last executing test programs:

2m5.921429124s ago: executing program 1 (id=124):
modify_ldt$write(0x1, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x4000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000ffffff800000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2m5.861844061s ago: executing program 1 (id=126):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) (async)
r1 = socket(0x1d, 0x2, 0x6)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x6a, 0x3, 0x0, &(0x7f00000000c0)=0xfffffffffffffd27)

2m5.812538719s ago: executing program 1 (id=128):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="180000002c000100008c0000000000020400008004000d"], 0x18}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2m5.729142999s ago: executing program 1 (id=131):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
write(r1, &(0x7f0000000000)="240000001a005f0400f9f4070009040180202000000000000000000008001e0040000000", 0x24)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYBLOB="0000000000000000280012800a000100767863616e00000018"], 0x48}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
syz_emit_ethernet(0x66, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60fca33f00306700fe800000000000000000000000000000fe8000000000000000000000000000aa210000000000000000030000000000000017587f0000000000000000d3f5aaacd21a0ca186608b74f100000000000000"], 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e23, @remote}], 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0xb9c51, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x901091, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000100)={'wlan1\x00', @broadcast})
umount2(&(0x7f00000001c0)='./file0\x00', 0x9)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chroot(&(0x7f0000000000)='./file0\x00')
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = dup(r5)
sendmsg$inet(r6, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="10000000000700"/16], 0x10}, 0x40040)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001c0001"], 0x28}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000000600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200040a0)

2m5.639411337s ago: executing program 1 (id=134):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$DEVLINK_CMD_TRAP_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x50, r2, 0x811, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xfffffffffffffdc7}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x840) (async, rerun: 32)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x20021}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_HASH_MAX={0x8, 0x1b, 0xdb}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x10) (rerun: 32)

2m5.322752082s ago: executing program 1 (id=145):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$gtp(&(0x7f00000006c0), 0xffffffffffffffff)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000280)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000001340)={{@local}, @my=0x0, 0x0, 0x8})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, &(0x7f0000000180)={{@host, 0x6}, 0x6, 0x0, 0xa6a8, 0x0, 0xfffffffe, 0x0, 0x20000007, 0x6})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="29f525bd7000ffdbdf250300000008000200010000009632228c07f16ecedd40c8bc6d301a162aa3c3d515a6de82ab80a5be39707d0801edb6e68a75d105d2a97dbe2b93d9134649b8f6c33e80dda88d02b7ca4eaeee25c4eda880a8f1dcd94d78e459188a23fbc27602d7be2f4fa7fce2cb3dd61c9543dfe190510caa"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r6, &(0x7f0000000340)=[{&(0x7f0000000080)=""/110, 0x6e}], 0x1)
ioctl$SNDCTL_DSP_STEREO(r6, 0xc0045003, &(0x7f0000000140)=0x1)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r7, 0x84, 0x20, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400000010000304000000000000000000000c00", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006970766c616e0000", @ANYRES32=r0, @ANYBLOB='\b\x00', @ANYRES32=r1], 0x44}}, 0x4800)

2m5.303443269s ago: executing program 32 (id=145):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$gtp(&(0x7f00000006c0), 0xffffffffffffffff)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000280)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000001340)={{@local}, @my=0x0, 0x0, 0x8})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, &(0x7f0000000180)={{@host, 0x6}, 0x6, 0x0, 0xa6a8, 0x0, 0xfffffffe, 0x0, 0x20000007, 0x6})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="29f525bd7000ffdbdf250300000008000200010000009632228c07f16ecedd40c8bc6d301a162aa3c3d515a6de82ab80a5be39707d0801edb6e68a75d105d2a97dbe2b93d9134649b8f6c33e80dda88d02b7ca4eaeee25c4eda880a8f1dcd94d78e459188a23fbc27602d7be2f4fa7fce2cb3dd61c9543dfe190510caa"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
readv(r6, &(0x7f0000000340)=[{&(0x7f0000000080)=""/110, 0x6e}], 0x1)
ioctl$SNDCTL_DSP_STEREO(r6, 0xc0045003, &(0x7f0000000140)=0x1)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r7, 0x84, 0x20, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="4400000010000304000000000000000000000c00", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006970766c616e0000", @ANYRES32=r0, @ANYBLOB='\b\x00', @ANYRES32=r1], 0x44}}, 0x4800)

2m4.39060587s ago: executing program 0 (id=155):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x4, 0x10}, 0xc)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xc0fe, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2m4.387409717s ago: executing program 0 (id=157):
modify_ldt$write(0x1, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x4000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000850000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2m4.325769744s ago: executing program 0 (id=159):
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/242, 0x48}], 0x1) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x63) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async, rerun: 64)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 64)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0x7, 0x0, 0x20, 0x0, 0xdb, 0x0, 0x7f, 0x0, 0x0, 0x8, 0x0, 0x8}}) (async, rerun: 32)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0xfffffffffffffffd], 0xf000, 0x2c0f12}) (async, rerun: 32)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000000)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000040)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r3, 0x7ab, &(0x7f0000000080)={&(0x7f0000000b80)={{@host}, {@hyper, 0x2000}, 0x400, "5892f8846a1584d5f50780d062878b5d8d00dbb7259a8c091b65dcf098053a9af39e6d845471decb43c8fc88c155f8735af3d94d4d1559de56c7feba7ef198388d33a5efdf0477bf22430a4f7f61679045e70cd8a9777c8feb3e1f229662a0eab8d795c696c9c189287853d8c33c5a4b5bf5a60ef839376f634798f852cf4c11dd80a1f974a5d221c051adb9885e1ea8cd542b8aca2bd751909a12e50ab6db3f757333f966f6598bb7e9140c82b7bb98afa22f23041b77ce1188e2c0dc4ad8869ca1e65d1547c9e511851583f0c6f031040ec6c9520897671fb64909c7e991a01e2d8eda3386d26d5e95c89685780668684d9ef98355274ebd990ed6c94f7280a9c11a6114b7f98ad2208bdf4bafb7b798a1aacdbba5ca7760f15fe36eb285bd7577f6a5c1598195c5d1a70b8157808ed976f39344c03920aa1afb9122cb50f817f66182316890365bd9de56d71be8c05b8a8b570d130e5ad197ae2c29f47c9135b17c15cb134141e7d5e073240d110a3c956185f4df2378adf6358983bfdddd69e4b1b3d23063f1a290d008ef04c8f3ffa6fddbbd3fd339796e212a0cdc22592c00aa5bcf99ebb56a6048f0760ad29de3d59310a07d9e5651342839ea660b5998a1bff65b780057c48bccbac988ffb6201617c1181eb9c2feb4e3f67e00a16e7e1a65f5daf91d20885a1a072efa9983ae6358f4c91f8411d7164b9f079c44a5a05c1a7bdba53200c19452fb8b1cd298aa2ba02ca2aa6d4ded164e74ffa25465468a6918fb05fa1e99fe6435bab2298ef1c3b97b2a69c12b1b967dec4c14ec705b8e2517ca11fb4ea655a54bbfa4e764ac5d3c4b0aae3e74b456d9aaedbbfe4052540ff66d91e90361516811b4b5510a921069a1b0571d5ca6c3c579785ea705a9aa1ab6f6d2aa6741a97ff7de7c3337d14231ffc92b0ebab9a14b4ff9873d5626a495dcdf35fff67d83bda18b736c674139d954d36657d6f38983df5217f58b75789b29d96207c7cea40ceb7544b2674f3fb0b73093e8649f5c841f89169adc37c1fb52cb90c04b4ac66d6b559ca86ec2aaa52f20b14aadba9b3f25be093a0ef6e366bfeb22aa3cfbec23ce56c334f448cf7f1f9653744388a3552e4564a26e399088b6746c907fd3039a3e3befd458740d54bb21936d19d5e3077bf7469047bb809ded01fdd620c0e32c0364527d54bef987a96cf15fb8e7b42c6e9b337c9026c7bf5002043811944036255aa47296e1fd22cb9b380838f5c134d7c33a72c7817ab52bfb31ece32e4dce47d0f9ed817b9d3e5f7630f355813c3ba1c22f744a2e32c563685a62699398f7226ae24799e1b2fba2f0ed8fd08d2bb0e7950805a119bd4ea46714a73facd4fda8ec64213221d7fd8f09fcdab4be032d8fab53211b4b00f282e794858af57064732352099983359cb9919fca39b9b2ff7a4778f6d5"}, 0x418}) (async)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="52ba0b510896edaf3b73f5904926021158d2d8428000080b585750dc713cef6bcef927ed6e0cba0d5cbcb6db757646e8819e8287de24b2c41829fb92a4a78af13fac9a89662d4b76ced139b7737246854e9023b3a26a3dc772bd1fda35dd6f39b2ccd31b7d835166386dc0863f04daef16de68e4365826be5de039431234"], 0x54}}, 0x4000000) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r5 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/mnt\x00')
ioctl$NS_GET_USERNS(r5, 0xb701, 0x0) (async)
r6 = epoll_create1(0x0)
r7 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x111000, 0x0)
syz_kvm_setup_cpu$x86(r1, r7, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000340)=[@text16={0x10, &(0x7f0000000840)="baf80c66b87cc5918166efbafc0c66b80028000066efb8db000f00d8d288cb620fc7a900000f795800260f01c3baf80c66b86095f48366efbafc0c66edba2000b000ee64650f2113baf80c66b8407d4a8966efbafc0c66ed", 0x58}], 0x1, 0x3a, &(0x7f0000000440)=[@efer={0x2, 0x1000}], 0x1) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x21010, r6, 0xafd48000)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r8, 0x400448e3, &(0x7f0000000000))

2m4.063010839s ago: executing program 0 (id=161):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) (async, rerun: 64)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async, rerun: 64)
mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) (async)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) (async)
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) (async, rerun: 32)
r1 = fcntl$dupfd(r0, 0x0, r0) (rerun: 32)
ioctl$UFFDIO_CONTINUE(r1, 0xc018aa06, &(0x7f0000000100)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x3, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000]}, 0x45c) (async, rerun: 32)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x5) (async, rerun: 32)
ioctl$UI_SET_SWBIT(r2, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r2, 0x5501)

2m3.943001343s ago: executing program 0 (id=162):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'ip6gretap0\x00', &(0x7f00000000c0)=@ethtool_dump={0x8539e9ddf2f2cccc, 0x7, 0x7f, 0xac, "f09f5203a80012330f8e9c681e6783820d57a6362fc2c5912c83f625956277b8541687296437d35258f04720fc6ac0c4a8e175adc7179ff1c1a3b2b18e23cc42c31dc060323ff1a6d1b6cb22aa97d2608078e85a89b21226376e1845887346caad931aace5d4b7268e5b19d939f2be38481ec2b0958bfb366af78269442d25510f3fd617597983e6e2451f59cad9cacd882d95b336f045fb37a3da793276cd3acdf2b7291b8507d2a77c0946"}})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
mkdir(&(0x7f0000000280)='./file1\x00', 0x140)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x2b)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x4424c0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="2000000018000501000000000000ebff0900000000000000e334000004001280"], 0x20}}, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c40)=[{{&(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="01", 0x1}], 0x1}}], 0x1, 0x20000840)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000080), 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000002c0)='htcp\x00', 0x5)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

2m3.102602902s ago: executing program 0 (id=170):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000140)={0x9, 0x100, 0x3, {0x3, 0x2, 0x8}})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000000600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

1m48.080540346s ago: executing program 33 (id=170):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000140)={0x9, 0x100, 0x3, {0x3, 0x2, 0x8}})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000000600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

43.231725729s ago: executing program 2 (id=1729):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x3810819, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa820a9, &(0x7f00000002c0)={[{@nr_blocks={'nr_blocks', 0x3d, [0x38]}}]})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd2d, 0x1000, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8}}]}, 0x40}}, 0x0)

43.171939857s ago: executing program 2 (id=1732):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000090600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

43.165534411s ago: executing program 2 (id=1735):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5035, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000004880)=@polexpire={0xc0, 0x28, 0xffffffffffffffff, 0x0, 0x0, {{{@in6=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x9, 0x4}, 0x0, 0x6e6bc0, 0x0, 0x0, 0x0, 0x2}, 0x6a}}, 0xc0}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)=ANY=[@ANYBLOB="180000002c0001020000e400000000000400008004000e"], 0x18}], 0x1}, 0x0)

43.052238062s ago: executing program 2 (id=1740):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000080)='./file0\x00')
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r2, &(0x7f0000000280)=ANY=[], 0x40)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x10, &(0x7f0000000280)=[@efer={0x2, 0x800}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYRES32=r4], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xac7, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r5}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r6}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./file0\x00', 0x0, 0x10}, 0x18)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f00000008c0), r8)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r8, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000900)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002abd7000fbdbdf251b0000000e0001006e657464657673696d0000c644e50700000f0002006e657464657673696d30000008000b"], 0x3c}, 0x1, 0x0, 0x0, 0x8041}, 0x4008000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
ftruncate(r7, 0xc17c)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, 0x0, &(0x7f0000002180))
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x940}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STATS_ENABLED={0x5, 0x2a, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x104}, 0x0)
ftruncate(r8, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

42.881862911s ago: executing program 2 (id=1752):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5035, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000004880)=@polexpire={0xc0, 0x28, 0xffffffffffffffff, 0x0, 0x0, {{{@in6=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x9, 0x4}, 0x0, 0x6e6bc0, 0x0, 0x0, 0x0, 0x2}, 0x6a}}, 0xc0}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)=ANY=[@ANYBLOB="180000002c0001020000fd00000000000400008004000e"], 0x18}], 0x1}, 0x0)

42.46186423s ago: executing program 2 (id=1771):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000200600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

42.425239721s ago: executing program 34 (id=1771):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000200600000000060015000100000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

16.220359057s ago: executing program 5 (id=2178):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000000600000000060015000120000018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

3.011370054s ago: executing program 5 (id=2180):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c00)=ANY=[@ANYRESOCT=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
listen(0xffffffffffffffff, 0x1ff)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f00000001c0)=@ethtool_per_queue_op={0x4b, 0xf, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}})
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$P9_RSTATu(r5, &(0x7f0000000580)={0x239, 0x2, 0x0, {{0x500, 0xf8, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\x00\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$VIDIOC_G_AUDOUT(r1, 0x80345631, &(0x7f0000000180))
ioctl$KVM_INTERRUPT(r8, 0x4048aecb, &(0x7f0000000100)=0x479e)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
dup(r0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c00)=ANY=[@ANYRESOCT=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) (async)
listen(0xffffffffffffffff, 0x1ff) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) (async)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f00000001c0)=@ethtool_per_queue_op={0x4b, 0xf, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}) (async)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) (async)
write$P9_RSTATu(r5, &(0x7f0000000580)={0x239, 0x2, 0x0, {{0x500, 0xf8, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\x00\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239) (async)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) (async)
ioctl$VIDIOC_G_AUDOUT(r1, 0x80345631, &(0x7f0000000180)) (async)
ioctl$KVM_INTERRUPT(r8, 0x4048aecb, &(0x7f0000000100)=0x479e) (async)

2.759587075s ago: executing program 4 (id=2188):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2(&(0x7f0000000000)={0x0, <r2=>0x0}, 0x0)
r3 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000020000000000000f01"], 0x0, 0x37, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
io_setup(0x800, &(0x7f0000000240)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000380)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x3, 0x4, r0, &(0x7f0000000280)="ba9978aa111824507491a1013c1a617ee9ee6216d493c4e18f984bcb274197b9774e6f26d5d25e583c476c6070183ad3cd04f80be19406a7bdb53837c976ad9e1f7fe41f93f5083d1f708f90165ad55248665155f91fb84806091aa37e9edd6e6d2068c37bd02b7a0d57ca8e5e9c833ca2e7f7991f0160b80377ffa3dc4e93566e70397cf2042f7fac84b266eb1c979a379748b0b269dab22ff92d9b22", 0x9d, 0x400, 0x0, 0x2, r2}])
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r4, @ANYBLOB="08001a297236a59ff91a000b740101bb72f2bc65644cda924d6489a0c47b1c421677f0abef17982d5f90953c78d1ff3f91683cfe44c5d43e0946b91ba830b795684a04a389cb428f", @ANYRES32=r4, @ANYBLOB], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

2.00091052s ago: executing program 5 (id=2190):
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1, 0x0, 0x8, 0x42000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000640), 0xc0802, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x5, 0x200008, 0x8, 0x20000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.950023305s ago: executing program 5 (id=2193):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'veth1_to_bond\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r0, 0x80047453, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'bridge_slave_1\x00'}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="15000000100000000200"/20, @ANYRES32, @ANYBLOB="00000000000000000000080074298bd100000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0x17, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000180100002020001000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000400)="5aee41dea43e9eee28e622e563a3", 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.949243504s ago: executing program 6 (id=2194):
socket$nl_route(0x10, 0x3, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

1.948884256s ago: executing program 3 (id=2195):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x9c)
mmap(&(0x7f0000fa3000/0x2000)=nil, 0x2000, 0x7, 0x13, r0, 0x0)
mremap(&(0x7f0000fa4000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fa2000/0x1000)=nil)

1.9167348s ago: executing program 6 (id=2196):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
creat(&(0x7f0000000100)='./file0/file0\x00', 0x408) (async)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
unlinkat(r0, &(0x7f0000000180)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0) (async)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x80000) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) (async, rerun: 64)
chdir(&(0x7f0000000140)='./bus\x00') (rerun: 64)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
chdir(&(0x7f0000000380)='./file1\x00') (async, rerun: 32)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="4e0000000100000000000000040000000000000010000000000000000000000000000000e7941e020ec9c768222af5655c2c837d405f33cf2a5040e81b721901659bbf8452ed5484deee7b24bb6bfc87cb0290a4546a1c0c107a7953ff40ad079091c1ef8524f9f965eafdbf96fdc390aaafed5276a28cb0e011d4f8bcf34070a61f6516b0323fa07ff8b169141e8ce58880de24c0d2b3b90e5b24c4cbb27c"], 0x24, 0x0) (rerun: 32)

1.892494809s ago: executing program 4 (id=2197):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r3)
sendmsg$NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x44, r4, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x19}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_vlan\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6779d795c481531a}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x80, r4, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @remote}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x10}}, @NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:ssh_keysign_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x12}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x4000809)
writev(r0, &(0x7f0000000040), 0x2)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x7, 0xa, 0x101}, 0x14}}, 0x0)

1.891654944s ago: executing program 3 (id=2198):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d0000000000000000020000000000000600000000060015000100090018001680140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000a0)

1.831528041s ago: executing program 3 (id=2199):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x4, 0xe}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0xc00}, 0x0)

1.829528977s ago: executing program 6 (id=2200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x68, &(0x7f0000000000)={&(0x7f0000001940)=ANY=[@ANYBLOB="140000001000010000000000e80000000000000a50000000120a09110000000000000000020000000900020073797a3100000000080004400000000f0900010073797a30000000000800034000000002"], 0x64}}, 0x0)

1.761764788s ago: executing program 4 (id=2201):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a3100000000c4000000030a010200000000001a0000010000000900030073797a320000000098000c00ce46fb7a46804846e02ab8501f20c9a3146f470e5cca0585693727a9364bb1c1d9cf9b8317a090949d085dceab414697bc620b7bf420019d1e7c1e360d63d1675c0db77db99bb9cacb92e60d3ea5fa440b74df9f811a309510911632344e325bae255d2e9866098d459a944ee06f74b4536a180f7a4da80b1148e08a893113b870ae90559e523a976e18f85e1603fe35dcb053850900010073797a31000000002c000000050a01020000000000000000010000000c00024000000000000000010900010073797a310000000028000000000a05000000000000000000010000080900010073797a31000000000800024000000001"], 0x160}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r4, 0xffffffffffffffff, 0x21}, 0x57)
setsockopt$inet_opts(r2, 0x0, 0x8, &(0x7f0000000040)="e1", 0x1)
getsockopt$inet_opts(r2, 0x0, 0x9, 0xffffffffffffffff, &(0x7f0000000340)=0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
r6 = open(&(0x7f0000021000)='./file0\x00', 0x408000, 0x0)
fchdir(r6)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r6, 0x40045730, &(0x7f0000000000)=0x5de38b)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="a183000000000000000005"], 0x1c}}, 0x0)

1.061162794s ago: executing program 5 (id=2202):
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1, 0x0, 0x8, 0x42000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000640), 0xc0802, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x5, 0x200008, 0x8, 0x20000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32], 0x4c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

249.544589ms ago: executing program 3 (id=2203):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="180000002c00010000000000000b00020400008004000d"], 0x18}], 0x1, 0x0, 0x0, 0x1}, 0x0)

249.352845ms ago: executing program 4 (id=2204):
socket$nl_route(0x10, 0x3, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

249.116388ms ago: executing program 5 (id=2205):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000100008400000000000000000200000000000005000000000000000604"], 0x0, 0x3e, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x8, 0x3, 0x538, 0xc8, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x468, 0xffffffff, 0xffffffff, 0x468, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private=0xa010102, 'wlan0\x00', {0xab43}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x598)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlinkprop={0x3c, 0x10, 0xf8b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4000, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}]}, 0x3c}}, 0x0)
prctl$PR_MCE_KILL(0x35, 0x1, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty}, {0x0, 0x0, 0x28, 0x0, @wg=@data={0x4, 0x0, 0x0, "2002000054d3741900000000b5860000"}}}}}}, 0x0)

248.629988ms ago: executing program 4 (id=2206):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="2e0f01d10f01c466ba420066b80e0066efabb80f0000000f23d00f21f835200000030f23f866f0ff870f0000000f01c42e0f01c266bad10466ed66f0f79d311ee4d2", 0x42}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000440)={{0x0, 0x0, 0x80}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x5, &(0x7f0000000340)=@raw=[@tail_call], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000240), &(0x7f0000000000)=0x68)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000001400)={0x83, 0xfffffffd, 0xffffffff}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000004a00010000000000000000000a"], 0x1c}, 0x1, 0x0, 0x0, 0x20000880}, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000024c0)={"5a6f6afe5b0ef7192de5a253efd2ae9aac2f3afd0d209936a8c8b97ace8618359b34d54c58eb283ffd7982418ca539ac1700217a69e5732cd887ac0c9294151c38200bbcffeda5f5fba8c4e8c003737dc88428b5ebf7116785e46e8f016439d6b9a530eceb03cef2813c4e1706e853586d60847f078fb3764a04abae62c8059e416541ab562836241259e5ff3de60ba367a5bf498f54ceb2c48b32bde489a5555ab2a6364775b7f1e91e8523a7a7e70c27ae2488af1170b102e777ceef1652544f4a7726ec5f40f1b862425f502c42770f2de61e5d3e39b78ecefb74569b160a47732065c7af5134ab7a64fd052807a1405592d43de35587ff9ad991e76bb0b9964a66d9b2c740beeeb15520a3103b6e2733c011131e4e57e45cbf2a8855c49b1d133d110336a82a3fea9c65e8209199f75d660f3521b44d55104e5459c0281c579940c525b8c54d322584d949d67e70bbf83298766c7ae76f43c5fa534e47d448bb354ca426a1437e80b049717af9f7976f5ed809baa13d6d53a1ec6694e26411fa796dd3a82abf53075cdce90b96b7fe417b345b517ba13f8b0bdf760cdb72e5a2eb6936781d4ab46dbfd4a31846523fe65b20d8a23e1c4ecbffc7390a902d6dca2d25d1dc2c0877c8b83941ae0a7981e3c3922bf2e9210801aeb35b34e22cb34bc62c10878d63b38329eb683f961cd7beefe69ab614b90f64309172d9ec37db9504a44e8610976e2211d7b4161b62135993ee7bcf7b15943324c6a605434211de14ed28385239db45268e1c575227cfc24db1ba6b5b76d259fdb7b1c72c2cd4468fd73776069d5b1810d06b67ab7e35894a2d0e0a3a893cc17db269c801d9df26f68ea76d86a7cd1196b4cd02e8f40383b8436d3e5d490b38fa7ecf89b0942b6dbcb6c332fa9eb6ef942d92a041f9643274e25247d40247ff14ef71ff28ced70afe7a21004677490474cce3e98aa3f70d57d76147dfa32e23fdc038dceffff870d34623a695c0599de205b08d63fe8ef14935b58452770d23761a02464c4bdec28f19bb6117fb7bed01eb9967d849d173955581de3a52eee5400e740e94f0ce7df5365c51a8fed79488d83959e513e5ff1eb4b6be37137ee6f001ed066a6bac8a807f4ebbc03478d69274f3e97d526ff7fd722c62efe008d7ba7c2932629a9bef2714610b9f06f1375602e0b8696d81671acdbb8cfd053735a9f73b1b2141c89b63fdf54ec8283a91e221c2a537280ca03809adf6c56a048c3b1e0a919d06074194bb7916699d33a89de39e6123a7f2927df2d8777f4faf0544eeeebabc9993a5f7999a18950727cbd95ec5ef6fe4c70aa374e79be8b6ba0effc81a2abdd25f2c5afcfe028a5e23df6c6e3a32d3876e5648dc00c5e40213fb89499992f174f8075f1ddddf44a57f69ff602698fd4b8d5af6eb6a3702578786cd77f875d9bd"})

183.37798ms ago: executing program 3 (id=2207):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2}}, './file0\x00'})
mremap(&(0x7f00005fb000/0x1000)=nil, 0x1000, 0xe000, 0x3, &(0x7f00008e9000/0xe000)=nil)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/64)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) (async)
mremap(&(0x7f00005fb000/0x1000)=nil, 0x1000, 0xe000, 0x3, &(0x7f00008e9000/0xe000)=nil) (async)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/64) (async)

180.737248ms ago: executing program 6 (id=2208):
mkdir(&(0x7f0000000040)='./file1\x00', 0x4) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1419c3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000021c0)=ANY=[@ANYRESOCT=0x0, @ANYRES8=r0, @ANYBLOB="0100008000000000fdff0000000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r4, 0x4080aebf, &(0x7f00000045c0)={{0x1, 0x0, 0x80, {0xffffffffffffffff, 0xf000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf9758b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bfe98e94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b91fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029e7a9e8b86a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf7b155ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f8edd941bff4b8674b91f7aebf35f056a8d388f67f8ef7c45831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b7fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22670812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa31819caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e20d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db63dec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880bffffffffffffff7fb5cb6967fb0ea8e14efce120947092c3b601002f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6af1d8183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa2983955511b5f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c75f4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b769e44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd580800000000000000d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156fb4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d475bd5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641f9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33201f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49d2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33dff5ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e02000000be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c0851800c6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e400000f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"}) (async)
mkdirat(0xffffffffffffffff, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000680), 0x81, 0x2)
ioctl$LOOP_GET_STATUS(r5, 0x1263, &(0x7f0000004400))
mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x18e)
mount$overlay(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000002200), 0x1808080, &(0x7f0000001100)={[{@verity_on}], [{@smackfstransmute={'smackfstransmute', 0x3d, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe6.\x00\x00\x02'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'e}id<=\aJW\xc1g\xcd\x97\xcf7D\xaa\xcf\xf8@\x95\x1bc./\xf8\n\xeb\x85+\xed\nN\xdd\x88/\xf75\xfa8\x9f\x1d\xaa\a\x00\x02\xd2\xcc\x85\xbc\x8dR~\x00\xb2\x95\xbd\xb4\x01K\xbb\'\x99\x05n/-\xde>\xc5Ky\x82\x92;\xebi2\xc8\xa3(\x01&X!\xec\x86\xe9\a\x0e\xe4)'}}, {@euid_lt}, {@audit}]}) (async)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r7=>r6, {0x8}}, './file0\x00'})
write$UHID_INPUT(r7, &(0x7f0000000040)={0x8, {"bf848ac09b09f897811cc5befbd7232d973118686f1ac2d9a417bb6acfb13c31c0b8786943fe09d8be3ce65fece64fc1b4850ce240df7967f57e21b5f0d8a003ee0a66e9867d8f8430895beb88672b37beb3d8b8ca8edf83ae20f37b8fe3e6704f9be072a2dcb7a27db301a33fbf916f29c0c3e3d9f6d0f42dc3b734d6ae50c9d1ff05734180a9b192a866edc9fe53ab517b128ef1a522967a533eb4f3b1d2a840f0e469ae1b8d67f1d1e231fc61a78d9edfc11bbf48dc9605811e0b33e261ff6ebbab9689bbff48a1f66c21b201566a8f8ccbabe0859674189d51237ef909aa2f6f1c4a0b5a0f858a712d0de533032f591a5097ea9dcfd364c5e0a46646cdce34c6a79db55cf8cbd897455f00d8a13e0a83902409a50c559d6bafeab9c626a5b3e68ced226f2fc8cddf8af5bfdf5ba55399737928ca5a96c8d60f5f5954813713df8af43189152431c4dcdc27fa76d21ced845f221c917c8dd7dd4f40e420b1165b4d3085c5178c32b11bb6207b7b53875b19a139bdf1ed842c176a6ef0b80542071db837df937c8dfcea06c45ca38f247c3e527a70fdceecc98af9a8d022b36edbe2180cfc13bddb12c70db72dcfcaa1bd6fdce2289644206b92a889b568f61ca88c397ea9985edf528ec99491c541096b577f367b20e5f79bedf39a1a89727cd1fe30794bd1bfa55939c8a41acb499847544bfbbac32efb4c542e03271777f3e4692a2f443c009cc068779700540c2b1fa3b954a5ffc179f77b06c9adcf5634d3e8e651b2edc7a8275cc30a1ed407f53533962bf6b34f4b3689d98dc833ed035f58c2f11c106527e68ebb89ffdc4f9326f49f15dfaa3f0e5f7329520a9b3656a6ae20691bb413985396d9266411b8e22ec3bc4a479fbca3ee1cea685cac3c0b00c55d9f4395af296b8c0350bdb26c8b4eea5d97b14789fbaeb1dade655f92998b66c4d00af42e5848b51361d307e0664694aca6eb7fc1ddce8e57f09d9d1f65813012b999cb13f8210ed1681a2492b7e08c662f4f9dc52297876578e45b96410fdf98ffe02cb28d5e88b7f1edc5dbee8e60f0d69ce14c12e40d2d7a76c20b3a7cb002678821b5ffde7d5090aab5b556b50028730cda4181bacb9c5af8ffc2c7d7b52c7553eda0b7e6192e0720175ee2007ec86ce7260665fa4bdbbd14c90377117f3ef13a7c3dc078436f0c90f78d0853f7435fc1f0742a088af50156cd11153bc4aafb0eaa82d753bf7302f348a6b9e7cbb7c57570527f483d50a04c09c59f6f1be62c79106c9b2de4dcc9c30100d67e79ee27f9da5d8639cae557d2f4c54c15431be6add5794dd78bd9d455377c7f1dea88e1628682053697f5f782841d3cb3761a72be77b273f985aed26cf1257b7f236acfaa864f400f8b7dc22020669ad498c345c3cc2ac20c9d4cc21c737f127f625a09fdae197b1857318713a033b7d0a66cecea5abc5fd9f1c55a494063c9aa59932bfdcd412092860606f9a1d15ee3ef7fd10b6ab99410845f2e1f3a092e1e56eba89539e53ca5d9b3489092932fe131f8133da6cc5f9fc3eff5885e614acb5d7af9b468788915a746972408eb72717e26879cc18c34938021f55662f930b8f5184ffbcf247a525a8821d14a7d7aa1cd1c69b33d197adc0c486f7454fefad30546dddfc85ba3250771a4fdb104602e416a0b375f014415f553e5342288ec40b458fa91ede3d8c001dde3708b8e232d3e54a495761fd59b0fbe59093b674c0070c061127a1aa18fe3ed0a7fa8fc2540dcc2ad655ab0bbcc12dc3b758cabb5843130758d4cc7d973e77cb121ae0d0a78433364fe2b0662302bb9058ff4077a4b7d4c576bab388bed31e263f869a6e5fabc122df611c5632f63ee212a8c58b1ea491fcf6ed18c511b76fd4489b57b190db756ccd448c743c55ccba10e6c80218fd10895f58ab8b16dcc3d65b89498defbcec4031a696856066537f14dda5ea17299f13261dd4347002fda1af51829d0e5e56a6c3d9b870a938161a938302d7df869390490b9a214c5b7c95c3878cb107911f681591c89d4e69514029c8bb9585771a12cfbab890ace0af7aab34537c3b1ebb066a513c437973404d12c174575eee504c914e8f56713ecb00b63cedbd668e69d3a717e1648856badb00c7f7e7b9e2f03bc87c2e1ea85b26aaf303bd8c1f8a018dd4a069a9f644cbcd1e99e2d2bf5012495eb81303cfa26233b8aac31bbf066f00bce1d1e31109b034e541de42508648cbdb34652d5eead260f4191262d4aae8fe39b999399ef673819b708c8fa7b67c1537aeec3df9bf6e4df42422351c7fcbdf2f0b2e992a2322687a61c5e42378ff9c2d05c8afadd0d6b31921f384190f16bfd9d1b7154cc605dfa54ff474826d18dffa523d82ce446c9f23bcc5f0faff17d77aa5d1941d7b5ad51ba9ac3966df40aabead2a69e7b2d2c380a88fd2bd67df93ded88e01d8af0004d0cac75f0b8ca3bab36c98e17912055d51ba991e7420b4fb7072d62d1735b5b246061c9aedcafc47c03cd213b4ff710aa6210dfadbc093a3b1b8907f6dfd9979fd1b8271976519aa9ca2dde5aa142302d5d77c15b6949a5ba0c0a56cc4cb9802c76f1f9312cb1c70286e8beae14fda582f651432402cb12f11764011ee7cae89b9bed47ab5f7a231c30637307816b195ac8c513413eaeccbf7e8151f40b55fb73d449bc6fcf1453299d283dd6c385951ff14c0158ff49bcefd496bfba5ecc2f96bdebd0238bafc1dace2a6d8dcacaa4e6b0cf1854007c9d62486c679d89afe8d85ebceeefe0b7867201630e860d151b65e65278be6432f825145228ac04b31f7a12692970c5c8b05b1b31d0e14d640af666367c5bd523367847bdd42198f3c98e0549278a517c0fdf71a94228893db7939d2b7143c0d3301e998ca108d163f9ad351b69361e5e3535e7a594d501d7834ae4087cd90426b840bd8f65758fa5135c44a3ecb0406d13baa201726ab9fcc5e3fb51c86118c9ec39819c30441ac2aeb10274cce25405889ab4f94f86d0527a18d674ae3f4b78586e22ca02d7543d3d02f9f6f009436344b740afbe4b1b2e9085200505add5bf202147bc594d71c7d3ea3dd5720abc8b067035266bad6785db7128e4191ad21b925c7462c45cf403e35cef78ca94bcc1d018510b4c03936d8f2a1a810eb5eb9ea97624ebf6b1b9349dc1814495af4d5ef4c9819f4d06ba6fe4b1994babb96230c54e768c859c41aa5f5ef5ad7ea22c6323dc9c1feab86862e6045a6558d67bcef3ba3c8aea19dd368f722d60c2de37cb7e1af03f2b1d36fd9c0436334740b4189b23bec7c21ec502258ff65af835a340d1ee0a4ba6f796e57a2f06d58a2fbc90251be805d3e6c614212545c500a410dc46ef06a3d8803b2a6c11c2e12189eb8e41a323bbef2f5f68f14bd1fe8d2491e621239c0125a41a846a9b7abb515a53e91e51c1977c0b049b5b07761936325e9cc1a60a066a6e4b174ac93b80fa74d5ce7c1ed4364453784f20765e6f8f7895f637c2bfe76945c70d5eab2103b9084388804e9aa20057588fe06374d6f1ddca3ec8479f61c1b9364e538e0e839c94f90a4dc85f4159acd2e906a29d6a6f3669230a9478e3195066e5910f2e0e027e1fcac66b4903bd7367503a45c14854398e0240f51e4b11f82ff89c75c4a51e271030f0936d19ec2fd05578ae6d5fa30c086473b6548ea91083cff88bc573b5ce58dab919abde6c3eea5f7380782d60dcabcb6f97c42a2d5c237ea8be50b608c07840fadf7ca8aba9e434d8a22d2c1840e721c42849b790f106e2b3d6544dd8924a4926dfb20177b5492de1ae3e676b92c867a3c15334023508c97f57593f7a4efb4ad642423b4a8430fac94c3e07624e7a5d68311724bc15a5f268f7eb0cafdaf0ed655a8dc2bfbd82051058a2110cfd6c883fc1fe59ed1b86e81400687983c69deb600f03f9af338109389163818d581f007a82eecbefc032ad5a2e86b6844251fc7f7ff63c400e544a418187f8a2bf40efe31777950650e0f67a54c6d0fe40d8387964e014fcca2ccdba1db95a556c8505f97232bb1fa79eb50711fa1819053cceb3ea43da2aeabae22eee394415e2327bb755399596d5a0d064cde5d004dbaa9e86ac22af440b93b3f0d51f1395408bf75beb1ea7c6e2a780390ed6746ccc59834582ef0cd656f42b72aa304c827cd21c37302a58f80d9ac45ce784c8962722ed828cc6261ac84a29eec41c59e38b2a413adce51bbc85af9d0b8b2e60914eddbb018cec07531c7e973e3af6783040c11210015cb366d941eda08b13f36b5fe68ad901597b64f2b7e1f08b1a9eabe2625e916b156e67fa4acbd373115ef663279c1e4fb8331e67105324b99d162e193989bf3f665f81071cb2f662844101e548c13e7dba77ed5fdfc15aee2ab7adc97fa07f18c6a1ce3219805bc8a156ee4e76d3ce59b38b68f191a558a47b694f822847622bce5d2a91d04cf15cfc3cc335adf8e70059f609fe25db1525163a0a92deeb94a4f733a774032f28b57b3d3ba6707c8bc8040bd696371f2ea76e79807431cc3a9a10991c5925ecb7381de61bdb578b35e20f9796e36c0d45d514e4a441f3928446b6f4833e46f2e83f7b251a5ccc2520b68591c4a0ba874038b746a17870a1e34a447df959fe316d9287ce0b7b89e7f1c202d368b007239bdef27f8633c68a4b2c365bb16cbc373949ca95eda72c39a1d4a760f298f51318117b74ac70c190cd36737549c45a794a0fc54df01f079ee44c02261d040d2d0b9874903e6e6d88823cd6a7937348f4c2c268ae7e4ab4e0af831175d44f3c5111bf4a2fae0e4ef055bd25a24c9a9fecd3de5a00aba17fa8c758680e6c7edc11ce78559efb032490105e956046e9f5a02fdcf5157ae2ca575074b9f4fdd441be4de20fd1aac0ac6aeebd8423b2754c3f3028bf887fbd43e4b67d743b83d73b54daf07c33c94d570ee16e78a56d37b4d0db2aa619c04fe07a3fa7f6fbff17f136c807531165a55327113f5d4b746b20f39616ac2413fafcb624d3561ad3ed8470db9edf0a4ade97c0181c1afbe10275640a20a788a6a921481611525123fb96abfb56a3ae2018e9671587ef63e5a136009f46720cc3892cc21cba3dc691c75c99b34188f58db132179f41ff68ff5ff1adb81e8ce0f025f8478adcb83b9a4b543880dc601490e1a9464cc5f179701f1b0fc5231d4092d6aa6d3f0ef0440a5cedc4a571f4891ae52b3ee72db8e9158831d27452ba578444c5620ecad682bf26ab4f8e5a94a3defa824a701716872716559d86ee38fd1f21947ac4a149ec15431aa4e3ac920f0aa705a51084db9ecd53232cb1d62d406876453e0e3a6481a49212caf6f265b0ab9e3b751e36da9e6f03461aeb44458eb8d621def0154b33e2ab8b4f9b05902c9945c73650356d7374f9d93ba8f885fae6a169cda328b4b1de4d0fba391f054cca9a3ca68fcc06d6906aed7feb777bbd0bec3d091d9b18b404a0297738578d1385342b100d6137361f90f8ca2b3b109371179923d9a114671907828d8caa9d1314b6af4373c03769a856828e824b714dbcbd1a4b1bf325e312663333214098cab1536678a3b2833a0865d538d36abfe5a82183108ae953d5ee23b53c6be8e3f9c5f2cc489fe57269f5071b6d11f70812ee93da32cd828cebd76368675cd01ee70b6e12e937e9449586b52fee833dac3eb08a50ccfe7892471daa65f2a5067529448c07569ca49aab6b9a3242a6ec07e09375f58be9d82bd873b0c194fcfb15f04f64410f9c7439fea92eebbc785b8d0fea", 0x1000}}, 0x1006) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = socket$inet6(0xa, 0x1, 0xd8)
setsockopt$inet6_int(r8, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) (async)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x4e25, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) (async)
r9 = socket(0xa, 0x2, 0x5)
bind$unix(r9, &(0x7f0000004340)=@abs, 0x6e) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'sit0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002240)=ANY=[@ANYBLOB="240000001d0007feff000000002fcf00070000004d5c54dd168332e179153244bc36ffc555c6115b643f017ee426fa9165a52430d20a570b8549", @ANYRES32=r11, @ANYBLOB='@\x00R\x00\b\x00\b', @ANYRES16=r10, @ANYRES8=r2], 0x24}}, 0x0) (async)
r12 = socket(0x2, 0x2, 0x1)
bind$unix(r12, &(0x7f0000000000)=@file={0x1, './file1\x00'}, 0x6e) (async)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f00000022c0)={{0x0, 0x0, 0x80}}) (async)
ioctl$TCXONC(r6, 0x4b45, 0x1)

180.61099ms ago: executing program 3 (id=2209):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x101143)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1000001000104)
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x200)
ioctl$NBD_SET_SOCK(r3, 0xab00, r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r5, 0x65, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4)

61.643313ms ago: executing program 4 (id=2210):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000140)={0x7f, 0x0, <r1=>0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f0000000380)={0xc, <r4=>0x0})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, 0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000003c0)={0x28, 0x2, r4, r6, 0x9c41, 0xfff, 0x2})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, <r7=>0xffffffffffffffff, 0x1})
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000280)='./file0\x00')
r8 = openat(0xffffffffffffff9c, 0x0, 0x121c82, 0x0)
write$binfmt_register(r8, 0x0, 0x0)
r9 = open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
write$FUSE_IOCTL(r9, &(0x7f0000000100)={0x20}, 0xfdef)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f00000002c0)={0x48, 0x2, r3, 0x0, 0x0, 0x0, <r11=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f0000000340)={0x28, 0x1, r11, r3, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000100)})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r10, 0x3ba0, &(0x7f0000001340)={0x48, 0x7, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a157f})
r12 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000180)={0xc, 0x0, <r13=>0x0})
ioctl$IOMMU_TEST_OP_ACCESS_REPLACE_IOAS(r12, 0x3ba0, &(0x7f0000000240)={0x48, 0xb, r7, 0x0, r13})
socket$inet6_udplite(0xa, 0x2, 0x88)

61.446213ms ago: executing program 6 (id=2211):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0)
sendmsg$NFC_CMD_GET_DEVICE(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000010)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000980)=ANY=[@ANYBLOB="84010000", @ANYRES16=r3, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b800800090000000000080009000000000008000a"], 0x184}}, 0x0)

0s ago: executing program 6 (id=2212):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x4, 0xe}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x6600}, 0x0)

kernel console output (not intermixed with test programs):

: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9635 comm=syz.4.902
[  106.588347][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.4.902'.
[  106.690266][ T9519] cdc_wdm 10-1:1.0: Error autopm - -16
[  106.690414][   T30] usb 10-1: USB disconnect, device number 4
[  106.828025][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.5.905'.
[  106.830436][ T9647] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.832472][ T9647] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.835045][ T9647] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.837316][ T9647] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.977118][ T1119] sr 2:0:0:0: [sr0] tag#28 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  106.979779][ T1119] sr 2:0:0:0: [sr0] tag#28 Sense Key : Illegal Request [current] 
[  106.981880][ T1119] sr 2:0:0:0: [sr0] tag#28 Add. Sense: Invalid command operation code
[  106.984052][ T1119] sr 2:0:0:0: [sr0] tag#28 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00
[  106.986457][ T1119] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[  106.989174][ T1119] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  106.991286][ T1119] Buffer I/O error on dev sr0, logical block 1, lost async page write
[  107.053735][ T9654] Cannot find set identified by id 65534 to match
[  107.059453][ T9654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.908'.
[  107.220751][ T9671] netlink: 172 bytes leftover after parsing attributes in process `syz.3.911'.
[  107.303731][ T9685] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1792 sclass=netlink_route_socket pid=9685 comm=syz.2.916
[  107.385108][   T39] audit: type=1400 audit(1733605102.694:629): avc:  denied  { watch watch_reads } for  pid=9704 comm="syz.2.921" path="/proc/741" dev="proc" ino=31005 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  107.416353][ T9711] dvmrp8: entered allmulticast mode
[  107.419523][ T9711] netlink: 8 bytes leftover after parsing attributes in process `syz.2.922'.
[  107.419524][ T9712] dvmrp8: left allmulticast mode
[  107.438659][ T9716] netlink: 172 bytes leftover after parsing attributes in process `syz.3.924'.
[  107.512372][ T9718] "syz.4.925" (9718) uses obsolete ecb(arc4) skcipher
[  107.512543][ T9721] netlink: 924 bytes leftover after parsing attributes in process `syz.3.926'.
[  107.566606][ T9726] overlayfs: failed to clone upperpath
[  107.647019][   T39] audit: type=1400 audit(1733605102.954:630): avc:  denied  { create } for  pid=9735 comm="syz.5.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1
[  107.672148][ T9736] netlink: 8 bytes leftover after parsing attributes in process `syz.5.930'.
[  107.674462][ T9736] netlink: 'syz.5.930': attribute type 18 has an invalid length.
[  107.677206][ T9736] netlink: 12 bytes leftover after parsing attributes in process `syz.5.930'.
[  107.732668][ T9751] netlink: 172 bytes leftover after parsing attributes in process `syz.5.935'.
[  107.806089][ T9762] netlink: 16 bytes leftover after parsing attributes in process `syz.5.938'.
[  107.836528][   T39] audit: type=1400 audit(1733605103.144:631): avc:  denied  { mounton } for  pid=9745 comm="syz.2.934" path="/proc/761/task" dev="proc" ino=31178 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  107.887819][ T9775] netlink: 1256 bytes leftover after parsing attributes in process `syz.4.942'.
[  107.890422][ T9775] net_ratelimit: 21 callbacks suppressed
[  107.890431][ T9775] openvswitch: netlink: Unexpected mask (mask=4, allowed=10048)
[  107.895870][ T9775] IPv6: NLM_F_CREATE should be specified when creating new route
[  107.944373][ T9779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2834 sclass=netlink_route_socket pid=9779 comm=syz.4.944
[  108.011323][   T39] audit: type=1400 audit(1733605103.324:632): avc:  denied  { create } for  pid=9785 comm="syz.5.945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  108.016633][   T39] audit: type=1400 audit(1733605103.334:633): avc:  denied  { setopt } for  pid=9785 comm="syz.5.945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  108.101281][ T9796] binder: Bad value for 'max'
[  108.123492][   T39] audit: type=1400 audit(1733605103.434:634): avc:  denied  { setopt } for  pid=9797 comm="syz.4.951" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  108.128788][   T39] audit: type=1400 audit(1733605103.434:635): avc:  denied  { execute } for  pid=9799 comm="syz.5.952" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=32093 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  108.150941][   T39] audit: type=1400 audit(1733605103.464:636): avc:  denied  { sqpoll } for  pid=9801 comm="syz.4.953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  108.210984][   T39] audit: type=1400 audit(1733605103.524:637): avc:  denied  { append } for  pid=9808 comm="syz.5.956" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  108.212822][ T9809] autofs4:pid:9809:validate_dev_ioctl: path string terminator missing for cmd(0xc018937d)
[  108.281376][    T9] hid (null): unknown global tag 0xd
[  108.282842][    T9] hid (null): bogus close delimiter
[  108.284222][    T9] hid (null): invalid report_size 34655
[  108.289865][    T9] hid-generic 0004:03FF:0004.0005: unknown main item tag 0x5
[  108.292724][    T9] hid-generic 0004:03FF:0004.0005: unknown main item tag 0x1
[  108.294738][    T9] hid-generic 0004:03FF:0004.0005: unknown global tag 0xd
[  108.297716][    T9] hid-generic 0004:03FF:0004.0005: item 0 1 1 13 parsing failed
[  108.300570][    T9] hid-generic 0004:03FF:0004.0005: probe with driver hid-generic failed with error -22
[  108.546605][ T5980] usb 10-1: new low-speed USB device number 5 using dummy_hcd
[  108.716466][ T5980] usb 10-1: Invalid ep0 maxpacket: 32
[  108.866581][ T5980] usb 10-1: new low-speed USB device number 6 using dummy_hcd
[  109.026814][ T5980] usb 10-1: Invalid ep0 maxpacket: 32
[  109.028438][ T5980] usb usb10-port1: attempt power cycle
[  109.387699][ T5980] usb 10-1: new low-speed USB device number 7 using dummy_hcd
[  109.417008][ T5980] usb 10-1: Invalid ep0 maxpacket: 32
[  109.501705][ T9895] tls_set_device_offload: netdev not found
[  109.546501][ T5951] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  109.558495][ T9900] dummy0: entered promiscuous mode
[  109.564442][ T9900] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  109.566493][ T5980] usb 10-1: new low-speed USB device number 8 using dummy_hcd
[  109.570407][ T9900] ubifs: Unknown parameter 'discard'
[  109.576976][ T9902] usb usb7: usbfs: process 9902 (syz.3.986) did not claim interface 0 before use
[  109.597407][ T5980] usb 10-1: Invalid ep0 maxpacket: 32
[  109.600423][ T5980] usb usb10-port1: unable to enumerate USB device
[  109.711999][ T9925] input: syz0 as /devices/virtual/input/input15
[  109.713684][ T9925] input: failed to attach handler leds to device input15, error: -6
[  109.907521][ T9921] xt_CT: You must specify a L4 protocol and not use inversions on it
[  110.711672][ T9966] netlink: 'syz.2.1005': attribute type 10 has an invalid length.
[  110.716214][ T9966] syz_tun: entered promiscuous mode
[  110.723638][ T9966] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  111.288336][ T9995] syz_tun: left allmulticast mode
[  111.289766][ T9995] syz_tun: left promiscuous mode
[  111.291236][ T9995] bridge0: port 3(syz_tun) entered disabled state
[  111.295691][ T9995] bridge_slave_1: left allmulticast mode
[  111.297404][ T9995] bridge_slave_1: left promiscuous mode
[  111.298933][ T9995] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.301572][ T9995] bridge_slave_0: left allmulticast mode
[  111.303081][ T9995] bridge_slave_0: left promiscuous mode
[  111.304819][ T9995] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.304923][   T39] kauditd_printk_skb: 54 callbacks suppressed
[  111.304932][   T39] audit: type=1400 audit(1733605106.614:692): avc:  denied  { ioctl } for  pid=9996 comm="syz.5.1017" path="/dev/ptyqf" dev="devtmpfs" ino=142 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  111.319965][   T39] audit: type=1400 audit(1733605106.634:693): avc:  denied  { setopt } for  pid=9996 comm="syz.5.1017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  111.320590][ T9996] delete_channel: no stack
[  111.482877][   T39] audit: type=1400 audit(1733605106.794:694): avc:  denied  { create } for  pid=10011 comm="syz.5.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  111.488000][   T39] audit: type=1400 audit(1733605106.794:695): avc:  denied  { getopt } for  pid=10011 comm="syz.5.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  111.543138][   T39] audit: type=1400 audit(1733605106.854:696): avc:  denied  { write } for  pid=10017 comm="syz.4.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  111.549768][   T39] audit: type=1400 audit(1733605106.854:697): avc:  denied  { accept } for  pid=10017 comm="syz.4.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  111.561971][   T39] audit: type=1400 audit(1733605106.864:698): avc:  denied  { accept } for  pid=10017 comm="syz.4.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  111.586954][   T39] audit: type=1400 audit(1733605106.894:699): avc:  denied  { create } for  pid=10023 comm="syz.5.1026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  111.617044][T10033] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  111.641884][   T39] audit: type=1400 audit(1733605106.954:700): avc:  denied  { mounton } for  pid=10032 comm="syz.3.1029" path="/257/file0" dev="ramfs" ino=31548 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  111.688773][   T39] audit: type=1400 audit(1733605107.004:701): avc:  denied  { sys_ptrace } for  pid=10023 comm="syz.5.1026" capability=19  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  112.283840][T10140] trusted_key: encrypted_key: hex blob is missing
[  112.350796][T10151] __nla_validate_parse: 45 callbacks suppressed
[  112.350807][T10151] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1066'.
[  112.619552][   T69] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  112.773064][T10193] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  112.775367][T10193] overlayfs: missing 'lowerdir'
[  112.777899][   T69] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.780595][   T69] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.783071][   T69] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  112.786263][   T69] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  112.788606][   T69] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.791493][   T69] usb 10-1: config 0 descriptor??
[  112.976444][   T30] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  113.126452][   T30] usb 7-1: Using ep0 maxpacket: 8
[  113.128934][   T30] usb 7-1: config 129 has an invalid interface number: 95 but max is 3
[  113.131238][   T30] usb 7-1: config 129 contains an unexpected descriptor of type 0x2, skipping
[  113.133441][   T30] usb 7-1: config 129 has an invalid interface number: 190 but max is 3
[  113.135529][   T30] usb 7-1: config 129 has an invalid interface number: 20 but max is 3
[  113.137751][   T30] usb 7-1: config 129 has an invalid interface number: 55 but max is 3
[  113.139831][   T30] usb 7-1: config 129 has an invalid interface number: 68 but max is 3
[  113.141921][   T30] usb 7-1: config 129 has 5 interfaces, different from the descriptor's value: 4
[  113.144179][   T30] usb 7-1: config 129 has no interface number 0
[  113.145763][   T30] usb 7-1: config 129 has no interface number 1
[  113.147448][   T30] usb 7-1: config 129 has no interface number 2
[  113.149018][   T30] usb 7-1: config 129 has no interface number 3
[  113.150718][   T30] usb 7-1: config 129 has no interface number 4
[  113.152302][   T30] usb 7-1: config 129 interface 95 altsetting 9 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  113.155086][   T30] usb 7-1: config 129 interface 190 altsetting 2 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  113.157944][   T30] usb 7-1: config 129 interface 190 altsetting 2 endpoint 0xE has an invalid bInterval 246, changing to 11
[  113.160761][   T30] usb 7-1: config 129 interface 190 altsetting 2 has a duplicate endpoint with address 0x5, skipping
[  113.163421][   T30] usb 7-1: config 129 interface 190 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 6
[  113.166754][   T30] usb 7-1: too many endpoints for config 129 interface 20 altsetting 144: 226, using maximum allowed: 30
[  113.169656][   T30] usb 7-1: config 129 interface 20 altsetting 144 has 3 endpoint descriptors, different from the interface descriptor's value: 226
[  113.172952][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  113.175695][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x8, skipping
[  113.178520][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  113.181509][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0xE, skipping
[  113.184670][   T30] usb 7-1: config 129 interface 55 altsetting 2 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  113.187617][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x8, skipping
[  113.190392][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x9, skipping
[  113.193158][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x8, skipping
[  113.195929][   T30] usb 7-1: config 129 interface 55 altsetting 2 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  113.197960][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.198827][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x1, skipping
[  113.200762][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.203349][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[  113.203364][   T30] usb 7-1: config 129 interface 55 altsetting 2 has a duplicate endpoint with address 0x9, skipping
[  113.203384][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x1, skipping
[  113.205775][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.207916][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x5, skipping
[  113.207930][   T30] usb 7-1: config 129 interface 68 altsetting 11 has an endpoint descriptor with address 0x47, changing to 0x7
[  113.207944][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x7, skipping
[  113.207955][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x9, skipping
[  113.210733][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.213488][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x9, skipping
[  113.213502][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x1, skipping
[  113.213514][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x8, skipping
[  113.215379][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.218389][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0xB, skipping
[  113.221246][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.224025][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x4, skipping
[  113.226822][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.226837][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.226849][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.226861][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.228739][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0xA, skipping
[  113.231540][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.234274][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0xE, skipping
[  113.237125][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.239084][   T30] usb 7-1: config 129 interface 68 altsetting 11 endpoint 0xD has invalid maxpacket 512, setting to 64
[  113.241844][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.243763][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0xE, skipping
[  113.246646][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.248426][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x2, skipping
[  113.250308][   T69] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  113.252218][   T30] usb 7-1: config 129 interface 68 altsetting 11 has an endpoint descriptor with address 0xCA, changing to 0x8A
[  113.254312][   T69] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  113.256927][   T30] usb 7-1: config 129 interface 68 altsetting 11 endpoint 0x8A has an invalid bInterval 111, changing to 10
[  113.256944][   T30] usb 7-1: config 129 interface 68 altsetting 11 endpoint 0x8A has invalid maxpacket 18221, setting to 1024
[  113.268735][   T69] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  113.271087][   T30] usb 7-1: config 129 interface 68 altsetting 11 has a duplicate endpoint with address 0x4, skipping
[  113.294544][   T30] usb 7-1: config 129 interface 68 altsetting 11 bulk endpoint 0x6 has invalid maxpacket 64
[  113.297498][   T30] usb 7-1: config 129 interface 68 altsetting 11 has 17 endpoint descriptors, different from the interface descriptor's value: 15
[  113.300926][   T30] usb 7-1: config 129 interface 95 has no altsetting 0
[  113.302635][   T30] usb 7-1: config 129 interface 190 has no altsetting 0
[  113.304355][   T30] usb 7-1: config 129 interface 20 has no altsetting 0
[  113.306125][   T30] usb 7-1: config 129 interface 55 has no altsetting 0
[  113.308080][   T30] usb 7-1: config 129 interface 68 has no altsetting 0
[  113.311225][   T30] usb 7-1: Dual-Role OTG device on HNP port
[  113.313020][   T30] usb 7-1: New USB device found, idVendor=13fd, idProduct=3609, bcdDevice= 2.09
[  113.315437][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.317776][   T30] usb 7-1: Product: ఌ
[  113.318943][   T30] usb 7-1: Manufacturer: 蕴؜	ᶱܟ⽑䧟樃⯱ᚎＷ퐻윘鷀
[  113.321113][   T30] usb 7-1: SerialNumber: 、
[  113.532432][T10192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1079'.
[  113.540760][   T30] usb-storage 7-1:129.95: USB Mass Storage device detected
[  113.547807][   T30] usb-storage 7-1:129.95: Quirks match for vid 13fd pid 3609: 20
[  113.600045][   T30] usb-storage 7-1:129.190: USB Mass Storage device detected
[  113.613964][   T30] usb-storage 7-1:129.190: Quirks match for vid 13fd pid 3609: 20
[  113.676270][   T30] usb-storage 7-1:129.20: USB Mass Storage device detected
[  113.690085][   T30] usb-storage 7-1:129.20: Quirks match for vid 13fd pid 3609: 20
[  113.747210][   T30] usb-storage 7-1:129.55: USB Mass Storage device detected
[  113.760947][   T30] usb-storage 7-1:129.55: Quirks match for vid 13fd pid 3609: 20
[  113.811034][T10229] usb 10-1: language id specifier not provided by device, defaulting to English
[  113.835653][   T30] usb-storage 7-1:129.68: USB Mass Storage device detected
[  113.838500][   T30] usb-storage 7-1:129.68: Quirks match for vid 13fd pid 3609: 20
[  113.897271][   T30] usb 7-1: USB disconnect, device number 6
[  113.903059][ T5943] udevd[5943]: setting mode of /dev/bus/usb/007/006 to 020664 failed: No such file or directory
[  113.905722][ T5943] udevd[5943]: setting owner of /dev/bus/usb/007/006 to uid=0, gid=0 failed: No such file or directory
[  114.032440][T10246] uprobe: syz.4.1091:10246 failed to unregister, leaking uprobe
[  114.068652][   T69] usb 10-1: USB disconnect, device number 9
[  114.276312][ T5944] block nbd2: Receive control failed (result -107)
[  114.336464][T10266] syz.2.1097: attempt to access beyond end of device
[  114.336464][T10266] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  114.340509][T10266] syz.2.1097: attempt to access beyond end of device
[  114.340509][T10266] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  114.343882][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  114.346600][T10271] nbd2: detected capacity change from 0 to 8589934592
[  114.352407][T10266] block nbd2: Dead connection, failed to find a fallback
[  114.355668][T10266] block nbd2: shutting down sockets
[  114.356496][ T5943] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.357309][T10266] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.359507][ T5943] Buffer I/O error on dev nbd2, logical block 0, async page read
[  114.359688][ T5943] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.362713][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  114.364885][ T5943] Buffer I/O error on dev nbd2, logical block 1, async page read
[  114.371353][ T5943] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.374257][ T5943] Buffer I/O error on dev nbd2, logical block 2, async page read
[  114.379239][ T5943] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.383913][ T5943] Buffer I/O error on dev nbd2, logical block 3, async page read
[  114.392089][T10266] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.395412][T10266] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.397152][ T5943] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.399056][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  114.405694][T10266] I/O error, dev nbd2, sector 8589934588 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.406058][ T5943] Buffer I/O error on dev nbd2, logical block 0, async page read
[  114.411457][ T5943] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  114.413792][ T5943] Buffer I/O error on dev nbd2, logical block 1, async page read
[  114.415958][ T5943] Buffer I/O error on dev nbd2, logical block 0, async page read
[  114.415991][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483647, location=2147483647
[  114.418241][ T5943] Buffer I/O error on dev nbd2, logical block 1, async page read
[  114.423857][ T5943] Buffer I/O error on dev nbd2, logical block 0, async page read
[  114.424256][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483391, location=2147483391
[  114.425764][ T5943] Buffer I/O error on dev nbd2, logical block 1, async page read
[  114.430053][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483646, location=2147483646
[  114.431642][ T5943] ldm_validate_partition_table(): Disk read failed.
[  114.431801][T10285] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1101'.
[  114.434895][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483390, location=2147483390
[  114.437152][ T5943] Dev nbd2: unable to read RDB block 0
[  114.440095][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483645, location=2147483645
[  114.441639][ T5943]  nbd2: unable to read partition table
[  114.442939][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483389, location=2147483389
[  114.450114][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483497, location=2147483497
[  114.451299][ T5943] ldm_validate_partition_table(): Disk read failed.
[  114.453115][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483241, location=2147483241
[  114.454942][ T5943] Dev nbd2: unable to read RDB block 0
[  114.458640][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483495, location=2147483495
[  114.460062][ T5943]  nbd2: unable to read partition table
[  114.462309][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2147483239, location=2147483239
[  114.467148][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  114.470171][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  114.473190][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741823, location=1073741823
[  114.476030][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741567, location=1073741567
[  114.479255][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741822, location=1073741822
[  114.482094][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741566, location=1073741566
[  114.484955][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741821, location=1073741821
[  114.489656][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741565, location=1073741565
[  114.492492][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741673, location=1073741673
[  114.495351][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741417, location=1073741417
[  114.498523][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741671, location=1073741671
[  114.501508][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1073741415, location=1073741415
[  114.504401][T10266] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  114.507194][T10266] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  114.599110][T10299] tipc: Started in network mode
[  114.600432][T10299] tipc: Node identity 4, cluster identity 4711
[  114.602025][T10299] tipc: Node number set to 4
[  114.640508][T10309] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1110'.
[  114.642899][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1110'.
[  114.662479][T10310] syz.2.1107: attempt to access beyond end of device
[  114.662479][T10310] sr0: rw=0, sector=4, nr_sectors = 4 limit=0
[  114.666275][T10310] vxfs: unable to read disk superblock at 1
[  114.669488][T10310] syz.2.1107: attempt to access beyond end of device
[  114.669488][T10310] sr0: rw=0, sector=32, nr_sectors = 4 limit=0
[  114.673480][T10310] vxfs: unable to read disk superblock at 8
[  114.675551][T10310] vxfs: can't find superblock.
[  114.685964][T10312] "syz.4.1111" (10312) uses obsolete ecb(arc4) skcipher
[  114.876470][ T1332] usb 10-1: new low-speed USB device number 10 using dummy_hcd
[  114.886694][T10323] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1116'.
[  115.028147][ T1332] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  115.030139][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  115.032928][ T1332] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.035921][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  115.038883][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  115.042430][ T1332] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  115.044415][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  115.047246][ T1332] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.050453][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  115.053328][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  115.059940][ T1332] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  115.061888][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  115.064597][ T1332] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  115.067645][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  115.070500][ T1332] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  115.075355][ T1332] usb 10-1: string descriptor 0 read error: -22
[  115.077112][ T1332] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  115.079468][ T1332] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.084121][ T1332] adutux 10-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  115.542692][T10332] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1119'.
[  115.598406][T10337] overlayfs: failed to clone upperpath
[  115.710098][T10347] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1125'.
[  115.763384][T10349] tmpfs: Bad value for 'mpol'
[  115.862254][T10356] syz_tun: left promiscuous mode
[  115.865892][T10356] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.869198][T10356] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.875635][T10356] bridge0: left promiscuous mode
[  115.877749][T10356] bridge0: left allmulticast mode
[  115.881015][T10362] overlayfs: conflicting lowerdir path
[  116.054500][T10356] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.056955][T10356] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.060344][T10356] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.063358][T10356] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.074574][T10356] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  116.151247][T10371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1133'.
[  116.217567][T10377] ip6t_srh: unknown srh match flags  4000
[  116.224033][T10377] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1136'.
[  116.274943][T10381] tmpfs: Unknown parameter 'usrquota����ڬ��dƤ����ݡ�����
[  116.274943][T10381] 
'
[  116.353252][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  116.353263][   T39] audit: type=1400 audit(1733605111.664:714): avc:  denied  { write } for  pid=10376 comm="syz.3.1136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  116.362665][T10389] overlayfs: missing 'lowerdir'
[  116.412326][T10392] bond0: Unable to set down delay as MII monitoring is disabled
[  116.414344][T10391] bond0: Unable to set down delay as MII monitoring is disabled
[  116.616483][ T5979] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  116.778499][ T5979] usb 7-1: not running at top speed; connect to a high speed hub
[  116.781425][ T5979] usb 7-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  116.784174][ T5979] usb 7-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  116.787507][ T5979] usb 7-1: config 1 interface 0 has no altsetting 0
[  116.790739][ T5979] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  116.792929][ T5979] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.794892][ T5979] usb 7-1: Product: 譼㌷ਲ਼䪄廒僸헎蒃˩餜䜇辽䃄칮Ӹ薅눗◔㧦沈눷鋱貎똈ষ䀹鄔輕䥊輄ⴷ㾲뫀侟辒ኙ곴䎚젳欳䍫㛺㽕達낭暵扎᜴￈닕꼠ㆿ껻⑱䷞魨
[  116.799851][ T5979] usb 7-1: Manufacturer: ᐉ
[  116.801022][ T5979] usb 7-1: SerialNumber: 韲첁᭙䊮铼蒊䛠ꠠ⃎ྕ纓攢ꙁĉ◓㹒Ꮪ褕Ҿ䥂吃琏鵐⑯鍞繑ꎕᶆ细榐
[  116.806526][T10389] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  117.013746][ T5979] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  117.018213][ T5979] usb 7-1: USB disconnect, device number 7
[  117.191887][   T39] audit: type=1400 audit(1733605112.504:715): avc:  denied  { bind } for  pid=10417 comm="syz.3.1151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  117.221072][T10419] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.298392][T10419] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.350900][T10419] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.400259][T10419] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.465553][T10419] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.471418][T10419] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.478137][T10419] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.485238][T10419] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.585409][   T39] audit: type=1400 audit(1733605112.894:716): avc:  denied  { map } for  pid=10435 comm="syz.2.1156" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  117.616931][T10440] CUSE: unknown device info "0 bits_offset"
[  117.619253][T10440] CUSE: unknown device info ".�"
[  117.621030][T10440] CUSE: DEVNAME unspecified
[  117.622919][T10440] Driver unsupported XDP return value 0 on prog  (id 223) dev N/A, expect packet loss!
[  117.643420][ T1332] usb 10-1: USB disconnect, device number 10
[  117.709673][T10457] ipvlan2: entered promiscuous mode
[  117.749776][T10464] xt_hashlimit: size too large, truncated to 1048576
[  117.863256][T10479] __nla_validate_parse: 3 callbacks suppressed
[  117.863276][T10479] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1168'.
[  117.950061][   T39] audit: type=1326 audit(1733605113.264:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10484 comm="syz.4.1171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7fc00000
[  118.086160][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.089365][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.091794][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.094217][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.099049][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.101098][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.103121][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.105103][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.107515][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.109886][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.111899][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.113858][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.115843][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.118134][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.120109][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.122071][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.124050][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.126030][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.128303][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.130285][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.132274][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.134374][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.136364][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.138685][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.140662][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.142642][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.144611][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.146883][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.148903][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.150891][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.152874][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.154938][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.157090][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.159230][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.161207][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.163225][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.165315][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.167438][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.169425][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.171430][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.173543][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.175554][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.177752][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.179742][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.182061][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.184365][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.186329][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.188497][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.190635][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.192647][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.194733][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.196907][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.199088][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.201047][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.203065][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.205317][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.207359][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.209370][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.211451][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.213647][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.215641][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.217849][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.219897][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.221870][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.224170][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.226129][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.228366][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.230664][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.232609][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.234598][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.236858][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.238992][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.241231][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.243271][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.245262][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: unknown main item tag 0x0
[  118.249565][ T5981] hid-generic 0000:FFFFFFFC:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  118.335794][T10520] batadv_slave_1: entered promiscuous mode
[  118.339480][T10519] batadv_slave_1: left promiscuous mode
[  118.370553][T10522] netlink: 1280 bytes leftover after parsing attributes in process `syz.2.1184'.
[  118.373563][T10522] openvswitch: netlink: Flow actions attr not present in new flow.
[  118.422644][T10524] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  118.425352][T10524] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  118.427904][T10524] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  118.430174][T10524] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  118.515642][T10526] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  118.518271][T10526] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  118.853556][T10541] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  118.983598][T10555] overlayfs: failed to resolve './file1': -2
[  119.013728][T10558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1196'.
[  119.019219][T10558] nbd: must specify a size in bytes for the device
[  119.121667][   T39] audit: type=1400 audit(1733605114.434:718): avc:  denied  { bind } for  pid=10566 comm="syz.3.1200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  119.127093][   T39] audit: type=1400 audit(1733605114.434:719): avc:  denied  { write } for  pid=10566 comm="syz.3.1200" path="socket:[34619]" dev="sockfs" ino=34619 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  119.188741][T10571] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10571 comm=syz.4.1203
[  119.254452][T10579] bridge2: entered promiscuous mode
[  119.313537][T10583] bond0: (slave batadv0): Releasing backup interface
[  119.324945][T10583] bridge_slave_0: left allmulticast mode
[  119.335773][T10583] bridge_slave_0: left promiscuous mode
[  119.341421][T10583] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.352309][T10583] bridge_slave_1: left allmulticast mode
[  119.354982][T10583] bridge_slave_1: left promiscuous mode
[  119.358824][T10583] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.363256][T10593] netlink: 'syz.4.1209': attribute type 10 has an invalid length.
[  119.379947][T10583] bond0: (slave bond_slave_0): Releasing backup interface
[  119.400463][T10583] bond0: (slave bond_slave_1): Releasing backup interface
[  119.411833][T10583] team0: Port device team_slave_0 removed
[  119.449024][T10583] team0: Port device team_slave_1 removed
[  119.450859][T10583] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.452831][T10583] batman_adv: batadv0: Removing interface: batadv_slave_0
[  119.457852][T10583] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  119.460196][T10583] batman_adv: batadv0: Removing interface: batadv_slave_1
[  119.480124][T10589] team0: Mode changed to "loadbalance"
[  119.482057][T10591] infiniband syz0: set active
[  119.516832][T10593] syz_tun: entered promiscuous mode
[  119.521156][T10593] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  119.529711][   T39] audit: type=1400 audit(1733605114.844:720): avc:  denied  { rename } for  pid=10600 comm="syz.2.1213" name="file0" dev="9p" ino=36449082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  119.535812][   T39] audit: type=1400 audit(1733605114.844:721): avc:  denied  { unlink } for  pid=10600 comm="syz.2.1213" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=36449030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  119.590516][   T39] audit: type=1400 audit(1733605114.904:722): avc:  denied  { associate } for  pid=10611 comm="syz.4.1216" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[  119.678407][T10622] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1220'.
[  119.792017][T10627] overlayfs: failed to resolve './file1': -2
[  119.794289][T10620] overlayfs: failed to resolve './file1': -2
[  119.886716][ T5981] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  119.940532][T10638] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1224'.
[  119.995079][T10640] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1225'.
[  120.066555][ T5981] usb 7-1: Using ep0 maxpacket: 8
[  120.071528][ T5981] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  120.073823][ T5981] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  120.076724][ T5981] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  120.079453][ T5981] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  120.082195][ T5981] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  120.085720][ T5981] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  120.088413][ T5981] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.187378][T10651] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1228'.
[  120.219518][T10653] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1229'.
[  120.278339][T10657] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1231'.
[  120.293441][ T5981] usb 7-1: usb_control_msg returned -32
[  120.295525][ T5981] usbtmc 7-1:16.0: can't read capabilities
[  120.636570][T10684] syz0: rxe_newlink: already configured on bond0
[  120.640185][T10684] smc: removing ib device syz1
[  120.649275][T10685] usbtmc 7-1:16.0: usbtmc_ioctl_request failed -32
[  120.652261][   T39] audit: type=1400 audit(1733605115.964:723): avc:  denied  { write } for  pid=10615 comm="syz.2.1214" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  120.701417][T10690] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1241'.
[  120.748193][ T5944] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  120.750473][ T5944] Bluetooth: hci1: Injecting HCI hardware error event
[  120.753621][ T5951] Bluetooth: hci1: hardware error 0x00
[  121.208598][T10711] sg_write: data in/out 1633771837/114 bytes for SCSI command 0x61-- guessing data in;
[  121.208598][T10711]    program syz.5.1248 not setting count and/or reply_len properly
[  121.424700][T10730] qnx4: no qnx4 filesystem (no root dir).
[  121.448587][T10733] tmpfs: Bad value for 'mpol'
[  122.439982][ T8586] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.442833][ T8586] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.447529][T10750] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.632315][   T69] usb 7-1: USB disconnect, device number 8
[  122.649741][T10753] tmpfs: Bad value for 'huge'
[  122.731554][T10755] nbd: couldn't find a device at index 127
[  122.772532][T10757] qnx4: no qnx4 filesystem (no root dir).
[  122.777813][   T39] audit: type=1326 audit(1733605118.094:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.785870][   T39] audit: type=1326 audit(1733605118.094:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.793787][   T39] audit: type=1326 audit(1733605118.094:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.801948][   T39] audit: type=1326 audit(1733605118.094:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.810110][   T39] audit: type=1326 audit(1733605118.094:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.817143][ T5951] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  122.819585][   T39] audit: type=1326 audit(1733605118.094:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.825478][   T39] audit: type=1326 audit(1733605118.094:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.832044][   T39] audit: type=1326 audit(1733605118.094:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  122.842128][   T39] audit: type=1326 audit(1733605118.094:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  122.850654][   T39] audit: type=1326 audit(1733605118.094:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10756 comm="syz.2.1264" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6c4817fed9 code=0x7ffc0000
[  123.005149][T10761] /dev/sr0: Can't open blockdev
[  123.131644][T10788] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  123.133999][T10788] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  123.138363][T10788] vhci_hcd vhci_hcd.0: Device attached
[  123.163616][T10793] __nla_validate_parse: 1 callbacks suppressed
[  123.163627][T10793] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1277'.
[  123.168385][T10784] netlink: 'syz.3.1274': attribute type 30 has an invalid length.
[  123.234367][T10789] usbip_core: unknown command
[  123.235671][T10789] vhci_hcd: unknown pdu 100663296
[  123.237234][T10789] usbip_core: unknown command
[  123.239872][ T8596] vhci_hcd: stop threads
[  123.241007][ T8596] vhci_hcd: release socket
[  123.242144][ T8596] vhci_hcd: disconnect device
[  123.259444][T10802] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1281'.
[  123.363013][T10817] FAULT_INJECTION: forcing a failure.
[  123.363013][T10817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.366924][T10817] CPU: 0 UID: 0 PID: 10817 Comm: syz.3.1285 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  123.370375][T10817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.373183][T10817] Call Trace:
[  123.374058][T10817]  <TASK>
[  123.374845][T10817]  dump_stack_lvl+0x16c/0x1f0
[  123.376082][T10817]  should_fail_ex+0x497/0x5b0
[  123.377706][T10817]  _copy_from_user+0x2e/0xd0
[  123.379219][T10817]  copy_msghdr_from_user+0x99/0x160
[  123.380578][T10817]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  123.382110][T10817]  ___sys_sendmsg+0xff/0x1e0
[  123.383327][T10817]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.384669][T10817]  ? __pfx_lock_release+0x10/0x10
[  123.385965][T10817]  ? trace_lock_acquire+0x14e/0x1f0
[  123.387414][T10817]  ? __fget_files+0x206/0x3a0
[  123.388629][T10817]  __sys_sendmsg+0x16e/0x220
[  123.389765][T10817]  ? __pfx___sys_sendmsg+0x10/0x10
[  123.391070][T10817]  do_syscall_64+0xcd/0x250
[  123.392240][T10817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.393684][T10817] RIP: 0033:0x7fc41457fed9
[  123.394809][T10817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.399702][T10817] RSP: 002b:00007fc415313058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.401879][T10817] RAX: ffffffffffffffda RBX: 00007fc414745fa0 RCX: 00007fc41457fed9
[  123.403919][T10817] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003
[  123.405947][T10817] RBP: 00007fc4153130a0 R08: 0000000000000000 R09: 0000000000000000
[  123.408047][T10817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.410102][T10817] R13: 0000000000000000 R14: 00007fc414745fa0 R15: 00007fff698f7118
[  123.412107][T10817]  </TASK>
[  123.460783][T10822] binder: BINDER_SET_CONTEXT_MGR already set
[  123.462438][T10822] binder: 10820:10822 ioctl 4018620d 20000040 returned -16
[  123.476619][ T1995] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  123.479276][T10825] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1289'.
[  123.636438][ T1995] usb 10-1: Using ep0 maxpacket: 8
[  123.639144][ T1995] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  123.641320][ T1995] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  123.643855][ T1995] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  123.646356][ T1995] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  123.649002][ T1995] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  123.652328][ T1995] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  123.654966][ T1995] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.863053][ T1995] usb 10-1: usb_control_msg returned -32
[  123.864561][ T1995] usbtmc 10-1:16.0: can't read capabilities
[  124.353142][T10857] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1301'.
[  124.377134][T10859] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  124.382822][T10861] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1302'.
[  124.510706][T10878] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  124.513009][T10878] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  124.614095][T10888] netlink: 'syz.4.1312': attribute type 29 has an invalid length.
[  124.617572][T10888] netlink: 'syz.4.1312': attribute type 29 has an invalid length.
[  124.620008][T10888] netlink: 500 bytes leftover after parsing attributes in process `syz.4.1312'.
[  124.715447][T10893] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1316'.
[  124.777481][T10895] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.782085][ T8595] Bluetooth: hci4: Frame reassembly failed (-84)
[  125.055476][T10902] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=45 sclass=netlink_audit_socket pid=10902 comm=syz.2.1319
[  125.272626][T10915] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1325'.
[  125.371495][T10917] netlink: 'syz.2.1326': attribute type 9 has an invalid length.
[  125.378941][T10917] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20003 - 0
[  125.382271][T10917] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20003 - 0
[  125.385296][T10917] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20003 - 0
[  125.388610][T10917] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20003 - 0
[  125.391629][T10917] geneve2: entered promiscuous mode
[  125.393430][T10917] geneve2: entered allmulticast mode
[  125.764204][T10943] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1336'.
[  125.840743][T10950] Bluetooth: MGMT ver 1.23
[  125.871026][T10953] xt_hashlimit: size too large, truncated to 1048576
[  126.219648][ T1022] usb 10-1: USB disconnect, device number 11
[  126.266972][T10959] xt_NFQUEUE: number of total queues is 0
[  126.414599][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1341'.
[  126.614099][T10973] FAULT_INJECTION: forcing a failure.
[  126.614099][T10973] name failslab, interval 1, probability 0, space 0, times 0
[  126.619622][T10973] CPU: 1 UID: 0 PID: 10973 Comm: syz.5.1344 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  126.623229][T10973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.626840][T10973] Call Trace:
[  126.627915][T10973]  <TASK>
[  126.628836][T10973]  dump_stack_lvl+0x16c/0x1f0
[  126.630294][T10973]  should_fail_ex+0x497/0x5b0
[  126.631863][T10973]  should_failslab+0xc2/0x120
[  126.633505][T10973]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  126.635321][T10973]  ? skb_clone+0x190/0x3f0
[  126.636893][T10973]  skb_clone+0x190/0x3f0
[  126.638491][T10973]  netlink_deliver_tap+0xabd/0xd30
[  126.640247][T10973]  netlink_unicast+0x5e1/0x7f0
[  126.641889][T10973]  ? __pfx_netlink_unicast+0x10/0x10
[  126.643682][T10973]  netlink_sendmsg+0x8b8/0xd70
[  126.645335][T10973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.647214][T10973]  ____sys_sendmsg+0xaaf/0xc90
[  126.648888][T10973]  ? copy_msghdr_from_user+0x10b/0x160
[  126.650838][T10973]  ? __pfx_____sys_sendmsg+0x10/0x10
[  126.652754][T10973]  ___sys_sendmsg+0x135/0x1e0
[  126.654461][T10973]  ? __pfx____sys_sendmsg+0x10/0x10
[  126.656318][T10973]  ? __pfx_lock_release+0x10/0x10
[  126.658126][T10973]  ? trace_lock_acquire+0x14e/0x1f0
[  126.659974][T10973]  ? __fget_files+0x206/0x3a0
[  126.661623][T10973]  __sys_sendmsg+0x16e/0x220
[  126.663245][T10973]  ? __pfx___sys_sendmsg+0x10/0x10
[  126.665047][T10973]  do_syscall_64+0xcd/0x250
[  126.666671][T10973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.668692][T10973] RIP: 0033:0x7f11e7d7fed9
[  126.670186][T10973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.676567][T10973] RSP: 002b:00007f11e8bbc058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.679330][T10973] RAX: ffffffffffffffda RBX: 00007f11e7f45fa0 RCX: 00007f11e7d7fed9
[  126.681982][T10973] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003
[  126.684790][T10973] RBP: 00007f11e8bbc0a0 R08: 0000000000000000 R09: 0000000000000000
[  126.687460][T10973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.690139][T10973] R13: 0000000000000000 R14: 00007f11e7f45fa0 R15: 00007ffff65b8158
[  126.692901][T10973]  </TASK>
[  126.816527][ T5944] Bluetooth: hci4: command 0x1003 tx timeout
[  126.820712][ T5951] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  126.875132][T10984] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  126.881701][T10984] netlink: 'syz.3.1348': attribute type 20 has an invalid length.
[  127.056186][T11004] FAULT_INJECTION: forcing a failure.
[  127.056186][T11004] name failslab, interval 1, probability 0, space 0, times 0
[  127.061266][T11004] CPU: 1 UID: 0 PID: 11004 Comm: syz.2.1354 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  127.065111][T11004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.068906][T11004] Call Trace:
[  127.069792][T11004]  <TASK>
[  127.070554][T11004]  dump_stack_lvl+0x16c/0x1f0
[  127.071734][T11004]  should_fail_ex+0x497/0x5b0
[  127.072923][T11004]  ? fs_reclaim_acquire+0xae/0x150
[  127.074257][T11004]  should_failslab+0xc2/0x120
[  127.075560][T11004]  __kmalloc_noprof+0xcb/0x510
[  127.076784][T11004]  ? __asan_memset+0x23/0x50
[  127.077912][T11004]  taprio_init+0x319/0x940
[  127.079145][T11004]  ? __pfx_taprio_init+0x10/0x10
[  127.080418][T11004]  ? __pfx_taprio_init+0x10/0x10
[  127.081695][T11004]  qdisc_create+0x4f1/0x1100
[  127.083025][T11004]  ? __pfx_qdisc_create+0x10/0x10
[  127.084661][T11004]  tc_modify_qdisc+0x4d8/0x1c40
[  127.086315][T11004]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  127.087672][T11004]  ? rtnetlink_rcv_msg+0x372/0xea0
[  127.089007][T11004]  ? trace_lock_acquire+0x14e/0x1f0
[  127.090308][T11004]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  127.091650][T11004]  rtnetlink_rcv_msg+0x3c7/0xea0
[  127.092925][T11004]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  127.094586][T11004]  ? __pfx___lock_acquire+0x10/0x10
[  127.096381][T11004]  ? __pfx___lock_acquire+0x10/0x10
[  127.098153][T11004]  ? __pfx_sock_has_perm+0x10/0x10
[  127.099974][T11004]  ? __lock_acquire+0xcc5/0x3c40
[  127.101714][T11004]  netlink_rcv_skb+0x16b/0x440
[  127.103394][T11004]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  127.105248][T11004]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  127.107091][T11004]  ? netlink_deliver_tap+0x1ae/0xd30
[  127.108981][T11004]  netlink_unicast+0x53c/0x7f0
[  127.110184][T11004]  ? __pfx_netlink_unicast+0x10/0x10
[  127.111513][T11004]  netlink_sendmsg+0x8b8/0xd70
[  127.112693][T11004]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.114377][T11004]  ____sys_sendmsg+0xaaf/0xc90
[  127.115939][T11004]  ? copy_msghdr_from_user+0x10b/0x160
[  127.117288][T11004]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.118674][T11004]  ___sys_sendmsg+0x135/0x1e0
[  127.119871][T11004]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.121136][T11004]  ? __pfx_lock_release+0x10/0x10
[  127.122433][T11004]  ? trace_lock_acquire+0x14e/0x1f0
[  127.124184][T11004]  ? __fget_files+0x206/0x3a0
[  127.125423][T11004]  __sys_sendmsg+0x16e/0x220
[  127.126660][T11004]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.127982][T11004]  do_syscall_64+0xcd/0x250
[  127.129118][T11004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.130627][T11004] RIP: 0033:0x7f6c4817fed9
[  127.132038][T11004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.138829][T11004] RSP: 002b:00007f6c48ea1058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.141770][T11004] RAX: ffffffffffffffda RBX: 00007f6c48345fa0 RCX: 00007f6c4817fed9
[  127.144755][T11004] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003
[  127.147522][T11004] RBP: 00007f6c48ea10a0 R08: 0000000000000000 R09: 0000000000000000
[  127.150343][T11004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.153214][T11004] R13: 0000000000000000 R14: 00007f6c48345fa0 R15: 00007ffeee574568
[  127.155612][T11004]  </TASK>
[  127.242707][T11021] netlink: 'syz.2.1360': attribute type 1 has an invalid length.
[  127.421336][T11039] FAULT_INJECTION: forcing a failure.
[  127.421336][T11039] name failslab, interval 1, probability 0, space 0, times 0
[  127.425011][T11039] CPU: 0 UID: 0 PID: 11039 Comm: syz.2.1367 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  127.427692][T11039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  127.430374][T11039] Call Trace:
[  127.431238][T11039]  <TASK>
[  127.432006][T11039]  dump_stack_lvl+0x16c/0x1f0
[  127.433221][T11039]  should_fail_ex+0x497/0x5b0
[  127.434401][T11039]  ? fs_reclaim_acquire+0xae/0x150
[  127.435704][T11039]  should_failslab+0xc2/0x120
[  127.436917][T11039]  __kmalloc_node_noprof+0xd1/0x510
[  127.438253][T11039]  ? qdisc_alloc+0xbb/0xc50
[  127.439435][T11039]  qdisc_alloc+0xbb/0xc50
[  127.440562][T11039]  ? trace_kmalloc+0x2d/0xd0
[  127.441709][T11039]  ? __kmalloc_noprof+0x23b/0x510
[  127.443489][T11039]  qdisc_create_dflt+0x73/0x430
[  127.445080][T11039]  taprio_init+0x4b3/0x940
[  127.446419][T11039]  ? __pfx_taprio_init+0x10/0x10
[  127.448100][T11039]  ? __pfx_taprio_init+0x10/0x10
[  127.449579][T11039]  qdisc_create+0x4f1/0x1100
[  127.451131][T11039]  ? __pfx_qdisc_create+0x10/0x10
[  127.452576][T11039]  tc_modify_qdisc+0x4d8/0x1c40
[  127.454157][T11039]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  127.455919][T11039]  ? rtnetlink_rcv_msg+0x372/0xea0
[  127.457644][T11039]  ? trace_lock_acquire+0x14e/0x1f0
[  127.459357][T11039]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  127.461135][T11039]  rtnetlink_rcv_msg+0x3c7/0xea0
[  127.462759][T11039]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  127.464598][T11039]  ? __pfx___lock_acquire+0x10/0x10
[  127.466151][T11039]  ? __pfx___lock_acquire+0x10/0x10
[  127.467870][T11039]  ? __pfx_sock_has_perm+0x10/0x10
[  127.469460][T11039]  ? __lock_acquire+0xcc5/0x3c40
[  127.470715][T11039]  netlink_rcv_skb+0x16b/0x440
[  127.472094][T11039]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  127.473873][T11039]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  127.475224][T11039]  ? netlink_deliver_tap+0x1ae/0xd30
[  127.476506][T11039]  netlink_unicast+0x53c/0x7f0
[  127.477719][T11039]  ? __pfx_netlink_unicast+0x10/0x10
[  127.479049][T11039]  netlink_sendmsg+0x8b8/0xd70
[  127.480255][T11039]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.481564][T11039]  ____sys_sendmsg+0xaaf/0xc90
[  127.482794][T11039]  ? copy_msghdr_from_user+0x10b/0x160
[  127.484127][T11039]  ? __pfx_____sys_sendmsg+0x10/0x10
[  127.485513][T11039]  ___sys_sendmsg+0x135/0x1e0
[  127.487070][T11039]  ? __pfx____sys_sendmsg+0x10/0x10
[  127.488575][T11039]  ? __pfx_lock_release+0x10/0x10
[  127.489833][T11039]  ? trace_lock_acquire+0x14e/0x1f0
[  127.491198][T11039]  ? __fget_files+0x206/0x3a0
[  127.492785][T11039]  __sys_sendmsg+0x16e/0x220
[  127.494128][T11039]  ? __pfx___sys_sendmsg+0x10/0x10
[  127.495772][T11039]  do_syscall_64+0xcd/0x250
[  127.497311][T11039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.499282][T11039] RIP: 0033:0x7f6c4817fed9
[  127.500770][T11039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.506811][T11039] RSP: 002b:00007f6c48ea1058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.509459][T11039] RAX: ffffffffffffffda RBX: 00007f6c48345fa0 RCX: 00007f6c4817fed9
[  127.511492][T11039] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003
[  127.513819][T11039] RBP: 00007f6c48ea10a0 R08: 0000000000000000 R09: 0000000000000000
[  127.516294][T11039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.518930][T11039] R13: 0000000000000000 R14: 00007f6c48345fa0 R15: 00007ffeee574568
[  127.521515][T11039]  </TASK>
[  127.705436][T11064] netlink: 'syz.2.1375': attribute type 15 has an invalid length.
[  127.899439][   T39] kauditd_printk_skb: 28 callbacks suppressed
[  127.899450][   T39] audit: type=1400 audit(1733605123.214:762): avc:  denied  { accept } for  pid=11079 comm="syz.2.1381" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  127.951121][   T39] audit: type=1400 audit(1733605123.264:763): avc:  denied  { setopt } for  pid=11079 comm="syz.2.1381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  128.035605][T11092] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  128.069109][T11097] Process accounting resumed
[  128.070869][T11097] kernel write not supported for file /asound/timers (pid: 11097 comm: syz.2.1388)
[  128.119257][   T39] audit: type=1400 audit(1733605123.434:764): avc:  denied  { connect } for  pid=11099 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  128.133651][   T39] audit: type=1400 audit(1733605123.444:765): avc:  denied  { listen } for  pid=11099 comm="syz.3.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  128.246645][T11117] program syz.2.1392 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  128.271879][T11120] binder: BINDER_SET_CONTEXT_MGR already set
[  128.274641][T11120] binder: 11119:11120 ioctl 4018620d 20004a80 returned -16
[  128.342443][   T39] audit: type=1400 audit(1733605123.654:766): avc:  denied  { mount } for  pid=11126 comm="syz.5.1397" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  128.354461][   T39] audit: type=1400 audit(1733605123.664:767): avc:  denied  { transfer } for  pid=11126 comm="syz.5.1397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  128.361874][   T39] audit: type=1400 audit(1733605123.674:768): avc:  denied  { ioctl } for  pid=11124 comm="syz.2.1396" path="socket:[41125]" dev="sockfs" ino=41125 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  128.396357][T11134] netlink: 'syz.3.1399': attribute type 1 has an invalid length.
[  128.536001][T11146] can0: slcan on ptm0.
[  128.564412][   T39] audit: type=1400 audit(1733605123.874:769): avc:  denied  { listen } for  pid=11148 comm="syz.4.1403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  128.601831][   T39] audit: type=1326 audit(1733605123.914:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11150 comm="syz.4.1404" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x0
[  128.786551][ T5980] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  128.936566][ T5980] usb 10-1: Using ep0 maxpacket: 8
[  128.940015][ T5980] usb 10-1: config 0 has no interfaces?
[  128.941931][ T5980] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  128.944806][ T5980] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.951554][ T5980] usb 10-1: config 0 descriptor??
[  129.215560][ T8595] Bluetooth: hci4: Frame reassembly failed (-84)
[  129.219669][T11160] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  129.293909][T11162] __nla_validate_parse: 9 callbacks suppressed
[  129.293929][T11162] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1408'.
[  129.448930][   T39] audit: type=1400 audit(1733605124.764:771): avc:  denied  { bind } for  pid=11165 comm="syz.3.1410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  129.462958][T11169] fuse: Bad value for 'fd'
[  129.468154][T11169] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1411'.
[  129.865201][ T1022] usb 10-1: USB disconnect, device number 12
[  129.927523][T11143] can0 (unregistered): slcan off ptm0.
[  129.966021][T11175] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1413'.
[  130.083758][T11178] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1414'.
[  130.333244][T11191] netlink: 'syz.3.1420': attribute type 1 has an invalid length.
[  130.343525][T11191] bond3: (slave vti0): The slave device specified does not support setting the MAC address
[  130.346131][T11191] bond3: (slave vti0): Setting fail_over_mac to active for active-backup mode
[  130.350894][T11191] bond3: (slave vti0): making interface the new active one
[  130.352941][T11191] bond3: (slave vti0): Enslaving as an active interface with an up link
[  130.357988][T11191] misc userio: No port type given on /dev/userio
[  130.488681][T11198] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1423'.
[  131.216550][ T5951] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  131.216883][ T5944] Bluetooth: hci4: command 0x1003 tx timeout
[  131.952236][T11282] autofs: Unknown parameter 'GPL'
[  132.499599][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.501332][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.815804][T11308] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=11308 comm=syz.3.1460
[  133.880674][T11369] bond2: entered promiscuous mode
[  133.882476][T11369] bond2: entered allmulticast mode
[  133.884508][T11369] 8021q: adding VLAN 0 to HW filter on device bond2
[  133.934850][T11379] netlink: 'syz.3.1483': attribute type 2 has an invalid length.
[  133.938063][T11379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=11379 comm=syz.3.1483
[  133.938685][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  133.938694][   T39] audit: type=1400 audit(1733605129.254:773): avc:  denied  { setopt } for  pid=11380 comm="syz.4.1484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  133.950906][T11379] geneve2: entered promiscuous mode
[  133.952200][T11379] geneve2: entered allmulticast mode
[  133.993434][T11387] infiniband syz0: set active
[  134.004475][T11387] geneve2: left allmulticast mode
[  134.054348][   T39] audit: type=1400 audit(1733605129.364:774): avc:  denied  { execute } for  pid=11388 comm="syz.3.1486" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  134.457273][T11408] tmpfs: Bad value for 'mpol'
[  134.489304][   T39] audit: type=1400 audit(1733605129.804:775): avc:  denied  { create } for  pid=11409 comm="syz.4.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.496616][   T39] audit: type=1400 audit(1733605129.804:776): avc:  denied  { write } for  pid=11409 comm="syz.4.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.501681][   T39] audit: type=1400 audit(1733605129.804:777): avc:  denied  { nlmsg_write } for  pid=11409 comm="syz.4.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.554755][T11417] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1494'.
[  134.556486][   T39] audit: type=1400 audit(1733605129.864:778): avc:  denied  { nlmsg_read } for  pid=11416 comm="syz.2.1494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  134.689164][   T39] audit: type=1400 audit(1733605130.004:779): avc:  denied  { lock } for  pid=11420 comm="syz.2.1496" path="socket:[41555]" dev="sockfs" ino=41555 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  134.766248][T11436] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1496'.
[  135.167170][T11453] netlink: 1284 bytes leftover after parsing attributes in process `syz.5.1505'.
[  135.170393][T11453] openvswitch: netlink: Missing key (keys=40, expected=80)
[  135.230807][   T39] audit: type=1400 audit(1733605130.544:780): avc:  denied  { mount } for  pid=11458 comm="syz.3.1508" name="/" dev="9p" ino=36448940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  135.249331][   T39] audit: type=1400 audit(1733605130.564:781): avc:  denied  { unmount } for  pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  135.395838][T11464] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'.
[  135.402654][T11464] vlan2: entered allmulticast mode
[  135.680447][   T39] audit: type=1400 audit(1733605130.994:782): avc:  denied  { map } for  pid=11476 comm="syz.2.1516" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  135.911365][T11499] ip6t_srh: unknown srh match flags  B153
[  136.283553][T11524] IPv6: NLM_F_CREATE should be specified when creating new route
[  136.339852][T11530] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1538'.
[  136.454596][T11549] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11549 comm=syz.2.1545
[  136.611005][T11562] libceph: resolve '
[  136.611005][T11562] -&���f�Y�ǝ�a���2i�
[  136.611005][T11562] .���?��&�*��&' (ret=-3): failed
[  136.627282][T11562] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1548'.
[  136.762062][T11575] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1552'.
[  137.091845][T11591] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1559'.
[  137.609088][T11630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1570'.
[  138.480675][T11709] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1596'.
[  138.486797][T11711] overlayfs: failed to clone upperpath
[  138.586456][T10361] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  138.738138][T10361] usb 10-1: config 0 interface 0 altsetting 18 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  138.741850][T10361] usb 10-1: config 0 interface 0 altsetting 18 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  138.751952][T10361] usb 10-1: config 0 interface 0 altsetting 18 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  138.755434][T10361] usb 10-1: config 0 interface 0 has no altsetting 0
[  138.760077][T10361] usb 10-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  138.763065][T10361] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.765593][T10361] usb 10-1: Product: syz
[  138.767124][T10361] usb 10-1: Manufacturer: syz
[  138.768473][T10361] usb 10-1: SerialNumber: syz
[  138.771283][T10361] usb 10-1: config 0 descriptor??
[  138.774020][T11685] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  138.966540][   T30] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  138.974210][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  138.974219][   T39] audit: type=1400 audit(1733605134.284:797): avc:  denied  { read } for  pid=11745 comm="syz.4.1610" name="file0" dev="tmpfs" ino=2443 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  139.028385][T11754] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.028498][T11754] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.036641][T10361] appledisplay 10-1:0.0: Error while getting initial brightness: -110
[  139.039570][T10361] appledisplay 10-1:0.0: probe with driver appledisplay failed with error -110
[  139.052096][ T1995] usb 10-1: USB disconnect, device number 13
[  139.083524][T11760] netlink: 'syz.5.1612': attribute type 1 has an invalid length.
[  139.115258][   T39] audit: type=1400 audit(1733605134.424:798): avc:  denied  { ioctl } for  pid=11763 comm="syz.5.1615" path="socket:[42388]" dev="sockfs" ino=42388 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  139.126574][   T30] usb 7-1: Using ep0 maxpacket: 8
[  139.130556][   T30] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  139.136703][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  139.139235][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  139.141737][   T30] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.145174][   T30] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  139.148512][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.222088][T11779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=528 sclass=netlink_route_socket pid=11779 comm=syz.4.1621
[  139.225674][   T39] audit: type=1400 audit(1733605134.534:799): avc:  denied  { create } for  pid=11780 comm="syz.5.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  139.227100][T11779] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11779 comm=syz.4.1621
[  139.353658][   T30] usb 7-1: GET_CAPABILITIES returned 0
[  139.354985][   T30] usbtmc 7-1:16.0: can't read capabilities
[  139.554049][   T30] usb 7-1: USB disconnect, device number 9
[  139.677755][T11817] wg1: entered promiscuous mode
[  139.685242][T11817] __nla_validate_parse: 9 callbacks suppressed
[  139.685252][T11817] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1634'.
[  139.952465][ T5944] Bluetooth: hci0: unexpected event for opcode 0x203c
[  139.983530][T11833] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1639'.
[  140.180810][T11844] netlink: 1284 bytes leftover after parsing attributes in process `syz.5.1643'.
[  140.184678][T11844] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1643'.
[  140.391715][T11851] overlay: ./file0 is not a directory
[  140.424536][T11862] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1648'.
[  140.481494][T11872] kernel profiling enabled (shift: 63)
[  140.484312][T11872] profiling shift: 63 too large
[  140.487172][T11872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.497874][T11872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  140.505954][T11877] overlayfs: failed to clone upperpath
[  140.507736][T11878] overlayfs: failed to clone upperpath
[  140.516612][ T5980] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  140.690197][ T5980] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  140.692800][ T5980] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.694932][ T5980] usb 10-1: Product: syz
[  140.696026][ T5980] usb 10-1: Manufacturer: syz
[  140.697289][ T5980] usb 10-1: SerialNumber: syz
[  140.703903][ T5980] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  140.732016][ T5980] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  140.839906][T11905] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1665'.
[  141.140677][   T25] usb 10-1: USB disconnect, device number 14
[  141.593947][T11923] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1673'.
[  141.709784][   T39] audit: type=1400 audit(1733605137.024:800): avc:  denied  { setattr } for  pid=11937 comm="syz.3.1679" name="CAN_J1939" dev="sockfs" ino=43484 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  141.732817][   T39] audit: type=1400 audit(1733605137.044:801): avc:  denied  { read } for  pid=11943 comm="syz.2.1681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  141.741825][   T39] audit: type=1400 audit(1733605137.044:802): avc:  denied  { map } for  pid=11945 comm="syz.5.1682" path="socket:[43489]" dev="sockfs" ino=43489 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  141.850631][   T39] audit: type=1400 audit(1733605137.164:803): avc:  denied  { getopt } for  pid=11957 comm="syz.5.1686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  141.881244][ T5944] block nbd5: Receive control failed (result -107)
[  141.959941][T11958] block nbd5: shutting down sockets
[  142.016466][ T5980] usb 10-1: Service connection timeout for: 256
[  142.018142][ T5980] ath9k_htc 10-1:1.0: ath9k_htc: Unable to initialize HTC services
[  142.022005][ T5980] ath9k_htc: Failed to initialize the device
[  142.024433][   T25] usb 10-1: ath9k_htc: USB layer deinitialized
[  142.029732][T11964] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1687'.
[  142.145171][T11971] mac80211_hwsim hwsim52 wlan1: entered allmulticast mode
[  142.205383][T11976] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1692'.
[  142.422178][T11990] gtp0: entered promiscuous mode
[  142.423541][T11990] gtp0: entered allmulticast mode
[  142.510376][T12000] overlayfs: failed to clone upperpath
[  142.559860][T12008] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1707'.
[  142.756587][T12029] Process accounting resumed
[  143.104716][T12091] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  143.150432][T12091] bridge2: entered promiscuous mode
[  143.194018][   T39] audit: type=1400 audit(1733605138.504:804): avc:  denied  { map } for  pid=12116 comm="syz.4.1748" path="socket:[43927]" dev="sockfs" ino=43927 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  143.203152][   T39] audit: type=1400 audit(1733605138.504:805): avc:  denied  { read } for  pid=12116 comm="syz.4.1748" path="socket:[43927]" dev="sockfs" ino=43927 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  143.287628][   T39] audit: type=1400 audit(1733605138.604:806): avc:  denied  { watch } for  pid=12122 comm="syz.4.1751" path="/501/file0" dev="tmpfs" ino=2732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  143.450768][T12147] fuse: Unknown parameter 'ff'
[  143.452641][T12147] SET target dimension over the limit!
[  143.596852][ T9730] bond0: (slave syz_tun): Releasing backup interface
[  143.666688][T12172] vxcan0: Master is either lo or non-ether device
[  143.668582][T12173] vxcan0: Master is either lo or non-ether device
[  143.870670][T12192] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  143.873639][T12192] overlayfs: missing 'lowerdir'
[  143.897606][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  143.901595][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  143.903949][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  143.907922][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  143.911052][ T5951] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  143.913004][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  143.957457][T12200] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1042 sclass=netlink_route_socket pid=12200 comm=syz.4.1781
[  144.041729][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  144.041745][   T39] audit: type=1400 audit(1733605139.354:808): avc:  denied  { bind } for  pid=12201 comm="syz.5.1783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  144.052083][T12194] chnl_net:caif_netlink_parms(): no params data found
[  144.130667][T12194] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.132526][T12194] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.134392][T12194] bridge_slave_0: entered allmulticast mode
[  144.137628][T12194] bridge_slave_0: entered promiscuous mode
[  144.142442][T12194] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.144969][T12194] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.148360][T12194] bridge_slave_1: entered allmulticast mode
[  144.151043][T12194] bridge_slave_1: entered promiscuous mode
[  144.176193][T12194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.180080][T12194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.216933][ T8588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.219038][ T8588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.220409][T12194] team0: Port device team_slave_0 added
[  144.231834][T12194] team0: Port device team_slave_1 added
[  144.257865][T12194] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.259699][T12194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.266348][T12194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.271913][T12194] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.274220][T12194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.281555][T12194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.323775][T12194] hsr_slave_0: entered promiscuous mode
[  144.327854][T12194] hsr_slave_1: entered promiscuous mode
[  144.449007][T12194] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  144.453322][T12194] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  144.458169][T12194] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  144.462436][T12194] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  144.510722][T12194] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.525910][T12194] 8021q: adding VLAN 0 to HW filter on device team0
[  144.532180][ T8595] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.534126][ T8595] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.544060][ T8563] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.546585][ T8563] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.659798][T12194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.788665][T12194] veth0_vlan: entered promiscuous mode
[  144.793703][T12194] veth1_vlan: entered promiscuous mode
[  144.807781][T12194] veth0_macvtap: entered promiscuous mode
[  144.811483][T12194] veth1_macvtap: entered promiscuous mode
[  144.818256][T12194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  144.821791][T12194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.826310][T12194] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.848134][T12194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.850962][T12194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.854094][T12194] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.858418][T12194] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.861557][T12194] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.863763][T12194] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.865986][T12194] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.887136][T12245] __nla_validate_parse: 9 callbacks suppressed
[  144.887146][T12245] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1792'.
[  144.934624][ T8588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.937380][ T8588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.977422][ T8563] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.980194][ T8563] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.987243][   T39] audit: type=1400 audit(1733605140.304:809): avc:  denied  { mounton } for  pid=12194 comm="syz-executor" path="/syzkaller.Vy0Hku/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=46344 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  145.056680][ T5951] Bluetooth: hci0: command 0x2021 tx timeout
[  145.230125][T12278] netlink: 172 bytes leftover after parsing attributes in process `syz.6.1806'.
[  145.376794][T12293] veth0: entered promiscuous mode
[  145.557734][T12309] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1818'.
[  145.936709][ T5951] Bluetooth: hci3: command tx timeout
[  146.043055][T12347] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1833'.
[  146.185852][T12291] veth0: left promiscuous mode
[  147.128184][T12384] netlink: 172 bytes leftover after parsing attributes in process `syz.6.1847'.
[  147.165686][T12390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1849'.
[  147.204977][   T39] audit: type=1400 audit(1733605142.514:810): avc:  denied  { ioctl } for  pid=12393 comm="syz.5.1851" path="socket:[45986]" dev="sockfs" ino=45986 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  147.229572][T12394] kAFS: No cell specified
[  147.444263][ T5981] IPVS: starting estimator thread 0...
[  147.546470][T12414] IPVS: using max 38 ests per chain, 91200 per kthread
[  148.016614][ T5951] Bluetooth: hci3: command tx timeout
[  148.210094][T12431] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1864'.
[  148.267113][T12432] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1865'.
[  149.159640][T12462] xt_CT: You must specify a L4 protocol and not use inversions on it
[  149.227992][T12470] input: syz0 as /devices/virtual/input/input17
[  149.425089][T12474] netlink: 172 bytes leftover after parsing attributes in process `syz.6.1882'.
[  150.096687][ T5951] Bluetooth: hci3: command tx timeout
[  150.156961][T12478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1884'.
[  151.135822][T12508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1896'.
[  151.153172][T12512] netlink: 172 bytes leftover after parsing attributes in process `syz.3.1898'.
[  151.225411][T12516] bridge0: entered promiscuous mode
[  151.227318][T12516] bridge0: entered allmulticast mode
[  152.186568][ T5944] Bluetooth: hci3: command tx timeout
[  152.299555][T12551] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1911'.
[  152.356981][T12557] xt_hashlimit: size too large, truncated to 1048576
[  153.296530][ T5944] Bluetooth: hci4: command 0x1003 tx timeout
[  153.296583][ T5951] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  153.391211][T12587] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1922'.
[  153.517505][T12585] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1921'.
[  153.531994][T12592] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1924'.
[  153.582068][T12596] netlink: 14548 bytes leftover after parsing attributes in process `syz.4.1926'.
[  153.664059][T12604] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=45803 sclass=netlink_route_socket pid=12604 comm=syz.4.1929
[  153.664817][T12605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=45803 sclass=netlink_route_socket pid=12605 comm=syz.4.1929
[  154.132642][T12622] raw_sendmsg: syz.6.1935 forgot to set AF_INET. Fix it!
[  154.147340][T12623] can: request_module (can-proto-4) failed.
[  154.996543][T12632] netlink: 172 bytes leftover after parsing attributes in process `syz.6.1938'.
[  155.453102][T12642] macvlan2: mtu less than device minimum
[  155.487372][T12648] (syz.5.1945,12648,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[  155.665030][T12669] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1954'.
[  155.815393][T12687] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1959'.
[  155.817812][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1959'.
[  155.848948][ T5951] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  155.900189][   T39] audit: type=1400 audit(1733605151.214:811): avc:  denied  { ioctl } for  pid=12693 comm="syz.5.1962" path="socket:[48047]" dev="sockfs" ino=48047 ioctlcmd=0x8916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  155.912903][T12676] netlink: 'syz.6.1956': attribute type 30 has an invalid length.
[  156.065514][T12709] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1967'.
[  156.080544][T12707] netlink: 172 bytes leftover after parsing attributes in process `syz.4.1968'.
[  156.080822][T12709] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1967'.
[  156.103249][   T39] audit: type=1400 audit(1733605151.414:812): avc:  denied  { ioctl } for  pid=12708 comm="syz.5.1967" path="socket:[48053]" dev="sockfs" ino=48053 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  156.248665][T12735] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1977'.
[  156.310255][T12743] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1979'.
[  156.360452][T12747] netlink: 'syz.4.1981': attribute type 30 has an invalid length.
[  156.436936][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  156.439486][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  156.496855][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  156.501253][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  156.509046][ T5951] block nbd5: Receive control failed (result -107)
[  156.606422][T12757] nbd5: detected capacity change from 0 to 8589934592
[  156.610291][ T5943] block nbd5: Dead connection, failed to find a fallback
[  156.612363][ T5943] block nbd5: shutting down sockets
[  156.613826][ T5943] blk_print_req_error: 86 callbacks suppressed
[  156.613834][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.617976][ T5943] buffer_io_error: 58 callbacks suppressed
[  156.617983][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.626513][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.629140][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.631371][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.633952][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.636331][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.644154][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.646544][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.649102][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.654304][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.664322][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.666727][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.669040][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.671026][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.673558][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.675847][ T5943] ldm_validate_partition_table(): Disk read failed.
[  156.677744][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.680094][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.682148][ T5943] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  156.684490][ T5943] Buffer I/O error on dev nbd5, logical block 0, async page read
[  156.686616][ T5943] Dev nbd5: unable to read RDB block 0
[  156.688203][ T5943]  nbd5: unable to read partition table
[  156.702339][T12757] ldm_validate_partition_table(): Disk read failed.
[  156.704295][T12757] Dev nbd5: unable to read RDB block 0
[  156.706138][T12757]  nbd5: unable to read partition table
[  156.716895][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  156.719426][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=0, location=0
[  156.721753][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1, location=1
[  156.724149][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  156.729093][ T5943] ldm_validate_partition_table(): Disk read failed.
[  156.731406][ T5943] Dev nbd5: unable to read RDB block 0
[  156.733390][ T5943]  nbd5: unable to read partition table
[  156.736838][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  156.740063][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483647, location=2147483647
[  156.742832][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483391, location=2147483391
[  156.745495][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483646, location=2147483646
[  156.748429][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483390, location=2147483390
[  156.751196][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483645, location=2147483645
[  156.753855][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483389, location=2147483389
[  156.756587][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483497, location=2147483497
[  156.759892][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483241, location=2147483241
[  156.762597][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483495, location=2147483495
[  156.765430][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=2147483239, location=2147483239
[  156.768302][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  156.772460][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  156.774958][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741823, location=1073741823
[  156.777860][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741567, location=1073741567
[  156.780696][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741822, location=1073741822
[  156.784027][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741566, location=1073741566
[  156.786953][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741821, location=1073741821
[  156.790045][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741565, location=1073741565
[  156.792962][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741673, location=1073741673
[  156.795794][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741417, location=1073741417
[  156.798813][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741671, location=1073741671
[  156.801605][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=1073741415, location=1073741415
[  156.804298][T12757] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  156.806948][T12757] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[  156.959489][T12774] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  156.962575][T12774] IPv6: NLM_F_CREATE should be set when creating new route
[  157.000952][   T39] audit: type=1400 audit(1733605152.314:813): avc:  denied  { setattr } for  pid=12710 comm="syz.3.1969" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  157.085787][T12783] netlink: 172 bytes leftover after parsing attributes in process `syz.5.1994'.
[  157.088338][   T39] audit: type=1326 audit(1733605152.394:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.094136][   T39] audit: type=1326 audit(1733605152.394:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.096853][T12781] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1993'.
[  157.099891][   T39] audit: type=1326 audit(1733605152.404:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.108221][   T39] audit: type=1326 audit(1733605152.404:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.114717][   T39] audit: type=1326 audit(1733605152.404:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.116094][   T39] audit: type=1326 audit(1733605152.404:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.126051][   T39] audit: type=1326 audit(1733605152.404:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12780 comm="syz.4.1993" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35a4f7fed9 code=0x7ffc0000
[  157.308519][T12801] netlink: 'syz.5.2004': attribute type 21 has an invalid length.
[  157.380417][T12811] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  157.382162][T12811] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  157.385796][T12811] vhci_hcd vhci_hcd.0: Device attached
[  157.428203][T12819] syz.5.2011[12819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.428251][T12819] syz.5.2011[12819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.431259][T12819] syz.5.2011[12819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.438314][ T5951] Bluetooth: hci0: unexpected event for opcode 0x0c5b
[  157.487763][T12812] usbip_core: unknown command
[  157.489115][T12812] vhci_hcd: unknown pdu 100663296
[  157.490446][T12812] usbip_core: unknown command
[  157.493204][ T8563] vhci_hcd: stop threads
[  157.494439][ T8563] vhci_hcd: release socket
[  157.497501][ T8563] vhci_hcd: disconnect device
[  157.566510][ T5979] vhci_hcd: vhci_device speed not set
[  157.576660][T12834] netlink: 'syz.4.2017': attribute type 21 has an invalid length.
[  157.578960][T12834] netlink: 'syz.4.2017': attribute type 1 has an invalid length.
[  157.792492][T12855] (unnamed net_device) (uninitialized): option arp_validate: invalid value (22)
[  157.916804][T12866] netlink: 'syz.5.2029': attribute type 21 has an invalid length.
[  158.407398][ T5944] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  158.418045][ T5944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  158.419915][ T1995] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  158.424364][ T5944] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  158.436604][ T5939] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  158.439170][ T5939] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  158.441619][ T5939] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  158.467810][T10682] bond0: (slave syz_tun): Releasing backup interface
[  158.576748][ T1995] usb 10-1: Using ep0 maxpacket: 8
[  158.579613][ T1995] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.582567][ T1995] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  158.584856][ T1995] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.594549][ T1995] usb 10-1: config 0 descriptor??
[  158.616084][T12910] chnl_net:caif_netlink_parms(): no params data found
[  158.679189][T12910] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.681384][T12910] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.683311][T12910] bridge_slave_0: entered allmulticast mode
[  158.685472][T12910] bridge_slave_0: entered promiscuous mode
[  158.691657][T12910] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.693539][T12910] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.695441][T12910] bridge_slave_1: entered allmulticast mode
[  158.697664][T12910] bridge_slave_1: entered promiscuous mode
[  158.735907][T12931] SELinux:  policydb version -1666298316 does not match my version range 15-33
[  158.738504][T12910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.740411][T12931] SELinux: failed to load policy
[  158.742677][T12910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.743492][T12931] SELinux:  policydb string length 14080 does not match expected length 8
[  158.748284][T12931] SELinux: failed to load policy
[  158.769286][T12910] team0: Port device team_slave_0 added
[  158.772554][T12910] team0: Port device team_slave_1 added
[  158.791699][T12910] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.793442][T12910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.800689][T12910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.802864][ T1995] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  158.804197][T12910] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.807876][T12910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.814457][T12910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.888797][T12910] hsr_slave_0: entered promiscuous mode
[  158.966715][T12910] hsr_slave_1: entered promiscuous mode
[  159.010035][T12895] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  159.013563][T12895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.015839][T12895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.046483][T12910] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.048397][T12910] Cannot create hsr debugfs directory
[  159.240415][T12910] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.293339][T12895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.297215][T12895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.303447][    T9] usb 10-1: USB disconnect, device number 15
[  160.127704][T12910] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.267292][T12910] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.498446][ T5951] Bluetooth: hci4: command tx timeout
[  161.192268][T13002] XFS (nullb0): Invalid superblock magic number
[  161.210450][T12910] bond0: (slave netdevsim0): Releasing backup interface
[  161.249172][T13011] __nla_validate_parse: 9 callbacks suppressed
[  161.249183][T13011] netlink: 172 bytes leftover after parsing attributes in process `syz.6.2079'.
[  161.267711][T12910] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.189422][T13027] netlink: 220 bytes leftover after parsing attributes in process `syz.5.2083'.
[  162.259620][T12910] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  162.267874][T12910] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  162.276863][T12910] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  162.285730][T12910] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  162.344221][T13045] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5138 sclass=netlink_route_socket pid=13045 comm=syz.6.2091
[  162.378524][T13048] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2092'.
[  162.576551][ T5951] Bluetooth: hci4: command tx timeout
[  163.238080][T12910] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.262852][T12910] 8021q: adding VLAN 0 to HW filter on device team0
[  163.268424][ T8594] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.270345][ T8594] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.279945][ T8594] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.282422][ T8594] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.309351][T12910] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  163.384175][T13070] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2098'.
[  163.407997][T12910] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.485212][T13082] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2103'.
[  164.329274][   T39] kauditd_printk_skb: 70 callbacks suppressed
[  164.329289][   T39] audit: type=1400 audit(1733605159.644:891): avc:  denied  { accept } for  pid=13102 comm="syz.6.2108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  164.386522][T13099] mac80211_hwsim hwsim8 wlan0: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  164.469195][T13112] IPv6: sit1: Disabled Multicast RS
[  164.479815][T12910] veth0_vlan: entered promiscuous mode
[  164.485636][T12910] veth1_vlan: entered promiscuous mode
[  164.503104][T12910] veth0_macvtap: entered promiscuous mode
[  164.509082][T12910] veth1_macvtap: entered promiscuous mode
[  164.518943][T12910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.521730][T12910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.524653][T12910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.529487][T12910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.533420][T12910] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.539483][T12910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.542230][T12910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.542486][T13113] fuse: Bad value for 'group_id'
[  164.544713][T12910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.547531][T13113] fuse: Bad value for 'group_id'
[  164.549638][T12910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.555419][T12910] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.562130][T12910] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.564378][T12910] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.567780][T12910] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.570570][T12910] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.620108][ T8588] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.623052][ T8588] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.646271][ T8586] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.648449][ T8586] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.667024][ T5951] Bluetooth: hci4: command tx timeout
[  164.786619][    T9] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  164.956632][    T9] usb 10-1: Using ep0 maxpacket: 16
[  164.959293][    T9] usb 10-1: config 1 interface 0 altsetting 83 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  164.962259][    T9] usb 10-1: config 1 interface 0 altsetting 83 endpoint 0x2 has an invalid bInterval 128, changing to 11
[  164.965055][    T9] usb 10-1: config 1 interface 0 has no altsetting 0
[  164.968381][    T9] usb 10-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.40
[  164.970780][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.972863][    T9] usb 10-1: Product: с
[  164.973959][    T9] usb 10-1: Manufacturer: 㐉
[  164.975200][    T9] usb 10-1: SerialNumber: 〟
[  165.037621][   T39] audit: type=1400 audit(164.932:892): avc:  denied  { name_connect } for  pid=13131 comm="syz.4.2116" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  165.188314][T13115] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2112'.
[  165.198304][    T9] usbhid 10-1:1.0: can't add hid device: -71
[  165.199943][    T9] usbhid 10-1:1.0: probe with driver usbhid failed with error -71
[  165.203773][    T9] usb 10-1: USB disconnect, device number 16
[  165.405065][T13142] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  165.752946][T13152] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  165.762389][T13152] CIFS mount error: No usable UNC path provided in device string!
[  165.762389][T13152] 
[  165.766203][T13152] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  165.875694][   T39] audit: type=1400 audit(165.762:893): avc:  denied  { listen } for  pid=13157 comm="syz.6.2124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  165.915197][T13163] netlink: 'syz.4.2126': attribute type 21 has an invalid length.
[  165.921106][T13165] netlink: 172 bytes leftover after parsing attributes in process `syz.5.2127'.
[  166.106685][T13180] overlayfs: missing 'lowerdir'
[  166.172794][T13182] netlink: 76 bytes leftover after parsing attributes in process `syz.6.2130'.
[  166.269609][ T5951] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  166.274540][ T5951] CPU: 1 UID: 0 PID: 5951 Comm: kworker/u33:7 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  166.278456][ T5951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.282310][ T5951] Workqueue: hci4 hci_rx_work
[  166.284096][ T5951] Call Trace:
[  166.285323][ T5951]  <TASK>
[  166.286421][ T5951]  dump_stack_lvl+0x16c/0x1f0
[  166.288143][ T5951]  sysfs_warn_dup+0x7f/0xa0
[  166.289813][ T5951]  sysfs_create_dir_ns+0x24d/0x2b0
[  166.291667][ T5951]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  166.293129][ T5951]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  166.294535][ T5951]  ? kobject_add_internal+0x12d/0x990
[  166.295940][ T5951]  ? do_raw_spin_unlock+0x172/0x230
[  166.297352][ T5951]  kobject_add_internal+0x2c8/0x990
[  166.298746][ T5951]  kobject_add+0x16f/0x240
[  166.299923][ T5951]  ? __pfx_kobject_add+0x10/0x10
[  166.301230][ T5951]  ? class_to_subsys+0x3e/0x160
[  166.302545][ T5951]  ? do_raw_spin_unlock+0x172/0x230
[  166.303909][ T5951]  ? kobject_put+0xab/0x5a0
[  166.305106][ T5951]  device_add+0x289/0x1a70
[  166.306291][ T5951]  ? __pfx_dev_set_name+0x10/0x10
[  166.307750][ T5951]  ? __pfx_device_add+0x10/0x10
[  166.309169][ T5951]  ? mgmt_send_event_skb+0x2f2/0x460
[  166.310554][ T5951]  hci_conn_add_sysfs+0x17e/0x230
[  166.311873][ T5951]  le_conn_complete_evt+0x1077/0x1d60
[  166.313277][ T5951]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  166.314767][ T5951]  ? __mutex_lock+0x1cc/0xa60
[  166.316007][ T5951]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  166.317989][ T5951]  ? skb_pull_data+0x166/0x210
[  166.319779][ T5951]  hci_le_meta_evt+0x2e2/0x5d0
[  166.321516][ T5951]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  166.323856][ T5951]  hci_event_packet+0x666/0x1180
[  166.325657][ T5951]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  166.327587][ T5951]  ? __pfx_hci_event_packet+0x10/0x10
[  166.329520][ T5951]  ? mark_held_locks+0x9f/0xe0
[  166.331273][ T5951]  ? kcov_remote_start+0x3cf/0x6e0
[  166.333131][ T5951]  ? lockdep_hardirqs_on+0x7c/0x110
[  166.335045][ T5951]  hci_rx_work+0x2c5/0x16b0
[  166.336391][ T5951]  ? process_one_work+0x921/0x1ba0
[  166.337928][ T5951]  process_one_work+0x9c5/0x1ba0
[  166.339505][ T5951]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  166.340948][ T5951]  ? __pfx_process_one_work+0x10/0x10
[  166.342336][ T5951]  ? rcu_is_watching+0x12/0xc0
[  166.343589][ T5951]  ? assign_work+0x1a0/0x250
[  166.344796][ T5951]  worker_thread+0x6c8/0xf00
[  166.346016][ T5951]  ? __kthread_parkme+0x148/0x220
[  166.347357][ T5951]  ? __pfx_worker_thread+0x10/0x10
[  166.348690][ T5951]  kthread+0x2c1/0x3a0
[  166.349756][ T5951]  ? _raw_spin_unlock_irq+0x23/0x50
[  166.351114][ T5951]  ? __pfx_kthread+0x10/0x10
[  166.352322][ T5951]  ret_from_fork+0x45/0x80
[  166.353481][ T5951]  ? __pfx_kthread+0x10/0x10
[  166.354699][ T5951]  ret_from_fork_asm+0x1a/0x30
[  166.355952][ T5951]  </TASK>
[  166.356853][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.358951][ T5951] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  166.362561][ T5951] Bluetooth: hci4: failed to register connection device
[  166.498820][ T8586] wlan0: Trigger new scan to find an IBSS to join
[  166.736576][ T5951] Bluetooth: hci4: command tx timeout
[  166.898563][T13197] batman_adv: batadv0: Adding interface: erspan1
[  166.900292][T13197] batman_adv: batadv0: Not using interface erspan1 (retrying later): interface not active
[  167.064615][   T39] audit: type=1400 audit(166.952:894): avc:  denied  { create } for  pid=13204 comm="syz.3.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  167.075344][   T39] audit: type=1400 audit(166.952:895): avc:  denied  { write } for  pid=13204 comm="syz.3.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  167.117117][T13205] cgroup: Invalid name
[  167.496824][T13209] netlink: 'syz.3.2139': attribute type 21 has an invalid length.
[  167.628801][T13218] netlink: 172 bytes leftover after parsing attributes in process `syz.6.2142'.
[  167.675934][T13220] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2143'.
[  167.715990][   T39] audit: type=1400 audit(167.606:896): avc:  denied  { bind } for  pid=13223 comm="syz.6.2145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  167.716695][T13224] input: syz0 as /devices/virtual/input/input18
[  167.863805][T13233] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2148'.
[  167.890980][T13235] dns_resolver: Unsupported content type (24)
[  168.392479][T13266] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2160'.
[  168.597124][ T5981] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  168.704446][T13291] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2167'.
[  169.603117][T13304] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13304 comm=syz.4.2171
[  169.821901][T13313] delete_channel: no stack
[  171.539321][ T7226] wlan0: Trigger new scan to find an IBSS to join
[  172.517133][ T8594] wlan0: Creating new IBSS network, BSSID a2:de:6b:10:d8:40
[  183.324909][   T39] audit: type=1400 audit(183.216:897): avc:  denied  { map } for  pid=13359 comm="syz.4.2186" path="pipe:[53815]" dev="pipefs" ino=53815 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  183.383917][T13354] Attempt to restore checkpoint with obsolete wellknown handles
[  184.096310][T13364] ipvlan2: entered promiscuous mode
[  184.100703][T13364] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  184.145619][T13369] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  184.257084][   T39] audit: type=1400 audit(184.156:898): avc:  denied  { setattr } for  pid=13383 comm="syz.6.2196" path="/proc/258/map_files" dev="proc" ino=55460 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  184.377649][T13398] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2200'.
[  184.380902][T13398] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2200'.
[  185.855800][T13399] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2201'.
[  185.889960][T13407] xt_hashlimit: size too large, truncated to 1048576
[  185.972136][T13419] overlay: Unknown parameter 'smackfstransmute'
[  186.053012][T13419] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2208'.
[  186.121276][T13431] netlink: 256 bytes leftover after parsing attributes in process `syz.6.2211'.
[  186.124633][T13431] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2211'.
[  186.168661][T13423] 
[  186.169349][T13423] ======================================================
[  186.171197][T13423] WARNING: possible circular locking dependency detected
SYZFAIL: failed to recv rpc
[  186.173033][T13423] 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 Not tainted
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  186.175709][T13423] ------------------------------------------------------
[  186.179545][T13423] syz.3.2209/13423 is trying to acquire lock:
[  186.181744][T13423] ffff8880266de0b8 (&eq->sysfs_lock){+.+.}-{4:4}, at: elevator_disable+0xb5/0x490
[  186.185177][T13423] 
[  186.185177][T13423] but task is already holding lock:
[  186.187713][T13423] ffff888106adca50 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  186.191394][T13423] 
[  186.191394][T13423] which lock already depends on the new lock.
[  186.191394][T13423] 
[  186.194639][T13423] 
[  186.194639][T13423] the existing dependency chain (in reverse order) is:
[  186.198073][T13423] 
[  186.198073][T13423] -> #5 (&q->sysfs_lock){+.+.}-{4:4}:
[  186.200654][T13423]        __mutex_lock+0x19b/0xa60
[  186.202428][T13423]        __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  186.204517][T13423]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  186.206760][T13423]        nbd_start_device+0x15b/0xd70
[  186.208753][T13423]        nbd_ioctl+0x21a/0xfd0
[  186.210442][T13423]        blkdev_ioctl+0x276/0x6d0
[  186.212080][T13423]        __x64_sys_ioctl+0x190/0x200
[  186.213910][T13423]        do_syscall_64+0xcd/0x250
[  186.215638][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.217982][T13423] 
[  186.217982][T13423] -> #4 (&q->q_usage_counter(io)#51){++++}-{0:0}:
[  186.221091][T13423]        blk_mq_submit_bio+0x1fb6/0x24c0
[  186.223112][T13423]        __submit_bio+0x384/0x540
[  186.224949][T13423]        submit_bio_noacct_nocheck+0x698/0xd70
[  186.227216][T13423]        submit_bio_noacct+0x93a/0x1e20
[  186.229228][T13423]        mpage_readahead+0x41d/0x590
[  186.231178][T13423]        read_pages+0x1a8/0xdc0
[  186.232967][T13423]        page_cache_ra_unbounded+0x3dc/0x750
[  186.235167][T13423]        force_page_cache_ra+0x24b/0x340
[  186.237227][T13423]        page_cache_sync_ra+0x110/0x9c0
[  186.239245][T13423]        filemap_get_pages+0xd7b/0x1be0
[  186.241260][T13423]        filemap_read+0x3ca/0xd70
[  186.243141][T13423]        blkdev_read_iter+0x187/0x480
[  186.245102][T13423]        vfs_read+0x87f/0xbe0
[  186.246836][T13423]        ksys_read+0x12b/0x250
[  186.248574][T13423]        do_syscall_64+0xcd/0x250
[  186.250426][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.252738][T13423] 
[  186.252738][T13423] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}:
[  186.255799][T13423]        down_read+0x9a/0x330
[  186.257540][T13423]        filemap_fault+0x2e0/0x2820
[  186.259481][T13423]        __do_fault+0x10a/0x490
[  186.261263][T13423]        do_pte_missing+0xec2/0x3e70
[  186.263047][T13423]        __handle_mm_fault+0x103c/0x2a40
[  186.264517][T13423]        handle_mm_fault+0x3fa/0xaa0
[  186.265910][T13423]        __get_user_pages+0x8d9/0x3b50
[  186.267335][T13423]        populate_vma_page_range+0x27f/0x3a0
[  186.268891][T13423]        __mm_populate+0x1d6/0x380
[  186.270236][T13423]        vm_mmap_pgoff+0x293/0x360
[  186.271562][T13423]        ksys_mmap_pgoff+0x32c/0x5c0
[  186.272923][T13423]        __x64_sys_mmap+0x125/0x190
[  186.274456][T13423]        do_syscall_64+0xcd/0x250
[  186.276153][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.277843][T13423] 
[  186.277843][T13423] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  186.279797][T13423]        __might_fault+0x11b/0x190
[  186.281124][T13423]        _copy_from_user+0x29/0xd0
[  186.282467][T13423]        __blk_trace_setup+0xa8/0x180
[  186.283853][T13423]        blk_trace_ioctl+0x163/0x290
[  186.285300][T13423]        blkdev_ioctl+0x109/0x6d0
[  186.286996][T13423]        __x64_sys_ioctl+0x190/0x200
[  186.288534][T13423]        do_syscall_64+0xcd/0x250
[  186.289864][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.291525][T13423] 
[  186.291525][T13423] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  186.293532][T13423]        __mutex_lock+0x19b/0xa60
[  186.294854][T13423]        blk_mq_exit_sched+0xd1/0x310
[  186.296252][T13423]        elevator_disable+0xc0/0x490
[  186.297638][T13423]        __blk_mq_update_nr_hw_queues+0x3bb/0x14e0
[  186.299319][T13423]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  186.300896][T13423]        nbd_start_device+0x15b/0xd70
[  186.302286][T13423]        nbd_ioctl+0x21a/0xfd0
[  186.303529][T13423]        blkdev_ioctl+0x276/0x6d0
[  186.304831][T13423]        __x64_sys_ioctl+0x190/0x200
[  186.306248][T13423]        do_syscall_64+0xcd/0x250
[  186.307549][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.309190][T13423] 
[  186.309190][T13423] -> #0 (&eq->sysfs_lock){+.+.}-{4:4}:
[  186.311165][T13423]        __lock_acquire+0x249e/0x3c40
[  186.312552][T13423]        lock_acquire.part.0+0x11b/0x380
[  186.314015][T13423]        __mutex_lock+0x19b/0xa60
[  186.315315][T13423]        elevator_disable+0xb5/0x490
[  186.316705][T13423]        __blk_mq_update_nr_hw_queues+0x3bb/0x14e0
[  186.318386][T13423]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  186.319950][T13423]        nbd_start_device+0x15b/0xd70
[  186.321330][T13423]        nbd_ioctl+0x21a/0xfd0
[  186.322577][T13423]        blkdev_ioctl+0x276/0x6d0
[  186.323882][T13423]        __x64_sys_ioctl+0x190/0x200
[  186.325247][T13423]        do_syscall_64+0xcd/0x250
[  186.326571][T13423]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.328217][T13423] 
[  186.328217][T13423] other info that might help us debug this:
[  186.328217][T13423] 
[  186.330817][T13423] Chain exists of:
[  186.330817][T13423]   &eq->sysfs_lock --> &q->q_usage_counter(io)#51 --> &q->sysfs_lock
[  186.330817][T13423] 
[  186.334333][T13423]  Possible unsafe locking scenario:
[  186.334333][T13423] 
[  186.336254][T13423]        CPU0                    CPU1
[  186.337631][T13423]        ----                    ----
[  186.339015][T13423]   lock(&q->sysfs_lock);
[  186.340140][T13423]                                lock(&q->q_usage_counter(io)#51);
[  186.342165][T13423]                                lock(&q->sysfs_lock);
[  186.343940][T13423]   lock(&eq->sysfs_lock);
[  186.345107][T13423] 
[  186.345107][T13423]  *** DEADLOCK ***
[  186.345107][T13423] 
[  186.347460][T13423] 5 locks held by syz.3.2209/13423:
[  186.348820][T13423]  #0: ffff8880266d8198 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xfd0
[  186.351228][T13423]  #1: ffff8880266d80d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x20/0x40
[  186.353979][T13423]  #2: ffff888106adc520 (&q->q_usage_counter(io)#52){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x14e0
[  186.357343][T13423]  #3: ffff888106adc558 (&q->q_usage_counter(queue)#36){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x14e0
[  186.360477][T13423]  #4: ffff888106adca50 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  186.363217][T13423] 
[  186.363217][T13423] stack backtrace:
[  186.364739][T13423] CPU: 3 UID: 0 PID: 13423 Comm: syz.3.2209 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  186.367540][T13423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.370326][T13423] Call Trace:
[  186.371191][T13423]  <TASK>
[  186.371977][T13423]  dump_stack_lvl+0x116/0x1f0
[  186.373326][T13423]  print_circular_bug+0x419/0x5d0
[  186.375013][T13423]  check_noncircular+0x31a/0x400
[  186.376639][T13423]  ? __pfx_check_noncircular+0x10/0x10
[  186.378267][T13423]  ? lockdep_lock+0xc6/0x200
[  186.379468][T13423]  ? __pfx_lockdep_lock+0x10/0x10
[  186.380762][T13423]  ? __lock_acquire+0xcc5/0x3c40
[  186.382054][T13423]  __lock_acquire+0x249e/0x3c40
[  186.383312][T13423]  ? __pfx___lock_acquire+0x10/0x10
[  186.384652][T13423]  ? find_held_lock+0x2d/0x110
[  186.385906][T13423]  lock_acquire.part.0+0x11b/0x380
[  186.387200][T13423]  ? elevator_disable+0xb5/0x490
[  186.388560][T13423]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  186.390046][T13423]  ? rcu_is_watching+0x12/0xc0
[  186.391291][T13423]  ? trace_lock_acquire+0x14e/0x1f0
[  186.392641][T13423]  ? elevator_disable+0xb5/0x490
[  186.393934][T13423]  ? lock_acquire+0x2f/0xb0
[  186.395110][T13423]  ? elevator_disable+0xb5/0x490
[  186.396406][T13423]  __mutex_lock+0x19b/0xa60
[  186.397582][T13423]  ? elevator_disable+0xb5/0x490
[  186.398867][T13423]  ? elevator_disable+0xb5/0x490
[  186.400162][T13423]  ? __pfx___mutex_lock+0x10/0x10
[  186.401470][T13423]  ? __pfx_blk_mq_sched_free_rqs+0x10/0x10
[  186.402990][T13423]  ? mark_held_locks+0x9f/0xe0
[  186.404237][T13423]  ? elevator_disable+0xb5/0x490
[  186.405527][T13423]  elevator_disable+0xb5/0x490
[  186.406897][T13423]  __blk_mq_update_nr_hw_queues+0x3bb/0x14e0
[  186.408519][T13423]  ? __mutex_trylock_common+0xea/0x250
[  186.409941][T13423]  ? __pfx___mutex_trylock_common+0x10/0x10
[  186.411472][T13423]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  186.412950][T13423]  ? rcu_is_watching+0x12/0xc0
[  186.414208][T13423]  ? __pfx___blk_mq_update_nr_hw_queues+0x10/0x10
[  186.415861][T13423]  ? __pfx___mutex_trylock_common+0x10/0x10
[  186.417405][T13423]  ? avc_has_perm_noaudit+0x61/0x3a0
[  186.418790][T13423]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  186.420262][T13423]  ? __pfx___mutex_lock+0x10/0x10
[  186.421577][T13423]  ? trace_contention_end+0xee/0x140
[  186.422959][T13423]  ? __mutex_lock+0x1cc/0xa60
[  186.424193][T13423]  ? nbd_ioctl+0x151/0xfd0
[  186.425356][T13423]  ? __pfx___mutex_lock+0x10/0x10
[  186.426685][T13423]  blk_mq_update_nr_hw_queues+0x2a/0x40
[  186.428105][T13423]  nbd_start_device+0x15b/0xd70
[  186.429375][T13423]  ? bpf_lsm_capable+0x9/0x10
[  186.430597][T13423]  nbd_ioctl+0x21a/0xfd0
[  186.431695][T13423]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  186.433368][T13423]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  186.435062][T13423]  ? __pfx_nbd_ioctl+0x10/0x10
[  186.436316][T13423]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  186.438078][T13423]  ? __pfx_lock_release+0x10/0x10
[  186.439386][T13423]  ? __pfx_nbd_ioctl+0x10/0x10
[  186.440629][T13423]  blkdev_ioctl+0x276/0x6d0
[  186.441923][T13423]  ? __pfx_blkdev_ioctl+0x10/0x10
[  186.443249][T13423]  ? selinux_file_ioctl+0x180/0x270
[  186.444710][T13423]  ? selinux_file_ioctl+0xb4/0x270
[  186.446084][T13423]  ? __pfx_blkdev_ioctl+0x10/0x10
[  186.447409][T13423]  __x64_sys_ioctl+0x190/0x200
[  186.448676][T13423]  do_syscall_64+0xcd/0x250
[  186.449888][T13423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.451440][T13423] RIP: 0033:0x7fc41457fed9
[  186.452618][T13423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.457665][T13423] RSP: 002b:00007fc415313058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.460157][T13423] RAX: ffffffffffffffda RBX: 00007fc414745fa0 RCX: 00007fc41457fed9
[  186.462519][T13423] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006
[  186.464570][T13423] RBP: 00007fc4145f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  186.466639][T13423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  186.468633][T13423] R13: 0000000000000000 R14: 00007fc414745fa0 R15: 00007fff698f7118
[  186.470694][T13423]  </TASK>
[  186.556984][T13423] block nbd3: shutting down sockets
[  187.399605][ T8563] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.528336][ T8563] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.588864][ T8563] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.658991][ T8563] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.567388][ T8563] bond3 (unregistering): (slave vti0): Releasing backup interface
[  188.678984][ T8563] batman_adv: batadv0: Removing interface: erspan1
[  190.097635][ T8563] bond0 (unregistering): Released all slaves
[  190.102709][ T8563] bond1 (unregistering): Released all slaves
[  190.108469][ T8563] bond2 (unregistering): Released all slaves
[  190.113663][ T8563] bond3 (unregistering): Released all slaves
[  190.246658][ T8563] tipc: Disabling bearer <udp:syz2>
[  190.248079][ T8563] tipc: Left network mode
[  190.366584][ T6105] ==================================================================
[  190.369195][ T6105] BUG: KASAN: slab-use-after-free in cleanup_bearer+0x368/0x390
[  190.371795][ T6105] Read of size 8 at addr ffff88804f8b3618 by task kworker/3:4/6105
[  190.374453][ T6105] 
[  190.375231][ T6105] CPU: 3 UID: 0 PID: 6105 Comm: kworker/3:4 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  190.378615][ T6105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.381975][ T6105] Workqueue: events cleanup_bearer
[  190.383610][ T6105] Call Trace:
[  190.384676][ T6105]  <TASK>
[  190.385640][ T6105]  dump_stack_lvl+0x116/0x1f0
[  190.387304][ T6105]  print_report+0xc3/0x620
[  190.388848][ T6105]  ? __virt_addr_valid+0x5e/0x590
[  190.390601][ T6105]  ? __phys_addr+0xc6/0x150
[  190.392133][ T6105]  kasan_report+0xd9/0x110
[  190.393279][ T6105]  ? cleanup_bearer+0x368/0x390
[  190.394551][ T6105]  ? cleanup_bearer+0x368/0x390
[  190.395898][ T6105]  cleanup_bearer+0x368/0x390
[  190.397416][ T6105]  process_one_work+0x9c5/0x1ba0
[  190.399035][ T6105]  ? __pfx_process_one_work+0x10/0x10
[  190.400759][ T6105]  ? rcu_is_watching+0x12/0xc0
[  190.402242][ T6105]  ? assign_work+0x1a0/0x250
[  190.403725][ T6105]  worker_thread+0x6c8/0xf00
[  190.405274][ T6105]  ? __kthread_parkme+0x148/0x220
[  190.406999][ T6105]  ? __pfx_worker_thread+0x10/0x10
[  190.408640][ T6105]  kthread+0x2c1/0x3a0
[  190.409997][ T6105]  ? _raw_spin_unlock_irq+0x23/0x50
[  190.411629][ T6105]  ? __pfx_kthread+0x10/0x10
[  190.413199][ T6105]  ret_from_fork+0x45/0x80
[  190.414729][ T6105]  ? __pfx_kthread+0x10/0x10
[  190.416275][ T6105]  ret_from_fork_asm+0x1a/0x30
[  190.417748][ T6105]  </TASK>
[  190.418588][ T6105] 
[  190.419358][ T6105] Allocated by task 7843:
[  190.420819][ T6105]  kasan_save_stack+0x33/0x60
[  190.422363][ T6105]  kasan_save_track+0x14/0x30
[  190.423843][ T6105]  __kasan_slab_alloc+0x89/0x90
[  190.425411][ T6105]  kmem_cache_alloc_lru_noprof+0x226/0x3d0
[  190.427279][ T6105]  sock_alloc_inode+0x25/0x1c0
[  190.428630][ T6105]  alloc_inode+0x5d/0x230
[  190.429769][ T6105]  sock_alloc+0x40/0x280
[  190.431051][ T6105]  __sock_create+0xc1/0x8d0
[  190.432276][ T6105]  udp_sock_create4+0xa7/0x450
[  190.433927][ T6105]  tipc_udp_enable+0xe1e/0x10d0
[  190.435639][ T6105]  tipc_enable_bearer+0x97c/0x11c0
[  190.437482][ T6105]  __tipc_nl_bearer_enable+0x32a/0x420
[  190.439453][ T6105]  tipc_nl_bearer_enable+0x21/0x40
[  190.441303][ T6105]  genl_family_rcv_msg_doit+0x202/0x2f0
[  190.443314][ T6105]  genl_rcv_msg+0x565/0x800
[  190.444912][ T6105]  netlink_rcv_skb+0x16b/0x440
[  190.446533][ T6105]  genl_rcv+0x28/0x40
[  190.447884][ T6105]  netlink_unicast+0x53c/0x7f0
[  190.449539][ T6105]  netlink_sendmsg+0x8b8/0xd70
[  190.451230][ T6105]  ____sys_sendmsg+0xaaf/0xc90
[  190.452890][ T6105]  ___sys_sendmsg+0x135/0x1e0
[  190.454519][ T6105]  __sys_sendmsg+0x16e/0x220
[  190.456142][ T6105]  do_syscall_64+0xcd/0x250
[  190.457754][ T6105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.459893][ T6105] 
[  190.460766][ T6105] Freed by task 0:
[  190.462070][ T6105]  kasan_save_stack+0x33/0x60
[  190.463734][ T6105]  kasan_save_track+0x14/0x30
[  190.465363][ T6105]  kasan_save_free_info+0x3b/0x60
[  190.466931][ T6105]  __kasan_slab_free+0x51/0x70
[  190.468149][ T6105]  kmem_cache_free+0x152/0x4c0
[  190.469377][ T6105]  i_callback+0x43/0x70
[  190.470672][ T6105]  rcu_core+0x79d/0x14d0
[  190.472088][ T6105]  handle_softirqs+0x213/0x8f0
[  190.473756][ T6105]  __irq_exit_rcu+0x109/0x170
[  190.475375][ T6105]  irq_exit_rcu+0x9/0x30
[  190.476841][ T6105]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  190.478657][ T6105]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  190.480182][ T6105] 
[  190.480802][ T6105] Last potentially related work creation:
[  190.482276][ T6105]  kasan_save_stack+0x33/0x60
[  190.483483][ T6105]  __kasan_record_aux_stack+0xba/0xd0
[  190.484840][ T6105]  __call_rcu_common.constprop.0+0x99/0x7a0
[  190.486645][ T6105]  destroy_inode+0x12c/0x1b0
[  190.488245][ T6105]  evict+0x5ed/0x960
[  190.489609][ T6105]  iput+0x52a/0x890
[  190.490869][ T6105]  sock_release+0x17c/0x1d0
[  190.492047][ T6105]  cleanup_bearer+0x1d7/0x390
[  190.493261][ T6105]  process_one_work+0x9c5/0x1ba0
[  190.494559][ T6105]  worker_thread+0x6c8/0xf00
[  190.495847][ T6105]  kthread+0x2c1/0x3a0
[  190.497361][ T6105]  ret_from_fork+0x45/0x80
[  190.498976][ T6105]  ret_from_fork_asm+0x1a/0x30
[  190.500203][ T6105] 
[  190.500821][ T6105] The buggy address belongs to the object at ffff88804f8b3600
[  190.500821][ T6105]  which belongs to the cache sock_inode_cache of size 1408
[  190.504475][ T6105] The buggy address is located 24 bytes inside of
[  190.504475][ T6105]  freed 1408-byte region [ffff88804f8b3600, ffff88804f8b3b80)
[  190.508612][ T6105] 
[  190.509476][ T6105] The buggy address belongs to the physical page:
[  190.511726][ T6105] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4f8b0
[  190.514656][ T6105] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  190.517575][ T6105] memcg:ffff888031979001
[  190.519037][ T6105] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  190.521037][ T6105] page_type: f5(slab)
[  190.522103][ T6105] raw: 00fff00000000040 ffff888100ebac80 ffffea00004cee00 dead000000000002
[  190.524467][ T6105] raw: 0000000000000000 0000000000150015 00000001f5000000 ffff888031979001
[  190.527005][ T6105] head: 00fff00000000040 ffff888100ebac80 ffffea00004cee00 dead000000000002
[  190.529916][ T6105] head: 0000000000000000 0000000000150015 00000001f5000000 ffff888031979001
[  190.532794][ T6105] head: 00fff00000000003 ffffea00013e2c01 ffffffffffffffff 0000000000000000
[  190.535661][ T6105] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  190.538716][ T6105] page dumped because: kasan: bad access detected
[  190.540867][ T6105] page_owner tracks the page as allocated
[  190.542799][ T6105] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_RECLAIMABLE), pid 5947, tgid 5947 (syz-executor), ts 46634103401, free_ts 0
[  190.549899][ T6105]  post_alloc_hook+0x2d1/0x350
[  190.551422][ T6105]  get_page_from_freelist+0xfce/0x2f80
[  190.553149][ T6105]  __alloc_pages_noprof+0x223/0x25b0
[  190.554812][ T6105]  alloc_pages_mpol_noprof+0x2c9/0x610
[  190.556533][ T6105]  new_slab+0x2c9/0x410
[  190.557833][ T6105]  ___slab_alloc+0xdac/0x1870
[  190.559400][ T6105]  __slab_alloc.constprop.0+0x56/0xb0
[  190.561168][ T6105]  kmem_cache_alloc_lru_noprof+0xff/0x3d0
[  190.563015][ T6105]  sock_alloc_inode+0x25/0x1c0
[  190.564604][ T6105]  alloc_inode+0x5d/0x230
[  190.566051][ T6105]  sock_alloc+0x40/0x280
[  190.567465][ T6105]  __sock_create+0xc1/0x8d0
[  190.568937][ T6105]  __sys_socket+0x14f/0x260
[  190.570453][ T6105]  __x64_sys_socket+0x72/0xb0
[  190.572007][ T6105]  do_syscall_64+0xcd/0x250
[  190.573560][ T6105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.575607][ T6105] page_owner free stack trace missing
[  190.577446][ T6105] 
[  190.578289][ T6105] Memory state around the buggy address:
[  190.580212][ T6105]  ffff88804f8b3500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.582859][ T6105]  ffff88804f8b3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  190.585585][ T6105] >ffff88804f8b3600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.588356][ T6105]                             ^
[  190.590056][ T6105]  ffff88804f8b3680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.592800][ T6105]  ffff88804f8b3700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  190.595469][ T6105] ==================================================================
[  190.598598][ T6105] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  190.600975][ T6105] CPU: 3 UID: 0 PID: 6105 Comm: kworker/3:4 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0
[  190.604473][ T6105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.608007][ T6105] Workqueue: events cleanup_bearer
[  190.609654][ T6105] Call Trace:
[  190.610746][ T6105]  <TASK>
[  190.611700][ T6105]  dump_stack_lvl+0x3d/0x1f0
[  190.613191][ T6105]  panic+0x71d/0x800
[  190.614497][ T6105]  ? __pfx_panic+0x10/0x10
[  190.616028][ T6105]  ? rcu_is_watching+0x12/0xc0
[  190.617590][ T6105]  ? preempt_schedule_thunk+0x1a/0x30
[  190.619456][ T6105]  ? preempt_schedule_common+0x44/0xc0
[  190.621271][ T6105]  ? check_panic_on_warn+0x1f/0xb0
[  190.623047][ T6105]  check_panic_on_warn+0xab/0xb0
[  190.624709][ T6105]  end_report+0x117/0x180
[  190.626190][ T6105]  kasan_report+0xe9/0x110
[  190.627716][ T6105]  ? cleanup_bearer+0x368/0x390
[  190.629321][ T6105]  ? cleanup_bearer+0x368/0x390
[  190.630939][ T6105]  cleanup_bearer+0x368/0x390
[  190.632484][ T6105]  process_one_work+0x9c5/0x1ba0
[  190.634099][ T6105]  ? __pfx_process_one_work+0x10/0x10
[  190.635865][ T6105]  ? rcu_is_watching+0x12/0xc0
[  190.637569][ T6105]  ? assign_work+0x1a0/0x250
[  190.639061][ T6105]  worker_thread+0x6c8/0xf00
[  190.640592][ T6105]  ? __kthread_parkme+0x148/0x220
[  190.642325][ T6105]  ? __pfx_worker_thread+0x10/0x10
[  190.643959][ T6105]  kthread+0x2c1/0x3a0
[  190.645316][ T6105]  ? _raw_spin_unlock_irq+0x23/0x50
[  190.647023][ T6105]  ? __pfx_kthread+0x10/0x10
[  190.648544][ T6105]  ret_from_fork+0x45/0x80
[  190.650008][ T6105]  ? __pfx_kthread+0x10/0x10
[  190.651734][ T6105]  ret_from_fork_asm+0x1a/0x30
[  190.653334][ T6105]  </TASK>
[  190.655016][ T6105] Kernel Offset: disabled
[  190.656447][ T6105] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:59:41  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000000 RBX=ffffc90031769048 RCX=ffffffff8177273d RDX=1ffff920062ed20b
RSI=0000000000000004 RDI=ffffc900048176e0 RBP=1ffff92000902ed8 RSP=ffffc900048176b8
R8 =0000000000000001 R9 =fffff52000902edc R10=0000000000000003 R11=0000000000000000
R12=ffff888051df0000 R13=ffffc90031769058 R14=0000000000000000 R15=ffffc90031769000
RIP=ffffffff817727b7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f11e8bbc6c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c376019 CR3=0000000042eac000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffde93aceb0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde9abf4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000f0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 0000000000000000 0000000000000000 00000000000000f0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffffc90003e6f1f0 RCX=0000000000000000 RDX=1ffff920007cde53
RSI=ffffffff81e7ecc9 RDI=ffffc90003e6f1fc RBP=ffffc90003e6f298 RSP=ffffc90003e6f110
R8 =ffffc90003e6f164 R9 =ffffffff90ff1524 R10=ffffc90003e6f130 R11=000000000000f3f5
R12=ffffffff8185c340 R13=ffffc90003e6f1f0 R14=0000000000000000 R15=ffff888028a52440
RIP=ffffffff8185c417 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9a31c77d60 CR3=000000000df7e000 CR4=00352ef0
DR0=0000000000002800 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a311106a3 00007f9a311106a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd070479e0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555795a2d88 00005555795a2960
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557952de54 000055557952de50
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9a31110d00
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557952e840 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c80008001fe00300 10001fd003039880 10001fc003021000 1fb0036810001e90
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010010001f800401 0000000806060144 c80008001fe00300 10001fd003039880
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10001fc003021000 1fb0036810001e90 0304040009e40308 040009e003006f69
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7270617401ffffff fffffffffff10809 d00302040009cc03 16040009c8031c04
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0009c40308040009 c00307fffe040009 bc0307fffe040009 b80300040009b403
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=1ffff9200084bf5b RCX=ffffffff8176abc9 RDX=fffffbfff20be1f3
RSI=0000000000000008 RDI=ffffffff905f0f90 RBP=0000000000000002 RSP=ffffc9000425fac8
R8 =0000000000000000 R9 =fffffbfff20be1f2 R10=ffffffff905f0f97 R11=0000000000000000
R12=ffffffff8e1bb500 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff8176abc9 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055555f833808 CR3=000000004f0a4000 CR4=00352ef0
DR0=fffffffffffffffc DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff815e469b ffffffff814adbb6
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff815e475a
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdd83df4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff815e469b ffffffff814adbb6 ffffffff814adb08 ffffffff813f2df5
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8217b2da ffffffff8217b2c7 ffffffff00040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8217aef1 ffffffff8217aebe ffffffff8217aea1 ffffffff8217ad65
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851ca0d5 RDI=ffffffff9ab10be0 RBP=ffffffff9ab10ba0 RSP=ffffc900047e6ff8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000033 R14=ffffffff851ca070 R15=0000000000000000
RIP=ffffffff851ca0ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc4153136c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc4152f2d58 CR3=0000000049710000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=00000000100001ff Opmask02=00000000ffffffff Opmask03=0104100080810010
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000557e8431d9a0 0000557e8431a9a0
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd5edc0e90 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd5edc04b0 0000003000000010
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c431d1c1a141601 5c43000611171d5c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f716d2f36706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f646e756f732f00 682e6c6974752f64 65726168732f6372 732f2e2e2f2e2e00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f716d2f36706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 0000000000003275 70632f302f716d2f
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 455af45d25a48dce 0000000557e8431d 0000000000000121 00333800302d7874
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49090205091f4564 7f7443362e694054 571755542134383f 2c732c4550415450
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b7f7f757f7f757d 7f777f7e7f7f777f 7f7f7f7d7f7f7d7f 7f7f3f7f7e7d7d78
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26483b3a3a264b3b 3a0a00307f617930 3a2433273f397b27 697a787c69303b7e
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d37343030000000 320038313438313d 4d454e0038360037 373731303030304e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30372d3030000000 3100303034003131 3037310030300037 3737003030303031
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020