_slave_0 removed
[  174.543537][T11156] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  174.550458][T11156] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  174.555870][T11156] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  174.569099][T11156] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  174.579754][ T5953] Bluetooth: hci6: command tx timeout
[  174.601363][   T75] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.630936][T10854] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  174.636307][T10854] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  174.639358][T10854] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  174.647858][T10854] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  174.659723][ T5953] Bluetooth: hci3: command tx timeout
[  174.661034][   T65] Bluetooth: hci4: command tx timeout
[  174.682025][   T75] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.694918][T11153] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  174.699768][T11153] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  174.709430][T11153] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  174.715923][T11153] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  174.758312][T11156] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.768660][   T75] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.784569][T11154] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  174.794163][T11156] 8021q: adding VLAN 0 to HW filter on device team0
[  174.796084][T11154] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  174.800733][T11154] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  174.804319][T11154] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  174.817674][   T75] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.819693][   T65] Bluetooth: hci5: command tx timeout
[  174.825333][  T161] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.827137][  T161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.834322][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.836133][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.889185][T10854] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.897201][T11153] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.933309][T10854] 8021q: adding VLAN 0 to HW filter on device team0
[  174.940028][   T75] bridge_slave_1: left promiscuous mode
[  174.941705][   T75] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.944559][   T75] bridge_slave_0: left allmulticast mode
[  174.946003][   T75] bridge_slave_0: left promiscuous mode
[  174.947533][   T75] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.089260][   T75] batman_adv: batadv0: Removing interface: erspan1
[  175.140525][   T75] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  175.153039][   T75] geneve1 (unregistering): left allmulticast mode
[  175.160270][   T75] team0: Port device geneve1 removed
[  175.413765][   T75] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  175.417478][   T75] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  175.422897][   T75] bond0 (unregistering): Released all slaves
[  175.427679][   T75] bond1 (unregistering): (slave vxcan3): Releasing backup interface
[  175.432175][   T75] bond1 (unregistering): Released all slaves
[  175.436867][   T75] bond2 (unregistering): Released all slaves
[  175.442790][   T75] bond3 (unregistering): Released all slaves
[  175.450332][T11153] 8021q: adding VLAN 0 to HW filter on device team0
[  175.461099][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.462994][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.471815][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.473706][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.482733][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.484615][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.487805][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.489642][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.511196][T11154] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.604158][T11154] 8021q: adding VLAN 0 to HW filter on device team0
[  175.613197][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.615089][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.624218][T11156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.629984][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.632511][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.673275][T11156] veth0_vlan: entered promiscuous mode
[  175.699514][T11156] veth1_vlan: entered promiscuous mode
[  175.714128][T11156] veth0_macvtap: entered promiscuous mode
[  175.717419][T11156] veth1_macvtap: entered promiscuous mode
[  175.728943][T11156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.734468][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.737804][T11156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.742093][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.745351][T11156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.756522][T11156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.759178][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.762359][T11156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.765087][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.767534][T11156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.770534][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.774041][T11156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.797167][T11156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.799442][T11156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.802015][T11156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.804216][T11156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.808487][T10854] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.842632][T11153] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.873382][   T75] hsr_slave_0: left promiscuous mode
[  175.875348][   T75] hsr_slave_1: left promiscuous mode
[  175.881346][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  175.883261][   T75] batman_adv: batadv0: Removing interface: batadv_slave_0
[  175.885570][   T75] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  175.887425][   T75] batman_adv: batadv0: Removing interface: batadv_slave_1
[  175.907524][   T75] veth1_macvtap: left promiscuous mode
[  175.909084][   T75] veth0_macvtap: left promiscuous mode
[  175.910770][   T75] veth1_vlan: left promiscuous mode
[  175.912154][   T75] veth0_vlan: left promiscuous mode
[  176.119828][   T75] vlan0 (unregistering): left allmulticast mode
[  176.123576][   T75] team0 (unregistering): Port device vlan0 removed
[  176.670205][   T65] Bluetooth: hci6: command tx timeout
[  176.743950][   T65] Bluetooth: hci3: command tx timeout
[  176.755934][   T65] Bluetooth: hci4: command tx timeout
[  176.899776][   T65] Bluetooth: hci5: command tx timeout
[  176.993183][   T75] team_slave_1 (unregistering): left allmulticast mode
[  176.996190][   T75] team0 (unregistering): Port device team_slave_1 removed
[  177.127551][   T75] team_slave_0 (unregistering): left allmulticast mode
[  177.134804][   T75] team0 (unregistering): Port device team_slave_0 removed
[  177.726619][  T161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.729322][  T161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.734382][T11154] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.770677][T11156] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[  177.774451][T11156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.811765][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.813975][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.848535][T10854] veth0_vlan: entered promiscuous mode
[  177.874028][T11153] veth0_vlan: entered promiscuous mode
[  177.880082][T10854] veth1_vlan: entered promiscuous mode
[  177.883178][T11153] veth1_vlan: entered promiscuous mode
[  177.913538][T10854] veth0_macvtap: entered promiscuous mode
[  177.918038][T10854] veth1_macvtap: entered promiscuous mode
[  177.958477][T11154] veth0_vlan: entered promiscuous mode
[  177.969040][T10854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.972055][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.975040][T10854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.978207][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.982496][T10854] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.985044][T11154] veth1_vlan: entered promiscuous mode
[  177.988028][T11153] veth0_macvtap: entered promiscuous mode
[  177.996351][T10854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.999999][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.002977][T10854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.005822][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.008041][T10854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.012134][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.015669][T10854] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.018973][T11153] veth1_macvtap: entered promiscuous mode
[  178.030018][T10854] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.032839][T10854] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.035567][T10854] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.038317][T10854] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.065980][T11154] veth0_macvtap: entered promiscuous mode
[  178.084887][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.088209][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.096492][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.100652][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.104915][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.107797][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.112934][T11153] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.121672][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.124861][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.127617][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.131151][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.133667][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.136833][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.139390][T11153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.142789][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.146625][T11153] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.149850][T11154] veth1_macvtap: entered promiscuous mode
[  178.149862][T11236] dlm: no locking on control device
[  178.153881][T11236] CIFS: Unable to determine destination address
[  178.166867][T11153] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.177817][T11153] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.181009][T11153] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.183644][T11153] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.203852][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.206608][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.209168][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.219305][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.222214][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.225116][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.227917][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.231371][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.234215][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.237466][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.242026][T11154] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.261901][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.264541][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.267602][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.273875][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.277133][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.281846][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.285167][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.288911][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.292671][T11154] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.295998][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.301287][T11154] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.310257][T10854] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[  178.313802][T10854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.324966][   T39] audit: type=1400 audit(1731554931.363:49639): avc:  denied  { module_load } for  pid=11243 comm="syz.1.1410" path="/sys/power/wakeup_count" dev="sysfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  178.330747][T11154] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.336612][T11154] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.336632][T11154] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.336647][T11154] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.343389][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.348921][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.355546][T11244] __nla_validate_parse: 1 callbacks suppressed
[  178.355557][T11244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1410'.
[  178.374523][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.377271][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.399028][T11153] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[  178.403448][T11153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.415152][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.417536][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.446695][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.452010][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.485482][T11154] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[  178.490203][T11154] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.498993][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.501223][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.629443][T11258] geneve2: entered promiscuous mode
[  178.631602][T11258] geneve2: entered allmulticast mode
[  178.742620][T11268] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  178.750411][   T65] Bluetooth: hci6: command tx timeout
[  178.791899][T11276] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=770 sclass=netlink_tcpdiag_socket pid=11276 comm=syz.7.1417
[  178.795637][   T39] audit: type=1400 audit(1731554931.833:49640): avc:  denied  { write } for  pid=11275 comm="syz.7.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  178.826358][T11288] PKCS8: Unsupported PKCS#8 version
[  178.830550][   T65] Bluetooth: hci4: command tx timeout
[  178.830571][ T5953] Bluetooth: hci3: command tx timeout
[  178.883816][T11298] netlink: 'syz.7.1424': attribute type 6 has an invalid length.
[  178.921751][T11302] veth1_virt_wifi: entered allmulticast mode
[  178.944264][T11307] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1424'.
[  178.946799][T11307] netlink: 'syz.7.1424': attribute type 13 has an invalid length.
[  178.948774][T11307] netlink: 'syz.7.1424': attribute type 14 has an invalid length.
[  178.962198][T11307] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  178.964746][T11307] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  178.967051][T11307] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  178.969256][T11307] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  178.969652][   T39] audit: type=1400 audit(1731554932.003:49641): avc:  denied  { watch_sb } for  pid=11308 comm="syz.9.1429" path="/6" dev="tmpfs" ino=42 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  178.974160][T11307] vxlan0: entered promiscuous mode
[  178.982761][ T5953] Bluetooth: hci5: command tx timeout
[  179.159626][T11164] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  179.162028][   T30] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  179.206695][T11322] netlink: 'syz.9.1433': attribute type 4 has an invalid length.
[  179.214500][T11322] netlink: 'syz.9.1433': attribute type 4 has an invalid length.
[  179.219732][T11322] netlink: 'syz.9.1433': attribute type 9 has an invalid length.
[  179.222045][T11322] netlink: 69272 bytes leftover after parsing attributes in process `syz.9.1433'.
[  179.299754][T11164] usb 6-1: device descriptor read/64, error -71
[  179.309666][   T30] usb 13-1: Using ep0 maxpacket: 16
[  179.312711][   T30] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.316166][   T30] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  179.320676][   T30] usb 13-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  179.323699][   T30] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.328356][   T30] usb 13-1: config 0 descriptor??
[  179.542531][T11164] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  179.669640][T11164] usb 6-1: device descriptor read/64, error -71
[  179.735483][T11296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  179.737871][T11296] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  179.740536][   T39] audit: type=1400 audit(1731554932.783:49642): avc:  denied  { create } for  pid=11295 comm="syz.8.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  179.741426][T11295] delete_channel: no stack
[  179.747276][   T39] audit: type=1400 audit(1731554932.783:49643): avc:  denied  { setopt } for  pid=11295 comm="syz.8.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  179.755148][   T30] usbhid 13-1:0.0: can't add hid device: -71
[  179.763008][   T30] usbhid 13-1:0.0: probe with driver usbhid failed with error -71
[  179.766048][   T30] usb 13-1: USB disconnect, device number 2
[  179.782411][T11164] usb usb6-port1: attempt power cycle
[  179.835964][T11329] af_packet: tpacket_rcv: packet too big, clamped from 102 to 4294967286. macoff=82
[  180.119655][T11164] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  180.147425][   T39] audit: type=1400 audit(1731554933.183:49644): avc:  denied  { read } for  pid=11338 comm="syz.9.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  180.147700][T11164] usb 6-1: device descriptor read/8, error -71
[  180.377409][T11352] CUSE: zero length info key specified
[  180.389537][T11164] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  180.410102][T11164] usb 6-1: device descriptor read/8, error -71
[  180.416604][T11354] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  180.424037][T11354] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  180.519685][T11164] usb usb6-port1: unable to enumerate USB device
[  180.543412][   T39] audit: type=1400 audit(1731554933.583:49645): avc:  denied  { connect } for  pid=11357 comm="syz.9.1445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  180.616137][T11368] 9pnet_fd: Insufficient options for proto=fd
[  180.759654][T11371] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  180.768205][T11371] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  181.104444][T11385] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  181.114972][T11385] kvm: pic: single mode not supported
[  181.114985][T11385] kvm: pic: level sensitive irq not supported
[  181.118148][T11385] kvm: pic: non byte read
[  181.124531][T11385] kvm: pic: non byte read
[  181.127188][T11385] kvm: pic: single mode not supported
[  181.127198][T11385] kvm: pic: level sensitive irq not supported
[  181.128870][T11385] kvm: pic: non byte read
[  181.133688][T11385] kvm: pic: non byte read
[  181.136387][T11385] kvm: pic: single mode not supported
[  181.136405][T11385] kvm: pic: level sensitive irq not supported
[  181.138200][T11385] kvm: pic: non byte read
[  181.142566][T11385] kvm: pic: non byte read
[  181.144617][T11385] kvm: pic: single mode not supported
[  181.144669][T11385] kvm: pic: level sensitive irq not supported
[  181.146615][T11385] kvm: pic: non byte read
[  181.153534][T11385] kvm: pic: single mode not supported
[  181.153793][T11385] kvm: pic: non byte read
[  181.157518][T11385] kvm: pic: non byte read
[  181.159740][T11385] kvm: pic: non byte read
[  181.163814][T11385] kvm: pic: single mode not supported
[  181.163854][T11385] kvm: pic: level sensitive irq not supported
[  181.169210][T11385] kvm: pic: level sensitive irq not supported
[  181.435001][T11408] x_tables: duplicate underflow at hook 1
[  181.658790][T11432] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  181.667913][T11432] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[  181.739397][   T39] audit: type=1400 audit(1731554934.773:49646): avc:  denied  { getopt } for  pid=11439 comm="syz.8.1469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  181.856880][T11448] netlink: 52 bytes leftover after parsing attributes in process `syz.8.1472'.
[  181.862075][T11448] Context (ID=0x1) not attached to queue pair (handle=0x2:0x0)
[  181.999645][   T55] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  182.101499][   T39] audit: type=1400 audit(1731554935.143:49647): avc:  denied  { remount } for  pid=11464 comm="syz.8.1481" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  182.193211][   T55] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.196044][   T55] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.201378][   T55] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  182.204640][   T55] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  182.206960][   T55] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.210611][   T55] usb 12-1: config 0 descriptor??
[  182.249294][ T5953] Bluetooth: hci6: Malformed LE Event: 0x0d
[  182.337169][T11492] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  182.408660][   T39] audit: type=1400 audit(1731554935.443:49648): avc:  denied  { mounton } for  pid=11497 comm="syz.1.1491" path="/proc/51/cgroup" dev="proc" ino=42758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  182.474332][T11504] netlink: 134744 bytes leftover after parsing attributes in process `syz.9.1492'.
[  182.538412][T11509] FAULT_INJECTION: forcing a failure.
[  182.538412][T11509] name failslab, interval 1, probability 0, space 0, times 1
[  182.542269][T11509] CPU: 1 UID: 0 PID: 11509 Comm: syz.9.1494 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  182.544974][T11509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.547762][T11509] Call Trace:
[  182.548875][T11509]  <TASK>
[  182.549765][T11509]  dump_stack_lvl+0x16c/0x1f0
[  182.551197][T11509]  should_fail_ex+0x497/0x5b0
[  182.552437][T11509]  ? fs_reclaim_acquire+0xae/0x150
[  182.553774][T11509]  should_failslab+0xc2/0x120
[  182.555013][T11509]  __kmalloc_cache_noprof+0x6b/0x300
[  182.556392][T11509]  ? media_pipeline_add_pad+0xf3/0x990
[  182.557872][T11509]  media_pipeline_add_pad+0xf3/0x990
[  182.559462][T11509]  __media_pipeline_start+0xaa2/0x2020
[  182.561143][T11509]  ? __mutex_trylock_common+0xea/0x250
[  182.562671][T11509]  ? __pfx___media_pipeline_start+0x10/0x10
[  182.564130][T11509]  media_pipeline_start+0x49/0x70
[  182.565403][T11509]  video_device_pipeline_start+0x79/0xa0
[  182.566767][T11509]  vimc_capture_start_streaming+0x7d/0x130
[  182.568206][T11509]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  182.569791][T11509]  vb2_start_streaming+0x15f/0x5a0
[  182.571049][T11509]  ? __bitmap_weight+0xdc/0x110
[  182.572256][T11509]  vb2_core_streamon+0x2a7/0x450
[  182.573509][T11509]  vb2_ioctl_streamon+0xf4/0x170
[  182.574725][T11509]  __video_do_ioctl+0xaf0/0xf00
[  182.575938][T11509]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.577252][T11509]  ? __might_fault+0xe3/0x190
[  182.578424][T11509]  video_usercopy+0x4ce/0x1600
[  182.579597][T11509]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.580927][T11509]  ? __pfx_video_usercopy+0x10/0x10
[  182.582253][T11509]  v4l2_ioctl+0x1ba/0x250
[  182.583353][T11509]  ? __pfx_v4l2_ioctl+0x10/0x10
[  182.584559][T11509]  __x64_sys_ioctl+0x18f/0x220
[  182.585751][T11509]  do_syscall_64+0xcd/0x250
[  182.586893][T11509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.588357][T11509] RIP: 0033:0x7ff0ca97e719
[  182.589458][T11509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.594132][T11509] RSP: 002b:00007ff0cb7b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  182.596194][T11509] RAX: ffffffffffffffda RBX: 00007ff0cab35f80 RCX: 00007ff0ca97e719
[  182.598126][T11509] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  182.600079][T11509] RBP: 00007ff0cb7b0090 R08: 0000000000000000 R09: 0000000000000000
[  182.602009][T11509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.604138][T11509] R13: 0000000000000000 R14: 00007ff0cab35f80 R15: 00007fff26ddfda8
[  182.606076][T11509]  </TASK>
[  182.639378][   T55] usbhid 12-1:0.0: can't add hid device: -71
[  182.641059][   T55] usbhid 12-1:0.0: probe with driver usbhid failed with error -71
[  182.650651][   T55] usb 12-1: USB disconnect, device number 2
[  182.667528][ T5953] Bluetooth: hci3: Malformed LE Event: 0x0d
[  182.694532][T11518] batman_adv: The newly added mac address (08:02:11:00:00:01) already exists on: ipvlan2
[  182.697848][T11518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.819266][T11544] netlink: 'syz.1.1504': attribute type 2 has an invalid length.
[  182.831932][T11544] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1504'.
[  182.835739][T11542] FAULT_INJECTION: forcing a failure.
[  182.835739][T11542] name failslab, interval 1, probability 0, space 0, times 0
[  182.839147][T11542] CPU: 2 UID: 0 PID: 11542 Comm: syz.9.1505 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  182.842097][T11542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.844900][T11542] Call Trace:
[  182.845778][T11542]  <TASK>
[  182.846522][T11542]  dump_stack_lvl+0x16c/0x1f0
[  182.847723][T11542]  should_fail_ex+0x497/0x5b0
[  182.848948][T11542]  ? fs_reclaim_acquire+0xae/0x150
[  182.850274][T11542]  should_failslab+0xc2/0x120
[  182.851461][T11542]  __kmalloc_cache_noprof+0x6b/0x300
[  182.852800][T11542]  ? media_pipeline_add_pad+0xf3/0x990
[  182.854219][T11542]  media_pipeline_add_pad+0xf3/0x990
[  182.855604][T11542]  __media_pipeline_start+0x51d/0x2020
[  182.856974][T11542]  ? __mutex_trylock_common+0xea/0x250
[  182.858344][T11542]  ? __pfx___media_pipeline_start+0x10/0x10
[  182.859858][T11542]  media_pipeline_start+0x49/0x70
[  182.861164][T11542]  video_device_pipeline_start+0x79/0xa0
[  182.862596][T11542]  vimc_capture_start_streaming+0x7d/0x130
[  182.864097][T11542]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  182.865781][T11542]  vb2_start_streaming+0x15f/0x5a0
[  182.867092][T11542]  ? __bitmap_weight+0xdc/0x110
[  182.868341][T11542]  vb2_core_streamon+0x2a7/0x450
[  182.869613][T11542]  vb2_ioctl_streamon+0xf4/0x170
[  182.870886][T11542]  __video_do_ioctl+0xaf0/0xf00
[  182.872135][T11542]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.873499][T11542]  ? __might_fault+0xe3/0x190
[  182.874718][T11542]  video_usercopy+0x4ce/0x1600
[  182.875953][T11542]  ? __pfx___video_do_ioctl+0x10/0x10
[  182.877309][T11542]  ? __pfx_video_usercopy+0x10/0x10
[  182.878628][T11542]  v4l2_ioctl+0x1ba/0x250
[  182.879748][T11542]  ? __pfx_v4l2_ioctl+0x10/0x10
[  182.880992][T11542]  __x64_sys_ioctl+0x18f/0x220
[  182.882258][T11542]  do_syscall_64+0xcd/0x250
[  182.883424][T11542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.884945][T11542] RIP: 0033:0x7ff0ca97e719
[  182.886108][T11542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.890861][T11542] RSP: 002b:00007ff0cb7b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  182.892967][T11542] RAX: ffffffffffffffda RBX: 00007ff0cab35f80 RCX: 00007ff0ca97e719
[  182.894969][T11542] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  182.897128][T11542] RBP: 00007ff0cb7b0090 R08: 0000000000000000 R09: 0000000000000000
[  182.899167][T11542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.901352][T11542] R13: 0000000000000000 R14: 00007ff0cab35f80 R15: 00007fff26ddfda8
[  182.903371][T11542]  </TASK>
[  182.960111][T11554] FAULT_INJECTION: forcing a failure.
[  182.960111][T11554] name failslab, interval 1, probability 0, space 0, times 0
[  182.963584][T11554] CPU: 0 UID: 0 PID: 11554 Comm: syz.9.1508 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  182.966270][T11554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.968975][T11554] Call Trace:
[  182.969851][T11554]  <TASK>
[  182.970595][T11554]  dump_stack_lvl+0x16c/0x1f0
[  182.971797][T11554]  should_fail_ex+0x497/0x5b0
[  182.973031][T11554]  ? fs_reclaim_acquire+0xae/0x150
[  182.974874][T11554]  should_failslab+0xc2/0x120
[  182.976220][T11554]  kmem_cache_alloc_node_noprof+0x71/0x310
[  182.977706][T11554]  ? __alloc_skb+0x2b1/0x380
[  182.978880][T11554]  __alloc_skb+0x2b1/0x380
[  182.980007][T11554]  ? __pfx___alloc_skb+0x10/0x10
[  182.981263][T11554]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  182.982761][T11554]  netlink_alloc_large_skb+0x69/0x130
[  182.984098][T11554]  netlink_sendmsg+0x689/0xd70
[  182.985290][T11554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.986621][T11554]  ____sys_sendmsg+0xaaf/0xc90
[  182.987821][T11554]  ? copy_msghdr_from_user+0x10b/0x160
[  182.989322][T11554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  182.990818][T11554]  ? __pfx___lock_acquire+0x10/0x10
[  182.992130][T11554]  ___sys_sendmsg+0x135/0x1e0
[  182.993332][T11554]  ? __pfx____sys_sendmsg+0x10/0x10
[  182.994687][T11554]  ? lock_acquire+0x2f/0xb0
[  182.996097][T11554]  ? __fget_files+0x40/0x3f0
[  182.997581][T11554]  ? fdget+0x176/0x210
[  182.998683][T11554]  __sys_sendmsg+0x117/0x1f0
[  182.999898][T11554]  ? __pfx___sys_sendmsg+0x10/0x10
[  183.001213][T11554]  ? __fget_files+0x244/0x3f0
[  183.002416][T11554]  do_syscall_64+0xcd/0x250
[  183.003590][T11554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.005076][T11554] RIP: 0033:0x7ff0ca97e719
[  183.006211][T11554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.010934][T11554] RSP: 002b:00007ff0cb7b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.013014][T11554] RAX: ffffffffffffffda RBX: 00007ff0cab35f80 RCX: 00007ff0ca97e719
[  183.014946][T11554] RDX: 0000000000004000 RSI: 00000000200002c0 RDI: 0000000000000003
[  183.016934][T11554] RBP: 00007ff0cb7b0090 R08: 0000000000000000 R09: 0000000000000000
[  183.018878][T11554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.020815][T11554] R13: 0000000000000000 R14: 00007ff0cab35f80 R15: 00007fff26ddfda8
[  183.022831][T11554]  </TASK>
[  183.023855][    C0] vkms_vblank_simulate: vblank timer overrun
[  183.039252][T11557] binder: BINDER_SET_CONTEXT_MGR already set
[  183.040917][T11557] binder: 11555:11557 ioctl 4018620d 20000380 returned -16
[  183.043656][T11556] binder: BINDER_SET_CONTEXT_MGR already set
[  183.045264][T11556] binder: 11555:11556 ioctl 4018620d 200002c0 returned -16
[  183.047196][T11556] binder: 11555:11556 unknown command 0
[  183.048601][T11556] binder: 11555:11556 ioctl c0306201 200004c0 returned -22
[  183.109594][   T55] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  183.121578][ T5953] Bluetooth: hci6: Malformed LE Event: 0x0d
[  183.272216][   T55] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  183.275212][   T55] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  183.285023][   T55] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  183.287428][   T55] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  183.290347][   T55] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  183.294268][   T55] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  183.296899][   T55] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  183.299400][   T55] usb 12-1: Product: syz
[  183.301352][   T55] usb 12-1: Manufacturer: syz
[  183.309675][   T55] cdc_wdm 12-1:1.0: skipping garbage
[  183.311062][   T55] cdc_wdm 12-1:1.0: skipping garbage
[  183.313786][   T55] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  183.315631][   T55] cdc_wdm 12-1:1.0: Unknown control protocol
[  183.378027][T11583] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  183.383429][T11583] FAULT_INJECTION: forcing a failure.
[  183.383429][T11583] name failslab, interval 1, probability 0, space 0, times 0
[  183.387451][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.8.1517 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  183.390287][T11583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.393052][T11583] Call Trace:
[  183.393930][T11583]  <TASK>
[  183.394712][T11583]  dump_stack_lvl+0x16c/0x1f0
[  183.395964][T11583]  should_fail_ex+0x497/0x5b0
[  183.397209][T11583]  ? fs_reclaim_acquire+0xae/0x150
[  183.398522][T11583]  should_failslab+0xc2/0x120
[  183.399735][T11583]  __kmalloc_cache_node_noprof+0x6e/0x350
[  183.401228][T11583]  ? __get_vm_area_node+0xe1/0x2d0
[  183.402583][T11583]  __get_vm_area_node+0xe1/0x2d0
[  183.403841][T11583]  __vmalloc_node_range_noprof+0x26a/0x15a0
[  183.405569][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.406975][T11583]  ? vimc_scaler_s_stream+0x578/0x6d0
[  183.408389][T11583]  ? __pfx_lock_release+0x10/0x10
[  183.409709][T11583]  ? trace_contention_end+0xea/0x140
[  183.411098][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.412515][T11583]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  183.414157][T11583]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  183.415718][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.417353][T11583]  vmalloc_noprof+0x6b/0x90
[  183.418683][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.420386][T11583]  vimc_scaler_s_stream+0x580/0x6d0
[  183.422302][T11583]  ? __pfx___media_pipeline_start+0x10/0x10
[  183.423879][T11583]  call_s_stream+0xe6/0x350
[  183.425117][T11583]  ? __pfx_call_s_stream+0x10/0x10
[  183.426498][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.427999][T11583]  vimc_streamer_s_stream+0x5a3/0x9a0
[  183.429480][T11583]  vimc_capture_start_streaming+0xa1/0x130
[  183.431341][T11583]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  183.433055][T11583]  vb2_start_streaming+0x15f/0x5a0
[  183.434507][T11583]  ? __bitmap_weight+0xdc/0x110
[  183.435975][T11583]  vb2_core_streamon+0x2a7/0x450
[  183.437414][T11583]  vb2_ioctl_streamon+0xf4/0x170
[  183.438858][T11583]  __video_do_ioctl+0xaf0/0xf00
[  183.440230][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.441760][T11583]  ? __might_fault+0xe3/0x190
[  183.442980][T11583]  video_usercopy+0x4ce/0x1600
[  183.444227][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.445615][T11583]  ? __pfx_video_usercopy+0x10/0x10
[  183.446979][T11583]  v4l2_ioctl+0x1ba/0x250
[  183.448092][T11583]  ? __pfx_v4l2_ioctl+0x10/0x10
[  183.449339][T11583]  __x64_sys_ioctl+0x18f/0x220
[  183.450552][T11583]  do_syscall_64+0xcd/0x250
[  183.451686][T11583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.453205][T11583] RIP: 0033:0x7f089ed7e719
[  183.454342][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.459402][T11583] RSP: 002b:00007f089fae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.461517][T11583] RAX: ffffffffffffffda RBX: 00007f089ef35f80 RCX: 00007f089ed7e719
[  183.463495][T11583] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  183.465446][T11583] RBP: 00007f089fae0090 R08: 0000000000000000 R09: 0000000000000000
[  183.467372][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.469734][T11583] R13: 0000000000000000 R14: 00007f089ef35f80 R15: 00007fff05de4da8
[  183.472341][T11583]  </TASK>
[  183.477373][T11583] syz.8.1517: vmalloc error: size 921600, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz8,mems_allowed=0-1
[  183.483297][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.8.1517 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  183.486721][T11583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.490091][T11583] Call Trace:
[  183.491161][T11583]  <TASK>
[  183.492105][T11583]  dump_stack_lvl+0x16c/0x1f0
[  183.493623][T11583]  warn_alloc+0x24d/0x3a0
[  183.495016][T11583]  ? __pfx_warn_alloc+0x10/0x10
[  183.496590][T11583]  ? fs_reclaim_acquire+0xae/0x150
[  183.498240][T11583]  ? trace_kmalloc+0x2d/0xe0
[  183.499709][T11583]  ? __kasan_kmalloc+0x8a/0xb0
[  183.501307][T11583]  ? __get_vm_area_node+0x1bc/0x2d0
[  183.502959][T11583]  __vmalloc_node_range_noprof+0xd27/0x15a0
[  183.504826][T11583]  ? vimc_scaler_s_stream+0x578/0x6d0
[  183.506527][T11583]  ? __pfx_lock_release+0x10/0x10
[  183.508115][T11583]  ? trace_contention_end+0xea/0x140
[  183.509801][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.511632][T11583]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  183.513869][T11583]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  183.515851][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.517823][T11583]  vmalloc_noprof+0x6b/0x90
[  183.519337][T11583]  ? vimc_scaler_s_stream+0x580/0x6d0
[  183.521116][T11583]  vimc_scaler_s_stream+0x580/0x6d0
[  183.522839][T11583]  ? __pfx___media_pipeline_start+0x10/0x10
[  183.524775][T11583]  call_s_stream+0xe6/0x350
[  183.526315][T11583]  ? __pfx_call_s_stream+0x10/0x10
[  183.527998][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.529867][T11583]  vimc_streamer_s_stream+0x5a3/0x9a0
[  183.531639][T11583]  vimc_capture_start_streaming+0xa1/0x130
[  183.533573][T11583]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  183.535724][T11583]  vb2_start_streaming+0x15f/0x5a0
[  183.537404][T11583]  ? __bitmap_weight+0xdc/0x110
[  183.539015][T11583]  vb2_core_streamon+0x2a7/0x450
[  183.540656][T11583]  vb2_ioctl_streamon+0xf4/0x170
[  183.542285][T11583]  __video_do_ioctl+0xaf0/0xf00
[  183.543876][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.545642][T11583]  ? __might_fault+0xe3/0x190
[  183.547163][T11583]  video_usercopy+0x4ce/0x1600
[  183.548715][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.550458][T11583]  ? __pfx_video_usercopy+0x10/0x10
[  183.552160][T11583]  v4l2_ioctl+0x1ba/0x250
[  183.553581][T11583]  ? __pfx_v4l2_ioctl+0x10/0x10
[  183.555163][T11583]  __x64_sys_ioctl+0x18f/0x220
[  183.556750][T11583]  do_syscall_64+0xcd/0x250
[  183.558254][T11583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.560189][T11583] RIP: 0033:0x7f089ed7e719
[  183.561658][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.567792][T11583] RSP: 002b:00007f089fae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.570447][T11583] RAX: ffffffffffffffda RBX: 00007f089ef35f80 RCX: 00007f089ed7e719
[  183.572988][T11583] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  183.575499][T11583] RBP: 00007f089fae0090 R08: 0000000000000000 R09: 0000000000000000
[  183.578037][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.580550][T11583] R13: 0000000000000000 R14: 00007f089ef35f80 R15: 00007fff05de4da8
[  183.583153][T11583]  </TASK>
[  183.587147][T11583] Mem-Info:
[  183.588267][T11583] active_anon:7555 inactive_anon:0 isolated_anon:0
[  183.588267][T11583]  active_file:4629 inactive_file:50648 isolated_file:0
[  183.588267][T11583]  unevictable:1768 dirty:104 writeback:0
[  183.588267][T11583]  slab_reclaimable:7653 slab_unreclaimable:81270
[  183.588267][T11583]  mapped:18185 shmem:2524 pagetables:1071
[  183.588267][T11583]  sec_pagetables:314 bounce:0
[  183.588267][T11583]  kernel_misc_reclaimable:0
[  183.588267][T11583]  free:467300 free_pcp:3272 free_cma:0
[  183.601459][   T25] usb 12-1: USB disconnect, device number 3
[  183.602745][T11583] Node 0 active_anon:30220kB inactive_anon:0kB active_file:18516kB inactive_file:202516kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:72740kB dirty:416kB writeback:0kB shmem:6560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13104kB pagetables:4284kB sec_pagetables:1256kB all_unreclaimable? no
[  183.612991][T11583] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  183.615313][   T55] usb 14-1: new high-speed USB device number 2 using dummy_hcd
[  183.620854][T11583] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  183.633533][T11583] lowmem_reserve[]: 0 1214 0 0 0
[  183.635997][T11583] Node 0 DMA32 free:277188kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:30344kB inactive_anon:0kB active_file:18516kB inactive_file:202516kB unevictable:3536kB writepending:416kB present:2080628kB managed:1272192kB mlocked:0kB bounce:0kB free_pcp:2020kB local_pcp:112kB free_cma:0kB
[  183.643658][T11583] lowmem_reserve[]: 0 0 0 0 0
[  183.644933][T11583] Node 1 Normal free:1585092kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:2744kB local_pcp:2304kB free_cma:0kB
[  183.652601][T11583] lowmem_reserve[]: 0 0 0 0 0
[  183.653896][T11583] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  183.657229][T11583] Node 0 DMA32: 91*4kB (UME) 626*8kB (UME) 828*16kB (UME) 351*32kB (UME) 718*64kB (UME) 233*128kB (UME) 123*256kB (UME) 66*512kB (UME) 42*1024kB (UME) 21*2048kB (UM) 5*4096kB (U) = 277404kB
[  183.667352][T11583] Node 1 Normal: 7*4kB (UM) 23*8kB (UME) 33*16kB (UME) 131*32kB (UME) 66*64kB (UME) 16*128kB (UME) 4*256kB (UME) 6*512kB (UME) 5*1024kB (UE) 6*2048kB (UME) 379*4096kB (M) = 1585092kB
[  183.672517][T11583] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  183.675083][T11583] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  183.677977][T11583] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  183.680859][T11583] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  183.683181][T11583] 57801 total pagecache pages
[  183.684400][T11583] 0 pages in swap cache
[  183.685816][T11583] Free swap  = 124208kB
[  183.687565][T11583] Total swap = 124996kB
[  183.688683][T11583] 1048443 pages RAM
[  183.690172][T11583] 0 pages HighMem/MovableOnly
[  183.691423][T11583] 281074 pages reserved
[  183.692521][T11583] 0 pages cma reserved
[  183.693643][T11583] vimc vimc.0: subdev_call error Scaler
[  183.693851][T11603] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1524'.
[  183.695365][T11583] ------------[ cut here ]------------
[  183.698807][T11583] WARNING: CPU: 1 PID: 11583 at drivers/media/v4l2-core/v4l2-subdev.c:455 call_s_stream+0x2df/0x350
[  183.705108][T11583] Modules linked in:
[  183.706541][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.8.1517 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  183.709280][T11583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.712302][T11583] RIP: 0010:call_s_stream+0x2df/0x350
[  183.713951][T11583] Code: c1 ea 03 80 3c 02 00 75 75 48 8b bb 08 01 00 00 44 89 e2 48 c7 c6 00 53 4e 8c e8 3c 35 3b fe e9 54 fe ff ff e8 32 6f 15 fa 90 <0f> 0b 90 e9 cb fe ff ff 4c 89 f7 e8 81 1a 77 fa e9 48 fd ff ff e8
[  183.719047][T11583] RSP: 0018:ffffc90004a3fa68 EFLAGS: 00010293
[  183.720650][T11583] RAX: 0000000000000000 RBX: ffff88802a594020 RCX: ffffffff877809ae
[  183.722614][T11583] RDX: ffff8880238f2440 RSI: ffffffff87780c2e RDI: 0000000000000000
[  183.724590][T11583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  183.726451][   T39] kauditd_printk_skb: 2 callbacks suppressed
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  183.726462][   T39] audit: type=1400 audit(1731554936.753:49651): avc:  denied  { write } for  pid=5932 comm="syz-executor" path="pipe:[2026]" dev="pipefs" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  183.726568][T11583] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  183.738274][T11583] R13: 0000000000000000 R14: ffff88802a594198 R15: ffffffff87cab2f0
[  183.740824][T11583] FS:  00007f089fae06c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000
[  183.743343][T11583] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  183.745072][T11583] CR2: 000000110c36e11e CR3: 000000005b5ae000 CR4: 0000000000352ef0
[  183.747067][T11583] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  183.749761][T11583] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  183.751767][T11583] Call Trace:
[  183.752637][T11583]  <TASK>
[  183.753407][T11583]  ? __warn+0xea/0x3d0
[  183.754496][T11583]  ? call_s_stream+0x2df/0x350
[  183.755757][T11583]  ? report_bug+0x3c0/0x580
[  183.757049][T11583]  ? handle_bug+0x54/0xa0
[  183.758215][T11583]  ? exc_invalid_op+0x17/0x50
[  183.759436][T11583]  ? asm_exc_invalid_op+0x1a/0x20
[  183.760939][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.762316][T11583]  ? call_s_stream+0x5e/0x350
[  183.763467][T11583]  ? call_s_stream+0x2de/0x350
[  183.764627][T11583]  ? call_s_stream+0x2df/0x350
[  183.765827][T11583]  ? call_s_stream+0x2de/0x350
[  183.767019][T11583]  ? __pfx_call_s_stream+0x10/0x10
[  183.768320][T11583]  vimc_streamer_pipeline_terminate+0x218/0x320
[  183.769949][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.771318][T11583]  vimc_streamer_s_stream+0x650/0x9a0
[  183.772619][T11583]  vimc_capture_start_streaming+0xa1/0x130
[  183.774050][T11583]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  183.775628][T11583]  vb2_start_streaming+0x15f/0x5a0
[  183.776904][T11583]  ? __bitmap_weight+0xdc/0x110
[  183.778177][T11583]  vb2_core_streamon+0x2a7/0x450
[  183.779447][T11583]  vb2_ioctl_streamon+0xf4/0x170
[  183.780525][   T55] usb 14-1: Using ep0 maxpacket: 8
[  183.780891][T11583]  __video_do_ioctl+0xaf0/0xf00
[  183.783411][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.784738][T11583]  ? __might_fault+0xe3/0x190
[  183.785940][T11583]  video_usercopy+0x4ce/0x1600
[  183.787144][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.788729][T11583]  ? __pfx_video_usercopy+0x10/0x10
[  183.790411][T11583]  v4l2_ioctl+0x1ba/0x250
[  183.791465][T11583]  ? __pfx_v4l2_ioctl+0x10/0x10
[  183.792651][T11583]  __x64_sys_ioctl+0x18f/0x220
[  183.793864][T11583]  do_syscall_64+0xcd/0x250
[  183.794991][T11583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.796429][T11583] RIP: 0033:0x7f089ed7e719
[  183.797529][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.802247][T11583] RSP: 002b:00007f089fae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.804234][T11583] RAX: ffffffffffffffda RBX: 00007f089ef35f80 RCX: 00007f089ed7e719
[  183.806137][T11583] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  183.808034][T11583] RBP: 00007f089fae0090 R08: 0000000000000000 R09: 0000000000000000
[  183.809983][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.811909][T11583] R13: 0000000000000000 R14: 00007f089ef35f80 R15: 00007fff05de4da8
[  183.813857][T11583]  </TASK>
[  183.814650][T11583] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  183.816434][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.8.1517 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[  183.819093][T11583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.821695][T11583] Call Trace:
[  183.822528][T11583]  <TASK>
[  183.823264][T11583]  dump_stack_lvl+0x3d/0x1f0
[  183.824396][T11583]  panic+0x71d/0x800
[  183.825354][T11583]  ? __pfx_panic+0x10/0x10
[  183.826457][T11583]  ? show_trace_log_lvl+0x29d/0x3d0
[  183.827745][T11583]  ? check_panic_on_warn+0x1f/0xb0
[  183.829054][T11583]  ? call_s_stream+0x2df/0x350
[  183.830273][T11583]  check_panic_on_warn+0xab/0xb0
[  183.831518][T11583]  __warn+0xf6/0x3d0
[  183.832499][T11583]  ? call_s_stream+0x2df/0x350
[  183.833695][T11583]  report_bug+0x3c0/0x580
[  183.834794][T11583]  handle_bug+0x54/0xa0
[  183.835849][T11583]  exc_invalid_op+0x17/0x50
[  183.836984][T11583]  asm_exc_invalid_op+0x1a/0x20
[  183.838298][T11583] RIP: 0010:call_s_stream+0x2df/0x350
[  183.839635][T11583] Code: c1 ea 03 80 3c 02 00 75 75 48 8b bb 08 01 00 00 44 89 e2 48 c7 c6 00 53 4e 8c e8 3c 35 3b fe e9 54 fe ff ff e8 32 6f 15 fa 90 <0f> 0b 90 e9 cb fe ff ff 4c 89 f7 e8 81 1a 77 fa e9 48 fd ff ff e8
[  183.844289][T11583] RSP: 0018:ffffc90004a3fa68 EFLAGS: 00010293
[  183.845762][T11583] RAX: 0000000000000000 RBX: ffff88802a594020 RCX: ffffffff877809ae
[  183.847646][T11583] RDX: ffff8880238f2440 RSI: ffffffff87780c2e RDI: 0000000000000000
[  183.849582][T11583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  183.851502][T11583] R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
[  183.853453][T11583] R13: 0000000000000000 R14: ffff88802a594198 R15: ffffffff87cab2f0
[  183.855375][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.856881][T11583]  ? call_s_stream+0x5e/0x350
[  183.858153][T11583]  ? call_s_stream+0x2de/0x350
[  183.859360][T11583]  ? call_s_stream+0x2de/0x350
[  183.860524][T11583]  ? __pfx_call_s_stream+0x10/0x10
[  183.861800][T11583]  vimc_streamer_pipeline_terminate+0x218/0x320
[  183.863312][T11583]  ? __pfx_vimc_scaler_s_stream+0x10/0x10
[  183.864726][T11583]  vimc_streamer_s_stream+0x650/0x9a0
[  183.866143][T11583]  vimc_capture_start_streaming+0xa1/0x130
[  183.867594][T11583]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  183.869184][T11583]  vb2_start_streaming+0x15f/0x5a0
[  183.870473][T11583]  ? __bitmap_weight+0xdc/0x110
[  183.871720][T11583]  vb2_core_streamon+0x2a7/0x450
[  183.872973][T11583]  vb2_ioctl_streamon+0xf4/0x170
[  183.874229][T11583]  __video_do_ioctl+0xaf0/0xf00
[  183.875466][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.876806][T11583]  ? __might_fault+0xe3/0x190
[  183.878035][T11583]  video_usercopy+0x4ce/0x1600
[  183.879269][T11583]  ? __pfx___video_do_ioctl+0x10/0x10
[  183.880617][T11583]  ? __pfx_video_usercopy+0x10/0x10
[  183.881921][T11583]  v4l2_ioctl+0x1ba/0x250
[  183.883016][T11583]  ? __pfx_v4l2_ioctl+0x10/0x10
[  183.884245][T11583]  __x64_sys_ioctl+0x18f/0x220
[  183.885463][T11583]  do_syscall_64+0xcd/0x250
[  183.886594][T11583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.888070][T11583] RIP: 0033:0x7f089ed7e719
[  183.889173][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.893874][T11583] RSP: 002b:00007f089fae0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.895972][T11583] RAX: ffffffffffffffda RBX: 00007f089ef35f80 RCX: 00007f089ed7e719
[  183.897912][T11583] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003
[  183.900379][T11583] RBP: 00007f089fae0090 R08: 0000000000000000 R09: 0000000000000000
[  183.902566][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.904525][T11583] R13: 0000000000000000 R14: 00007f089ef35f80 R15: 00007fff05de4da8
[  183.906501][T11583]  </TASK>
[  183.908041][T11583] Kernel Offset: disabled
[  183.909366][T11583] Rebooting in 86400 seconds..

VM DIAGNOSIS:
03:28:56  Registers:
info registers vcpu 0

CPU#0
RAX=000000000022ce7b RBX=0000000000000000 RCX=ffffffff8b23a439 RDX=0000000000000000
RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b4c0 RBP=fffffbfff1bd2af8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de957c0 R14=ffffffff905f5b88 R15=0000000000000000
RIP=ffffffff8b23b81f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3e1106 CR3=0000000050f14000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff05de5140 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000038
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff91808416 RDX=1ffffffff2301083
RSI=0000000000000000 RDI=ffffffff90cf1900 RBP=ffffc900008b0160 RSP=ffffc900008b00a8
R8 =ffffffff9180841c R9 =ffffffff9180799a R10=ffffc900008b0118 R11=00000000000800de
R12=ffffc900008b0168 R13=ffffc900008b0118 R14=ffffc900008b014d R15=ffffffff9180841b
RIP=ffffffff813d5290 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f089fae06c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c36e11e CR3=000000005b5ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=00000000ffffbfff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe3a370680 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b383430322a3132 2029454d55282042 6b343230312a3234 2029454d55282000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6132343032203132 2023454755222042 6134323031203234 2023454755222000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020333835313034 2a39373220293536 0000204232383030 322a312029202928
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 202032203220232a 2020222020232820 0000203120233020 2920202023202920
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3c3f38203e2a234f 475f222a48613238 3b203c3b2a234f47 5f222a48613e3c20
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 222a48613c333a3e 20333d392a234f47 5f222a4861323e3a 38203c2a234f5f22
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001941f9 RBX=0000000000000002 RCX=ffffffff8b23a439 RDX=0000000000000000
RSI=ffffffff8b6ccfc0 RDI=ffffffff8bd1b4c0 RBP=ffffed1003c5e000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801e2f0000 R14=ffffffff905f5b88 R15=0000000000000000
RIP=ffffffff8b23b81f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2d5605 CR3=000000005b5ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000014 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089edf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089ef0c488 00007f089ef0c480 00007f089ef0c478 00007f089ef0c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089fa6d100 00007f089ef0c440 00007f089ef0c458 0000000500060006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f089ef0c498 00007f089ef0c490 00007f089ef0c488 00007f089ef0c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000038
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802893b8f0 RCX=ffffffff816910a8 RDX=ffffed100512771f
RSI=0000000000000008 RDI=ffff88802893b8f0 RBP=dffffc0000000000 RSP=ffffc9000f22fa00
R8 =0000000000000000 R9 =ffffed100512771e R10=ffff88802893b8f7 R11=0000000000000000
R12=1ffff92001e45f42 R13=0000000000000002 R14=ffff888023870000 R15=ffffc9000f22fa30
RIP=ffffffff816910ce RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020001008 CR3=0000000027566000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000007 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000010000 0000000000030000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006800000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000f8000000000 00000f8000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000f8000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38fabf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38fabf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38fad0c488 00007f38fad0c480 00007f38fad0c478 00007f38fad0c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38fb86d100 00007f38fad0c440 00007f38fad0c458 00007f38faadc0de
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f38fad0c498 00007f38fad0c490 00007f38fad0c488 00007f38fad0c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000