last executing test programs:

59.194658909s ago: executing program 3 (id=521):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'vxcan1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x17, 0x2, {{0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, {0x13}}}}]}, 0x78}}, 0x0)

59.08496063s ago: executing program 3 (id=522):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000240)=""/203, 0xcb)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x20000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
brk(0xc00000000000)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x335, @tick=0x4})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0xc04c5349, &(0x7f0000000340))
tkill(r1, 0x7)

58.686836734s ago: executing program 3 (id=524):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x1412, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1000000}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}}, 0x0)
syz_io_uring_setup(0x1111, &(0x7f0000000300), &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x8, 0x0, 0x7, 0x0, 0x0})
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000001, 0x810, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd_index=0x5, 0x2, 0x0, 0x3, 0x0, 0x1})

58.597124814s ago: executing program 3 (id=527):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)
umount2(&(0x7f00000000c0)='./file0/file0\x00', 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x0, 0x7ffe, 0x7, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3, @void, @value, @void, @value}, 0x50)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x7, 0x9e1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1, <r3=>0xffffffffffffffff}, 0x4)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r3, 0x0}, 0x20)
prctl$PR_SET_THP_DISABLE(0x29, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) (async)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) (async)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0) (async)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0) (async)
umount2(&(0x7f00000000c0)='./file0/file0\x00', 0x1) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x0, 0x7ffe, 0x7, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3, @void, @value, @void, @value}, 0x50) (async)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x7, 0x9e1}, 0x10) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r3, 0x0}, 0x20) (async)
prctl$PR_SET_THP_DISABLE(0x29, 0x1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)

58.44513429s ago: executing program 3 (id=529):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001700)=@raw={'raw\x00', 0x8, 0x3, 0x2b8, 0x0, 0xa, 0x148, 0x16c, 0x10, 0x224, 0x2a8, 0x2a8, 0x224, 0x2a8, 0x3, 0x0, {[{{@ip={@dev={0xac, 0x14, 0x14, 0x38}, @empty, 0xff, 0xffffffff, 'veth0_macvtap\x00', 'pim6reg1\x00', {}, {0xff}, 0x88, 0x3, 0x7b}, 0x0, 0x104, 0x16c, 0x0, {0x20000000, 0x7f000000}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x9, 0x0, 0x689, 0xfffffffd, 0x6}}}, @common=@unspec=@limit={{0x3c}, {0x55e5, 0x1, 0x6}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xc83fa171e3d30524, 0x9, 0xcebf, 0x6, 'syz0\x00', 'syz0\x00', {0x8}}}}, {{@ip={@multicast1, @multicast1, 0xff, 0xffffffff, 'veth0_to_team\x00', 'team0\x00', {}, {}, 0x107, 0x0, 0xc}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x9, 0x7, 0x5, '\x00', {0xff}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x314)

58.159517027s ago: executing program 3 (id=534):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)=ANY=[@ANYBLOB="14010000", @ANYRES16=0x0, @ANYBLOB="000000000000000000000e000000"], 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01d90000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r5=>0x0})
sendto$packet(r4, 0x0, 0x0, 0x20008000, &(0x7f0000000000)={0x11, 0x1c, r5, 0x1, 0x8, 0x6, @random="6d6eb1f60783"}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffffffffff130012800b00010062617461647600000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)

58.099900275s ago: executing program 32 (id=534):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)=ANY=[@ANYBLOB="14010000", @ANYRES16=0x0, @ANYBLOB="000000000000000000000e000000"], 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01d90000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r5=>0x0})
sendto$packet(r4, 0x0, 0x0, 0x20008000, &(0x7f0000000000)={0x11, 0x1c, r5, 0x1, 0x8, 0x6, @random="6d6eb1f60783"}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffffffffff130012800b00010062617461647600000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)

7.44091435s ago: executing program 4 (id=1132):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600f0ffffff0000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x5, 0x6, 0x1, 0x0, r1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x3, 0x9, @void, @value, @void, @value}, 0x50)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8)
readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0xc2, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "42c59c23cba5509acc1fcb978db9c707"}]}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000640)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x4}}}}}}, 0x0)

6.580222233s ago: executing program 4 (id=1137):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_open_procfs$namespace(r0, &(0x7f0000000240)='ns/pid_for_children\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=@newtaction={0x200, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x1ec, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}, @m_simple={0x15c, 0x15, 0x0, 0x0, {{0xb}, {0x3c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'ife\x00'}, @TCA_DEF_DATA={0x7, 0x3, '&,\x00'}, @TCA_DEF_DATA={0x10, 0x3, '/dev/video#\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x9c82, 0x8, 0x101, 0x2000000}}]}, {0xf7, 0x6, "b851ac66cfe3811b094f9f6e9e41ca2d7f556b9400cc5e87bcceae6357031aacdf648e65fcd3ba49ec018bb2fdbd2224e7c2d012f7be231e075f0111cad2f6e733eeeb278a0b1b3593f5c03d543bf1367021ea67281724d4335c77d09461ad87778fbf643bacc08f18d09fc2d4de021c859957c541ce973e190c57e0ed6c5e1e6f5b8696b846d9de1b60d89980e6c0bc74c4cdb08f4bf5d06c33df257038cde1eb8dbbb57e7198f54ef79e25bfef57dae598fc886537a1fb953216c0ba6854ba17651f823b6d8faec3cca803a8104593815f57faaa776a9bdd8e08951edc55a1a67e13ccf1a2a5ee0fc247948050606ace3718"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x200}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r5 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r5, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xec00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x2004, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5c, 0x80, 0x0, 0x89, 0x0, r1}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000380))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_DQBUF(r7, 0xc0585611, &(0x7f0000000200)=@userptr={0xe, 0x1, 0x4, 0x0, 0x2, {}, {0x5, 0x1, 0x4, 0x0, 0x0, 0x0, "1e0037e0"}, 0x0, 0x2, {0x0}})
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r9 = dup(r8)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r9, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

5.014198306s ago: executing program 4 (id=1148):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44084)
getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00', 0x0, [0x7, 0xc046, 0x0, 0x80, 0x8]}, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffc, 0x6, 0xfd, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0x10, 0x39, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffce, 0x900})
io_setup(0x1, 0x0)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
request_key(&(0x7f0000000540)='user\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)=',$:@^@,\x00', 0x0)
add_key$user(&(0x7f0000000480), 0x0, 0x0, 0x0, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
creat(0x0, 0x583581b48b0c2945)
socket(0x1e, 0x4, 0x0)

4.115125879s ago: executing program 4 (id=1157):
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000180)=0x67e, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x143001)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x231, 0x0, 0x0, &(0x7f00000001c0))
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, 0x0, &(0x7f0000000040))
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018130000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d19"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0xc0, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {0x600}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8}]}}, @filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x8, 0x5}}]}}, @filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x6}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x1}, @TCA_FLOWER_KEY_PORT_SRC_MIN={0x6, 0x57, 0x4e22}, @TCA_FLOWER_KEY_TCP_FLAGS_MASK={0x6, 0x48, 0x6}, @TCA_FLOWER_KEY_MPLS_OPTS={0x28, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_TC={0x5, 0x4, 0x4}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0x1}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8, 0x5, {0xffff9}}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x3}]}}]}}, @TCA_CHAIN={0x8, 0xb, 0x5}]}, 0xc0}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)

4.041548629s ago: executing program 1 (id=1158):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x4, 0x4, 0x221, 0xc1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000001280), 0xb47, r2}, 0x38)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
sendmsg$NFC_CMD_VENDOR(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, r1, 0x207, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040035}, 0x6000840)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec0400339b8fd15e58a83b3da942"], 0xb0)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="10"], 0x10)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r7=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',privport,access=', @ANYRESDEC=r7])
r8 = getegid()
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000180)="1d57322be2bc78aa1d417b53aa44332395c8bd9bf9e1e92e7cdc8c87", 0x1c}], 0x1, &(0x7f0000000200)=[@cred={{0x18, 0x1, 0x2, {r3, r7, r8}}}], 0x18, 0x48887}, 0x44004)

4.002087501s ago: executing program 1 (id=1161):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000780)={'vcan0\x00', <r4=>0x0})
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7ece1e40ad8871461ab0800", @ANYRES64=r2, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002800)="d1f89c14e7f8640b43b1f1d1e00b2b0b3146d223d281c321953af4ade40d696d07f4b7d2ed1c1fd5691291056351901df48500519139568c88f49bb32801c2e3e2932895f1eb24b30efbab27313a3acab179fd6ce1f7150b0f0aae8cde4dd46b4f63cd60f647ea9bcf83f107e981a050f61f5d1bb5c7883f93269bba25e4122796c0f88ab27d913586d055f8c977ffcb05c85210f93cbad91499fedb2ab95e06bf009e54b422f66cef043560f4d77ae5c083cc67fcb0d3f10699aac8cceaf6d3b8f32e15555924edbc42b4ca3d2f4a92f5d30c18176c3abd17db4de2ef74472ffb637dd07460aeb7c882811c089217d88cbb5eec41d2be903e1c65cad2ad742f9ba8b512adab575f89d539492034ddfe4fd28205c8f27c52f0f631703d384634bfcad149ea9e842125062ac67006ca474be31f708b4f4f1e0c97a4eb2f26b671e172e251e8a6e9e1510bb74931aaf6b6ff84f8aefd63591f18f2ae8028985d78fcc5ed2d57bf595d3068e904387eeddd19bd359721a432bed0bff033cbca6acfddb6529fb11290bf1563b45034bd9b6c331091efef04303ca9942fcb64e56f3ff74d610e14c8f8a87e41582aebb272e5d6e945fdc7095bd181b93f13ddbdc18545f9cfc4db7f134c9ffa6add6727ab8755a06dca23d24a67658fda84321bb97fc475ace3b9912dad73f0ee6c8b2d6d58d7328ca63d1aeceb22a419fe4ec4c3b943051e9d276c559c33e6a45a97813bfcf80c7d79ebe04b1827878c4c8c2da2d598f9f3e444ae82f142716827dddcd94f8997d88a30be2a76432641125e28d5a0896b3e040a8b6805abc98da90844261468826b89f6cbac8d7b5eb6cd8a23f7c7ae9b99dfa6616f9dd10ac48e8c53a38ebfcee8c0ae1be1ee982515ce12a1ebf5d2d19022b4407a9bd062c453845ce75f54dd07e3d8079e19b3b116dc51f7a07d005ba682da13b73e3854bb60059fb021b8f4b9430629d408b32ccd3678bf1dc149a3493c44b2a52a5572c128957e0db8a4a214848b64bea6733bb48fc17a4e42474e2b1f47b507d038bb87a3fc32e7bf471685a61f736a414772cc1825e9342c58768640c83486dbf058050dd6c8a9843c106d1a4efa5e5b36deae71448e55f4ef2721d2d210ce075bdc52c97bd6c097a9a4120a507f6c99cd9054579c250cd5b207684deadf75f2f8c54349a57500625be7577fd6c81ca72111935f577c74c2bd1e9419344e2a3563b5a7d6026722469a30a061d123b45f93027a01c7d38863589118d25e333c07f5c3eb85d4dde937d8f1421b72035f8733754ef4793acdc8d1362ef08ac1e9f0246bfb478647ada002f809a3e63433d031e6d5e4f86218ace6a6221103608705719c3106b4659c377f7e3b6ae1777075ea45a68df2004deb6ef742c5971c23d409278be94c5de68153d93d1a2378f1b1656786ec896b72de0da8259a6f181be8829f9cb7cb98ce0b169e734e4a240508952f6ce3ca984eef7e0cd549996147fe56a0bb1598f015ab955df145a51d783397366084e53455840d5688cb9b7d2cdf8abbfcdf850a7de4073eada567d6ca989611c4910e692e44677a857eec2b654f8dc66b2be192786dce3b9780f9806652bdef013304a43dba3f8d15e5105414f6d1fb2a57dea02211fa311b489088a9802e36d649ada97d72a216f54ca6da090a51c01f5638a04f364a3cbf24bb374f644fda38856a7e0f5c3c9cd7b00555d105daf57561379cf1d77bce66d12de44f202a866a43a7a05a6e0910a1f0ab5b1341d8ae992ae9d95fa2c876db1bcd3635d7851f03dde1eddae6dcf95b182edab72a0521c88c8c3a8c2ad3c6ec2cc44321ce1550d51476e95a18ae5fdab801ef4f5a7a56580261d850f392929061ae5808ba390b2f7d8fe7325df9c07c39faadeeb0ee1ed95db7ccf49c9b93fca83e06be745156d422c8b936d65b8e7e76d9eeb2bbf19c1f9a59b8ee6b55d594d4794a869b2d3b37b0b936866894f00e6a90c788c22e0fb87d0ac53ce75e519765647deee2862552c77ceb75d419627e0627067ba24571807cbfae0bd959fa95cb14c2812a1ce41f76d2ad620c55df55f473e56cb219f7b13bed8cc4a98dddfda9d3b9b5650754f73c34bf00496993a1c4056aeb44e4160c3e2090d733604b2b13f40ae346b726a31365b7a230d8f66665dcb726594280678a258f8ddddfe69d424d62abe910db05c0efa5e773d0f6d8ef8c4c49926b46568a7a1321d996eacabb2f716539a020e34a02afc3bfead458287dd22c11e1c5f57cda7668853637dba0b2eb5e5318750b63c829ab0145c02d6bc05aef4113ee0ea0ba97c44d74cedcc89adff648eb5d7fe932a7a76c772b1e2e36c148dd3be951cfa0cfe11bc58635b38708fa1ff88f949eb15f4a4a3de71c33e2915c799d8204d7d1f9cf7c13c608e6ddf29e12b409028ee5edf37353df7982f67a120ff1871001094b1a3148ed5f4f75d9372aa21b2bb6e02b470336a2c20efee8af866032acd6dc56d1fa7a84dc314cafea1a7bba5fbae89e037a4a5597d2eefd153406d67ddbb3b4eeed6d981b229c2c1b76347b05d20835ecc979b697a2981f6785df853d3d5ce07c624136c805d4dc6c7419d68afe2ad4822aea38da761742b33de8394bcd2462518b35c6ef265eb2a9b130e5a3d669b55d457f92500a7b69156475e001989d55547fc831edf2afe2290591e902858914af73ad4e87ddb8ea3a719f435fe1c2839a39fe088ccc863e7c82e96b66e1b6d32ddbdc42bf2f6076b9e93ed2ec4b6ba6fce5dd3a8f5b3aa105aecf72a5cc9108d02a0b923de2d490ad90aed3a45c46d4594948e7b3f3cc7d153f4b2837ca378fb4af215657f016fd9c66395b98357c1d12a655ce07268beccb35acb3f928c1522bea5df98a0337c751308bfb361e68f3775c75e020ac9570283119264d4f8916c143ccc28d8e0709df356de6b6f35fccde79a677606b5b4d846fdad7c271fc5c2ae5f5e2fbcd6fbf21508a2615ab8f0208e276164bce80fb886b648b4cb085c7922a829c2bccdd850cec329870c866f7923c2c1cd59d6c2653263f7aa1f13d84c82575a021793ef875954ce8737c98abee465e780ab64f1d23da92828e62908543850e5730099eb34f5e47dee740581f596413b8e2711bbfc9d25e4a35b57416a741a60ba650b52ae2189cdd125f64565544f9e75bd8c2cbd898ed2dbdd704ee40d1746715eab4155a51289cf7d89a19ab7a355609dff8111c94f6cdf94a94c667508d7201eab7e86569b8b08bca2291cf3fb166df68f6d6da05398e8a1c0c5c66ca3cee621727a77f19b92927569ba44709302c1102683f338150989d971ea6d0151b69865e540ad4e5a186ad9fc8ce57a56ad114487c5ad99c0beae0fd49927c52380de839cc952f8e41e167006573b4ffc39ebec8f9f9fb4168386a78fe52c00cf3c3be6dbcd4ab32ac7cb8fdd1bae70a5c3da6f555aa6c8e6bd7e69e511bd5d87e39ee21f9035b0b14dd50b3c4e211794bfd7e8fbc48658044eab550f6b564d8f663c25ddb30233fb260e2d30bc9956f7293fd5532df2f74019f639c7313ca029280c513c2fc3c77dc4d0e7f5a9f273fda00349c28319743bc8f7eaeacc7f487bcf5866a55b2fa5b66e31964f090ac448a1ccd3b8cbc9735db5d7d1dd2f2bcdad1ee48b4f8a36688d8ddead1f166a5afb2efe12e943ce6ca41f1f45fe650536860881c28ff04a66ddce9cd19b4304c26e3238f114a1f4080999aaf6ff1f4b8b59ef5d54c10cd8a6598420949f1c0eff13259ba7da9f4c749b58f31f01627b780c2502cc6d1d82f68271e2bc945ddcb6784532e1aba414385096eeeb45afca0ddec570b16b476fbf7b4818275a05afe4beec9086e1c816ebf96608ed57a570c931577ca5b14c9359718b4b31b4789f291f5cb012f832e5763ba53521f58d3ee0a10930d3b4ea7747c5c751cfb476159287a9d371530e5d7cffa6ab09f049d2435960b0ad34f7890df22a3cfd6ce052b08409e67a1291f8459a59b988d7b97d2534f306d83656fd43313eebce1732837b6c22dc60a80d03c54b695b4efbf31381916c7da9644ef8e0f6739c98e7892ca89bf696715391c989c3bd53362e01b81d998e50e46fab088f9312465d200c034691b7e5dcb22ead3c3f3225f16a5588b2be09470e225290d8073dce5cd955d31e7acd452950505597f01c4b54a6f16f2e7d00ab182258f26e40bb70db783b2a10aae019f87708e1306e1957fcc081dac3659d603d4044c10b0a1fe61f4482e56d031d43fc355100a9dcf822db16d0895e554b439bd032e6103df725123da3fdd4a48b68863e6bb36e05343136e171d39d86168be30188bf1ebac4a1d748115167033149ac61bb4f8d4cad7f4c68c32de226b03fb42d24d5e37ba886fa357100644e64d869f6395e3d6d3768a30f53e2aca3688408807bd4818a2c5150f8ee770121a4a6402c7dc334a9ee5e876566d19867e45d4bdc73477ff7f543a23f38d5f0bf666219b0391e66457af4238c5bd9a05586333556f8972aca1def4507c4b073d1bc1c3051f0bf34f71673ccc1de9c69170c9fc5299ac733569cfde6a7bbb3cd60b601cfca16510bf7fbb26ffab3b674000844daf55fbf4ab48eade708cf70fdf901454acc8cc95c63fd2ee771bffaf19205e9a119b847931bcfb4c738e39701a3882cef4ff47b46b72ce26ac207a1ccaa253cd3ddae2b2eb61d5b9b3c8156928a169d7dbb2874b884c3b2097cb8ea92ce7fe70af90514c11887df33c4f7ec3d3ee6c327e7129b0188b0ca8c777451b17d8f489d547d711404bef72d1914f66a5676e9d716ede8c4282526419adb31d071d241db47a58bb55ee6ebcb67c82765a25e5e6fedc4c8d1d9b17e2b5bac5e0af3c63ea870ad8c5f9521390b660fc735d331e6eb326abde284256cdb381b4651d05f55807f4ad1b5b883bf6b55ee87285fad8de366f3248ae0b9c32bf85fc95d5bc19a716ac2a5f41e4e58d26bfdfa582be5d506f9929bfe7cea70184c81722ef7300f779d5d64c08a225a083d44ce75ced73f3a016f5047af67245bc8a81214024e905f383252cc0228085aa5fc184cbcb41db3eccede89480e0a1c1d1754cc3ffa53edc27c337ec86ae2f68c6225edb0027c1c5bf9aee1b94b62f6144e4631887272a36add32d908add308207559064cd61576f917db864845e5e89efcb27c80d259eb6fd5fca398da0c7e62fc423511bb8eb3969732c862de33448e95aa5e15d2028b84b3b8348a50abb39c5c10ac7fdc2034d1ceeae9870dc4486f48ac6aae573a775716ec380ed57665b9bf1c77f6869f720e428f8b94170b14c23786ff1cacf95a66ae631c70245bf264ce5078c3bddb4aaa7928eb6f1261d52e45ae5fde6f1b3bff90cd560c6c2f77ecfcf553db137051685c925be70def2be6c9bdd5825eac58d4c892a6d4ad5dcc078c6582ca140e5a75993e5ab7b487f31e5c601844f18f13039c099317f5e512eb9e054dcd8535106a9bd8977bf74254b68753b7f3a9b385d4a38ccaa17e029bd9ab4ff9b9b561b2a7e613ea05eb18a50fc231f32b79b9f32514469193a3d12269f58f3c932e501513e48e81774ad389275d9f00b4f8c677b8bb584b503201f83c7ad2e934e909f9ae1fc540f544dd2327fe1d8e3bb86984a252e2ffa88e2aed6d65a302d1883e51654fdb046d35270130fb9f8e4a4861d7278a07ee627fe272dcf99d294d7b1ce72f2f804cddfe4fa7aeb2c9543ef2665bf826c8ce0ca82dc7d4e57b7181b55a5d96ad83417b79376793235ed5a320a3ffac3a025aefa669450a6df20d830042034c0953836097c9461bc0d9c1446485692d1b9d5c991086f3f118a49bfe2a0888a5af8a868d880e31946dbd0c7ddcfcd27dcf5c62c9c5ff8fa9750d129f32e3c4f524eb3c31d5c9cb33fbcf52384a04a9f4faa216020e45be91181efeb7393d96b1f3ad8e9fadcffe49bec1bf36e70c2291475356ec5a416feb5d3b4f1331052271679d1186b338163682ac5b6bb79c64d6d0f8ddfec84d0d9870f45a64413f529c8dd93b358e66c9da2fd233e53b73ae2761f363ee69a38a0d7320a149c90c086e6a426abca5c461088747a2fb5006919ad7640aad79b1ec03cf6f49206f37382ad3105fcbd0e08d00815029d8cc3ca16472e58226f1def116bfab456c32a2a2323bb5a661eacb3b7c915d1eaa8c5aa8b1bf25c3a7bc9a2e047c499d8f2fbf2fe25606fc7f0ae5a539af68830b1955f82962f596e2ad0feb3e99b1982ffe3e553f102b4360b8e1d659575a8f713b8bb88d97dbcfd98f91c147a97e896646a47a43334569da8a01541b012063e0465c4122cb96b57484b0ab8c5f0c8f346c0766be69decf4e3ebef7f74f153ef8c6b6e9c5fe224e8f995f11c1867c5600cd7a345afacafec9076d4ccfca741fd41e445476d31f7cdf06b0d0cf596c755235408782a5e37abeb1f2dad79c83e59a1040c4b3b6a5a2acce9df0ebdb607c9c0549a4b16028595f7a9cd9da115dab0189f3d98b0dc2b8ddf6be4de2b38421a2071d91f14f8752c74df31fecb64de59dce09da2c3a1a2826446d982509baaa89b76379d8320bf3c1f76448e0ddc0889fe57ba756ab1403949cd2ca9ab520fa485576eca5acb471002a14a31e8d7f54c8c3edda8f416b0ae9d9fdfc445b54ed8fb34ed7c1d11b3c57a2c5ad92217ab2fdebafc195d09fee7a518e027ccf9d2e8de8cef1e0ad52144d82b65519495b8a5c314e85361adca8953dce587cf461a461dc9bbc0eb13a54144964930d80d8b4a015676f3efd10ccfd0ec5fe64deb93b5901b506581461bf2aaf04fa9f8118936c5e67e1cee60ccfc4f011ee2812eb9716af42b22c40d83c55d4e4c4838826cc34387a2085aa3e17219c78255ace7bb1fc30ec80676449084744c0887dc4e7696d25a544f3e4b365cc6ad800931d5787be99d678347ea4d6cdeab5662f6cbcb5fa80590e513c4ca96d73d378085026e0e7c71d968a670aefd48519e35beaeef9c67506db6f9b3edb62ef1b3b52b9c2db876b76101644e7dcf5a5056a8d916a0f69ea5bf096e7a4c2f8f1d0da29dbcef9d2ad1b82179ccd0ef95006b7a1d542a847e3e0f864d63434c15d6de4fecad18b788a867da5515e3d51871417bfd783d2dffd852953ea7113d3a61aac3c7c1a4efb449faa928456eb570e62d0ff9542a971b542d7c1fed9d633eb4a81499c105d0f73c5165badb54b0e83f8192d3d51d46ddd9908b04e9f57d5a4e6b65affee3799ae7cc51b4098f71e8ee947ffdeee4fd03095536376e1281ef8158fd1da4a39aebdad37fad75f6217bf45bfad16f2f1a80f5e8a3eea1141a56beb91319fe948bb44350a6e79959c140a5dad9955fb287aeba0a8a45d1fd8d692d30c96d01c9100e417082ae6edf62965fef7e190af60a99145925a307d1e11534d2a64484be3c6cd642432a2db66ba6d3ab1b7ea645edf4e54623d2ba0619bcc2a917cc2df8b0dbed096951947445ed5f08c626e1f9a5f566515bf106c48174f73587314b513962ed556fa7f16d8c6a953bcdda72f083a9b16357b3262c13cd500dfa09cc3d09240a7338514031768ea3053caa5166c8e4e090b3128464a88ccdc751d8ee1b3b1098997c9eaa2b3a13a47e43723a49e5d011dabb22c0d9605e48d5e26b90a47519536fd77c5260bc713e2b510fa6da698069f6c1df7a72462399d7dd288be19a0eab18adb072677268a306f19685c2d813564bab4ac90b7389c2fb87c0517e769577c081ced55572da71b40d18e4979b6b6290afcde4caa610166920549286dfa80197a10ff074b08d6b96c97110e36742fdbc5607f4c48ea9dd53301eecb5c25fce4eec9381b84e6b5af767c5bcca600149a3021c3f4aa237a0143363549a705c5768b5aa6ed51fd1ca9f0f9dd242f0df21f7c3eaf321fca97837d989ca101b5462d2dc248316c21339cb2b4e3451bb483390c09c958d474c6df2f2eac208ef704cbae5c9f6597c19ce48c4c9161c1b14622ed824b0e8669cbe6746051729fd2fcabb020190764a468c58ce369528bfca46cf8ec51ab69e711a53c4121476d2a5d2ceb19c332a5a86a52cabb246d2be739f361d97a6efc2c1d408b6f079ff5cbfdfa7ffb5da3af4611e42f876a44f8180ebadf8efe05645f3326fd1b1bb7f82753ee13e25c406469a6b103b9083ac06d590a48543240bca6e467eafc7069c97aa93a3a4ef61b6043383b6e990d174637d695893bd910f217c9c2465688eccd8a171cb5270fca2e002261f2e3e595f3484b67c0bbd7b50ea53a470e3935c0eafc6226521f0a15fc7cf5494b67fcfb705019a86a5972a9dd285bc50985947e42ca8519de25510db7ba6553419d4e368fe56c2a7acec8e77cd734f557a0f1b507e0869d2d5c9913c52fcd78b42b8f59ad3ae92226e292ea4439b5486629b739f4cca3d7f21cef79045427656fd1679dc5ab23686e13500dcb6284df60599ce81e2570d1cd5c7c2e0026640177bf1395fcf6e999acac08e3a993c3700ad891b1a68d5efc32a4b4f9cc8841e837e778c2500eb6cffc1b9970b2adf724839c7711ebbb2ee3e55f7aa97746d7538153589deafeef63eee6dfbd43fc72e0b763a0e4709da3deb26691303e99230a93c490029383b322099363ba3b2f76b4773c0c43907361b578cfb312cde55ea6de2f477c351ac82786d15b52f08a42385b2a3349116d34f8719264f79082d7c24165423a8e6764c53b922a0b3121cbb88976e6f53c455be77521bc1ad4997135ff24c520b2fa0002cbcc8eb8ee5cb33b1140dc811ee36816f47f23ff0b77d6680d597ec2fe77f5bfe1bb75c3eddb2356940c01e694da66d1c4fd78f7df5857111c01bb5e9954585e54086af287dc0ce861d921b378e9a2a9c9c5a37d9812595063643b1dae4afa57d884501ee0de2d7e39692ed5ecbd2ba1d9bf4e3f291cf0b1dfb809a2f915ae90bd5fbe76d5848752c298f34e69d8e95f6f3c8a8ef365d0927811b8a90c8f58836da07c058f71b01025af8c9829f761d71465d3d813e1e08a7d8f66dcb0f98daa19bb106fb9b25d49a35e8900e6de4502668cecbb9638c5b0d158317970e802be345ab3570f6a452e18da421fb4957429ec4b6c481b5393be9c7f1cea3d77ad1c935ce6cab01ed08f7f24e5b01d25105211d5e28b25d3a5fea30e3c4cd1289bc2606728f127574cdfed91d7c19d7381c3e532c92d7e532e74f3d24281cbf0f4e1908dd4f5cf145daeb21db6b34f2fe175aafd1c20224544c113f132cefe620bd99c5caff7b74d6acf8a1aae2fda5212ec64c80d647308439d5f90f6f481101599b539cd09a1bdfc510b6c9027c879f76bfd397dce9d3985ff01e62ee0455372960b68202412c6d5eb7b09c36f265b7b8b3822aa489dc169f8079e71dc96e0b75de2ade686761b067416e4915287dfdd6309946487a68115ee9d0bec73ffc63223e9463a30b819297d24824cb20724c6b524d58af1e03264e8e2b8dce59377c78dbd5ff5977782181aeaa8c2bd6d9f3d25ec566fa4a01eb5aeaeb6912acad55ca7336d28e305781bf128d6575dba16110d64c55ec9840f299e353fcc5628f248bd660f4dfa5f3a1bb7fbdac78ec727e87a134c98a98f405a4cd3773e79bd4f22bd3239a5fa8cd5806601e07241b25678f048b05bab6f8da56818f8dd9c97d001f4a7ea8beb3fa65ed7a951878bcef7e1da873e21ac6208cf0852c6cb297c10c84b74582bf59aaa11e7d8239997c9e7fd3c5bbee5b8466c17394fa61771aa10a3541f88419b16bb4fa36126745e99c292911d30ed0fa366dcd62c10879a6826609ab2b80b3a0c2de3d877805a564ce925916063c53d9698bb918eed2b49315fb83465a0db1a63a0528a887f5106dd054edbf381280989581c859a517573a6eb4946e0fcc61956fd5868fd37c788090fd7c3341028cf1bcb38ed595a4fd845ccd45558282c6e23d92d4268875f80ebad1c24f8d247595de2f8b83708b504f674447bc6fa1748b86fdfc971c9275baedda1348324c4dbde22d423744e2d537a4e28d95771b18302bc5d92f9e0ba6b1029a3e73761080a4e6e1b52a9ebe3538cb3e982586c23f0b0cfa78126198a0a496d96734880885e4aef7b35d90af287f9d5b18998fba69cf5a13b9153edc5f1c3cd0d181c1cecb4936a489f34682b056eaf5c57caea4a9ebd9fc7d842bc3850046f925dc430769863922ce5bea6709fa9bf7f21098097d7f47c74269b524c4194bceae0571fe968ebdda85a28fa5be7f794632189da179e248fdc237a3ba3fd53845e42db45747caa6cebf574e9abb75e3b33c1096e40e0e845385d6f961c56fd1c71f92ae31a0c9088b2100b457cf2f8b33ac984fe79ceeb65fde350f9c6229433aa20d226aeb7677e0e7e8002e3e220fb74d4a1bc07ca43fa23fcf9cbabe7799b5b8daeb63b35923c4a92d2c636d36d58e719e6855b57445a26072d716aba7b653dfcdee115b3310b0c8af8649337597c1ac8bcee8b0533cb458d165b4ca4ee72c60a49f4a7061aab09449a318a6dc1d5b1a4f2a7f82c5af241e1f0cbe3e9fd5079e385ec86bc978ca82aaf1de5b470dcbb06b5f0360142857a0519583e3a77a6fbdadfff48de440bb5c3dcb2c3e6624800fa7898ab00242b7109809d58e5aa8a25705266d9bb04f165f843f1c61c23b41f010ad67f80aa8e455385cf3ff89073dc9434ce9be78993d6c73a8adf4db6b540e7a9f60d8dbcf3133a8f5c5c59f8378f2e5aad07f31707fb9834c66d6d0ded8a8b2d984ff5b4bfe70bb6479aecf208beb8f4da7b23957ce77d574993e1a44de0b3a5cb245f0ebf8ea32a22472270798defec3deeb94a4d025d1fe276612ebfe0f4e6e639de1300d47e542fb032150ab0aded71ba693817feb9cb43beb6f3074c2d7bfb77b9b2783e0335449c9a9775ccf9060ab2468a6644ebddd41f70add6d2d24fb9dd377c4f0dce3439283f22075ff3973e4e70e0bdcb53001be03800392084d6768c3e8f7fad09b192a497a36f602d07655d3e6a7ccab561ab92c79506e1e06aad05975accc9b8b48c41da8bc611d331717ee312d77403f9f66ee9a81fa4e624cca690540dca722986dc740a919597f7836ee95b554d3c34db3443ee5b6908f8623b2c82f32b65c3e8c3c0e15c3065d09214ea6290b55bf5520ee92825d9c82745bb5368ddda47036390910e26470b96cfd7c4e7b0df89f897153fd5ab4302de65fcda1f48206346d6051a94d8e0c32b959d914c218f54813811d13d99ef6259f54c0e635c04f875772b38524e94fae3a73109f60d0b00c96c1809f37e8fb37e61620690b07d726d388e9ae5dbc3a1c3557d1e4288da0622d77081ab4cd00ce22243824c363ad1be5cb0ceaad6336a797d8ca6d988c4373b3c00667d651452d50f81a830ac6ebb71559590181eea67dce1599d13f2e778d69a40c2b736dcc7c36782c1788cdc8d5c3820d68093ea84d56daaeaac19c19724ed7d3ebc1b8c1e3092839314dc6eddd99dc0eede13dbcb7fd22d401df8eb7f679a04f785006d3b4c4012bf78b7e43b1b355a9f6d04ca0e86c32d44f73fa514d1e2b147464", 0x2000, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r5, 0x800448d4, &(0x7f0000000080)={0x0, 0x200, "408b7c"})

3.930975473s ago: executing program 1 (id=1165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r0 = epoll_create(0x400)
r1 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000))
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000300)=""/246, 0xf6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000700)=ANY=[], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000000)="5becbc0e0d7cca6073a4f11d1b00", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
add_key$user(0x0, &(0x7f0000000440), &(0x7f00000005c0)="ca996e4a4c9748265ca5b19498b6941430e963570a676702000000a4c124ed6bfe0d8004a355af19a6e3", 0x2a, 0xfffffffffffffffd)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000022000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

1.637497921s ago: executing program 4 (id=1168):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ec0)={'wpan0\x00'})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x54}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x8, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r2, 0x0, 0x1, &(0x7f0000000080)=0x9fe, 0x4)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt(r4, 0x84, 0x11, &(0x7f00000002c0)="1a00000002000000", 0x8)
r5 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f0000000180)=0x207f, 0x4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=ANY=[@ANYBLOB="b80000001b000100000000000000000000000000000000000000000097c200010000000000000000000000000000000000000000000000000000002000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000200000000000000030000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000004000000080000000000000200"], 0xb8}}, 0x0)
sendmmsg$inet6(r3, &(0x7f0000005c80)=[{{&(0x7f0000000200)={0xa, 0x4e22, 0x0, @local, 0x101}, 0x1c, 0x0}}], 0x0, 0xb80b)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c9300c000800050007fa04"], 0x11)
sendto$l2tp6(r5, 0x0, 0x0, 0x4000000, 0x0, 0x0)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @remote, 0x1}, 0x1c)

1.636490405s ago: executing program 1 (id=1169):
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000200)=""/209, 0xd1) (async)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000600)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0xc05c5340, &(0x7f0000000440)) (async)
tkill(r0, 0x7) (async)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async, rerun: 64)
r3 = memfd_create(&(0x7f0000003040)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc1&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda\xb5_\x1a\xfc\xe8\xe4\xbc\xbe\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) (rerun: 64)
ftruncate(r3, 0xffff) (async)
fcntl$addseals(r3, 0x409, 0x7)
r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000100)={r3, 0x0, 0x0, 0x1000})
r5 = fcntl$dupfd(r4, 0x0, r4)
lseek(r5, 0xa720, 0x3)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r6, 0x4020aed2, &(0x7f0000000040)={0xeeee8000, 0x10000})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000180)=0x1b) (async)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000140)=0x1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r8, 0x29, 0x12, 0x0, 0x0) (async, rerun: 64)
accept4(r8, &(0x7f00000000c0)=@generic, &(0x7f00000001c0)=0x80, 0x80800) (async, rerun: 64)
getsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000300)=0x2, &(0x7f0000000340)=0x4)

1.593081551s ago: executing program 0 (id=1171):
r0 = openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x40103, 0x0)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r0, 0x80045104, &(0x7f0000000040))
r1 = getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, r1, 0x3, &(0x7f0000000080))
r2 = getpgrp(r1)
r3 = epoll_create1(0x80000)
kcmp$KCMP_EPOLL_TFD(r2, r1, 0x7, r0, &(0x7f00000000c0)={r3, r0, 0x1})
r4 = accept4$x25(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x80000)
getsockname(r4, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, <r5=>0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f00000001c0)=0x80)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000009, 0x40010, 0xffffffffffffffff, 0x8000000)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x5, 0x110, 0xffffffffffffffff, 0x10000000)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_CLOSE={0x13, 0x11, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r8}})
setsockopt$bt_BT_SNDMTU(r5, 0x112, 0xc, &(0x7f0000000240), 0x2)
r9 = syz_open_procfs(r2, &(0x7f0000000280)='cpuset\x00')
fcntl$notify(r0, 0x402, 0x8000002e)
write$6lowpan_enable(r9, &(0x7f00000002c0)='0', 0x1)
r10 = openat$hpet(0xffffff9c, &(0x7f0000000300), 0x181000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r10, 0xc0189372, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r11=>r4, {0x700}}, './file0\x00'})
ioctl$F2FS_IOC_GET_PIN_FILE(r3, 0x8004f50e, &(0x7f0000000380))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0x1)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r9, 0xc0684113, &(0x7f0000000400)={0x1, 0x3c1, 0x7fffffff, 0x9, 0x896d, 0x1, 0x7ff, 0x4, 0x6, 0x4, 0x9, 0x1})
fstat(r11, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r14=>0x0, <r15=>0x0})
fchown(r12, 0x0, r15)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, &(0x7f0000000500)={'wlan1\x00'})
r16 = socket$tipc(0x1e, 0x2, 0x0)
close_range(r16, r0, 0x0)
connect$caif(r11, &(0x7f0000000540)=@dgm={0x25, 0x2, 0x7}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f00000005c0), 0x80000, &(0x7f00000006c0)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@directio}], [{@subj_type}, {@uid_lt={'uid<', r14}}, {@smackfstransmute={'smackfstransmute', 0x3d, '(+\''}}, {@euid_gt}, {@obj_role={'obj_role', 0x3d, '\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x35, 0x36, 0x37, 0x18, 0x32, 0x39, 0x66], 0x2d, [0x66, 0x65, 0x35, 0x64], 0x2d, [0x56, 0x39, 0x37, 0x38], 0x2d, [0x66, 0x61, 0x33, 0x32], 0x2d, [0x31, 0x61, 0x65, 0x34, 0x35, 0x39, 0x39, 0x66]}}}]}})

1.59084063s ago: executing program 0 (id=1173):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000010a01040000000000030000070000000900010073797a30000000004c000000090a01040000000000000000070000ff07000040000000000900020073797a310000001e0900010073797a3000000000080005400000000c08000640ffffff258da43540000000084c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000200003801c0000800800034000000002100002800c00028008000180fffffffd14000000300001ab"], 0xe0}}, 0x0)

1.556678845s ago: executing program 0 (id=1174):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

1.492299354s ago: executing program 0 (id=1176):
r0 = syz_io_uring_setup(0x3570, &(0x7f0000000280)={0x0, 0x4d01, 0x100, 0x1, 0x190}, &(0x7f0000000300), &(0x7f0000000340))
io_uring_enter(r0, 0x7a18, 0x28a9, 0x10, &(0x7f0000000380)={[0x2, 0xc2b]}, 0x8)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat2$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x125000, 0x0, 0x1b}, 0x18)
openat2(r3, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x81, 0x10, 0x2f}, 0x18)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000200)=ANY=[@ANYBLOB="080000000000000002"])
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r6, 0x4018aebd, &(0x7f0000000040)={0x40})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac14140008000800", @ANYRES8], 0x2c}}, 0x0)

1.491555585s ago: executing program 1 (id=1178):
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0xa, &(0x7f0000000180)=0x67e, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x143001)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x231, 0x0, 0x0, &(0x7f00000001c0))
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
getsockopt$ARPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x63, 0x0, &(0x7f0000000040))
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018130000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000080)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r9, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d19"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0xc0, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {0x600}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8}]}}, @filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x8, 0x5}}]}}, @filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x6}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x1}, @TCA_FLOWER_KEY_PORT_SRC_MIN={0x6, 0x57, 0x4e22}, @TCA_FLOWER_KEY_TCP_FLAGS_MASK={0x6, 0x48, 0x6}, @TCA_FLOWER_KEY_MPLS_OPTS={0x28, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_TC={0x5, 0x4, 0x4}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TTL={0x5, 0x2, 0x1}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8, 0x5, {0xffff9}}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x3}]}}]}}, @TCA_CHAIN={0x8, 0xb, 0x5}]}, 0xc0}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)

1.28846543s ago: executing program 0 (id=1179):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x44084)
getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00', 0x0, [0x7, 0xc046, 0x0, 0x80, 0x8]}, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffc, 0x6, 0xfd, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0x10, 0x39, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffce, 0x900})
io_setup(0x1, 0x0)
r2 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
request_key(&(0x7f0000000540)='user\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)=',$:@^@,\x00', 0x0)
add_key$user(&(0x7f0000000480), 0x0, 0x0, 0x0, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
creat(0x0, 0x583581b48b0c2945)
socket(0x1e, 0x4, 0x0)

1.286523728s ago: executing program 2 (id=1180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x4e21, 0x0, @mcast2}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a6803e10951cd4b347113e55eb289519becf7542da0bc21470e441225642855b5f2f4bb561dc9363aed4a18d67efd5f2fdf98328de9441031348589b763d46d14810acc5f700"}, 0xd8)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e21, 0x0, @loopback, 0xfffffc01}}, 0x0, 0x0, 0xc, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347103e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3bfffff00"}, 0xd8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000003ff0000000000", 0x58}], 0x1)

1.212267263s ago: executing program 2 (id=1181):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x39}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {}, 0x0, 0x0, 0x1}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, @in=@multicast1}}, 0xe8)

1.197237667s ago: executing program 2 (id=1182):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x0, 0x1, 'none\x00'}, 0x2c) (async)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @remote, 0x4e22, 0x200000001, 'sh\x00', 0x0, 0xfffffffd}, 0x2c) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$netlink(0x10, 0x3, 0x13)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
io_uring_setup(0x6281, &(0x7f0000000080)) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200201, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x12, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x0, &(0x7f00000001c0)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r4 = socket$inet6(0xa, 0x1, 0x8)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) (async)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c) (async)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000280)='0', 0x1) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)

1.131196541s ago: executing program 2 (id=1183):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = socket(0x8000000010, 0x2, 0x0)
write(r1, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000e00), 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000e00)=@newtaction={0x64, 0x30, 0x1, 0x3, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x2, 0x9, 0x10000000}, 0x1}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000640)={{@my=0x1}, @local, 0x0, 0x2925, 0x0, 0x20000000, 0xfffffffffffffffd})
close_range(r0, 0xffffffffffffffff, 0x0)

653.222012ms ago: executing program 4 (id=1184):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000)=0x5, 0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r6, 0x4bfb, &(0x7f0000000000))
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$video4linux(&(0x7f0000000480), 0x5, 0x0)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010002104000000000000000000000040", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x44}}, 0x0)

588.784475ms ago: executing program 1 (id=1185):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001900000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000940)=""/188, 0xbc}], 0x1}, 0x4c2103a2)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x40102)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r5, 0xc034564b, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80fe)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x1, 0x1c8, [0x3, 0x40000000, 0x2, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000000000000900000000000000f38bb23dd23f44100000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001d00000000000000000065727370616e3000000000000000000062726964676530000000000000000000b43b24af61af8e2f000000000000000065716c00000000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000a000000010010000380100006d61726b5f6d00000000000000000000000000000000000000000000000000000c0000000400000001000000000100006e666c6f670000000000000000000000000000000000000000000000000000004c0000006d8000000900090000000000b80eba8ec4468a0538ee0eed5dd9119d918668afa6c019b085be3837595dc113ccf27499f7202a2b59394b2619bcf57ec99b9abb99943198532b0b7bdd0f61e5726564697265637400000000000000000000000000000000000000000000000004000000fdffffff"]}, 0x218)
syz_emit_ethernet(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x0, 0x0})
preadv(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r8, 0x4068aea3, &(0x7f0000000080)={0xc9})
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
openat2(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x600400, 0x0, 0x25}, 0x18)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="2000000004000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000000072c10000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ffffffff0600"/28], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001400)={r0, 0x0, 0x8d, 0x1000, &(0x7f0000000300)="96214e7c3b5a102b6fa58a65a1d271a6a189529d20078c2026a118b3c979d5565af9dd102f1567d9fb5d3cdff4a6121152b21f2b3e2bf14238f4d4adc4b3219b3497bbd12e192914d6df7d690fcae9db066bd1ec8fcba6e39967a63214376b0daa3564758e8c17fdf200068e65cab3d3da79d1dd91219a4c0055810bdf0e6c6f488aaaf08c37d8da6b25c94565", &(0x7f0000000400)=""/4096, 0x2, 0x0, 0xc0, 0x62, &(0x7f0000000000)="bf05030b044507bb02b6fe1df40618f89f947cce2cf2ff558dd48ce68e5012e4f458d823590e725630ac3fb39b8e7fe945b78a72293a525e4b7fe19838edc42e2828fe36961d34749fe8d96de4b04423e9aaa8c77a40ba1062d83cdbbf108711f218f3d28a6995a1af88e79aa88121e4b1942eef591f8048886122874a82b40b38c0b4f056997b10c6760a47665d295055978c319682d57794854d5601294f96bdbd288e1139862d2ba0a5330e9bc8917e42841a00d3d58e319ddb30b153fb8c", &(0x7f0000000200)="974547417d97c583ea605c5688e5734a6bdb8773e27397f5dc6ffb2bd4b47795c97c90699b9d415550bf66d1e99a61f17748de4933a7aac1dcb34be68a53755042b0a8037b159a5a37c11a3621495910272aa278e98a15088ac527e9f6c23bcc8a02", 0x4, 0x0, 0xfffffffd}, 0x4c)

177.197452ms ago: executing program 0 (id=1186):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000002, 0x6031, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, r2, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x1}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xa1}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xa)

176.314839ms ago: executing program 2 (id=1187):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18050000000000000000000002000000b7480000000000007b8af8ff00200000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async, rerun: 32)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) (async, rerun: 32)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) (async)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) (async, rerun: 64)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) (async, rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000002c0)=""/31, 0x1f}, {&(0x7f0000000680)=""/155, 0x9b}, {&(0x7f0000000500)}, {&(0x7f0000000740)=""/131, 0x83}, {&(0x7f0000000800)=""/101, 0x65}, {&(0x7f0000000880)=""/97, 0x61}, {&(0x7f0000000900)=""/169, 0xa9}], 0x7, &(0x7f0000000a00)=""/149, 0x95}}, {{&(0x7f0000000ac0)=@alg, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000b40)=""/14, 0xe}, {&(0x7f0000000b80)=""/108, 0x6c}], 0x2, &(0x7f0000001700)=""/4096, 0x1000}, 0x7}, {{&(0x7f0000000c80)=@generic, 0x80, &(0x7f00000012c0), 0x0, &(0x7f0000001340)}, 0x6}], 0x3, 0x2085, 0x0) (async)
write(r3, &(0x7f0000000000)="38000300010003", 0x7)
r5 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r5) (async)
request_key(&(0x7f0000000300)='logon\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000380)='syz', 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000440)=@chain)
r6 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000002740)={&(0x7f0000000440)=[{0xb9, 0x1800, 0x0, 0x0}, {0x1, 0x1000, 0x1, &(0x7f0000000280)="9d"}], 0x2}) (async, rerun: 32)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000003600)={0x6, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702500000000fe1f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) (rerun: 32)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 2 (id=1188):
r0 = syz_io_uring_setup(0x3570, &(0x7f0000000280)={0x0, 0x4d01, 0x100, 0x1, 0x190}, &(0x7f0000000300), &(0x7f0000000340))
io_uring_enter(r0, 0x7a18, 0x28a9, 0x10, &(0x7f0000000380)={[0x2, 0xc2b]}, 0x8)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat2$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x125000, 0x0, 0x1b}, 0x18)
openat2(r3, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x81, 0x10, 0x2f}, 0x18)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000200)=ANY=[@ANYBLOB="080000000000000002"])
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r6, 0x4018aebd, &(0x7f0000000040)={0x40})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac14140008000800", @ANYRES8], 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

[   52.971849][ T6293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'.
[   53.225495][ T6297] capability: warning: `syz.1.84' uses deprecated v2 capabilities in a way that may be insecure
[   53.234217][ T6300] bridge_slave_0: left allmulticast mode
[   53.236126][ T6300] bridge_slave_0: left promiscuous mode
[   53.238895][ T6300] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.247338][ T6300] bridge_slave_1: left allmulticast mode
[   53.250108][ T6300] bridge_slave_1: left promiscuous mode
[   53.252121][ T6300] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.259874][ T6300] bond0: (slave bond_slave_0): Releasing backup interface
[   53.263677][ T6300] bond0: (slave bond_slave_1): Releasing backup interface
[   53.277888][ T6300] team0: Port device team_slave_0 removed
[   53.283771][ T6300] team0: Port device team_slave_1 removed
[   53.286260][ T6300] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   53.288722][ T6300] batman_adv: batadv0: Removing interface: batadv_slave_0
[   53.293269][ T6300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   53.295998][ T6300] batman_adv: batadv0: Removing interface: batadv_slave_1
[   53.311688][ T6301] team0: Mode changed to "random"
[   53.319510][ T6300] vlan0: entered promiscuous mode
[   53.326893][ T6300] team0: Port device vlan0 added
[   53.330472][ T6300] tipc: Started in network mode
[   53.332356][ T6300] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   53.334693][ T6300] tipc: Enabled bearer <eth:team0>, priority 0
[   53.516814][ T6315] loop9: detected capacity change from 0 to 6
[   53.519891][ T6315] Dev loop9: unable to read RDB block 6
[   53.521421][ T6315]  loop9: unable to read partition table
[   53.522958][ T6315] loop9: partition table beyond EOD, truncated
[   53.524593][ T6315] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   53.524593][ T6315] 
) failed (rc=-5)
[   53.874468][ T6329] netlink: 12 bytes leftover after parsing attributes in process `syz.0.92'.
[   54.232088][ T6341] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.302408][   T56] IPVS: starting estimator thread 0...
[   54.345322][ T6064] tipc: Node number set to 11578026
[   54.446582][ T6345] process 'syz.3.96' launched './file0' with NULL argv: empty string added
[   54.495274][ T6346] IPVS: using max 38 ests per chain, 91200 per kthread
[   54.574221][ T6352] netlink: 12 bytes leftover after parsing attributes in process `syz.3.98'.
[   54.584589][ T6352] bond1: entered promiscuous mode
[   54.586787][ T6352] 8021q: adding VLAN 0 to HW filter on device bond1
[   54.665996][ T6354] netlink: 3 bytes leftover after parsing attributes in process `syz.3.98'.
[   54.675584][ T6354] batadv1: entered promiscuous mode
[   54.681621][ T6354] batadv1: entered allmulticast mode
[   54.691200][ T6354] 8021q: adding VLAN 0 to HW filter on device batadv1
[   54.702633][ T6354] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   55.339259][ T6368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.101'.
[   55.530611][ T6378] netlink: 12 bytes leftover after parsing attributes in process `syz.1.106'.
[   55.668561][   T56] IPVS: starting estimator thread 0...
[   55.778516][ T6392] IPVS: using max 38 ests per chain, 91200 per kthread
[   56.038814][ T6407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.118'.
[   56.117335][ T6411] netlink: 12 bytes leftover after parsing attributes in process `syz.0.119'.
[   56.130107][ T6411] bond1: entered promiscuous mode
[   56.132175][ T6411] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.144490][ T6414] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   56.222434][ T6419] netlink: 3 bytes leftover after parsing attributes in process `syz.0.119'.
[   56.231664][ T6419] batadv1: entered promiscuous mode
[   56.233288][ T6419] batadv1: entered allmulticast mode
[   56.239299][ T6419] 8021q: adding VLAN 0 to HW filter on device batadv1
[   56.243028][ T6419] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   56.504476][ T6425] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   56.735671][ T5943] Bluetooth: hci1: command tx timeout
[   57.108194][ T6433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.129'.
[   57.141822][ T6440] netlink: 'syz.2.125': attribute type 1 has an invalid length.
[   57.167632][ T6440] bond1: (slave gretap1): making interface the new active one
[   57.170130][ T6440] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   57.224146][ T6449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.131'.
[   57.344073][ T6465] netlink: 12 bytes leftover after parsing attributes in process `syz.1.136'.
[   57.350345][ T6471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.138'.
[   57.353584][ T6465] bond1: entered promiscuous mode
[   57.355810][ T6465] 8021q: adding VLAN 0 to HW filter on device bond1
[   57.492164][ T6485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.141'.
[   57.503340][ T6485] Zero length message leads to an empty skb
[   57.585100][ T6487] batadv1: entered promiscuous mode
[   57.586498][ T6487] batadv1: entered allmulticast mode
[   57.588420][ T6487] 8021q: adding VLAN 0 to HW filter on device batadv1
[   57.591376][ T6487] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   58.171147][ T6511] netlink: 'syz.3.144': attribute type 2 has an invalid length.
[   58.214328][ T6512] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   58.434688][ T6526] af_packet: tpacket_rcv: packet too big, clamped from 57 to 4294967272. macoff=96
[   58.600714][   T39] kauditd_printk_skb: 21 callbacks suppressed
[   58.600848][   T39] audit: type=1326 audit(1734423281.174:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.609463][   T39] audit: type=1326 audit(1734423281.174:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.628257][   T39] audit: type=1326 audit(1734423281.174:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.633787][   T39] audit: type=1326 audit(1734423281.174:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.641834][   T39] audit: type=1326 audit(1734423281.174:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.648704][   T39] audit: type=1326 audit(1734423281.174:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.655519][   T39] audit: type=1326 audit(1734423281.174:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.661085][   T39] audit: type=1326 audit(1734423281.174:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.666986][   T39] audit: type=1326 audit(1734423281.174:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.672602][   T39] audit: type=1326 audit(1734423281.174:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6534 comm="syz.2.157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[   58.997403][ T6547] tmpfs: Bad value for 'mpol'
[   59.000275][ T6547] warning: `syz.2.154' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   59.066530][ T6561] x_tables: duplicate underflow at hook 2
[   59.069119][ T6561] loop9: detected capacity change from 0 to 6
[   59.082453][ T6561] Dev loop9: unable to read RDB block 6
[   59.083992][ T6561]  loop9: unable to read partition table
[   59.086407][ T6561] loop9: partition table beyond EOD, truncated
[   59.088057][ T6561] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   59.088057][ T6561] 
) failed (rc=-5)
[   59.181220][ T6571] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.269386][ T6572] FAULT_INJECTION: forcing a failure.
[   59.269386][ T6572] name failslab, interval 1, probability 0, space 0, times 0
[   59.272868][ T6572] CPU: 1 UID: 0 PID: 6572 Comm: syz.2.160 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[   59.275596][ T6572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.278351][ T6572] Call Trace:
[   59.279223][ T6572]  <TASK>
[   59.279999][ T6572]  dump_stack_lvl+0x16c/0x1f0
[   59.281233][ T6572]  should_fail_ex+0x497/0x5b0
[   59.282510][ T6572]  should_failslab+0xc2/0x120
[   59.283765][ T6572]  __kmalloc_cache_noprof+0x68/0x420
[   59.285131][ T6572]  ? security_file_permission+0x71/0x210
[   59.286594][ T6572]  io_arm_poll_handler+0x3e7/0xc60
[   59.287923][ T6572]  ? __pfx_io_arm_poll_handler+0x10/0x10
[   59.289389][ T6572]  ? io_read+0x32/0x70
[   59.290460][ T6572]  io_queue_async+0xaa/0x420
[   59.291675][ T6572]  io_submit_sqes+0x177a/0x25f0
[   59.293000][ T6572]  __do_sys_io_uring_enter+0xd43/0x1620
[   59.294450][ T6572]  ? __pfx___schedule+0x10/0x10
[   59.295722][ T6572]  ? __fget_files+0x206/0x3a0
[   59.296957][ T6572]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   59.298513][ T6572]  ? fput+0x67/0x440
[   59.299543][ T6572]  ? ksys_write+0x1ba/0x250
[   59.300734][ T6572]  __do_fast_syscall_32+0x73/0x120
[   59.302062][ T6572]  do_fast_syscall_32+0x32/0x80
[   59.303362][ T6572]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   59.304990][ T6572] RIP: 0023:0xf7fbf579
[   59.306048][ T6572] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   59.311014][ T6572] RSP: 002b:00000000f50d455c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   59.313186][ T6572] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000000047f6
[   59.315212][ T6572] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   59.317231][ T6572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   59.319263][ T6572] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   59.321288][ T6572] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   59.323322][ T6572]  </TASK>
[   60.218733][ T6595] netlink: 'syz.0.165': attribute type 1 has an invalid length.
[   60.462980][ T6582] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   60.771176][ T6613] __nla_validate_parse: 5 callbacks suppressed
[   60.771187][ T6613] netlink: 24 bytes leftover after parsing attributes in process `syz.3.177'.
[   60.962966][ T6619] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   61.238192][ T6632] netlink: 280 bytes leftover after parsing attributes in process `syz.1.184'.
[   61.293541][ T6647] bridge_slave_0: left allmulticast mode
[   61.295795][ T6647] bridge_slave_0: left promiscuous mode
[   61.297464][ T6647] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.331831][ T6647] bridge_slave_1: left allmulticast mode
[   61.333373][ T6647] bridge_slave_1: left promiscuous mode
[   61.335733][ T6649] loop9: detected capacity change from 0 to 6
[   61.339040][ T6647] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.341516][ T6649] Dev loop9: unable to read RDB block 6
[   61.343026][ T6649]  loop9: unable to read partition table
[   61.344545][ T6649] loop9: partition table beyond EOD, truncated
[   61.349674][ T6647] bond0: (slave bond_slave_0): Releasing backup interface
[   61.351591][ T6649] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   61.351591][ T6649] 
) failed (rc=-5)
[   61.362465][ T6647] bond0: (slave bond_slave_1): Releasing backup interface
[   61.389577][ T6647] team0: Port device team_slave_0 removed
[   61.410514][ T6647] team0: Port device team_slave_1 removed
[   61.412415][ T6647] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.414473][ T6647] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.418623][ T6647] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.420685][ T6647] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.432216][ T6647] bond1: (slave batadv1): Releasing backup interface
[   61.457997][ T6650] team0: Mode changed to "random"
[   61.460761][ T6656] vlan0: entered promiscuous mode
[   61.474355][ T6656] team0: Port device vlan0 added
[   61.671743][ T6682] netdevsim netdevsim2: Direct firmware load for .
[   61.671743][ T6682]  failed with error -2
[   61.675265][ T6682] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[   61.675265][ T6682] 
[   61.738012][ T6685] netlink: 12 bytes leftover after parsing attributes in process `syz.0.200'.
[   61.755292][ T6685] bond3: entered promiscuous mode
[   61.756849][ T6685] 8021q: adding VLAN 0 to HW filter on device bond3
[   62.485732][ T6692] fuse: Bad value for 'fd'
[   62.732787][ T6710] netlink: 'syz.1.205': attribute type 4 has an invalid length.
[   62.749966][ T6710] netlink: 'syz.1.205': attribute type 4 has an invalid length.
[   62.756068][ T6710] syz.1.205 (6710) used greatest stack depth: 20720 bytes left
[   63.011201][ T6729] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[   63.015167][ T6729] batman_adv: batadv0: Adding interface: gretap2
[   63.016931][ T6729] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.023488][ T6729] batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active
[   63.173544][ T6731] netlink: 4 bytes leftover after parsing attributes in process `syz.0.215'.
[   63.389884][ T6740] netlink: 12 bytes leftover after parsing attributes in process `syz.1.218'.
[   63.399736][ T6740] bond2: entered promiscuous mode
[   63.401523][ T6740] 8021q: adding VLAN 0 to HW filter on device bond2
[   64.311085][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.228'.
[   65.073182][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.233'.
[   65.162701][ T6813] netlink: 12 bytes leftover after parsing attributes in process `syz.2.235'.
[   65.192534][ T6818] netlink: 12 bytes leftover after parsing attributes in process `syz.2.236'.
[   65.200465][ T6818] bond2: entered promiscuous mode
[   65.202235][ T6818] 8021q: adding VLAN 0 to HW filter on device bond2
[   65.276943][ T6824] netlink: 3 bytes leftover after parsing attributes in process `syz.2.236'.
[   65.290944][ T6824] batadv1: entered promiscuous mode
[   65.293025][ T6824] batadv1: entered allmulticast mode
[   65.298994][ T6824] 8021q: adding VLAN 0 to HW filter on device batadv1
[   65.302033][ T6824] bond2: (slave batadv1): Enslaving as an active interface with an up link
[   65.818902][ T6828] raw_sendmsg: syz.1.238 forgot to set AF_INET. Fix it!
[   66.030314][ T6840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.242'.
[   67.242118][   T39] kauditd_printk_skb: 34 callbacks suppressed
[   67.242128][   T39] audit: type=1800 audit(1735471865.972:77): pid=6860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.248" name="file0" dev="9p" ino=36574229 res=0 errno=0
[   67.285031][ T6863] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   67.360338][   T39] audit: type=1326 audit(1735471866.085:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.366808][   T39] audit: type=1326 audit(1735471866.085:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.372425][   T39] audit: type=1326 audit(1735471866.085:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.377994][   T39] audit: type=1326 audit(1735471866.085:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.383466][   T39] audit: type=1326 audit(1735471866.085:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.389119][   T39] audit: type=1326 audit(1735471866.085:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.394620][   T39] audit: type=1326 audit(1735471866.085:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.400227][   T39] audit: type=1326 audit(1735471866.095:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.405684][   T39] audit: type=1326 audit(1735471866.095:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.3.251" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7ffc0000
[   67.426092][ T6864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   67.515330][ T6878] =======================================================
[   67.515330][ T6878] WARNING: The mand mount option has been deprecated and
[   67.515330][ T6878]          and is ignored by this kernel. Remove the mand
[   67.515330][ T6878]          option from the mount to silence this warning.
[   67.515330][ T6878] =======================================================
[   67.525845][ T6878] fuse: Bad value for 'fd'
[   67.990097][ T6911] bridge_slave_0: left allmulticast mode
[   67.991634][ T6911] bridge_slave_0: left promiscuous mode
[   67.993236][ T6911] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.996881][ T6911] bridge_slave_1: left allmulticast mode
[   67.998405][ T6911] bridge_slave_1: left promiscuous mode
[   67.999899][ T6911] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.005399][ T6911] bond0: (slave bond_slave_0): Releasing backup interface
[   68.010679][ T6911] bond0: (slave bond_slave_1): Releasing backup interface
[   68.023415][ T6911] team0: Port device team_slave_0 removed
[   68.028621][ T6911] team0: Port device team_slave_1 removed
[   68.030456][ T6911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   68.032383][ T6911] batman_adv: batadv0: Removing interface: batadv_slave_0
[   68.036587][ T6911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   68.038764][ T6911] batman_adv: batadv0: Removing interface: batadv_slave_1
[   68.046067][ T6911] bond1: (slave batadv1): Releasing backup interface
[   68.065842][ T6912] team0: Mode changed to "random"
[   68.074498][ T6911] vlan0: entered promiscuous mode
[   68.079557][ T6911] team0: Port device vlan0 added
[   68.082863][ T6911] tipc: Started in network mode
[   68.084122][ T6911] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   68.086074][ T6911] tipc: Enabled bearer <eth:team0>, priority 0
[   68.140852][ T6924] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   68.142791][ T6924] overlayfs: failed to set xattr on upper
[   68.144252][ T6924] overlayfs: ...falling back to redirect_dir=nofollow.
[   68.146070][ T6924] overlayfs: ...falling back to index=off.
[   68.147573][ T6924] overlayfs: ...falling back to uuid=null.
[   68.965513][ T6951] netdevsim netdevsim2: Direct firmware load for .
[   68.965513][ T6951]  failed with error -2
[   68.968452][ T6951] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[   68.968452][ T6951] 
[   69.072135][   T30] tipc: Node number set to 11578026
[   69.660595][ T6968] sg_write: data in/out 11/10 bytes for SCSI command 0xfd-- guessing data in;
[   69.660595][ T6968]    program syz.0.281 not setting count and/or reply_len properly
[   70.100006][ T6979] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   70.164745][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.288'.
[   70.449625][ T1410] ieee802154 phy0 wpan0: encryption failed: -22
[   70.451371][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[   71.038259][ T7002] netlink: 12 bytes leftover after parsing attributes in process `syz.3.294'.
[   71.045552][ T7002] bond3: entered promiscuous mode
[   71.047218][ T7002] 8021q: adding VLAN 0 to HW filter on device bond3
[   71.122165][ T7006] netlink: 3 bytes leftover after parsing attributes in process `syz.3.294'.
[   71.177808][ T7006] batadv2: entered promiscuous mode
[   71.179749][ T7006] batadv2: entered allmulticast mode
[   71.184190][ T7006] 8021q: adding VLAN 0 to HW filter on device batadv2
[   71.188026][ T7006] bond3: (slave batadv2): Enslaving as an active interface with an up link
[   71.482970][ T7010] Cannot find map_set index 0 as target
[   71.997023][ T7019] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   71.998956][ T7019] tipc: Enabled bearer <udp:s>, priority 10
[   72.065416][ T7027] netlink: 48 bytes leftover after parsing attributes in process `syz.3.301'.
[   72.128024][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   72.393739][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   72.492645][ T7050] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   72.525731][ T7055] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'.
[   72.575389][ T7063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.316'.
[   72.650237][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.317'.
[   72.915597][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   73.464594][ T7078] netlink: 'syz.3.318': attribute type 10 has an invalid length.
[   73.476170][ T7078] team0: Port device netdevsim0 added
[   73.713525][ T7080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.320'.
[   73.881633][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   73.940665][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   73.980116][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   74.108121][ T2293] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.226591][    T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.359466][ T7119] netlink: 12 bytes leftover after parsing attributes in process `syz.1.330'.
[   74.368151][ T7119] bond3: entered promiscuous mode
[   74.369679][ T7119] 8021q: adding VLAN 0 to HW filter on device bond3
[   74.375005][   T30] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.404142][ T7124] wireguard0: entered promiscuous mode
[   74.405654][ T7124] wireguard0: entered allmulticast mode
[   74.443595][ T7130] sg_write: data in/out 11/10 bytes for SCSI command 0xfd-- guessing data in;
[   74.443595][ T7130]    program syz.2.328 not setting count and/or reply_len properly
[   74.506869][ T2293] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.650977][ T2293] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.702368][ T7138] netlink: 3 bytes leftover after parsing attributes in process `syz.1.330'.
[   74.707295][ T7138] batadv2: entered promiscuous mode
[   74.708628][ T7138] batadv2: entered allmulticast mode
[   74.710773][ T7138] 8021q: adding VLAN 0 to HW filter on device batadv2
[   74.713184][ T7138] bond3: (slave batadv2): Enslaving as an active interface with an up link
[   74.729998][ T2293] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   74.831566][   T30] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   75.006124][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   75.446346][ T7173] FAULT_INJECTION: forcing a failure.
[   75.446346][ T7173] name failslab, interval 1, probability 0, space 0, times 0
[   75.449470][ T7173] CPU: 1 UID: 0 PID: 7173 Comm: syz.3.342 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[   75.452228][ T7173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.454858][ T7173] Call Trace:
[   75.455693][ T7173]  <TASK>
[   75.456405][ T7173]  dump_stack_lvl+0x16c/0x1f0
[   75.457586][ T7173]  should_fail_ex+0x497/0x5b0
[   75.458903][ T7173]  ? fs_reclaim_acquire+0xae/0x150
[   75.460355][ T7173]  should_failslab+0xc2/0x120
[   75.461497][ T7173]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   75.462947][ T7173]  ? __alloc_skb+0x2b3/0x380
[   75.464291][ T7173]  __alloc_skb+0x2b3/0x380
[   75.465401][ T7173]  ? __pfx___alloc_skb+0x10/0x10
[   75.466674][ T7173]  ? if_nlmsg_size+0x45d/0xa70
[   75.467868][ T7173]  rtmsg_ifinfo_build_skb+0x81/0x280
[   75.469246][ T7173]  rtmsg_ifinfo+0x9f/0x1a0
[   75.470363][ T7173]  netdev_state_change+0x12f/0x150
[   75.471609][ T7173]  ? __pfx_netdev_state_change+0x10/0x10
[   75.473014][ T7173]  ? dev_change_flags+0x111/0x160
[   75.474268][ T7173]  do_setlink.constprop.0+0x3198/0x3f20
[   75.475649][ T7173]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   75.477110][ T7173]  ? bpf_trace_run2+0x2a6/0x590
[   75.478325][ T7173]  ? __pfx_bpf_trace_run2+0x10/0x10
[   75.479732][ T7173]  ? __pfx___mutex_trylock_common+0x10/0x10
[   75.481202][ T7173]  ? rtnl_newlink+0x5e4/0x1d70
[   75.482404][ T7173]  ? rcu_is_watching+0x12/0xc0
[   75.483606][ T7173]  ? trace_contention_end+0xee/0x140
[   75.484912][ T7173]  ? __mutex_lock+0x1cc/0xa60
[   75.486099][ T7173]  ? rtnl_newlink+0x5e4/0x1d70
[   75.487303][ T7173]  ? __pfx___mutex_lock+0x10/0x10
[   75.488590][ T7173]  ? apparmor_capable+0x114/0x1d0
[   75.489861][ T7173]  ? netlink_ns_capable+0xfa/0x130
[   75.491093][ T7173]  rtnl_newlink+0x17f1/0x1d70
[   75.492263][ T7173]  ? __pfx_rtnl_newlink+0x10/0x10
[   75.493531][ T7173]  ? __pfx___lock_acquire+0x10/0x10
[   75.494805][ T7173]  ? kmem_cache_free+0x152/0x4c0
[   75.496036][ T7173]  ? aa_get_newest_label+0x376/0x680
[   75.497350][ T7173]  ? find_held_lock+0x2d/0x110
[   75.498554][ T7173]  ? find_held_lock+0x2d/0x110
[   75.499776][ T7173]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   75.501049][ T7173]  ? __pfx_lock_release+0x10/0x10
[   75.502298][ T7173]  ? trace_lock_acquire+0x14e/0x1f0
[   75.503621][ T7173]  ? __pfx_rtnl_newlink+0x10/0x10
[   75.504891][ T7173]  rtnetlink_rcv_msg+0x95b/0xea0
[   75.506130][ T7173]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   75.507476][ T7173]  ? __pfx___dev_queue_xmit+0x10/0x10
[   75.508841][ T7173]  netlink_rcv_skb+0x165/0x410
[   75.510287][ T7173]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   75.512026][ T7173]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   75.513686][ T7173]  ? netlink_deliver_tap+0x1ae/0xca0
[   75.515261][ T7173]  netlink_unicast+0x53c/0x7f0
[   75.516718][ T7173]  ? __pfx_netlink_unicast+0x10/0x10
[   75.518321][ T7173]  ? __phys_addr_symbol+0x30/0x80
[   75.519772][ T7173]  ? __check_object_size+0x488/0x710
[   75.521127][ T7173]  netlink_sendmsg+0x8b8/0xd70
[   75.522315][ T7173]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.523641][ T7173]  ____sys_sendmsg+0x9ae/0xb40
[   75.524846][ T7173]  ? __pfx_____sys_sendmsg+0x10/0x10
[   75.526169][ T7173]  ? get_compat_msghdr+0x11b/0x170
[   75.527458][ T7173]  ___sys_sendmsg+0x135/0x1e0
[   75.528653][ T7173]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.530011][ T7173]  ? __pfx_lock_release+0x10/0x10
[   75.531256][ T7173]  ? trace_lock_acquire+0x14e/0x1f0
[   75.532554][ T7173]  ? __fget_files+0x206/0x3a0
[   75.533738][ T7173]  __sys_sendmsg+0x16e/0x220
[   75.534891][ T7173]  ? __pfx___sys_sendmsg+0x10/0x10
[   75.536167][ T7173]  __do_fast_syscall_32+0x73/0x120
[   75.537419][ T7173]  do_fast_syscall_32+0x32/0x80
[   75.538630][ T7173]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.540248][ T7173] RIP: 0023:0xf7f86579
[   75.541262][ T7173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.545945][ T7173] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   75.547980][ T7173] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000020000180
[   75.550030][ T7173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   75.551988][ T7173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.553952][ T7173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.555948][ T7173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.557918][ T7173]  </TASK>
[   75.580164][   T63] cfg80211: failed to load regulatory.db
[   75.598475][ T7173] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   75.792252][ T7190] team0: Port device vlan0 removed
[   75.798544][ T7190] bond1: (slave gretap1): Releasing active interface
[   75.802581][ T7190] batman_adv: batadv0: Removing interface: gretap2
[   75.809146][ T7190] bond2: (slave batadv1): Releasing backup interface
[   75.813595][ T6505] tipc: Resetting bearer <eth:team0>
[   75.833005][ T7190] team0: Unable to change to the same mode the team is in
[   75.844266][ T7190] team0: Port device vlan0 added
[   75.854847][ T7190] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[   75.874965][   T63] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   76.010375][ T7210] syz.2.347: attempt to access beyond end of device
[   76.010375][ T7210] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0
[   76.014535][ T7210] syz.2.347: attempt to access beyond end of device
[   76.014535][ T7210] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0
[   76.017706][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.020242][ T7210] syz.2.347: attempt to access beyond end of device
[   76.020242][ T7210] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0
[   76.024506][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.027256][ T7210] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.029141][ T7210] UDF-fs: Scanning with blocksize 512 failed
[   76.031262][ T7210] syz.2.347: attempt to access beyond end of device
[   76.031262][ T7210] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[   76.034634][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   76.037071][ T7210] syz.2.347: attempt to access beyond end of device
[   76.037071][ T7210] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[   76.040320][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.043597][ T7210] syz.2.347: attempt to access beyond end of device
[   76.043597][ T7210] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[   76.047935][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.050331][ T7210] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.052384][ T7210] UDF-fs: Scanning with blocksize 1024 failed
[   76.057940][ T7210] syz.2.347: attempt to access beyond end of device
[   76.057940][ T7210] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[   76.061837][ T7210] syz.2.347: attempt to access beyond end of device
[   76.061837][ T7210] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[   76.065668][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.068169][ T7210] syz.2.347: attempt to access beyond end of device
[   76.068169][ T7210] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[   76.071299][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.074444][ T7210] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.076323][ T7210] UDF-fs: Scanning with blocksize 2048 failed
[   76.078056][ T7210] syz.2.347: attempt to access beyond end of device
[   76.078056][ T7210] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[   76.081521][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.087893][ T7210] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.090630][ T7210] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.092657][ T7210] UDF-fs: Scanning with blocksize 4096 failed
[   76.094210][ T7210] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[   76.097431][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.100961][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.103806][ T7209] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.105697][ T7209] UDF-fs: Scanning with blocksize 512 failed
[   76.107487][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.109877][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.112613][ T7209] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.114616][ T7209] UDF-fs: Scanning with blocksize 1024 failed
[   76.116460][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.119515][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.122920][ T7209] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.124949][ T7209] UDF-fs: Scanning with blocksize 2048 failed
[   76.126950][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   76.129609][ T7209] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   76.132163][ T7209] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[   76.134174][ T7209] UDF-fs: Scanning with blocksize 4096 failed
[   76.135717][ T7209] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[   76.224841][ T7218] netlink: 732 bytes leftover after parsing attributes in process `syz.2.350'.
[   76.227161][ T7218] netlink: 732 bytes leftover after parsing attributes in process `syz.2.350'.
[   76.766620][ T7230] syz.0.353[7230] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.766763][ T7230] syz.0.353[7230] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.769661][ T7230] syz.0.353[7230] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   76.805858][   T39] kauditd_printk_skb: 16 callbacks suppressed
[   76.805868][   T39] audit: type=1400 audit(1735471875.688:103): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=222F2F26 pid=7231 comm="syz.1.354"
[   77.070774][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   77.115806][ T7242] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   77.132911][ T7242] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   77.619757][ T7264] netlink: 'syz.2.364': attribute type 1 has an invalid length.
[   77.621782][ T7264] netlink: 100 bytes leftover after parsing attributes in process `syz.2.364'.
[   77.708926][ T7267] netdevsim netdevsim2: Direct firmware load for .
[   77.708926][ T7267]  failed with error -2
[   77.712167][ T7267] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[   77.712167][ T7267] 
[   78.089132][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   78.255843][ T7277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   78.309638][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.369'.
[   78.555876][   T39] audit: type=1800 audit(1735471877.457:104): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.370" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[   78.790729][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.372'.
[   79.118442][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   79.509541][ T7322] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   79.513988][ T7322] batman_adv: batadv0: Adding interface: gretap1
[   79.515726][ T7322] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.521986][ T7322] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[   79.860786][ T7330] Cannot find map_set index 0 as target
[   79.886403][ T7332] netlink: 52 bytes leftover after parsing attributes in process `syz.1.384'.
[   80.158221][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   80.370170][ T7359] netlink: 220 bytes leftover after parsing attributes in process `syz.3.387'.
[   80.442324][ T7356] tipc: Started in network mode
[   80.444526][ T7356] tipc: Node identity ac1414aa, cluster identity 4711
[   80.446784][ T7356] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   80.448506][ T7356] tipc: Enabled bearer <udp:s>, priority 10
[   80.451506][ T6527] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   80.497184][ T7366] netlink: 48 bytes leftover after parsing attributes in process `syz.0.396'.
[   80.532741][   T39] audit: type=1326 audit(1735471879.447:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7367 comm="syz.0.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   80.538861][   T39] audit: type=1326 audit(1735471879.447:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7367 comm="syz.0.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   80.550368][   T39] audit: type=1326 audit(1735471879.467:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7367 comm="syz.0.397" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf705e579 code=0x7ffc0000
[   80.556546][   T39] audit: type=1326 audit(1735471879.467:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7367 comm="syz.0.397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   80.584342][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   80.664339][   T56] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   80.723106][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   80.818760][   T56] usb 8-1: config 0 has no interfaces?
[   80.820164][   T56] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   80.823079][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.826344][   T56] usb 8-1: config 0 descriptor??
[   80.861944][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   81.000614][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   81.076943][ T7364] kvm: pic: non byte read
[   81.078866][ T7364] kvm: pic: non byte read
[   81.081565][ T7364] kvm: pic: non byte read
[   81.083226][ T7364] kvm: pic: single mode not supported
[   81.083280][ T7364] kvm: pic: level sensitive irq not supported
[   81.085058][ T7364] kvm: pic: non byte read
[   81.101569][ T6527] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   81.139305][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   81.296212][ T7406] netlink: 256 bytes leftover after parsing attributes in process `syz.0.404'.
[   81.566240][ T1318] tipc: Node number set to 2886997162
[   81.885320][ T7435] netlink: 4 bytes leftover after parsing attributes in process `syz.3.411'.
[   82.028411][ T7443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.412'.
[   82.153709][ T7448] netlink: 8 bytes leftover after parsing attributes in process `syz.1.415'.
[   82.325504][ T7454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.418'.
[   82.365293][ T7456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.419'.
[   82.451484][ T7469] netlink: 8 bytes leftover after parsing attributes in process `syz.1.423'.
[   82.666558][ T7490] netlink: 4 bytes leftover after parsing attributes in process `syz.2.427'.
[   82.872723][   T39] audit: type=1326 audit(1735471881.807:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz.3.428" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f86579 code=0x7fc00000
[   83.241993][    C3] net_ratelimit: 8 callbacks suppressed
[   83.242004][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   83.559519][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   83.617783][ T7535] tipc: Started in network mode
[   83.619648][ T7535] tipc: Node identity f29f10187d05, cluster identity 4711
[   83.621576][ T7535] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   83.646677][ T7535] tipc: Disabling bearer <eth:syzkaller0>
[   83.905125][ T7557] netlink: 16 bytes leftover after parsing attributes in process `syz.0.441'.
[   84.274267][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   84.601969][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   84.727119][ T7571] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[   85.307039][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   85.624910][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   85.710498][ T7615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   85.849170][ T7619] team0: Port device vlan0 removed
[   85.855691][ T7619] team0: Port device netdevsim0 removed
[   85.860369][ T7619] bond3: (slave batadv2): Releasing backup interface
[   85.869382][ T6501] tipc: Resetting bearer <eth:team0>
[   85.879880][ T7619] team0: Unable to change to the same mode the team is in
[   85.886165][ T7619] team0: Port device vlan0 added
[   86.036728][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.1.465'.
[   86.340444][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   86.350870][ T7638] netlink: 12 bytes leftover after parsing attributes in process `syz.0.470'.
[   86.357817][ T7638] bond4: entered promiscuous mode
[   86.359301][ T7638] 8021q: adding VLAN 0 to HW filter on device bond4
[   86.429605][ T7640] netlink: 3 bytes leftover after parsing attributes in process `syz.0.470'.
[   86.437975][ T7640] batadv2: entered promiscuous mode
[   86.439395][ T7640] batadv2: entered allmulticast mode
[   86.444359][ T7640] 8021q: adding VLAN 0 to HW filter on device batadv2
[   86.448238][ T7640] bond4: (slave batadv2): Enslaving as an active interface with an up link
[   86.636839][ T7642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.471'.
[   86.658438][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   86.689546][ T7643] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   86.689633][ T7644] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   86.828854][ T7648] netlink: 'syz.3.473': attribute type 4 has an invalid length.
[   86.920618][ T7655] loop9: detected capacity change from 0 to 6
[   86.922588][ T7655] Dev loop9: unable to read RDB block 6
[   86.924071][ T7655]  loop9: unable to read partition table
[   86.925602][ T7655] loop9: partition table beyond EOD, truncated
[   86.927431][ T7655] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   86.927431][ T7655] 
) failed (rc=-5)
[   86.983086][ T7659] netlink: 12 bytes leftover after parsing attributes in process `syz.3.476'.
[   87.003250][ T7659] bond4: entered promiscuous mode
[   87.004704][ T7659] 8021q: adding VLAN 0 to HW filter on device bond4
[   87.084564][ T7665] netlink: 3 bytes leftover after parsing attributes in process `syz.3.476'.
[   87.088798][ T7665] batadv3: entered promiscuous mode
[   87.090241][ T7665] batadv3: entered allmulticast mode
[   87.092250][ T7665] 8021q: adding VLAN 0 to HW filter on device batadv3
[   87.097374][ T7665] bond4: (slave batadv3): Enslaving as an active interface with an up link
[   87.374058][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   87.692179][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   87.966256][ T7695] FAULT_INJECTION: forcing a failure.
[   87.966256][ T7695] name failslab, interval 1, probability 0, space 0, times 0
[   87.969863][ T7695] CPU: 3 UID: 0 PID: 7695 Comm: syz.3.484 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[   87.972569][ T7695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.975272][ T7695] Call Trace:
[   87.976208][ T7695]  <TASK>
[   87.976987][ T7695]  dump_stack_lvl+0x16c/0x1f0
[   87.978203][ T7695]  should_fail_ex+0x497/0x5b0
[   87.979424][ T7695]  ? fs_reclaim_acquire+0xae/0x150
[   87.980735][ T7695]  should_failslab+0xc2/0x120
[   87.981948][ T7695]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   87.983452][ T7695]  ? __alloc_skb+0x2b3/0x380
[   87.984643][ T7695]  __alloc_skb+0x2b3/0x380
[   87.985797][ T7695]  ? __pfx___alloc_skb+0x10/0x10
[   87.987065][ T7695]  ? if_nlmsg_size+0x45d/0xa70
[   87.988297][ T7695]  rtmsg_ifinfo_build_skb+0x81/0x280
[   87.989658][ T7695]  rtmsg_ifinfo+0x9f/0x1a0
[   87.990836][ T7695]  netdev_state_change+0x12f/0x150
[   87.992152][ T7695]  ? __pfx_netdev_state_change+0x10/0x10
[   87.993599][ T7695]  ? dev_change_flags+0x111/0x160
[   87.994903][ T7695]  do_setlink.constprop.0+0x3198/0x3f20
[   87.996306][ T7695]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   87.997814][ T7695]  ? bpf_trace_run2+0x2a6/0x590
[   87.999080][ T7695]  ? __pfx_bpf_trace_run2+0x10/0x10
[   88.000410][ T7695]  ? __pfx___mutex_trylock_common+0x10/0x10
[   88.001925][ T7695]  ? rtnl_newlink+0x5e4/0x1d70
[   88.003167][ T7695]  ? rcu_is_watching+0x12/0xc0
[   88.003786][ T7698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.486'.
[   88.004385][ T7695]  ? trace_contention_end+0xee/0x140
[   88.004428][ T7695]  ? __mutex_lock+0x1cc/0xa60
[   88.009249][ T7695]  ? rtnl_newlink+0x5e4/0x1d70
[   88.010554][ T7695]  ? __pfx___mutex_lock+0x10/0x10
[   88.011854][ T7695]  ? apparmor_capable+0x114/0x1d0
[   88.013144][ T7695]  ? netlink_ns_capable+0xfa/0x130
[   88.014462][ T7695]  rtnl_newlink+0x17f1/0x1d70
[   88.015664][ T7695]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.016947][ T7695]  ? __pfx___lock_acquire+0x10/0x10
[   88.018270][ T7695]  ? kmem_cache_free+0x152/0x4c0
[   88.019537][ T7695]  ? aa_get_newest_label+0x376/0x680
[   88.021016][ T7695]  ? find_held_lock+0x2d/0x110
[   88.022248][ T7695]  ? find_held_lock+0x2d/0x110
[   88.023481][ T7695]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   88.024784][ T7695]  ? __pfx_lock_release+0x10/0x10
[   88.026067][ T7695]  ? trace_lock_acquire+0x14e/0x1f0
[   88.027401][ T7695]  ? __pfx_rtnl_newlink+0x10/0x10
[   88.028697][ T7695]  rtnetlink_rcv_msg+0x95b/0xea0
[   88.029972][ T7695]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   88.031368][ T7695]  ? __pfx___dev_queue_xmit+0x10/0x10
[   88.032769][ T7695]  netlink_rcv_skb+0x165/0x410
[   88.033996][ T7695]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   88.035382][ T7695]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   88.036743][ T7695]  ? netlink_deliver_tap+0x1ae/0xca0
[   88.038100][ T7695]  netlink_unicast+0x53c/0x7f0
[   88.039323][ T7695]  ? __pfx_netlink_unicast+0x10/0x10
[   88.040916][ T7695]  ? __phys_addr_symbol+0x30/0x80
[   88.042242][ T7695]  ? __check_object_size+0x488/0x710
[   88.043622][ T7695]  netlink_sendmsg+0x8b8/0xd70
[   88.044864][ T7695]  ? __pfx_netlink_sendmsg+0x10/0x10
[   88.046233][ T7695]  ____sys_sendmsg+0x9ae/0xb40
[   88.047468][ T7695]  ? __pfx_____sys_sendmsg+0x10/0x10
[   88.048833][ T7695]  ? get_compat_msghdr+0x11b/0x170
[   88.050192][ T7695]  ___sys_sendmsg+0x135/0x1e0
[   88.051410][ T7695]  ? __pfx____sys_sendmsg+0x10/0x10
[   88.052756][ T7695]  ? __pfx_lock_release+0x10/0x10
[   88.054043][ T7695]  ? trace_lock_acquire+0x14e/0x1f0
[   88.055366][ T7695]  ? __fget_files+0x206/0x3a0
[   88.056586][ T7695]  __sys_sendmsg+0x16e/0x220
[   88.057782][ T7695]  ? __pfx___sys_sendmsg+0x10/0x10
[   88.059110][ T7695]  __do_fast_syscall_32+0x73/0x120
[   88.060487][ T7695]  do_fast_syscall_32+0x32/0x80
[   88.061728][ T7695]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   88.063368][ T7695] RIP: 0023:0xf7f86579
[   88.064407][ T7695] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   88.069454][ T7695] RSP: 002b:00000000f50b555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   88.071647][ T7695] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000020000180
[   88.073668][ T7695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   88.075686][ T7695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   88.077713][ T7695] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   88.079745][ T7695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   88.081799][ T7695]  </TASK>
[   88.138131][ T7701] netlink: 3 bytes leftover after parsing attributes in process `syz.0.486'.
[   88.154399][ T7698] bond5: entered promiscuous mode
[   88.155908][ T7698] 8021q: adding VLAN 0 to HW filter on device bond5
[   88.160810][ T7701] batadv3: entered promiscuous mode
[   88.162220][ T7701] batadv3: entered allmulticast mode
[   88.164269][ T7701] 8021q: adding VLAN 0 to HW filter on device batadv3
[   88.168639][ T7701] bond5: (slave batadv3): Enslaving as an active interface with an up link
[   88.408947][    C3] net_ratelimit: 1 callbacks suppressed
[   88.408961][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   88.726399][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   88.864650][ T7710] netlink: 12 bytes leftover after parsing attributes in process `syz.2.487'.
[   88.897052][ T7710] bond3: entered promiscuous mode
[   88.899206][ T7710] 8021q: adding VLAN 0 to HW filter on device bond3
[   88.987393][ T7731] netlink: 3 bytes leftover after parsing attributes in process `syz.2.487'.
[   88.997313][ T7731] batadv2: entered promiscuous mode
[   88.998709][ T7731] batadv2: entered allmulticast mode
[   89.001611][ T7731] 8021q: adding VLAN 0 to HW filter on device batadv2
[   89.006155][ T7731] bond3: (slave batadv2): Enslaving as an active interface with an up link
[   89.273700][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   89.413176][    T9] usb 5-1: device descriptor read/64, error -71
[   89.442747][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   89.651717][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   89.761035][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   89.781293][    T9] usb 5-1: device descriptor read/64, error -71
[   89.891302][    T9] usb usb5-port1: attempt power cycle
[   89.921425][ T7746] netlink: 12 bytes leftover after parsing attributes in process `syz.2.499'.
[   89.929320][ T7746] bond4: entered promiscuous mode
[   89.931103][ T7746] 8021q: adding VLAN 0 to HW filter on device bond4
[   89.996955][ T7750] batadv3: entered promiscuous mode
[   89.998481][ T7750] batadv3: entered allmulticast mode
[   90.005237][ T7750] 8021q: adding VLAN 0 to HW filter on device batadv3
[   90.008067][ T7750] bond4: (slave batadv3): Enslaving as an active interface with an up link
[   90.295054][ T7762] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   90.477519][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   90.590074][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   90.608560][    T9] usb 5-1: device descriptor read/8, error -71
[   90.795887][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   90.855826][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   90.888501][    T9] usb 5-1: device descriptor read/8, error -71
[   90.995808][    T9] usb usb5-port1: unable to enumerate USB device
[   91.060529][ T7775] CUSE: unknown device info ""
[   91.061893][ T7775] CUSE: zero length info key specified
[   91.285333][ T7793] bridge0: port 1(vlan2) entered blocking state
[   91.287069][ T7793] bridge0: port 1(vlan2) entered disabled state
[   91.288767][ T7793] vlan2: entered allmulticast mode
[   91.294193][ T7793] vlan2: left allmulticast mode
[   91.295603][ T7796] Cannot find map_set index 0 as target
[   91.327444][ T7800] bond5: entered promiscuous mode
[   91.329421][ T7800] 8021q: adding VLAN 0 to HW filter on device bond5
[   91.396661][ T7804] __nla_validate_parse: 4 callbacks suppressed
[   91.396681][ T7804] netlink: 3 bytes leftover after parsing attributes in process `syz.2.519'.
[   91.425453][ T7804] batadv4: entered promiscuous mode
[   91.427151][ T7804] batadv4: entered allmulticast mode
[   91.429608][ T7804] 8021q: adding VLAN 0 to HW filter on device batadv4
[   91.432176][ T7804] bond5: (slave batadv4): Enslaving as an active interface with an up link
[   91.439860][ T7805] netlink: 'syz.3.520': attribute type 2 has an invalid length.
[   91.522550][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   91.611406][ T7808] netlink: 52 bytes leftover after parsing attributes in process `syz.3.521'.
[   91.831188][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   92.173916][ T7823] syz.2.526 uses obsolete (PF_INET,SOCK_PACKET)
[   92.487559][ T7842] netlink: 220 bytes leftover after parsing attributes in process `syz.2.531'.
[   92.548162][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   92.552804][ T5983] usb 8-1: USB disconnect, device number 3
[   92.679309][ T7848] mkiss: ax0: crc mode is auto.
[   92.827249][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   92.830290][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   92.833571][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   92.835746][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   92.838079][ T5944] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   92.840026][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   92.906889][ T7858] chnl_net:caif_netlink_parms(): no params data found
[   92.916635][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   92.980055][ T7858] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.982717][ T7858] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.985111][ T7858] bridge_slave_0: entered allmulticast mode
[   92.988044][ T7858] bridge_slave_0: entered promiscuous mode
[   92.991072][ T7858] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.003279][ T7858] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.005200][ T7858] bridge_slave_1: entered allmulticast mode
[   93.007342][ T7858] bridge_slave_1: entered promiscuous mode
[   93.033221][ T7858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.036845][ T7858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.059317][ T7858] team0: Port device team_slave_0 added
[   93.061168][ T7867] netlink: 48 bytes leftover after parsing attributes in process `syz.0.537'.
[   93.062988][ T7858] team0: Port device team_slave_1 added
[   93.065915][    T9] usb 6-1: Using ep0 maxpacket: 16
[   93.069083][    T9] usb 6-1: config 0 has no interfaces?
[   93.070860][    T9] usb 6-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[   93.073342][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.078982][    T9] usb 6-1: config 0 descriptor??
[   93.101773][ T7858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.103612][ T7858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.110763][ T7858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.114275][ T7858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.116455][ T7858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.123087][ T7858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.146531][ T7858] hsr_slave_0: entered promiscuous mode
[   93.153239][ T7858] hsr_slave_1: entered promiscuous mode
[   93.159512][ T7858] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.161507][ T7858] Cannot create hsr debugfs directory
[   93.177980][   T39] audit: type=1326 audit(1735471892.176:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7870 comm="syz.0.539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   93.183569][   T39] audit: type=1326 audit(1735471892.176:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7870 comm="syz.0.539" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf705e579 code=0x7ffc0000
[   93.191913][   T39] audit: type=1326 audit(1735471892.176:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7870 comm="syz.0.539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   93.197742][   T39] audit: type=1326 audit(1735471892.176:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7870 comm="syz.0.539" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[   93.247957][ T7858] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.251434][ T7858] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.254572][ T7858] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.258461][ T7858] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.270313][ T7858] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.272173][ T7858] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.274123][ T7858] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.275996][ T7858] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.296529][ T7839] netlink: 'syz.1.530': attribute type 10 has an invalid length.
[   93.299915][ T7839] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.302513][ T7839] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.326896][ T7839] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.329219][ T7839] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.331746][ T7839] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.334209][ T7839] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.346816][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.530'.
[   93.346893][ T7839] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   93.354550][ T6505] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.358188][ T6505] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.371367][ T7849] bridge_slave_1: left allmulticast mode
[   93.373332][ T7849] bridge_slave_1: left promiscuous mode
[   93.375667][ T7849] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.380178][ T7849] bridge_slave_0: left allmulticast mode
[   93.382109][ T7849] bridge_slave_0: left promiscuous mode
[   93.384068][ T7849] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.399297][ T7849] bond0: (slave bridge0): Releasing backup interface
[   93.491812][ T7858] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.498110][ T7858] 8021q: adding VLAN 0 to HW filter on device team0
[   93.503032][ T6491] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.505042][ T6491] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.509598][ T6505] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.512204][ T6505] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.530440][   T56] usb 6-1: USB disconnect, device number 3
[   93.583917][    C3] net_ratelimit: 1 callbacks suppressed
[   93.583928][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   93.598277][ T7858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.702936][ T7858] veth0_vlan: entered promiscuous mode
[   93.710755][ T7858] veth1_vlan: entered promiscuous mode
[   93.721251][ T7858] veth0_macvtap: entered promiscuous mode
[   93.724583][ T7858] veth1_macvtap: entered promiscuous mode
[   93.730293][ T7858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   93.733030][ T7858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.736995][ T7858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.740566][ T7858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   93.743408][ T7858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   93.746335][ T7858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.752292][ T7858] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.755985][ T7858] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.758256][ T7858] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.760569][ T7858] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.781338][ T7912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.552'.
[   93.803082][ T6501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.805127][ T6501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.817141][ T6494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.819194][ T6494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.829625][ T7913] netlink: 'syz.2.551': attribute type 39 has an invalid length.
[   93.912616][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   93.930557][ T5830] IPVS: starting estimator thread 0...
[   93.962649][ T7920] tipc: Started in network mode
[   93.964306][ T7920] tipc: Node identity ac1414aa, cluster identity 4711
[   93.966949][ T7920] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   93.969411][ T7920] tipc: Enabled bearer <udp:s>, priority 10
[   94.011691][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.556'.
[   94.058860][ T7925] IPVS: using max 38 ests per chain, 91200 per kthread
[   94.111798][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.251281][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.337720][ T7947] netlink: 8 bytes leftover after parsing attributes in process `syz.4.559'.
[   94.390741][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.494426][ T7962] netlink: 32 bytes leftover after parsing attributes in process `syz.1.564'.
[   94.530241][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.538683][ T7968] pim6reg: entered allmulticast mode
[   94.547040][ T7968] netlink: 'syz.1.565': attribute type 2 has an invalid length.
[   94.549972][ T7968] netlink: 'syz.1.565': attribute type 1 has an invalid length.
[   94.563905][ T7968] bond0: (slave bond_slave_0): Releasing backup interface
[   94.577468][ T7968] bond0: (slave bond_slave_1): Releasing backup interface
[   94.628810][ T7968] team0: Port device team_slave_0 removed
[   94.629912][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   94.646623][ T7968] team0: Port device team_slave_1 removed
[   94.649090][ T7968] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.651787][ T7968] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.658778][ T7968] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.669730][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.672193][ T7968] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.686779][ T7968] bond1: (slave batadv1): Releasing backup interface
[   94.707567][ T7968] bond3: (slave batadv2): Releasing backup interface
[   94.709907][   T63] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   94.710232][ T7978] netlink: 48 bytes leftover after parsing attributes in process `syz.2.567'.
[   94.748360][ T7972] pim6reg: left allmulticast mode
[   94.809183][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   94.859532][ T5943] Bluetooth: hci0: command tx timeout
[   94.911539][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.913672][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.915668][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.917597][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.940151][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.945849][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.950834][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.955009][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.958547][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.967586][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.988106][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.996741][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   94.999271][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.001575][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.006474][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.016156][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.018133][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.039936][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.047972][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.056287][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.058985][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.061118][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.063353][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.065369][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.067387][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.070127][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.077885][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.088355][ T5830] tipc: Node number set to 2886997162
[   95.088599][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.092591][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.095334][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.097999][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.114693][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.138272][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.153711][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.170821][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.177293][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.203340][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.221009][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.227217][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.229272][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.231132][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.232974][ T2293] hid-generic 0007:0006:0002.0002: unknown main item tag 0x0
[   95.238999][ T2293] hid-generic 0007:0006:0002.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   95.282323][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   95.364967][ T8005] hsr_slave_1 (unregistering): left promiscuous mode
[   96.404135][   T35] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   96.568104][   T35] usb 9-1: config 0 has no interfaces?
[   96.569703][   T35] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   96.572049][   T35] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.575892][   T35] usb 9-1: config 0 descriptor??
[   96.781055][ T8037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.786478][ T8037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.788901][ T8037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.791094][ T8037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.797226][ T8037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.800065][ T8037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.802659][ T8037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.805092][ T8037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.807325][ T8037] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.809542][ T8037] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.826857][ T2293] usb 9-1: USB disconnect, device number 2
[   96.932078][ T5943] Bluetooth: hci0: command tx timeout
[   97.036536][ T8073] __nla_validate_parse: 4 callbacks suppressed
[   97.036563][ T8073] netlink: 16 bytes leftover after parsing attributes in process `syz.1.590'.
[   97.457993][ T8096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.602'.
[   98.036009][ T8129] team0: Port device vlan0 removed
[   98.041586][ T8129] batman_adv: batadv0: Removing interface: gretap1
[   98.044597][ T8129] bond4: (slave batadv2): Releasing backup interface
[   98.053455][ T8129] bond5: (slave batadv3): Releasing backup interface
[   98.071667][   T35] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   98.076358][ T8129] team0: Unable to change to the same mode the team is in
[   98.082810][ T8129] team0: Port device vlan0 added
[   98.085537][ T8129] tipc: Enabled bearer <eth:team0>, priority 0
[   98.090984][ T8130] FAULT_INJECTION: forcing a failure.
[   98.090984][ T8130] name failslab, interval 1, probability 0, space 0, times 0
[   98.095126][ T8130] CPU: 1 UID: 0 PID: 8130 Comm: syz.1.611 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[   98.098706][ T8130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.102250][ T8130] Call Trace:
[   98.103358][ T8130]  <TASK>
[   98.104347][ T8130]  dump_stack_lvl+0x16c/0x1f0
[   98.105917][ T8130]  should_fail_ex+0x497/0x5b0
[   98.107461][ T8130]  ? fs_reclaim_acquire+0xae/0x150
[   98.109159][ T8130]  should_failslab+0xc2/0x120
[   98.110742][ T8130]  __kmalloc_noprof+0xce/0x4f0
[   98.112327][ T8130]  ? __pfx_io_async_queue_proc+0x10/0x10
[   98.114223][ T8130]  ? io_alloc_async_data+0x9d/0x150
[   98.115985][ T8130]  io_alloc_async_data+0x9d/0x150
[   98.117658][ T8130]  io_prep_rw+0x30d/0xb70
[   98.119095][ T8130]  io_submit_sqes+0x850/0x25f0
[   98.120730][ T8130]  __do_sys_io_uring_enter+0xd43/0x1620
[   98.122636][ T8130]  ? __pfx___schedule+0x10/0x10
[   98.124296][ T8130]  ? __fget_files+0x206/0x3a0
[   98.125853][ T8130]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[   98.127844][ T8130]  ? fput+0x67/0x440
[   98.129191][ T8130]  ? ksys_write+0x1ba/0x250
[   98.130728][ T8130]  __do_fast_syscall_32+0x73/0x120
[   98.132434][ T8130]  do_fast_syscall_32+0x32/0x80
[   98.134050][ T8130]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.136136][ T8130] RIP: 0023:0xf7f21579
[   98.137516][ T8130] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   98.143931][ T8130] RSP: 002b:00000000f503455c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   98.146644][ T8130] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000000047f6
[   98.149271][ T8130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   98.151892][ T8130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   98.154520][ T8130] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   98.157176][ T8130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.159772][ T8130]  </TASK>
[   98.766530][    C3] net_ratelimit: 16 callbacks suppressed
[   98.766542][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   98.834871][ T8152] loop9: detected capacity change from 0 to 6
[   98.837037][ T8152] Dev loop9: unable to read RDB block 6
[   98.838472][ T8152]  loop9: unable to read partition table
[   98.840029][ T8152] loop9: partition table beyond EOD, truncated
[   98.842091][ T8152] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   98.842091][ T8152] 
) failed (rc=-5)
[   98.901083][ T8155] mmap: syz.2.622 (8155) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   98.982297][ T8158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.620'.
[   99.006035][ T5943] Bluetooth: hci0: command tx timeout
[   99.085684][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   99.088321][ T1318] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   99.175320][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[   99.215460][ T8163] netlink: 28 bytes leftover after parsing attributes in process `syz.0.625'.
[   99.803657][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[   99.946707][ T1318] IPVS: starting estimator thread 0...
[  100.033126][ T8176] IPVS: using max 38 ests per chain, 91200 per kthread
[  100.098538][ T8183] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.122870][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  100.202625][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  100.616043][ T8215] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  100.850991][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  100.983227][ T8225] netlink: 4 bytes leftover after parsing attributes in process `syz.1.647'.
[  101.080452][ T5943] Bluetooth: hci0: command tx timeout
[  101.170210][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  101.221545][ T8238] netlink: 4 bytes leftover after parsing attributes in process `syz.4.651'.
[  101.522475][ T8252] SET target dimension over the limit!
[  101.572970][ T8258] netlink: 52 bytes leftover after parsing attributes in process `syz.4.660'.
[  102.154074][ T8272] netlink: 52 bytes leftover after parsing attributes in process `syz.2.664'.
[  102.156480][ T8272] netlink: 52 bytes leftover after parsing attributes in process `syz.2.664'.
[  102.475352][ T8278] netlink: 220 bytes leftover after parsing attributes in process `syz.1.666'.
[  102.584420][ T8302] netlink: 48 bytes leftover after parsing attributes in process `syz.0.673'.
[  102.783128][ T8327] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  102.787868][ T8327] batman_adv: batadv0: Adding interface: gretap2
[  102.789595][ T8327] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.796934][ T8327] batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active
[  102.825412][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.686'.
[  102.973021][ T5857] IPVS: starting estimator thread 0...
[  102.999630][ T8342] tipc: Enabled bearer <udp:s>, priority 10
[  103.047389][ T8350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.690'.
[  103.056084][ T8347] IPVS: using max 38 ests per chain, 91200 per kthread
[  103.461057][ T8364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.694'.
[  103.571331][ T8371] netlink: 8 bytes leftover after parsing attributes in process `syz.0.697'.
[  103.944132][    C2] net_ratelimit: 10 callbacks suppressed
[  103.944143][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  103.954068][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  104.026563][ T8401] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  104.283455][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  104.323996][ T8415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.706'.
[  104.353280][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  104.989400][ T8441] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  104.992016][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  105.002029][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  105.167028][ T8449] overlayfs: missing 'lowerdir'
[  105.174398][ T8449] fuse: Unknown parameter '0xffffffffffffffff'
[  105.311442][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  105.311938][ T8458] netlink: 4 bytes leftover after parsing attributes in process `syz.4.720'.
[  105.401562][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  105.518051][ T8468] netfs: Couldn't get user pages (rc=-14)
[  106.030146][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  106.400251][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.449494][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.519521][   T35] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.569312][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.655086][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.689260][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.759615][ T5857] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.798924][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.815808][ T8523] Bluetooth: MGMT ver 1.23
[  106.849165][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.899204][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  106.903098][ T8527] batman_adv: batadv0: Removing interface: gretap2
[  106.911379][ T8527] team0: Mode changed to "random"
[  106.913930][ T8527] vlan0: entered promiscuous mode
[  106.922129][ T8527] team0: Port device vlan0 added
[  106.930891][ T8527] tipc: Enabled bearer <eth:team0>, priority 0
[  107.276285][ T8556] loop9: detected capacity change from 0 to 6
[  107.279135][ T8556] Dev loop9: unable to read RDB block 6
[  107.281004][ T8556]  loop9: unable to read partition table
[  107.282992][ T8556] loop9: partition table beyond EOD, truncated
[  107.285111][ T8556] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  107.285111][ T8556] 
) failed (rc=-5)
[  107.394165][ T8561] FAULT_INJECTION: forcing a failure.
[  107.394165][ T8561] name failslab, interval 1, probability 0, space 0, times 0
[  107.397510][ T8561] CPU: 1 UID: 0 PID: 8561 Comm: syz.1.751 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  107.400294][ T8561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.403152][ T8561] Call Trace:
[  107.404032][ T8561]  <TASK>
[  107.404813][ T8561]  dump_stack_lvl+0x16c/0x1f0
[  107.406094][ T8561]  should_fail_ex+0x497/0x5b0
[  107.407334][ T8561]  ? fs_reclaim_acquire+0xae/0x150
[  107.408692][ T8561]  should_failslab+0xc2/0x120
[  107.409984][ T8561]  __kmalloc_noprof+0xce/0x4f0
[  107.411250][ T8561]  ? __pfx___io_alloc_req_refill+0x10/0x10
[  107.412826][ T8561]  ? io_alloc_async_data+0x9d/0x150
[  107.414220][ T8561]  io_alloc_async_data+0x9d/0x150
[  107.415537][ T8561]  io_prep_rw+0x30d/0xb70
[  107.416707][ T8561]  io_submit_sqes+0x850/0x25f0
[  107.417976][ T8561]  __do_sys_io_uring_enter+0xd43/0x1620
[  107.419527][ T8561]  ? __pfx___schedule+0x10/0x10
[  107.420798][ T8561]  ? __fget_files+0x206/0x3a0
[  107.422047][ T8561]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  107.423612][ T8561]  ? fput+0x67/0x440
[  107.424643][ T8561]  ? ksys_write+0x1ba/0x250
[  107.425879][ T8561]  __do_fast_syscall_32+0x73/0x120
[  107.427233][ T8561]  do_fast_syscall_32+0x32/0x80
[  107.428528][ T8561]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.430238][ T8561] RIP: 0023:0xf7f21579
[  107.431349][ T8561] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.436489][ T8561] RSP: 002b:00000000f503455c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  107.438659][ T8561] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000000047f6
[  107.440758][ T8561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.442829][ T8561] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.445109][ T8561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.447209][ T8561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.449299][ T8561]  </TASK>
[  107.685430][ T8571] __nla_validate_parse: 2 callbacks suppressed
[  107.685505][ T8571] netlink: 4 bytes leftover after parsing attributes in process `syz.2.758'.
[  108.057237][   T63] tipc: Node number set to 2409238552
[  108.306516][ T8591] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  108.308366][ T8591] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  108.313798][ T8591] vhci_hcd vhci_hcd.0: Device attached
[  108.496848][ T5983] vhci_hcd: vhci_device speed not set
[  108.556459][ T5983] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  108.927294][ T8595] vhci_hcd: connection reset by peer
[  108.932993][ T6495] vhci_hcd: stop threads
[  108.934698][ T6495] vhci_hcd: release socket
[  108.936942][ T6495] vhci_hcd: disconnect device
[  108.995446][ T6001] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  109.010737][   T39] audit: type=1326 audit(1735471908.046:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.016538][   T39] audit: type=1326 audit(1735471908.046:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.025557][   T39] audit: type=1326 audit(1735471908.066:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.031412][   T39] audit: type=1326 audit(1735471908.066:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.037102][   T39] audit: type=1326 audit(1735471908.066:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.042836][   T39] audit: type=1326 audit(1735471908.076:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.051545][   T39] audit: type=1326 audit(1735471908.086:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.057346][   T39] audit: type=1326 audit(1735471908.086:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.062973][   T39] audit: type=1326 audit(1735471908.096:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.068739][   T39] audit: type=1326 audit(1735471908.096:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8612 comm="syz.2.772" exe="/syz-executor" sig=0 arch=40000003 syscall=379 compat=1 ip=0xf7fbf579 code=0x7ffc0000
[  109.145514][    C2] net_ratelimit: 13 callbacks suppressed
[  109.145527][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  109.155159][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  109.157050][ T6001] usb 9-1: Using ep0 maxpacket: 16
[  109.162494][ T6001] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  109.164920][ T6001] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.168210][ T6001] usb 9-1: Product: syz
[  109.169448][ T6001] usb 9-1: Manufacturer: syz
[  109.170693][ T6001] usb 9-1: SerialNumber: syz
[  109.177510][ T6001] usb 9-1: config 0 descriptor??
[  109.181799][ T6001] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[  109.186442][ T6001] usb 9-1: Detected FT232H
[  109.211067][ T8629] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  109.289462][ T8633] FAULT_INJECTION: forcing a failure.
[  109.289462][ T8633] name failslab, interval 1, probability 0, space 0, times 0
[  109.292772][ T8633] CPU: 3 UID: 0 PID: 8633 Comm: syz.0.778 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  109.295546][ T8633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.298277][ T8633] Call Trace:
[  109.299145][ T8633]  <TASK>
[  109.299922][ T8633]  dump_stack_lvl+0x16c/0x1f0
[  109.301149][ T8633]  should_fail_ex+0x497/0x5b0
[  109.302390][ T8633]  ? fs_reclaim_acquire+0xae/0x150
[  109.303708][ T8633]  should_failslab+0xc2/0x120
[  109.304937][ T8633]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  109.306464][ T8633]  ? __alloc_skb+0x2b3/0x380
[  109.307680][ T8633]  __alloc_skb+0x2b3/0x380
[  109.308871][ T8633]  ? __pfx___alloc_skb+0x10/0x10
[  109.310184][ T8633]  ? if_nlmsg_size+0x45d/0xa70
[  109.311445][ T8633]  rtmsg_ifinfo_build_skb+0x81/0x280
[  109.312814][ T8633]  rtmsg_ifinfo+0x9f/0x1a0
[  109.313981][ T8633]  netdev_state_change+0x12f/0x150
[  109.315314][ T8633]  ? __pfx_netdev_state_change+0x10/0x10
[  109.316805][ T8633]  ? dev_change_flags+0x111/0x160
[  109.318123][ T8633]  do_setlink.constprop.0+0x3198/0x3f20
[  109.319583][ T8633]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  109.321119][ T8633]  ? bpf_trace_run2+0x2a6/0x590
[  109.322402][ T8633]  ? __pfx_bpf_trace_run2+0x10/0x10
[  109.323716][ T8633]  ? __pfx___mutex_trylock_common+0x10/0x10
[  109.325251][ T8633]  ? rtnl_newlink+0x5e4/0x1d70
[  109.326502][ T8633]  ? rcu_is_watching+0x12/0xc0
[  109.327758][ T8633]  ? trace_contention_end+0xee/0x140
[  109.329142][ T8633]  ? __mutex_lock+0x1cc/0xa60
[  109.330380][ T8633]  ? rtnl_newlink+0x5e4/0x1d70
[  109.331633][ T8633]  ? __pfx___mutex_lock+0x10/0x10
[  109.332951][ T8633]  ? apparmor_capable+0x114/0x1d0
[  109.334276][ T8633]  ? netlink_ns_capable+0xfa/0x130
[  109.335636][ T8633]  rtnl_newlink+0x17f1/0x1d70
[  109.337021][ T8633]  ? __pfx_rtnl_newlink+0x10/0x10
[  109.338374][ T8633]  ? __pfx___lock_acquire+0x10/0x10
[  109.339736][ T8633]  ? kmem_cache_free+0x152/0x4c0
[  109.341028][ T8633]  ? aa_get_newest_label+0x376/0x680
[  109.342410][ T8633]  ? find_held_lock+0x2d/0x110
[  109.343677][ T8633]  ? find_held_lock+0x2d/0x110
[  109.344940][ T8633]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  109.346293][ T8633]  ? __pfx_lock_release+0x10/0x10
[  109.347615][ T8633]  ? trace_lock_acquire+0x14e/0x1f0
[  109.348987][ T8633]  ? __pfx_rtnl_newlink+0x10/0x10
[  109.350312][ T8633]  rtnetlink_rcv_msg+0x95b/0xea0
[  109.351610][ T8633]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  109.353045][ T8633]  ? __pfx___dev_queue_xmit+0x10/0x10
[  109.354463][ T8633]  netlink_rcv_skb+0x165/0x410
[  109.355716][ T8633]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  109.357147][ T8633]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  109.358544][ T8633]  ? netlink_deliver_tap+0x1ae/0xca0
[  109.359924][ T8633]  netlink_unicast+0x53c/0x7f0
[  109.361181][ T8633]  ? __pfx_netlink_unicast+0x10/0x10
[  109.362574][ T8633]  ? __phys_addr_symbol+0x30/0x80
[  109.363878][ T8633]  ? __check_object_size+0x488/0x710
[  109.365263][ T8633]  netlink_sendmsg+0x8b8/0xd70
[  109.366533][ T8633]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.367914][ T8633]  ____sys_sendmsg+0x9ae/0xb40
[  109.369178][ T8633]  ? __pfx_____sys_sendmsg+0x10/0x10
[  109.370566][ T8633]  ? get_compat_msghdr+0x11b/0x170
[  109.371909][ T8633]  ___sys_sendmsg+0x135/0x1e0
[  109.373154][ T8633]  ? __pfx____sys_sendmsg+0x10/0x10
[  109.374541][ T8633]  ? __pfx_lock_release+0x10/0x10
[  109.375847][ T8633]  ? trace_lock_acquire+0x14e/0x1f0
[  109.377210][ T8633]  ? __fget_files+0x206/0x3a0
[  109.378450][ T8633]  __sys_sendmsg+0x16e/0x220
[  109.379663][ T8633]  ? __pfx___sys_sendmsg+0x10/0x10
[  109.381010][ T8633]  __do_fast_syscall_32+0x73/0x120
[  109.382364][ T8633]  do_fast_syscall_32+0x32/0x80
[  109.383638][ T8633]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  109.385291][ T8633] RIP: 0023:0xf705e579
[  109.386375][ T8633] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  109.391341][ T8633] RSP: 002b:00000000f502f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  109.393497][ T8633] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000020000180
[  109.395568][ T8633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  109.397610][ T8633] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  109.399673][ T8633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  109.401723][ T8633] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  109.403832][ T8633]  </TASK>
[  109.404718][    C3] vkms_vblank_simulate: vblank timer overrun
[  109.410506][ T6001] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  109.413509][ T8633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  109.464728][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  109.500821][ T8637] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'.
[  109.503927][ T8612] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  109.544588][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  109.956074][ T8644] veth0_vlan: left promiscuous mode
[  109.958178][ T8644] veth0_vlan: entered promiscuous mode
[  110.096003][ T8652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.783'.
[  110.183711][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  110.183737][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  110.391858][ T8669] SET target dimension over the limit!
[  110.513285][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  110.517300][ T8673] tmpfs: Unknown parameter 'fd'
[  110.593199][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  110.628995][ T1137] team0: Port device vlan0 removed
[  110.690833][  T213] tipc: Resetting bearer <eth:team0>
[  110.692473][ T8675] netlink: 52 bytes leftover after parsing attributes in process `syz.1.793'.
[  111.522089][ T6064] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  111.663558][ T8700] netlink: 220 bytes leftover after parsing attributes in process `syz.2.800'.
[  111.672406][ T6064] usb 5-1: Using ep0 maxpacket: 16
[  111.675205][ T6064] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.682256][ T6064] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.685789][ T6064] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  111.688298][ T6064] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.691229][ T6064] usb 5-1: config 0 descriptor??
[  111.734747][ T6001] ftdi_sio 9-1:0.0: GPIO initialisation failed: -71
[  111.739378][ T6001] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  111.744564][ T6001] usb 9-1: USB disconnect, device number 3
[  111.749422][ T6001] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  111.752466][ T6001] ftdi_sio 9-1:0.0: device disconnected
[  111.779527][ T8709] netlink: 48 bytes leftover after parsing attributes in process `syz.4.804'.
[  111.786738][ T8707] Sensor A: =================  START STATUS  =================
[  111.788792][ T8707] Sensor A: Test Pattern: 75% Colorbar
[  111.790992][ T8707] Sensor A: Show Information: All
[  111.793267][ T8707] Sensor A: Vertical Flip: false
[  111.794997][ T8707] Sensor A: Horizontal Flip: false
[  111.796375][ T8707] Sensor A: Brightness: 128
[  111.797698][ T8707] Sensor A: Contrast: 128
[  111.799880][ T8707] Sensor A: Hue: 0
[  111.801011][ T8707] Sensor A: Saturation: 128
[  111.802859][ T8707] Sensor A: ==================  END STATUS  ==================
[  111.941763][ T5943] Bluetooth: hci0: command tx timeout
[  111.967300][ T8715] overlay: filesystem on ./bus not supported
[  112.169067][ T6064] appleir 0003:05AC:8241.0003: unknown main item tag 0x0
[  112.174195][ T6064] appleir 0003:05AC:8241.0003: unknown main item tag 0x0
[  112.181715][ T6064] appleir 0003:05AC:8241.0003: unknown main item tag 0x0
[  112.186823][ T6064] appleir 0003:05AC:8241.0003: unknown main item tag 0x0
[  112.195933][ T6064] appleir 0003:05AC:8241.0003: unknown main item tag 0x0
[  112.207393][ T6064] appleir 0003:05AC:8241.0003: No inputs registered, leaving
[  112.247852][ T6064] appleir 0003:05AC:8241.0003: hiddev0,hidraw1: USB HID vff.e3 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  112.602785][ T8737] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  112.654431][ T8738] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  112.895860][ T8748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.820'.
[  113.098486][ T8759] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  113.120744][ T6001] ip6_tnl_xmit_ctl: 11 callbacks suppressed
[  113.120758][ T6001] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  113.146440][ T8763] netlink: 8 bytes leftover after parsing attributes in process `syz.4.825'.
[  113.459934][ T6001] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  113.499321][ T8767] cgroup: fork rejected by pids controller in /syz4
[  113.551844][   T35] usb 5-1: reset high-speed USB device number 7 using dummy_hcd
[  113.575984][ T9004] netlink: 8 bytes leftover after parsing attributes in process `syz.4.828'.
[  113.618270][ T9007] netlink: 8 bytes leftover after parsing attributes in process `syz.4.829'.
[  113.710164][ T5983] vhci_hcd: vhci_device speed not set
[  113.725323][ T9014] netlink: 52 bytes leftover after parsing attributes in process `syz.2.832'.
[  113.758776][ T9017] netlink: 32 bytes leftover after parsing attributes in process `syz.2.833'.
[  114.317729][ T9075] netlink: 12 bytes leftover after parsing attributes in process `syz.4.845'.
[  114.338946][    C2] net_ratelimit: 12 callbacks suppressed
[  114.338956][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  114.338959][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  114.668487][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  114.738447][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  114.922634][ T6001] usb 5-1: USB disconnect, device number 7
[  115.160571][ T9079] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  115.163659][ T9079] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  115.176646][ T9079] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  115.181272][ T9079] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  115.183100][ T9079] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  115.188493][ T9079] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  115.191914][ T9079] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  115.194732][ T9079] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  115.199713][ T9079] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  115.207977][ T9079] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  115.210239][ T9079] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  115.215678][ T9079] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  115.332713][ T9119] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  115.361293][ T9120] overlayfs: overlapping lowerdir path
[  115.387802][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  115.651918][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.866'.
[  115.707514][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  115.777519][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  116.155222][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  116.155233][   T39] audit: type=1400 audit(1735471915.195:127): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=9162 comm="syz.2.871"
[  116.188484][ T9165] team0: Port device vlan0 removed
[  116.198022][ T6500] tipc: Resetting bearer <eth:team0>
[  116.202751][ T9165] team0: Unable to change to the same mode the team is in
[  116.208310][ T9165] team0: Port device vlan0 added
[  116.212049][ T9165] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  116.227355][    T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  116.426809][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  116.426813][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  116.430553][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout
[  116.453947][ T9171] netlink: 16 bytes leftover after parsing attributes in process `syz.0.873'.
[  116.775890][ T5983] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  117.003805][ T9183] netlink: 44 bytes leftover after parsing attributes in process `syz.4.877'.
[  117.006315][ T9183] netlink: 'syz.4.877': attribute type 6 has an invalid length.
[  117.008342][ T9183] netlink: 'syz.4.877': attribute type 5 has an invalid length.
[  117.135297][ T9188] loop9: detected capacity change from 0 to 6
[  117.137851][ T9188] Dev loop9: unable to read RDB block 6
[  117.139272][ T9188]  loop9: unable to read partition table
[  117.140770][ T9188] loop9: partition table beyond EOD, truncated
[  117.142236][ T9188] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  117.142236][ T9188] 
) failed (rc=-5)
[  117.216182][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout
[  117.216299][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout
[  117.217799][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  117.365970][   T65] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  118.470198][ T9236] __nla_validate_parse: 2 callbacks suppressed
[  118.470266][ T9236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.890'.
[  118.487149][ T9237] Driver unsupported XDP return value 0 on prog  (id 132) dev N/A, expect packet loss!
[  118.505309][   T65] Bluetooth: hci1: command 0x0c1a tx timeout
[  119.136063][ T9270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.903'.
[  119.138459][ T9268] netlink: 168 bytes leftover after parsing attributes in process `syz.0.902'.
[  119.172466][ T9275] bio_check_eod: 14 callbacks suppressed
[  119.172476][ T9275] syz.2.904: attempt to access beyond end of device
[  119.172476][ T9275] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  119.207875][ T9284] netlink: 4 bytes leftover after parsing attributes in process `syz.2.908'.
[  119.267582][   T65] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  119.271041][ T9300] SET target dimension over the limit!
[  119.281378][ T9299] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  119.294839][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  119.296475][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  119.299000][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  119.311661][ T9306] netlink: 52 bytes leftover after parsing attributes in process `syz.4.915'.
[  119.534259][    C3] net_ratelimit: 10 callbacks suppressed
[  119.534272][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  119.534274][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  119.864051][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  119.944076][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  120.046158][ T9328] netlink: 220 bytes leftover after parsing attributes in process `syz.0.921'.
[  120.232618][ T9341] netlink: 20 bytes leftover after parsing attributes in process `syz.0.925'.
[  120.286304][ T9344] netlink: 48 bytes leftover after parsing attributes in process `syz.0.926'.
[  120.583508][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  120.583527][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  120.587578][   T65] Bluetooth: hci1: command 0x0c1a tx timeout
[  120.893358][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  120.973347][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  121.148754][ T9377] netlink: 16 bytes leftover after parsing attributes in process `syz.2.934'.
[  121.152095][ T9377] netlink: 28 bytes leftover after parsing attributes in process `syz.2.934'.
[  121.361360][ T9385] input: syz1 as /devices/virtual/input/input10
[  121.363531][ T9385] input: failed to attach handler leds to device input10, error: -6
[  121.373596][   T65] Bluetooth: hci2: command 0x0c1a tx timeout
[  121.384279][   T65] Bluetooth: hci0: command 0x0c1a tx timeout
[  121.385845][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  121.612893][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  121.622809][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  121.685364][ T9414] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  121.897655][ T9442] C: renamed from team_slave_0
[  121.901132][ T9442] netlink: 'syz.1.958': attribute type 1 has an invalid length.
[  122.382361][    T9] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  122.534234][    T9] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  122.536340][    T9] usb 6-1: config 0 has no interface number 0
[  122.537901][    T9] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  122.540613][    T9] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  122.544246][    T9] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  122.547086][    T9] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  122.549773][    T9] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  122.553289][    T9] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  122.555630][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.559965][    T9] usb 6-1: config 0 descriptor??
[  122.563400][ T9467] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  122.567040][    T9] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  123.201855][ T9501] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  123.255524][ T9501] batman_adv: batadv0: Adding interface: gretap1
[  123.258790][ T9501] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.266235][ T9501] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  123.816083][ T9512] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  123.819006][ T9512] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  124.038153][ T9519] __nla_validate_parse: 7 callbacks suppressed
[  124.038165][ T9519] netlink: 12 bytes leftover after parsing attributes in process `syz.4.978'.
[  124.731012][    C3] net_ratelimit: 11 callbacks suppressed
[  124.731064][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  125.050873][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  125.083066][    T9] usb 6-1: USB disconnect, device number 4
[  125.106980][    T9] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  125.140808][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  125.770543][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  125.779504][ T9562] team0: Port device vlan0 removed
[  125.780472][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  125.786572][ T1137] tipc: Resetting bearer <eth:team0>
[  125.788619][ T9564] netlink: 168 bytes leftover after parsing attributes in process `syz.4.988'.
[  125.793667][ T9562] team0: Unable to change to the same mode the team is in
[  125.797215][ T9562] team0: Port device vlan0 added
[  125.800936][ T9562] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  125.822549][ T5983] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  125.834132][ T9568] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  125.842487][ T9566] syz.4.989[9566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.842533][ T9566] syz.4.989[9566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.845447][ T9566] syz.4.989[9566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.995762][ T9578] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  126.100345][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  126.181285][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  126.288819][ T9585] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(17)
[  126.290605][ T9585] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  126.292669][ T9585] vhci_hcd vhci_hcd.0: Device attached
[  126.295837][ T9584] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[  126.297549][ T9584] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  126.299443][ T9584] vhci_hcd vhci_hcd.0: Device attached
[  126.540327][ T6001] usb 45-2: new low-speed USB device number 2 using vhci_hcd
[  126.652337][ T5983] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  126.765047][ T9588] vhci_hcd: connection reset by peer
[  126.765275][ T9587] vhci_hcd: connection closed
[  126.768189][ T6495] vhci_hcd: stop threads
[  126.772594][ T6495] vhci_hcd: release socket
[  126.774022][ T6495] vhci_hcd: disconnect device
[  126.776512][ T6495] vhci_hcd: stop threads
[  126.777715][ T6495] vhci_hcd: release socket
[  126.778911][ T6495] vhci_hcd: disconnect device
[  126.786638][ T9593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.997'.
[  126.809996][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  126.846352][ T9595] netlink: 44 bytes leftover after parsing attributes in process `syz.2.998'.
[  126.881434][ T9600] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1000'.
[  126.923652][ T9605] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  126.997729][ T9612] syz.2.1003[9612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.000244][ T9612] syz.2.1003[9612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.003426][ T9612] syz.2.1003[9612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  127.682591][ T9628] veth0_vlan: left promiscuous mode
[  127.687509][ T9628] veth0_vlan: entered promiscuous mode
[  128.454475][ T9655] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1012'.
[  128.544166][ T9658] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1010'.
[  128.680259][ T5983] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.039147][ T6022] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.152123][   T39] audit: type=1326 audit(1735471928.193:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9678 comm="syz.1.1020" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  129.168674][   T39] audit: type=1326 audit(1735471928.193:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9678 comm="syz.1.1020" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000
[  129.239567][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.329033][ T6022] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.409068][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.489764][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.559133][   T56] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.638878][ T6022] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  129.779970][ T9678] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  129.928675][    C3] net_ratelimit: 12 callbacks suppressed
[  129.928686][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  129.928732][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  129.930450][ T9695] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  129.930482][ T9695] TCP: tcp_parse_options: Illegal window scaling value 249 > 14 received
[  129.956669][ T9696] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1022'.
[  130.248973][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  130.320121][ T9703] veth0_vlan: left promiscuous mode
[  130.328616][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  130.329091][ T9703] veth0_vlan: entered promiscuous mode
[  130.823607][ T9720] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1032'.
[  130.968343][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  130.968343][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  131.096578][ T1137] team0: Port device vlan0 removed
[  131.208845][ T6500] tipc: Resetting bearer <eth:team0>
[  131.288211][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  131.368224][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  131.613220][ T1410] ieee802154 phy0 wpan0: encryption failed: -22
[  131.614907][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[  131.678305][ T6001] vhci_hcd: vhci_device speed not set
[  131.869985][ T9739] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1037'.
[  133.445993][ T9765] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1046'.
[  135.127019][    C3] net_ratelimit: 13 callbacks suppressed
[  135.127031][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  135.137043][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  135.176334][ T9801] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  135.378245][   T39] audit: type=1326 audit(1735471934.435:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.384134][   T39] audit: type=1326 audit(1735471934.435:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.390061][   T39] audit: type=1326 audit(1735471934.435:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.395607][   T39] audit: type=1326 audit(1735471934.445:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.401408][   T39] audit: type=1326 audit(1735471934.445:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.407049][   T39] audit: type=1326 audit(1735471934.445:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.412657][   T39] audit: type=1326 audit(1735471934.445:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.418385][   T39] audit: type=1326 audit(1735471934.445:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.424135][   T39] audit: type=1326 audit(1735471934.445:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.429883][   T39] audit: type=1326 audit(1735471934.445:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9795 comm="syz.0.1059" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  135.446958][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  135.536952][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  135.953257][ T9795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  136.166788][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  136.176770][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  136.486684][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  136.524885][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1051'.
[  136.525970][ T9809] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  136.530308][ T9809] TCP: tcp_parse_options: Illegal window scaling value 249 > 14 received
[  136.695499][ T9817] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1053'.
[  137.580589][ T9832] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1057'.
[  137.788299][ T9840] siw: device registration error -23
[  139.602489][ T9897] fuse: Bad value for 'user_id'
[  139.604177][ T9897] fuse: Bad value for 'user_id'
[  139.767383][ T9899] SET target dimension over the limit!
[  139.792090][ T9901] netlink: 220 bytes leftover after parsing attributes in process `syz.0.1085'.
[  139.932605][ T9908] FAULT_INJECTION: forcing a failure.
[  139.932605][ T9908] name failslab, interval 1, probability 0, space 0, times 0
[  139.936200][ T9908] CPU: 2 UID: 0 PID: 9908 Comm: syz.4.1084 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  139.939492][ T9908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.942535][ T9908] Call Trace:
[  139.943382][ T9908]  <TASK>
[  139.944143][ T9908]  dump_stack_lvl+0x16c/0x1f0
[  139.945488][ T9908]  should_fail_ex+0x497/0x5b0
[  139.946757][ T9908]  ? fs_reclaim_acquire+0xae/0x150
[  139.948223][ T9908]  should_failslab+0xc2/0x120
[  139.949479][ T9908]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  139.950967][ T9908]  ? __alloc_skb+0x2b3/0x380
[  139.952144][ T9908]  __alloc_skb+0x2b3/0x380
[  139.953422][ T9908]  ? __pfx___alloc_skb+0x10/0x10
[  139.954815][ T9908]  ? if_nlmsg_size+0x45d/0xa70
[  139.956196][ T9908]  rtmsg_ifinfo_build_skb+0x81/0x280
[  139.957607][ T9908]  rtmsg_ifinfo+0x9f/0x1a0
[  139.958872][ T9908]  netdev_state_change+0x12f/0x150
[  139.960245][ T9908]  ? __pfx_netdev_state_change+0x10/0x10
[  139.961674][ T9908]  ? dev_change_flags+0x111/0x160
[  139.962959][ T9908]  do_setlink.constprop.0+0x3198/0x3f20
[  139.964389][ T9908]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  139.965925][ T9908]  ? find_held_lock+0x2d/0x110
[  139.967149][ T9908]  ? __mutex_lock+0x2c6/0xa60
[  139.968384][ T9908]  ? __pfx_lock_release+0x10/0x10
[  139.969717][ T9908]  ? mark_held_locks+0x9f/0xe0
[  139.970963][ T9908]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  139.972430][ T9908]  ? lockdep_hardirqs_on+0x7c/0x110
[  139.973737][ T9908]  ? __mutex_lock+0x1cc/0xa60
[  139.974960][ T9908]  ? rtnl_newlink+0x5e4/0x1d70
[  139.976233][ T9908]  ? __pfx___mutex_lock+0x10/0x10
[  139.977519][ T9908]  ? apparmor_capable+0x114/0x1d0
[  139.978790][ T9908]  ? netlink_ns_capable+0xfa/0x130
[  139.980133][ T9908]  rtnl_newlink+0x17f1/0x1d70
[  139.981375][ T9908]  ? __pfx_rtnl_newlink+0x10/0x10
[  139.982661][ T9908]  ? __pfx___lock_acquire+0x10/0x10
[  139.983955][ T9908]  ? kmem_cache_free+0x152/0x4c0
[  139.985247][ T9908]  ? aa_get_newest_label+0x376/0x680
[  139.986626][ T9908]  ? find_held_lock+0x2d/0x110
[  139.987841][ T9908]  ? find_held_lock+0x2d/0x110
[  139.989127][ T9908]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  139.990486][ T9908]  ? __pfx_lock_release+0x10/0x10
[  139.991765][ T9908]  ? trace_lock_acquire+0x14e/0x1f0
[  139.993114][ T9908]  ? __pfx_rtnl_newlink+0x10/0x10
[  139.994407][ T9908]  rtnetlink_rcv_msg+0x95b/0xea0
[  139.995727][ T9908]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  139.997173][ T9908]  ? __pfx___dev_queue_xmit+0x10/0x10
[  139.998602][ T9908]  netlink_rcv_skb+0x165/0x410
[  139.999835][ T9908]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  140.001205][ T9908]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  140.002580][ T9908]  ? netlink_deliver_tap+0x1ae/0xca0
[  140.003970][ T9908]  netlink_unicast+0x53c/0x7f0
[  140.005247][ T9908]  ? __pfx_netlink_unicast+0x10/0x10
[  140.006663][ T9908]  ? __phys_addr_symbol+0x30/0x80
[  140.007997][ T9908]  ? __check_object_size+0x488/0x710
[  140.009326][ T9908]  netlink_sendmsg+0x8b8/0xd70
[  140.010552][ T9908]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.011894][ T9908]  ____sys_sendmsg+0x9ae/0xb40
[  140.013165][ T9908]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.014514][ T9908]  ? get_compat_msghdr+0x11b/0x170
[  140.015834][ T9908]  ___sys_sendmsg+0x135/0x1e0
[  140.017075][ T9908]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.018377][ T9908]  ? __pfx_lock_release+0x10/0x10
[  140.019652][ T9908]  ? trace_lock_acquire+0x14e/0x1f0
[  140.021004][ T9908]  ? __fget_files+0x206/0x3a0
[  140.022249][ T9908]  __sys_sendmsg+0x16e/0x220
[  140.023462][ T9908]  ? __pfx___sys_sendmsg+0x10/0x10
[  140.024807][ T9908]  __do_fast_syscall_32+0x73/0x120
[  140.026127][ T9908]  do_fast_syscall_32+0x32/0x80
[  140.027364][ T9908]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.028999][ T9908] RIP: 0023:0xf707e579
[  140.030085][ T9908] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  140.035030][ T9908] RSP: 002b:00000000f504f55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  140.037128][ T9908] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000020000180
[  140.039193][ T9908] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  140.041172][ T9908] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.043171][ T9908] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  140.045193][ T9908] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.047239][ T9908]  </TASK>
[  140.325891][    C2] net_ratelimit: 17 callbacks suppressed
[  140.325902][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  140.335819][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  140.645772][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  140.673058][ T9931] netlink: 'syz.2.1092': attribute type 1 has an invalid length.
[  140.675356][ T9931] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1092'.
[  140.735811][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  140.806374][ T9938] No control pipe specified
[  141.365766][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  141.375622][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  141.435449][T10003] tipc: Resetting bearer <eth:team0>
[  141.461542][T10003] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  141.485750][ T5830] ip6_tnl_xmit_ctl: 2 callbacks suppressed
[  141.485760][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  141.521156][T10008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1103'.
[  141.547679][ T9935] Process accounting resumed
[  141.606543][ T5830] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  141.624518][ T6493] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.685607][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  141.687494][T10017] fuse: Bad value for 'group_id'
[  141.706444][T10017] fuse: Bad value for 'group_id'
[  141.765612][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  141.794042][T10019] netlink: 'syz.4.1106': attribute type 1 has an invalid length.
[  141.796360][T10019] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1106'.
[  141.873743][T10026] No control pipe specified
[  142.405449][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.405495][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  142.840909][T10067] fuse: Bad value for 'group_id'
[  142.842673][T10067] fuse: Bad value for 'group_id'
[  143.073890][T10085] tipc: Resetting bearer <eth:team0>
[  143.232712][T10093] overlayfs: missing 'workdir'
[  143.301906][T10096] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1130'.
[  143.414501][T10103] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1132'.
[  143.886328][T10115] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1135'.
[  144.264031][T10126] fuse: Bad value for 'group_id'
[  144.273593][T10126] fuse: Bad value for 'group_id'
[  144.999914][T10142] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1143'.
[  145.187823][T10147] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1152'.
[  145.525011][    C2] net_ratelimit: 11 callbacks suppressed
[  145.525024][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  145.535048][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  145.544832][T10155] netlink: 'syz.1.1146': attribute type 1 has an invalid length.
[  145.547076][T10155] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1146'.
[  145.604160][T10160] No control pipe specified
[  145.854989][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  145.924992][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  146.310402][T10191] SET target dimension over the limit!
[  146.359537][T10193] overlay: Unknown parameter 'subj_user'
[  146.380461][T10193] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1164'.
[  146.504751][T10195] can0: slcan on ttyS3.
[  146.564940][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  146.574830][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  146.710053][T10200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1166'.
[  146.868821][T10223] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1157'.
[  146.884843][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  146.910314][T10224] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  146.964918][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  147.195466][T10187] can0 (unregistered): slcan off ttyS3.
[  147.604785][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  149.221166][T10248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1173'.
[  149.395511][ T5943] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  149.440018][T10269] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1178'.
[  149.683674][T10285] netlink: 'syz.2.1183': attribute type 12 has an invalid length.
[  150.724383][    C2] net_ratelimit: 10 callbacks suppressed
[  150.724395][    C2] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  150.734359][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  150.855101][  T112] 
[  150.855929][  T112] ======================================================
[  150.857947][  T112] WARNING: possible circular locking dependency detected
[  150.859980][  T112] 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 Not tainted
[  150.862665][  T112] ------------------------------------------------------
[  150.864969][  T112] kswapd0/112 is trying to acquire lock:
[  150.866579][  T112] ffff8880243f1438 (&q->q_usage_counter(io)#68){++++}-{0:0}, at: blk_mq_submit_bio+0x7ca/0x24c0
[  150.869274][  T112] 
[  150.869274][  T112] but task is already holding lock:
[  150.871392][  T112] ffffffff8df4e8c0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[  150.873865][  T112] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  150.873865][  T112] which lock already depends on the new lock.
[  150.873865][  T112] 
[  150.876767][  T112] 
[  150.876767][  T112] the existing dependency chain (in reverse order) is:
[  150.879173][  T112] 
[  150.879173][  T112] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  150.881051][  T112]        fs_reclaim_acquire+0x102/0x150
[  150.882527][  T112]        __kmalloc_node_noprof+0xb7/0x520
[  150.884035][  T112]        __kvmalloc_node_noprof+0xad/0x1a0
[  150.885583][  T112]        sbitmap_init_node+0x1ca/0x770
[  150.886991][  T112]        scsi_realloc_sdev_budget_map+0x2c7/0x610
[  150.888900][  T112]        scsi_add_lun+0x11b4/0x1fd0
[  150.890318][  T112]        scsi_probe_and_add_lun+0x4fa/0xda0
[  150.891845][  T112]        __scsi_add_device+0x24b/0x290
[  150.893389][  T112]        ata_scsi_scan_host+0x215/0x780
[  150.894814][  T112]        async_run_entry_fn+0x9c/0x530
[  150.896208][  T112]        process_one_work+0x958/0x1b30
[  150.897646][  T112]        worker_thread+0x6c8/0xf00
[  150.898991][  T112]        kthread+0x2c1/0x3a0
[  150.900194][  T112]        ret_from_fork+0x45/0x80
[  150.901467][  T112]        ret_from_fork_asm+0x1a/0x30
[  150.902918][  T112] 
[  150.902918][  T112] -> #0 (&q->q_usage_counter(io)#68){++++}-{0:0}:
[  150.905163][  T112]        __lock_acquire+0x249e/0x3c40
[  150.906544][  T112]        lock_acquire.part.0+0x11b/0x380
[  150.907946][  T112]        __bio_queue_enter+0x4c6/0x740
[  150.909335][  T112]        blk_mq_submit_bio+0x7ca/0x24c0
[  150.910702][  T112]        __submit_bio+0x384/0x540
[  150.912049][  T112]        submit_bio_noacct_nocheck+0x698/0xd70
[  150.913589][  T112]        submit_bio_noacct+0x93a/0x1e20
[  150.914963][  T112]        __swap_writepage+0x3a3/0xf50
[  150.916311][  T112]        swap_writepage+0x403/0x1120
[  150.917620][  T112]        pageout+0x3b2/0xaa0
[  150.918785][  T112]        shrink_folio_list+0x3025/0x42d0
[  150.920184][  T112]        evict_folios+0x6e3/0x19c0
[  150.921475][  T112]        try_to_shrink_lruvec+0x61e/0xa80
[  150.922883][  T112]        shrink_one+0x3e3/0x7b0
[  150.924056][  T112]        shrink_node+0xbf0/0x3f20
[  150.925352][  T112]        balance_pgdat+0xc1f/0x18f0
[  150.926714][  T112]        kswapd+0x605/0xc00
[  150.927910][  T112]        kthread+0x2c1/0x3a0
[  150.929122][  T112]        ret_from_fork+0x45/0x80
[  150.930710][  T112]        ret_from_fork_asm+0x1a/0x30
[  150.932080][  T112] 
[  150.932080][  T112] other info that might help us debug this:
[  150.932080][  T112] 
[  150.934696][  T112]  Possible unsafe locking scenario:
[  150.934696][  T112] 
[  150.936614][  T112]        CPU0                    CPU1
[  150.938002][  T112]        ----                    ----
[  150.939336][  T112]   lock(fs_reclaim);
[  150.940384][  T112]                                lock(&q->q_usage_counter(io)#68);
[  150.942477][  T112]                                lock(fs_reclaim);
[  150.944107][  T112]   rlock(&q->q_usage_counter(io)#68);
[  150.945567][  T112] 
[  150.945567][  T112]  *** DEADLOCK ***
[  150.945567][  T112] 
[  150.947614][  T112] 1 lock held by kswapd0/112:
[  150.948875][  T112]  #0: ffffffff8df4e8c0 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0
[  150.951192][  T112] 
[  150.951192][  T112] stack backtrace:
[  150.952783][  T112] CPU: 1 UID: 0 PID: 112 Comm: kswapd0 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0
[  150.955417][  T112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.958284][  T112] Call Trace:
[  150.959196][  T112]  <TASK>
[  150.959978][  T112]  dump_stack_lvl+0x116/0x1f0
[  150.961208][  T112]  print_circular_bug+0x41c/0x610
[  150.962559][  T112]  check_noncircular+0x31a/0x400
[  150.963875][  T112]  ? __pfx_check_noncircular+0x10/0x10
[  150.965275][  T112]  ? lockdep_lock+0xc6/0x200
[  150.966515][  T112]  ? __pfx_lockdep_lock+0x10/0x10
[  150.967818][  T112]  __lock_acquire+0x249e/0x3c40
[  150.969128][  T112]  ? __pfx___lock_acquire+0x10/0x10
[  150.970480][  T112]  lock_acquire.part.0+0x11b/0x380
[  150.971796][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  150.973196][  T112]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  150.974674][  T112]  ? rcu_is_watching+0x12/0xc0
[  150.975933][  T112]  ? trace_lock_acquire+0x14e/0x1f0
[  150.977285][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  150.978708][  T112]  ? lock_acquire+0x2f/0xb0
[  150.979892][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  150.981259][  T112]  __bio_queue_enter+0x4c6/0x740
[  150.982561][  T112]  ? blk_mq_submit_bio+0x7ca/0x24c0
[  150.984006][  T112]  ? __pfx___bio_queue_enter+0x10/0x10
[  150.985492][  T112]  ? blk_mq_submit_bio+0x7b5/0x24c0
[  150.986876][  T112]  ? __pfx_autoremove_wake_function+0x10/0x10
[  150.988635][  T112]  blk_mq_submit_bio+0x7ca/0x24c0
[  150.990049][  T112]  ? __pfx_blk_mq_submit_bio+0x10/0x10
[  150.991503][  T112]  ? __pfx_mark_lock+0x10/0x10
[  150.992831][  T112]  __submit_bio+0x384/0x540
[  150.994101][  T112]  ? __pfx___submit_bio+0x10/0x10
[  150.995420][  T112]  ? ktime_get+0x206/0x300
[  150.996602][  T112]  ? lockdep_hardirqs_on+0x7c/0x110
[  150.997991][  T112]  ? submit_bio_noacct_nocheck+0x698/0xd70
[  150.999503][  T112]  submit_bio_noacct_nocheck+0x698/0xd70
[  151.000944][  T112]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  151.002609][  T112]  ? __pfx___might_resched+0x10/0x10
[  151.003995][  T112]  ? __pfx___folio_start_writeback+0x10/0x10
[  151.005599][  T112]  submit_bio_noacct+0x93a/0x1e20
[  151.006885][  T112]  __swap_writepage+0x3a3/0xf50
[  151.008210][  T112]  swap_writepage+0x403/0x1120
[  151.009584][  T112]  ? folio_clear_dirty_for_io+0x112/0x800
[  151.011045][  T112]  pageout+0x3b2/0xaa0
[  151.012107][  T112]  ? __pfx_pageout+0x10/0x10
[  151.013428][  T112]  ? __pfx_try_to_unmap_one+0x10/0x10
[  151.014786][  T112]  ? __pfx_folio_not_mapped+0x10/0x10
[  151.016163][  T112]  ? __pfx_folio_lock_anon_vma_read+0x10/0x10
[  151.017733][  T112]  ? folio_mark_dirty+0xd8/0x150
[  151.019015][  T112]  shrink_folio_list+0x3025/0x42d0
[  151.020401][  T112]  ? __pfx_shrink_folio_list+0x10/0x10
[  151.021811][  T112]  ? isolate_folios+0x1c57/0x3830
[  151.023168][  T112]  ? hlock_class+0x4e/0x130
[  151.024376][  T112]  ? mark_lock+0xb5/0xc60
[  151.025510][  T112]  ? mark_held_locks+0x9f/0xe0
[  151.026757][  T112]  evict_folios+0x6e3/0x19c0
[  151.027961][  T112]  ? __pfx_evict_folios+0x10/0x10
[  151.029281][  T112]  ? __pfx___might_resched+0x10/0x10
[  151.030652][  T112]  try_to_shrink_lruvec+0x61e/0xa80
[  151.031967][  T112]  ? find_held_lock+0x2d/0x110
[  151.033257][  T112]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  151.034805][  T112]  ? shrink_node+0xbd0/0x3f20
[  151.036186][  T112]  shrink_one+0x3e3/0x7b0
[  151.037316][  T112]  ? shrink_node+0xbd0/0x3f20
[  151.038693][  T112]  shrink_node+0xbf0/0x3f20
[  151.039906][  T112]  ? shrink_node+0x93e/0x3f20
[  151.041166][  T112]  ? __pfx_shrink_node+0x10/0x10
[  151.042550][  T112]  ? __pfx_lock_release+0x10/0x10
[  151.044037][  T112]  ? percpu_ref_put_many.constprop.0+0x1b/0x150
[  151.045728][  T112]  ? balance_pgdat+0xc1f/0x18f0
[  151.047025][  T112]  balance_pgdat+0xc1f/0x18f0
[  151.048301][  T112]  ? __pfx_balance_pgdat+0x10/0x10
[  151.049703][  T112]  ? __pfx___lock_acquire+0x10/0x10
[  151.051090][  T112]  ? lock_acquire.part.0+0x11b/0x380
[  151.052481][  T112]  ? __pfx___might_resched+0x10/0x10
[  151.053922][  T112]  kswapd+0x605/0xc00
[  151.054329][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  151.054968][  T112]  ? __pfx_kswapd+0x10/0x10
[  151.057914][  T112]  ? __pfx_autoremove_wake_function+0x10/0x10
[  151.059523][  T112]  ? lockdep_hardirqs_on+0x7c/0x110
[  151.060905][  T112]  ? __kthread_parkme+0x148/0x220
[  151.062212][  T112]  ? __pfx_kswapd+0x10/0x10
[  151.063657][  T112]  kthread+0x2c1/0x3a0
[  151.064728][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  151.066098][  T112]  ? __pfx_kthread+0x10/0x10
[  151.067278][  T112]  ret_from_fork+0x45/0x80
[  151.068523][  T112]  ? __pfx_kthread+0x10/0x10
[  151.069786][  T112]  ret_from_fork_asm+0x1a/0x30
[  151.071038][  T112]  </TASK>
[  151.134373][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  151.764435][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  152.164269][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  152.804194][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  153.204278][    C0] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  153.854122][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  154.244088][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  155.924120][    C1] net_ratelimit: 2 callbacks suppressed
[  155.924132][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  156.323910][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  156.963914][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  157.363887][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  158.013796][    C3] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  158.403825][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  159.043901][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  160.083792][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  160.483722][    C1] IPVS: lc: UDP 224.0.0.2:0 - no destination available

VM DIAGNOSIS:
08:16:13  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=0000000000000003 RCX=ffffffff849ebb75 RDX=0000000000000000
RSI=0000000000000004 RDI=0000000000000001 RBP=ffffffff8bb208c0 RSP=ffffc90002c3e9c8
R8 =0000000000000001 R9 =0000000000000002 R10=0000000000000000 R11=ffff88802b030030
R12=0000000000000000 R13=0000000000000001 R14=0000000000000004 R15=0000000000000008
RIP=ffffffff81994f70 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f113ffc CR3=00000000215d2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006c00000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142075 RDI=ffffffff9a665300 RBP=ffffffff9a6652c0 RSP=ffffc9000110e200
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000074 R14=ffffffff85142010 R15=0000000000000000
RIP=ffffffff8514209f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057cfc4c0 CR3=0000000025256000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=1ffff1100b573e47 RBX=00000000f4400000 RCX=ffffffff81e2b4f4 RDX=ffff888025b80000
RSI=ffffffff81e2b22c RDI=0000000000000006 RBP=0000000000000000 RSP=ffffc9000363f880
R8 =0000000000000006 R9 =00000000f4400000 R10=00000000f4247000 R11=0000000000000000
R12=dffffc0000000000 R13=0000000000000000 R14=00000000f4247000 R15=ffffc9000363fcb8
RIP=ffffffff81e2b23a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f86e40 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7423ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000025d46c RBX=0000000000000003 RCX=ffffffff8b1a17a9 RDX=ffffed10056e6fee
RSI=ffffffff8bb16bc0 RDI=ffffffff81702e19 RBP=ffffed10039df488 RSP=ffffc9000049fe08
R8 =0000000000000000 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001
R12=0000000000000003 R13=ffff88801cefa440 R14=ffffffff901cd9d0 R15=0000000000000000
RIP=ffffffff8b1a2b8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fda175c1d98 CR3=000000002908e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000005000001 Opmask01=0000000080000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3efeb7eef579f08e 95f63fe3298fccd1
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3bdeae53de2dc87d d208386a8cad32b9
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 956f15e1b7724840 4a94932a12b66083
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 860cc0723a66ff55 edaa8e670bd3cfda
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001d00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 830600807d320080 005c6c12e11c0080
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001000000 01000000725a0080
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 005c6c0b01000000 16c60080005c6c0a
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01000000005c6c2e 005c6c2d01000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aa68408bf9bb6d42 43caf2b5a4dbc952
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b7d52a37c3dc476 fc6cf743564383a2
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030302030303030 2030354130303030 3030203039323030 302030203a522041
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2630302030203030 2030303530302030 0000203030323030 202030203a522020
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 266465637e6b787f 6d636c6465692a7e 646f7e7963796465 6964632a646b2a62
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 464c4f2a693f3f6c 3e3a3f6c3a3a3a3a 3a3a3a3a3068383a 3a2a305a59582a57
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000