last executing test programs:

17.050286317s ago: executing program 0 (id=580):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="5b0f01c2c29c028ed0660f388236af0083ee2c0f20c06635000004200f22c0643e1f0fb7c2", 0x25}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0703b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d859018022ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad1d02f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650efc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4dfc63731e28dc54f2faf2ea7d3f5271028fc558a34799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd1a3dfa9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)

16.904030094s ago: executing program 0 (id=582):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, 0x0)
syz_open_dev$dmmidi(0x0, 0x12ce, 0x10800) (async)
r1 = syz_open_dev$dmmidi(0x0, 0x12ce, 0x10800)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0xad}, @l2cap_cid_signaling={{0xa9}, [@l2cap_conf_rsp={{0x5, 0x4, 0x6}, {0xfd2, 0x8001, 0xb}}, @l2cap_info_rsp={{0xb, 0x2, 0x9b}, {0x6, 0x8, "c2ac6b1919b446e01eff4da3a09287558816c3f02735f204b835565a85e4a9fc019689bf720b2c150c0bea411b73e7eb84d9a356823f7c22154a3cc3e3a7107ba7bd5d540560ef55ad5165837d027d00a55132132a1d390069b896b70c8ac19673bf84fc6e76780f2ee5a448b8aa29ebf0155b922d1c01d0951a08c674bdcafab1675fae4cf858d4ee1a9007bc98b4391c5effcfcd938a"}}]}}, 0xb2) (async)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0xad}, @l2cap_cid_signaling={{0xa9}, [@l2cap_conf_rsp={{0x5, 0x4, 0x6}, {0xfd2, 0x8001, 0xb}}, @l2cap_info_rsp={{0xb, 0x2, 0x9b}, {0x6, 0x8, "c2ac6b1919b446e01eff4da3a09287558816c3f02735f204b835565a85e4a9fc019689bf720b2c150c0bea411b73e7eb84d9a356823f7c22154a3cc3e3a7107ba7bd5d540560ef55ad5165837d027d00a55132132a1d390069b896b70c8ac19673bf84fc6e76780f2ee5a448b8aa29ebf0155b922d1c01d0951a08c674bdcafab1675fae4cf858d4ee1a9007bc98b4391c5effcfcd938a"}}]}}, 0xb2)
syz_emit_vhci(0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000180)={'wg0\x00', <r2=>0x0})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x1}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x1, <r3=>0x0}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001500)={0x11, 0x6, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xeb8}, [@exit, @map_fd={0x18, 0xa, 0x1, 0x0, r0}]}, &(0x7f0000000380)='GPL\x00', 0x1000, 0x1000, &(0x7f00000003c0)=""/4096, 0x40f00, 0xa, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000013c0)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000001400)={0x0, 0x9, 0x60, 0x80000001}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000001440)=[0xffffffffffffffff, r0, r0, r0, r0], &(0x7f0000001480)=[{0x2, 0x5, 0xe, 0x2}, {0x1, 0x1, 0xb, 0x1}, {0x0, 0x4, 0xe, 0x8}, {0x3, 0x4, 0xd, 0x4}, {0x5, 0x2, 0x8, 0xa}, {0x4, 0x1, 0xb, 0xc}, {0x2, 0x1, 0xc, 0x1}], 0x10, 0x9, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x1a, 0xd, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x798, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0x37}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0x5b, &(0x7f0000000200)=""/91, 0x41100, 0x3, '\x00', r2, @tracing=0x18, r0, 0x8, &(0x7f0000000280)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x8, 0x5}, 0x10, r3, r4, 0x5, &(0x7f00000015c0)=[r0], &(0x7f0000001600)=[{0x1, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xc, 0xc}, {0x3, 0x5, 0xa, 0x7}, {0x3, 0x1, 0x5, 0x7}, {0x0, 0x1, 0x2, 0xa}], 0x10, 0x6cb, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x1a, 0xd, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x798, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @call={0x85, 0x0, 0x0, 0x37}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000080)='GPL\x00', 0x6, 0x5b, &(0x7f0000000200)=""/91, 0x41100, 0x3, '\x00', r2, @tracing=0x18, r0, 0x8, &(0x7f0000000280)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0xe, 0x8, 0x5}, 0x10, r3, r4, 0x5, &(0x7f00000015c0)=[r0], &(0x7f0000001600)=[{0x1, 0x2, 0x4, 0x9}, {0x3, 0x2, 0xc, 0xc}, {0x3, 0x5, 0xa, 0x7}, {0x3, 0x1, 0x5, 0x7}, {0x0, 0x1, 0x2, 0xa}], 0x10, 0x6cb, @void, @value}, 0x94)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, 0x0) (async)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, 0x0)
syz_open_dev$rtc(0x0, 0x7, 0x410100)
keyctl$negate(0xd, 0x0, 0x3, 0x0)
syz_open_dev$sndmidi(0x0, 0x0, 0x10000)
syz_emit_vhci(0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x2)

16.903767686s ago: executing program 0 (id=583):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x24)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000740)=""/72)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)

16.847849715s ago: executing program 0 (id=585):
r0 = syz_io_uring_setup(0x702f, &(0x7f0000000080)={0x0, 0x4809, 0x4, 0x3, 0x2cc}, &(0x7f0000000100), &(0x7f0000000180))
r1 = syz_io_uring_setup(0x400082b, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x0, 0x0, 0x0, r0}, &(0x7f0000000040), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
io_uring_register$IORING_REGISTER_PBUF_STATUS(r1, 0x1a, &(0x7f0000000140), 0x1)

16.845532833s ago: executing program 0 (id=588):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000002000000040000000600000000000000", @ANYRES32, @ANYBLOB="357943fca6333a511c7de75abf130e2102defa5dfa44bbcd814838f6595f73869fa7b183ce2e9903c0ec1089179f4b7d46cd7ee0ce1025c483673921717b5cf1f41d0e6f0a9e9e2c686ea5a0cb25a755f1a2a87f5259a9ee683af8c75df82c85ddf9526e9cea4a71a8e719e56a48544761c9648640699934c7c98d815fa3c66edf2cd9b2123d028db3ae906713837fd0e01f15491176ee7420492b8b0d4ffeac7777251430b340111d01601f3ee96af818962ab0e5c14721763ab47cea1bf73ea7488d4912541f97207f8dfd1e553a9b53dd9c3afbbd10b5e4687f13f675be92b370cf05364368c59b0e89ec7eee6790c5012c589590e838a755e50cfdd4c5a01c2a543af761330b588375f1092785def503a912a6e4377e2abcc3cf68f893ac86d5995bd65730b77cb2024bff148655d458d6290de82758177772f8eef17e17ea41794a0986b5590874b31c893b8419b84a154d0411b7fd445f9e333fb33146b4d669f4ebd071efbe94ddfa4c5b3ea3cf7ae3b9b9a12bf6ee4102497d1f74bb00de07b6dfd59650aa851c1dd6591aa1d9ad2ad424ad27b3b5fbf1672aa0152807d2524ba50bbb173218f6514fef5b826d755f1a90d20cf32b4727630dff9574df7727cbd9ce8d343e261ee3603f332165fd21e4501b2a5af473647a46ecc230", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e010203010902"], 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = syz_io_uring_setup(0x6823, &(0x7f0000000400)={0x0, 0x3, 0x1000, 0x0, 0xffffffff}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r9, 0x401c5820, &(0x7f0000000080)={0x8})
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000042400048020000180070005006374000014000280080001400000000108000240000000110900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000006b15903370bde48d0a7e4cfda0a030f4182659fc43f28563437e0dde90ecba66f3604acc8c17b83ec9e9db120339897320a0b25c19fc7f54965f7229e5cd89a95240f9d95593190704f79dcbfe9bb9ae09c978638e8fb7bdb873e72b703b6ebc0b5cd6ce2b9508caefd62a6d9f55998f26f23b817649514ade38cc9f009028bf9118bf384f3652dcd326"], 0x78}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000d40)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000080045f000280000000000069078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="54100066babc49fca3e957bc0090780000"], 0x0)
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000600)={0x14, &(0x7f0000000580)={0x0, 0x23, 0x20, {0x20, 0x0, "0c4b120204e89c101149bfebdaa5f4155d79fffa1a603b8d108be94d682f"}}, &(0x7f00000005c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000840)={0x44, &(0x7f0000000640)={0x40, 0x0, 0x36, "96727c35ae19acb14c649ea92bd4937ac45862b1a59cc2a25ad197f3c2acf2e826b5eff85d1c7dd7f251b81cdfbb737a9c2fe1f11fa3"}, &(0x7f0000000680)={0x0, 0xa, 0x1, 0x81}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0xfc}, &(0x7f0000000700)={0x20, 0x80, 0x1c, {0xfff4, 0x5, 0x8, 0x1, 0x1, 0x767, 0x415, 0x2, 0x1, 0x18, 0x4}}, &(0x7f0000000740)={0x20, 0x85, 0x4, 0x6}, &(0x7f0000000780)={0x20, 0x83, 0x2}, &(0x7f00000007c0)={0x20, 0x87, 0x2, 0xa51}, &(0x7f0000000800)={0x20, 0x89, 0x2, 0x1}})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x16, 0x7, 0x3f45edf2, 0xb1c2, 0x401, r10, 0xfffffff8, '\x00', 0x0, r10, 0x4, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000000b40)={r10}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x21, &(0x7f0000000940)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@map_fd={0x18, 0xb, 0x1, 0x0, r10}, @alu={0x8, 0x1, 0x3, 0x0, 0xa, 0x8, 0xa3d4ee72340d3cf5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xfffffff8}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x5}, @alu={0x4, 0x0, 0x1, 0x0, 0xa, 0x1, 0xfffffffffffffff0}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa5}}, @jmp={0x5, 0x1, 0x0, 0x7, 0xa, 0xc, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7007}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}]}, &(0x7f0000000a80)='GPL\x00', 0x1, 0x49, &(0x7f0000000ac0)=""/73, 0x41100, 0x18, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000b80)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000bc0)={0x5, 0x2, 0x5, 0x200}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000c00)=[r10, r10, 0x1], &(0x7f0000000c40)=[{0x4, 0x5, 0xa, 0x1}, {0x0, 0x3, 0x3, 0x6}, {0x4, 0x2, 0x10, 0x2}, {0x4, 0x2, 0xe, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
write$UHID_CREATE2(r10, &(0x7f00000001c0)=ANY=[], 0x118)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@inode32}]})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r10, 0x89f0, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6_vti0\x00', <r12=>0x0, 0x2f, 0x2, 0xd0, 0x7, 0x47, @dev={0xfe, 0x80, '\x00', 0x21}, @dev={0xfe, 0x80, '\x00', 0x16}, 0x7, 0x8, 0x7, 0x2}})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)={0x1b, 0x0, 0x0, 0x1ff, 0x0, 0xffffffffffffffff, 0xff, '\x00', r12, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r13 = syz_open_dev$swradio(&(0x7f0000000c00), 0x0, 0x2)
ioctl$VIDIOC_G_TUNER(r13, 0xc054561d, &(0x7f0000000c40)={0x379, "aa3e5ede88efde3361c2c708bdaf38de88d27634bca38736319ef5bb543ccb68", 0x4, 0x400, 0x1, 0x63dc, 0x1, 0x4, 0x7, 0x8000})
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r4, 0x2d3e, 0xea37, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000040)=0x2, &(0x7f0000000180)=r0, 0x2}, 0x20)

13.750673073s ago: executing program 0 (id=615):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
write$binfmt_script(0xffffffffffffffff, 0x0, 0xffffff3c)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
unlinkat(0xffffffffffffffff, &(0x7f0000000240)='./bus\x00', 0x200)
listen(r0, 0x0)
r1 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x40, 0x0)

2.376195777s ago: executing program 1 (id=777):
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x20000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="182000000000000000000000000000006119450000000000956a3a85aae865aa000000c9e8680087c6f5256330622a18ab8231ad92773f301d3ed93f5c4df87ef176a929c53446603e79259f9422068de169d4100617092a85dd2285aad6acccd41e26c27e706f7d4b760e196ab199b14d47d52dd4d43ade0197a007fc38060bfe4b4f3de16af63025a391e920a6a5510b0f16101e115a46b7ecdcc1ce69f29068b6afb66ddbb236a69c0b07dd6158d7cc6893eb044ee560d81a8d08815e09004335a65e1d185c53a61f0151d90b1bb6dd9f1dce23867184d7c87fa094f1261b3c6d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x30a0000, &(0x7f00000000c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
open$dir(&(0x7f0000000080)='./file0\x00', 0x410a01, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x6c, 0x0, &(0x7f0000000500)=[@clear_death={0x400c630f, 0x3}, @increfs={0x40046304, 0x3}, @transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000440)={@ptr={0x70742a85, 0x0, &(0x7f0000000340)=""/197, 0xc5, 0x0, 0x2d}, @fda={0x66646185, 0x1, 0x2, 0x1}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000000)={0x0, 0x28, 0x48}}}, @decrefs={0x40046307, 0x3}], 0xb1, 0x0, &(0x7f0000000580)="d653d5c811b353707cb9867cb18e6f93eea505dc1b36a799907b16e0769fcc28fd3c5b3f23162dabf110cdea40142a77ff9dcd5bb8fc1f3dd439f9bab78547afca8bc2856b4562027c8b52f9384248ddd132a9e507a73b40580dd1518b94b91e1b2e4344713b96e05fdf7fbbd534e800d54dc5fbe5e2c2f309dc692d7c7067c56f34fb152c85af2bbdac2df7a7cdab8234cf19c21a3af800e7efdb6770e30c5d8bddf5ae6883aaabe8ca06d3295511c486"})

2.315801073s ago: executing program 1 (id=778):
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040)='jfs\x00', 0x8080, &(0x7f00000001c0)='discard')

2.314641505s ago: executing program 1 (id=779):
setresuid(0xee00, 0xffffffffffffffff, 0x0) (async)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ASSERT(r1, 0x0, 0xcf, &(0x7f0000000140), 0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000840)=[{&(0x7f0000003440)=""/4086, 0xb2b}], 0x1, 0x0, 0x0) (async)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000040)={0x2, @pix={0x10000, 0x3, 0x33424752, 0xe, 0xda, 0x84e2, 0x7, 0x1, 0x1, 0x3, 0x1, 0x3}}) (async)
setresuid(0x0, 0x0, 0x0)

2.249087871s ago: executing program 1 (id=781):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f00000002c0))
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = socket(0x15, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000100900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000010000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x21, &(0x7f0000000000)=0xffffffff, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000040a0101"], 0x14}}, 0x80)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000200)='debugfs\x00', 0x12c76, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000000000)=""/49, 0x31)
lseek(r5, 0x38, 0x1)
getsockopt(r1, 0x200000000114, 0x2713, 0x0, &(0x7f0000000000))
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)

2.178181405s ago: executing program 1 (id=782):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0) (async)
r2 = syz_pidfd_open(r1, 0x0)
process_madvise(r2, &(0x7f0000001440)=[{&(0x7f0000000000)="9f", 0x1}, {0x0, 0x18100}], 0x2, 0x19, 0x0)
fcntl$setstatus(r0, 0x4, 0x46d00) (async)
fcntl$setstatus(r0, 0x4, 0x46d00)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000280)={0x1, 0x8}, 0x2) (async)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000280)={0x1, 0x8}, 0x2)

2.009623697s ago: executing program 2 (id=784):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x200000005c832, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=@bridge_dellink={0x2c, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x4}}]}]}, 0x2c}}, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/3\x00')
preadv(r5, &(0x7f0000000840)=[{&(0x7f0000003440)=""/4086, 0xb2b}], 0x1, 0x0, 0x0)
ioctl$KVM_GET_REGS(r5, 0x8090ae81, &(0x7f0000000100))
r6 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f00000000c0)={0x3, "e0575b8ae583d194644615eec44b6b845ffee3b88faad3fce132ecae034c160d", <r8=>0xffffffffffffffff})
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000, 0x110, r8, 0x31c93000)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r9 = syz_open_procfs(r6, &(0x7f0000000000)='net/ip6_tables_matches\x00')
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1.93000161s ago: executing program 2 (id=785):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x8000000)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f0000000080)=0x7fff, 0x4)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x40, 0x3, 0x8, 0x101, 0x0, 0x0, {0xc, 0x0, 0x1}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0x81}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf8}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88f2}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf9}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008801}, 0x40040)
r5 = syz_open_dev$video4linux(&(0x7f0000000540), 0xf, 0x101002)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000580)={0x3, 0x7, 0x1})
getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f0000000140)=ANY=[@ANYBLOB="6669d052337a00000000000000000000000000000000000000000000000000e304"], &(0x7f0000000bc0)=0x2c)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128-generic)\x00'}, 0x58)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r6, 0x117, 0x5, 0x0, 0x5)
r7 = openat$cgroup_devices(r2, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r7, &(0x7f0000000080)={'b', ' *:* ', 'wm\x00'}, 0x9)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_RULE_ID={0x0, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_ID, @NFTA_RULE_HANDLE={0x0, 0x3, 0x1, 0x0, 0x1}, @NFTA_RULE_ID={0x0, 0x9, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSETELEM={0x14, 0xe, 0xa, 0x301, 0x0, 0x0, {0x7}}], {0x14}}, 0xfffffecb}, 0x1, 0x0, 0x0, 0x814}, 0x20000040)

1.921013085s ago: executing program 1 (id=786):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000008000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000003cab00"/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002500)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000002480), &(0x7f00000024c0)=r1}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2, <r4=>0xffffffffffffffff}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000200)='+', &(0x7f0000000280)=""/181}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000b40)=@nat={'nat\x00', 0x6a0, 0x5, 0x348, 0x0, 0xb8, 0xfeffffff, 0x208, 0xb8, 0x2b0, 0x2b0, 0xffffffff, 0x2b0, 0x2b0, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@local, @gre_key}}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x3, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'team_slave_1\x00', 'netpci0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @dev, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000440)={<r8=>0x0, @multicast1, @empty}, &(0x7f0000000480)=0xc)
r9 = socket$inet(0x2, 0x3, 0x8)
r10 = socket$inet(0x2, 0x6000000000000003, 0x6)
r11 = dup3(r9, r10, 0x0)
setsockopt$inet_int(r11, 0x0, 0xa, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3, <r12=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)=r4}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x11, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@call={0x85, 0x0, 0x0, 0xa2}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000340)='syzkaller\x00', 0x8, 0xb3, &(0x7f0000000380)=""/179, 0x41000, 0x1, '\x00', r8, 0x25, r11, 0x8, &(0x7f00000004c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x4, 0x5, 0x3ff, 0x8d}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000600)=[r4, r12, r3, r3, r2, r2, r2, r4, 0xffffffffffffffff], &(0x7f0000000640)=[{0x2, 0x1, 0x6, 0x9}, {0x5, 0x2, 0x4, 0x8}, {0x2, 0x4, 0x6, 0xa}, {0x2, 0x1, 0xf, 0xbfa186a33e476c50}], 0x10, 0x1, @void, @value}, 0x94)
setreuid(0x0, r7)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f0000000000)=0x9, 0x4)
r13 = openat2(r11, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x400, 0x8, 0xc}, 0x18)
ioctl$VHOST_RESET_OWNER(r13, 0xaf02, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x40c3}, {r0, 0x8012}, {r0, 0x5221}], 0x3, &(0x7f0000000040), &(0x7f0000000080)={[0x4]}, 0x8)

1.846572805s ago: executing program 32 (id=786):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000008000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000003cab00"/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002500)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000002480), &(0x7f00000024c0)=r1}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2, <r4=>0xffffffffffffffff}, 0x4)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r4, &(0x7f0000000200)='+', &(0x7f0000000280)=""/181}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x14, 0x15, 0x301, 0x0, 0x0, {0xb}}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000b40)=@nat={'nat\x00', 0x6a0, 0x5, 0x348, 0x0, 0xb8, 0xfeffffff, 0x208, 0xb8, 0x2b0, 0x2b0, 0xffffffff, 0x2b0, 0x2b0, 0x5, 0x0, {[{{@uncond, 0x3e7, 0x70, 0xb8, 0xe000000}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@broadcast, @ipv4=@local, @gre_key}}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'veth1_to_batadv\x00', 'xfrm0\x00'}, 0x0, 0x70, 0xa8, 0x0, {0x0, 0x7}}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x3, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'team_slave_1\x00', 'netpci0\x00'}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @broadcast, @dev, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000440)={<r8=>0x0, @multicast1, @empty}, &(0x7f0000000480)=0xc)
r9 = socket$inet(0x2, 0x3, 0x8)
r10 = socket$inet(0x2, 0x6000000000000003, 0x6)
r11 = dup3(r9, r10, 0x0)
setsockopt$inet_int(r11, 0x0, 0xa, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3, <r12=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000580)=r4}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x11, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@call={0x85, 0x0, 0x0, 0xa2}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000340)='syzkaller\x00', 0x8, 0xb3, &(0x7f0000000380)=""/179, 0x41000, 0x1, '\x00', r8, 0x25, r11, 0x8, &(0x7f00000004c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000500)={0x4, 0x5, 0x3ff, 0x8d}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000600)=[r4, r12, r3, r3, r2, r2, r2, r4, 0xffffffffffffffff], &(0x7f0000000640)=[{0x2, 0x1, 0x6, 0x9}, {0x5, 0x2, 0x4, 0x8}, {0x2, 0x4, 0x6, 0xa}, {0x2, 0x1, 0xf, 0xbfa186a33e476c50}], 0x10, 0x1, @void, @value}, 0x94)
setreuid(0x0, r7)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f0000000000)=0x9, 0x4)
r13 = openat2(r11, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x400, 0x8, 0xc}, 0x18)
ioctl$VHOST_RESET_OWNER(r13, 0xaf02, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x40c3}, {r0, 0x8012}, {r0, 0x5221}], 0x3, &(0x7f0000000040), &(0x7f0000000080)={[0x4]}, 0x8)

1.800126231s ago: executing program 2 (id=788):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r4)
sendmsg$NFC_CMD_ENABLE_SE(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a40)={0x24, r5, 0x805, 0x70bd2b, 0x25dfdbfc, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x20040000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_GET_SCSI_ID(r7, 0x2276, &(0x7f0000000000))
r8 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000080)={[{0x2b, 'rdma'}]}, 0x6)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r10, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1cafa765406c7f306000000000000000000000000000000000000100"}})
close(0x4)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)={0x54, r2, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x38, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "a79c32ffb9fbee54"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="20bb7bcad0230550ca1bb4b60de42fec"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="789dd40ff588f8496feec1213371627e"}]}]}, 0x54}}, 0x0)
preadv(r0, &(0x7f0000002480)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)

1.740582976s ago: executing program 2 (id=789):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept(r0, 0x0, 0x0)
recvmsg$can_bcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)=""/225, 0xe1}], 0x1}, 0x4100) (async)
sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000700)=ANY=[], 0x28}}, 0x8000) (async)
accept4(r1, 0x0, 0x0, 0x80000)
r2 = socket(0x10, 0x3, 0x0) (async)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0) (async)
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_usb_disconnect(r5) (async)
r6 = io_uring_setup(0x2e34, &(0x7f0000000180))
close_range(r6, 0xffffffffffffffff, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0) (async)
dup3(r4, r3, 0x80000)

1.128820337s ago: executing program 2 (id=796):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000140)='nilfs2_mdt_insert_new_block\x00', r3}, 0x18)
syz_clone(0x101000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x4004001}, 0x4000)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x18, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2e}, @loopback, {[@hopopts={0x2f, 0x2, '\x00', [@enc_lim={0x4, 0x1, 0x4}, @enc_lim, @ra={0x5, 0x2, 0x453}, @jumbo={0xc2, 0x4, 0xc}]}]}}}}}, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, r4, 0x4, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffe}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4040090}, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32, @ANYBLOB="14000b000040000000000000000000000000000014000200fe"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000002140))
waitid(0x0, 0x0, &(0x7f0000000240), 0x41000004, &(0x7f0000000040))

879.627597ms ago: executing program 2 (id=799):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
syz_open_dev$midi(0x0, 0x3, 0x602000)
r1 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x42041)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000040)={0x0, 0xb8d3, 0x6, 0x0, 0x4})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rt_sigtimedwait(&(0x7f0000000000)={[0x8000000000000000]}, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x8)
r5 = timerfd_create(0x0, 0x0)
timerfd_settime(r5, 0x1, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
readv(r5, &(0x7f0000000000)=[{&(0x7f0000001fc0)=""/4095, 0xfff}], 0x1)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x30, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xefffffff]}]}]}, 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000007996b9ac61108e010000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000, @void, @value}, 0x94)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r3)
syz_usb_disconnect(r0)
r7 = signalfd4(r3, &(0x7f0000000140)={[0x10000]}, 0x8, 0x80800)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6}]})
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r9, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
socket(0x40000000015, 0x5, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="020200031000000000000000fedbdf2505001700000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000000000000030b000000000200090000000000000000000000000005000600000000000a004e2100000000fe8000000000000000000000000000bb0000000000000000616d47f5377d5be1081c4dbae499a3a90d5504fef98a32c2c3db0ccb723abd7f426f120b0278d0b7c008f9dc6e9b1a635b5642d012f577448f1322df38b2570d7c0e189841b417897fd727cf69204b92cfc7b94fcbd19813ca79d2f0bdede8e682dc577b7209ec57314ade4c0a0ac2d4d5bfae43bdfb2a80ae28fe5b5067bb85f40522cdfd9adacd321b80e705addf9765c4d9532c4535559ae3f9a71bfdf01b41fcc7520edbc943554ab4f5fad97499378233d3df0083de8f8b5d2542c66e167e991abc7e816d13f09e28b71587a9ad74"], 0x80}}, 0x20008010)

796.23824ms ago: executing program 4 (id=787):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x22f42)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
arch_prctl$ARCH_MAP_VDSO_64(0x1001, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x1, 'client1\x00', 0xffffffff80000006, "d62e980da99179cf", "20e48560999fd132b6a5426180a8c27a00fcfffff0003336f794d20352346f8f"})
write$sndseq(r0, &(0x7f00000000c0)=[{0x5, 0x3, 0x0, 0x0, @time, {}, {0x0, 0x1}, @result={0x0, 0x316}}], 0x1c)
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x7)

260.027792ms ago: executing program 4 (id=808):
r0 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 64)
r1 = socket$packet(0x11, 0x2, 0x300) (rerun: 64)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x6, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="02030c65420002000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)
close_range(r1, r0, 0x0)

259.135798ms ago: executing program 3 (id=809):
r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
read(r0, &(0x7f0000000080)=""/116, 0xfffffeb2) (async, rerun: 32)
r1 = socket$can_bcm(0x1d, 0x2, 0x2) (rerun: 32)
connect$can_bcm(r1, &(0x7f0000001ff0), 0x10) (async)
sendmsg$can_bcm(r1, &(0x7f0000000200)={&(0x7f0000000040), 0x10, &(0x7f0000000100)={&(0x7f0000000180)={0x4, 0x89, 0x5, {0x77359400}, {}, {0x1, 0x0, 0x1}, 0x1, @canfd={{0x3, 0x0, 0x1, 0x1}, 0x1f, 0x0, 0x0, 0x0, "39def7f79c20f7c3271619a72fe971ed952ddbffd10d0cf56a5e3fe016761cb3ab7208fa3f672e654cad6a7a3b0b713f1787b0184196257b05d5b35bb984606f"}}, 0x80}, 0x1, 0x0, 0x0, 0x24000800}, 0x20040) (async)
sendmsg$can_bcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="0500"/16, @ANYRES32=r0, @ANYRES64=0xea60, @ANYBLOB="12c5f891ceaeadeae189440534cf46c1cc94c59c3e2edd62799239a6e3ff979d83255892ec3544e98a669ed303890041312bb80df72f84dafbaaab10baa2c6a8ba99441355c373e77cb2f2f091189e5491c1885dc5bf9f5a795c6a783ebc1f12b7d1811a994618a7abccc14150b5d52774c30f9cd5be73c0960f56230ac79aa67f63afe08b08129b8ac45bf1eb8448bbc53383baa8ef2f78467a5af902914658a4c6985151375448031e9adec2ddd76de26e61c830cb4cd9b168ebeff4c1af99379d0e4a8f8e22272643d4f81cab0f0d8d06dbf846105fe2ca8150d33c0f8f1517b94276615ec847a4a3bc94211dd58b608c2d0d609dcb0f988ddcdcbcdb6ed2f24a635ec41e256bda40baaa23320a425379e70fb0604bc553fb49ca0367c824548d02d293f376727955d0afd04a0ef9008d289354fa62fc64ece4a93d055e5c11f08fe44f2849b65a78780f0020a1ef82f580775162371c9511909c0fb09dfd64e269b56d25924f14b6b03dc6fcc7de1df5256082b2e1ce1d5e88192ec50ab459b56d81733bb5bb28ea99c25e3da6850c1c6762ffc30cdd3714b1ff2118d5f50753c3bb2e574a57edb3579ee5f048817acf6e286ac5683854f8a7d3923c393fcb88b95d17eb3c00f28c76a593009a939f8d40b71ea1f71fc2da43d9cf40f5171c6751af7dabd12ce5e10d8255718f092f3af3206e58fbe83f68cbd3adc94cbefc4d215ae8606fd91b8ef73a1b9df1e4efa6f6d567be5e8d9a408c67159d6d15b493916fc0c9a2e2eace001e7d5e214c85c4220a331bf605024ee6c94985a5cb4b344afa082ec99c883a341033b2b94944d7d64ed196ac6245675dd58f456fb3b47b874f26fe4c19a6da16c56c567269912a7ea8e34b870be14d5c943c5d994a0475881295c79b6c35bc328ba22f073ce012c365b0f816b165d3fa536424e5611f512fbd2672aa889029054218c06c67b68fb1897bceb1c3b4582c965a0503ff52fbe9076f836c1405153af7896764ad03db248e1c8babd30f48b0816d2ea719f64e6dccc0313d82e41ecb2f5d18fbba4a9f22fa9fac2317a640db10149cc934d0c78b4557c2a1fe07d9468db185362f2c5e16512634392041067decfccb372981fef0866489e584d06f39a81224aafb1c8f8bd77f1fab6c643aa13d2e0c743906c73b8369fc639ba9bfe207e71e1105577841ab98d43d622a6416f1eba185ac94a7369a6df70287a2ff1180089a88c32d9c8a38b071c4a014efa4192c347bc6f793fc119b59bd0160b1fd2cde4b569ad82c09dc0df8c3ff5819656f91018c192d70f7128dfaae7029dee3fb7306136856a0c981205e8f3f9920c514f3b5bdd1491f441fae0d1dc5796596f29321e420f5785c6cb9505189728d2f69bd931bbe63715c98cad146d4bda90a0ebe13b4b3365eb16c8fcc0e7496951eed47330e020d0e5b5151e90311cbfddec0005c1d44033ef0f50bc0fbf5f7aeacd8c9eac501b8e6bc2e3d63352cacb8ac10ec965ed6b6c2b50f285ba9a75e144909e8083cc6626e3f0983504b914d72bdf7aebd16a374f9e8a9dc64e4a203749290d033dc0d5379d32a0b07ad59f0219f328edd8675528a7d9d58cb849dc72e66261e75b03c56be0b4a015254ae6e150d21774e80008b199d302d925ebf50467b46b28416a1ce2227120ad6954b3a8d2999224a4ad0f003bec8a9395cf4d787b37341e3b9c8e3ddf0ef7f6d773519afe5316b651f4efcc7c7276a3619ff13d6f9d34f2d6be8967d8af23355bd8645a519d298c4d0fcd026d60d90e082aba7b8fc6f32a474d305651cd7df39559e9d9bd836adb49ac492bf97d62003adb76af79438c5045c6f40ec46607877d4000b32a635402e98c9dcdc75d8b9e93745745c39193f93b05525248f754065dd8dc62a43a621e4c387668569deb5a667f1d12882d29378f2e76aff3f3f6b7d63ec7b4a0143160763096c69cbfa5f4527ef606d0d9bfdc50608734310e1273d4f550c00d7794bc870cdcce2968a6aacbeb9e910533b2eeb8886c8c69d072c902d087e324e6264c3896e1a10cdc0e64839bfb0507e153aa7f6de77269e2cc0abc1fef4e907bc0dc9a6e7646e15a061430d8c24bec91266e62c16e2f9d96381273879b11002d81fa6c74415a05997eaf65515a0ab14aad324ddfe6cc83963073f50ac898ab37076460cca74cfe63c356f79efbf63b0ccec6b85e4e3d6de45e43ec8271d00ea275aa92551e89c5800b1ca01478e3a9b63c95cecfc3a39753faaffbdf5ee7f6af72df347e6b4d6901e424eda7323e5188ada30e6d195c1d6bac8b9b732efafe8832fb1bcf5265bf54a0066735a9b2822cb2ddb081bef2998095d9472d4a70c7ef9325c9cbdca2852383cd0e5ae6a5509c082888fd33b0beb1adbb63d0b2ca70801f9458efc80b06f7a6b1032307c11c31f9641d1dde8ee3ad9c893a129e04f830cf2c11c4968f4c4f6f74549892d5b102631be05fda66fb917f2b6f27ba132df4161e7e7b8307f2907f5e0e788c02c56b55c364896663cb2646e7f428fa2ca4436f51df5cd012b91e29d643328333dfdf5532f0ef0a864be66a9ada4939fa4951b320bb982acabfe487cfd3ddcfd16d43a54c691bbcf728e8b556e5146eca80c34279a58bd221046051f2daa65adeaee9d9ba1c74c4cd0ad705898ed770ffb1cc63e75f479902d98f6bd7571212a84e8ad888b21fce16cbb6ec2d5677e8c415d63f9c6a4e5f8640151f294d9e630e026bd8ce2b1c1e1599e939e195dacd9adfc2ba4450ff658a4e9a1c042a80f34af799c7aeb2cf9fbbff0dbf8cefdae7a7e54d926f94a3d47b3e8991fef830197eeeb80d2f8c9908c79d6eb34479a558904d55ceea18bd2df3dfa24c3b06fdc8cf56e0e2de96daf7ece87559722e865bb0f8fbb78e6a463a634fd98aca73ef2df21df7edeecfb6cf4a057518e5e6227123bf90bbefa17725fbe0520aab639c95168b7fb025f229b7b860e806fb477eeec00eef3e01c0aa65b290a7982aa84f2f20153e0590598c4855c744d4570da34ef615b64e3a86c3b1b330ce3dfd287acdbc0c70831c459d8506e737d35869d8e2214ac4357addd09993a6c6d38c31df6b928a427bfe6c2de1f6da4ac50b08ac7669bd853b1d4c965987278e0e2788d8091f138d75b8a17a5b82f5fb15a787598bf1c32a84d37e15255f10af0416b2998d79d4a82b52f153a66dfbc452e91c32a0d15e81ddd6fb694b9dfb212bb1af604ab93c457e47e75c7ddcb57d5da01bc9c8395f66753bce5ee5fee48f266ca5365767f2e25fc4ac38c51e00ec52c4dd01f41632dd23ffb356461b8974f96d7e78f8223612bc9c4f7bde218d5f7d69d32dbfb31a918e3ea17531ba48d0461563d381b43b64b2929b271e30e8d78f8c43a26bc363848fd4ed29af0163f11b178990d72ed56af94f19815a0da9ab6908465275171dcfa14ea4605834eb6ef7b72629ba4f74e0109e869ad7c28c6c2db8a0a0a9ec65cccc117a3e5ef6573c3dafb1637b2553873f57820163646e2d079cff09d7cadb8774c5004a7d251261d27cc9aa01da7cabb346e34c2bf115fccc6a9eab6d93500434859150d9f6830afda0778f40b34d375008f3197ee5772502c19c7cfb2a8bf689df474ce6cc66d17188310f04bfd31715380b5e1ae4fc941c16379cee3cb58551f47880b40397a2eb5b04e680e2ce300cb098bc2de37a3cb96312d7194577f50cd5596d7fadd3c99a74679bfd06a40d60150999621a2fa252749bcf947aaff2e31ce8c59a5e0a73a2037b61a489cb51634f9bbc73a4867cd7014a0ab496cf815a9ac64f8d4a5fb456cca4eb78f086dde593786c28c92cf26a4f2614f9c93ea2f1d148fc5d687a1486c5f7cfc0bf1a6b5d159dc284163b3b833b43005990eb91b1c61b43c4a4329c2a3007bcb5d44b6e93ba628541645ce5ba4c45abcb5c9eb22681278cdfd2b7e988fe39fa4de7e5cc02a0a38347b4315816064cfde8fe3888449c9f5c909663854c8ba9a58c1ea801bf3b4992dfdcc78c88f8e1ccf0d7ea67fa834d30bd2b8400bacebfc506c2d4d0d843481efeafc7fa8c079db5c7df64ac16f819d44a1904a5fe68d35d90559af64cf421d73a251b2179b64e2fd54c7d19393e73ff9846a9560ef7baf337876d0fb78f55bde39b4a6d388f056f87d756ef5116a5e1c7fd197fea558a423cfab97c2daa0694710aa9dd2e29fa64ae8392050c8708aa2671997307ce22b7d9352de1458d08673d364ff990da7863932433aa404a4f3cd3e80756531cdc2a2f3f0be4e0db5775517e4f9b9470827cd3d393ecad482acaca3cc3549ce075fffb303caf50bd2bff5f6c3ed59229aee3e6a3b4a1dd7cdef2799ef06ef7c769c8233c7577dfd6ae02b0fec37b124b85816067962cd6bf85b6c7e24ea9f942a2e3977d839daeeddf7921c328507b596a2d5856d719567994220571bac5ab0386de691516b4a50a0188b9c14e07778ad5ce882c4c24c584410893a1069ca9bac542efb8539241449c9ee494eab57c4694993fed1ccef4300009b18b3e25b84d7586425607539fe9d2c3c54239d2e2fd3ca387b4ffc6517717863244d4345195c5e77b4281022a16206ac44613ebf7a39db732792800fe3e5292b547a9f1fd0c4c1ced6e75a6f9ebf6b2d15a64ee579d1790b0feb0667fa71ad4bfa1229668395c0b7d5aa1897015b45383f72f3d93c2f56fb939e32e8099a97957c970c5ab99f96fa3011f11c77b4f5308b4ca73aa3ac7b3691ede373dfb1a62a6e38afdab2a084b55abd639d73934c71b24c7f8e64eee6e30262faa2ec66abf4be9bca14eb543b8154e22d9c9f9fcebd636d9c0cbf8017fcc919d6b514456922f1d469a93112061ed302dfb600f2710e56b2d8f959b77c62aca104e259e7549ca68a5a5843c0b9b6c14bde5023c4f0ea98975ca2d45f34d65b7021e5ba9be2cdcc9e8283bb65adcf912ab3cba734e51ab5d665dea9fb5ab23f85bca30ae05c8b17dac22e3a296c53e9f88ef9043fc363e0fa4e271027bd3e4444dc6cd9fcdbebffaca4f43e1ef448b7a7ade00864b9bdf598e40c052adfa9f0f5fae1088cfdac51d7a270bb67acea4e71b38bb88f0d6afa7c3119013fd8c93e6bb6f5c16b8134b100b1d807654f6f264f3cf0285606be0e68f2f6e3d96dc1ef998738202040ef3ee7964d95c4ee9ae7cd570574ac5ba1b8abf4ecaed993a5bc9fff05698fc767ac6a5d18825b024ac42097d31ff570790e29868d6289280d9835cf4aae5c5fef3240526c2388f0f33be57cf3bf507a71ce2c910fefe5963f2333e145ea65e5470544f20cdb4245c528c6ba7285d3277ee2ad15fa31184d2f9453760c0fb7be1f2b1ea1008bfe29553878aad1ecd3cea5dac232869784bc6b24b6e7d1fa05dadb17c256d2fe698ce29fba7edb0a06382f0e9cdbd3c709567097b30cc55181c8dd0b39ddfd6864a193d201189b440f38420d90961ca996dad47dce819771e2bb62e5999c01dec20eaeb098da54b42d9997daffe62baa81715e5a2cb73762d5a201d038ce758ca391426b073189936558806131c0d27decc081391ab561a00c41d838c506ae8c45d3c3b7aebc77ba5fbf52b454a500c5fe919438a7947785c61fdfb1bd03382de63f83cafcd343deface113cb1ceb65b096bf356358869596a45380c98417c642a66ea2151cf80e5b82349b5a251b18cf23f0fdfff7ccfb7eff519534b56470c38362031730a77ff81c515d20317fab70760d6f73d5a04b94170752f341b7547513a7eb703060a96eaef73", @ANYBLOB="000000000700000000000000ae"], 0x20000078}}, 0x0) (async, rerun: 64)
sendmsg$can_bcm(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000700000000000000000000000080000000000000"], 0x48}, 0x1, 0x0, 0x0, 0x20009810}, 0x0) (async, rerun: 64)
read(r0, &(0x7f0000000280)=""/96, 0x60) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) (async, rerun: 32)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 32)
ioctl$CDROMREADAUDIO(r2, 0x31e, &(0x7f0000002140)={@msf={0xef, 0x2}, 0x0, 0x0, 0x0})

169.085917ms ago: executing program 3 (id=810):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, 0x0, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r1, &(0x7f0000000240)={0x1d, r3, 0xffffffffffffffff, {}, 0xfe}, 0x18)
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x3, {0x1, 0xf0, 0x4}, 0x2}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c11", 0x27}], 0x1}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001300)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091e2b14a0778a8123d181d"], 0xfe33)
fcntl$F_GET_FILE_RW_HINT(r6, 0x40d, &(0x7f0000000200))
r7 = socket(0x10, 0x803, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000400), 0x4)
sendmsg$nl_generic(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000005200", @ANYRES32], 0x1c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000080)={'veth1_to_bond\x00', &(0x7f0000000100)=@ethtool_coalesce={0xe, 0x20000, 0x9, 0x9, 0x8, 0x7, 0xffffffc0, 0x5, 0x10001, 0x5cb, 0x5, 0xfffff6fd, 0x7, 0x7, 0x10c, 0x8, 0x1, 0x9, 0x3, 0x1, 0x98, 0x108de290, 0x5}})
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r10 = dup(r9)
getsockopt$bt_BT_DEFER_SETUP(r10, 0x112, 0x4, 0x0, &(0x7f0000000080))
r11 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00')
r12 = openat$uinput(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r12, 0x405c5503, &(0x7f0000000440)={{0x7, 0x10}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r12, 0x5501)
syz_open_dev$evdev(&(0x7f00000000c0), 0x1, 0x0)
close_range(r11, 0xffffffffffffffff, 0x0)

168.204883ms ago: executing program 3 (id=811):
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0600000000000000e20000000400000000000000000000000200000050020000000000000000000000000000000000000000000000000000fabe000003000000000000000000000069530000fdffffff0000000000000000000000000000000000000000000000008af4ffff010000000000000000000000eb050000060000000000000000000000000000000000000000000000000000000200000001000000000000000000000000081300000000000800000000000000000000000090000006000000090000002d00000002000000010000ff0000000000000000feffffff0000000000000000000000000000000000004071a55e050000000100000000000000faffffff01000000000000000000000000000000000000000000000000000000e89e66bc178c7341c9d943c308a6a4e57a3557f52143d0"])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000002c80), r1)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r1, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000002d00)={0x24, r2, 0x215, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008014)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r3, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

100.03264ms ago: executing program 3 (id=812):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="240000002e000100"/20, @ANYRES32=r2, @ANYBLOB="000000006ed6655abe0800010004002480"], 0x24}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000600), &(0x7f0000000640)=0x4)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(0xffffffffffffffff, 0x7ac, &(0x7f0000000580)={&(0x7f0000000140)={{@host, 0x80000001}, {@any, 0x1}, 0x400, "c3c343f8f52ab789b58def85c5383fc8e9c1e02b0ac874e4ac185fd25fe3a440940b8862375e3cba663083a1c9e25ea6087551bbb0dcff3d33d327322b05c0b4daf65e4a72a55ce25a365a76c1df8b71f2c34fbb0593e7babaa2828ce7e763cc25976b2d5691c8d698147621ef5cef56d6f272a547000428babfc59d8007520c8a7c1ef9d0266337c0e02a64da7b614fd684465ef1edb1de0cb25cb0ca8a244cdbce1e610ab8bc11dbbdb87bc954f052bd304184c52db888b66563424abfd1dd5ed6d7b5299b54b7eb93d2f496085f51ece5e6c423ce8aba64aa5f49a696867a1e08ee428c9ed19ce87302413774e059d7130f8e455a10d2f41ed3e018dd7e269a5c1bb7dc8637ff54c182c4cd114a13fbe104a594933b737c011930bf5c942cbcf9b0feaa0deca849855751976e209f07c6f70463666dfc2b5620ed422f6ff54084d84f49b198de79b05c58f56ce2a8c8a3b0d4520d23011a05741cd5204394d0dc293f5f8c24710d34c5969a96c295c685177b17dd0a510fa3df2573df8d195d4b468ada6fd1e7bdd220f53816f1dffaab298420c51dcd821a3885ce4ef6677021bdc10eff259b72ea1f7034f78b294a5131b19c6d314ef998fd2a6d49ed3005591ababfcb2d566a3a8c48ca33e975b0b2966ab913c92e75065a86fff4a855b94cdb930cf52cc65feb26a5f8fe08476fa69a4c57be8c1f5ce633872a46d8ca2c2a450b4aca79e2353499f8df9842bf8f814130b8119f03cb06c5d172399dab832afeb40f3956a812afa78317d5705947d5b4846417dcc9ca4a9d639dafcdba6fe4e801e3d09bca3fa5d3f2e8033eb669bf3dbae93e453001659c309a1359a56b0c9ca5fe0a97d88f0a8a395515e92c56b0073307d471d08a6d0624793fd757a04fe74eda549771829245a807d186958fae07f766d9ac04bbe4044cfbf9cbcbd659f59c2a7ca87703dc91f9645abfe92ac0dcc254f6bae03df476065898c3b0c0b67f87436543c96270baed875d9fc42377ff62bbc3f4e71630d80d501d4074f1cfab66901c4a890e9f6b350161437fd9ffabcc81bdd33979bc9bf0301d4be3158e08a40514cf67dc1561fcdc1b9996fa6daf0b38035330479876e3b8b176a19566366bcc0dc88b979dfa5cd9d18b8a906aee21839af3ba5371f94e199e4f8e613618412236b3c43dcc8bd5d77d09a4cd7e722d5cf4a38fe81386ecd0662ad81385771940213d9af1832a6942e42755866fb130383a7d13d9a83a4996e941a52507afb240f47cba56e1bf9e929adedf1d97534bb54850c2c7a37f87d877c7c71a68fe50a8ffb826b5173cfab9dda1936f862d48aa4d7ec27c77f8671aa8ef90c553ff3b4f7868c814028b119d1a2d8a35d83297644eb6536d42952ecd1476fd106901d9d18cabb1b93726102342fc3b201b54cc2cadeacda446253984f8c8b4"}, 0x418, 0x7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x4, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3}, {0xffff, 0xfff1}, {0x8}}, [@qdisc_kind_options=@q_fq_pie={{0x22}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4091)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)

98.927582ms ago: executing program 3 (id=813):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x28, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, 0x10002}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

0s ago: executing program 3 (id=814):
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="0100000004000000020000000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000abbb468930d4afcc500aa08b73ae298da468a486d1d5e921a4937e9be3deed3b1e114a1f7d23a14c7b43252cbb47fa377bbb74115347585a8f7a3a83839caeeda5c88efd9b62de04a7227e3ea5e04cec614899af3c4afa92f5467a3ca54f1ad805680cb18db3864e4e7e19f2897453edb6ade39d1b0783d1d6984158bbd3c18b409511842b6d4c5e7f8a12b0c3860ed2952cf30ec135f520ea361a09017ff940b07a0cf96b8174e4a8cbfaed54febb156e59630af9692b61f2b1bf1f6d3b864131704c64792f817356e071c0000000000000000"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000002480)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$IOCTL_VMCI_SET_NOTIFY(r1, 0x7cb, &(0x7f0000000040)={0x8000000000000000, 0x3, 0x8})
r2 = socket$inet(0xa, 0x801, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r4, @ANYBLOB="01000000000000000000010000000c000500ff000000000000000c0002000000020000000000040007800c000800000000000000000008000a00000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r5, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x40044)

kernel console output (not intermixed with test programs):

the MTU to 1560 would solve the problem.
[   45.615010][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.621811][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.623602][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.630563][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.694050][ T5937] hsr_slave_0: entered promiscuous mode
[   45.696053][ T5937] hsr_slave_1: entered promiscuous mode
[   45.697947][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.700643][ T5937] Cannot create hsr debugfs directory
[   45.712965][ T5945] hsr_slave_0: entered promiscuous mode
[   45.715513][ T5945] hsr_slave_1: entered promiscuous mode
[   45.717247][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.719795][ T5945] Cannot create hsr debugfs directory
[   45.875391][ T5935] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   45.901592][ T5935] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   45.904598][ T5935] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   45.912768][ T5935] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   45.930891][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   45.935897][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   45.939243][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   45.942466][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   45.968455][ T5945] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   45.971750][ T5945] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   45.978050][ T5945] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   45.981174][ T5945] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   46.013572][ T5937] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.017543][ T5937] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.020486][ T5937] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.023338][ T5937] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   46.028477][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.057245][ T5935] 8021q: adding VLAN 0 to HW filter on device team0
[   46.063453][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.073927][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.075968][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.085360][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.087513][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.098281][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   46.110950][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.113450][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.124474][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.126466][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.138982][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.161701][   T39] audit: type=1400 audit(1734201744.446:114): avc:  denied  { sys_module } for  pid=5935 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   46.162666][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.174209][ T5945] 8021q: adding VLAN 0 to HW filter on device team0
[   46.185396][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.188029][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.195870][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.197738][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.202083][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[   46.209341][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.211269][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.221090][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.222952][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.229693][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.257221][ T5935] veth0_vlan: entered promiscuous mode
[   46.265718][ T5935] veth1_vlan: entered promiscuous mode
[   46.272390][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.296689][ T5935] veth0_macvtap: entered promiscuous mode
[   46.302696][ T5935] veth1_macvtap: entered promiscuous mode
[   46.305378][ T5942] veth0_vlan: entered promiscuous mode
[   46.309379][ T5942] veth1_vlan: entered promiscuous mode
[   46.323627][ T5942] veth0_macvtap: entered promiscuous mode
[   46.329004][ T5942] veth1_macvtap: entered promiscuous mode
[   46.332858][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.338672][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.343340][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.347870][ T5935] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.350302][ T5935] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.352591][ T5935] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.355008][ T5935] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.366789][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.370694][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.376746][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.380954][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.384474][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.387620][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.392331][ T5942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.394611][ T5942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.397042][ T5942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.399262][ T5942] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.420664][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.443375][ T5945] veth0_vlan: entered promiscuous mode
[   46.463535][ T5945] veth1_vlan: entered promiscuous mode
[   46.468674][ T5937] veth0_vlan: entered promiscuous mode
[   46.476098][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.478234][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.479805][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.482090][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.487341][ T5937] veth1_vlan: entered promiscuous mode
[   46.498020][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.500504][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.516682][  T220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.518740][  T220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.530790][ T5945] veth0_macvtap: entered promiscuous mode
[   46.538710][ T5945] veth1_macvtap: entered promiscuous mode
[   46.546920][ T5935] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   46.553065][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.556728][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.559320][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.562687][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.567112][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.570605][ T5937] veth0_macvtap: entered promiscuous mode
[   46.578474][ T5937] veth1_macvtap: entered promiscuous mode
[   46.580519][ T5996] Attempt to restore checkpoint with obsolete wellknown handles
[   46.586125][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.589415][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.592909][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.597013][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.601196][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.606698][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.610845][ T5940] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   46.613612][ T5940] CPU: 2 UID: 0 PID: 5940 Comm: kworker/u33:3 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[   46.615345][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.617067][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   46.620083][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.623717][ T5940] Workqueue: hci0 hci_rx_work
[   46.627361][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.628614][ T5940] Call Trace:
[   46.628624][ T5940]  <TASK>
[   46.631091][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.632358][ T5940]  dump_stack_lvl+0x16c/0x1f0
[   46.633127][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.633889][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.636576][ T5940]  sysfs_warn_dup+0x7f/0xa0
[   46.636629][ T5940]  sysfs_create_dir_ns+0x24d/0x2b0
[   46.636659][ T5940]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   46.636688][ T5940]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   46.638861][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.641461][ T5940]  ? kobject_add_internal+0x12d/0x990
[   46.643400][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.643408][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.644993][ T5940]  ? do_raw_spin_unlock+0x172/0x230
[   46.645025][ T5940]  kobject_add_internal+0x2c8/0x990
[   46.645055][ T5940]  kobject_add+0x16f/0x240
[   46.646349][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.646356][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.648312][ T5940]  ? __pfx_kobject_add+0x10/0x10
[   46.649621][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.650063][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.653111][ T5940]  ? class_to_subsys+0x3e/0x160
[   46.677842][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.678561][ T5940]  ? do_raw_spin_unlock+0x172/0x230
[   46.680306][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.681879][ T5940]  ? kobject_put+0xab/0x5a0
[   46.684238][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.685477][ T5940]  device_add+0x289/0x1a70
[   46.685498][ T5940]  ? __pfx_dev_set_name+0x10/0x10
[   46.685515][ T5940]  ? __pfx_device_add+0x10/0x10
[   46.685531][ T5940]  ? mgmt_send_event_skb+0x2f2/0x460
[   46.685548][ T5940]  hci_conn_add_sysfs+0x17e/0x230
[   46.685563][ T5940]  le_conn_complete_evt+0x107f/0x1da0
[   46.685579][ T5940]  ? __pfx_lock_release+0x10/0x10
[   46.685592][ T5940]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   46.687752][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.688937][ T5940]  ? trace_contention_end+0xee/0x140
[   46.707160][ T5940]  ? __mutex_lock+0x1cc/0xa60
[   46.708390][ T5940]  hci_le_conn_complete_evt+0x23c/0x370
[   46.709801][ T5940]  hci_le_meta_evt+0x2e2/0x5d0
[   46.711252][ T5940]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   46.713190][ T5940]  hci_event_packet+0x666/0x1180
[   46.714640][ T5940]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   46.715529][ T6001] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=62474 sclass=netlink_route_socket pid=6001 comm=syz.1.2
[   46.716129][ T5940]  ? __pfx_hci_event_packet+0x10/0x10
[   46.720560][ T5940]  ? mark_held_locks+0x9f/0xe0
[   46.721850][ T5940]  ? kcov_remote_start+0x3cf/0x6e0
[   46.723194][ T5940]  ? lockdep_hardirqs_on+0x7c/0x110
[   46.724565][ T5940]  hci_rx_work+0x2c5/0x16b0
[   46.726065][ T5940]  ? process_one_work+0x921/0x1ba0
[   46.727934][ T5940]  process_one_work+0x9c5/0x1ba0
[   46.729685][ T5940]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   46.731186][ T5940]  ? __pfx_process_one_work+0x10/0x10
[   46.732640][ T5940]  ? rcu_is_watching+0x12/0xc0
[   46.733939][ T5940]  ? assign_work+0x1a0/0x250
[   46.735233][ T5940]  worker_thread+0x6c8/0xf00
[   46.736529][ T5940]  ? __pfx_worker_thread+0x10/0x10
[   46.737916][ T5940]  kthread+0x2c1/0x3a0
[   46.739052][ T5940]  ? _raw_spin_unlock_irq+0x23/0x50
[   46.740459][ T5940]  ? __pfx_kthread+0x10/0x10
[   46.741724][ T5940]  ret_from_fork+0x45/0x80
[   46.742936][ T5940]  ? __pfx_kthread+0x10/0x10
[   46.744215][ T5940]  ret_from_fork_asm+0x1a/0x30
[   46.745747][ T5940]  </TASK>
[   46.749657][ T5940] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   46.754044][ T5940] Bluetooth: hci0: failed to register connection device
[   46.756515][ T5297] Bluetooth: hci1: command tx timeout
[   46.756759][ T5948] Bluetooth: hci3: command tx timeout
[   46.757785][ T5937] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.757813][ T5937] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.757837][ T5937] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.757858][ T5937] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.761086][ T5940] Bluetooth: hci0: command tx timeout
[   46.765418][ T5948] Bluetooth: hci2: command tx timeout
[   46.796008][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.797957][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.810953][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.813089][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.825312][ T1138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.825325][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.827442][ T1138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.829476][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.875246][ T5981] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   47.025085][ T5981] usb 7-1: Using ep0 maxpacket: 16
[   47.028479][ T5981] usb 7-1: config 1 interface 0 has no altsetting 0
[   47.032193][ T5981] usb 7-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.40
[   47.034618][ T5981] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   47.036889][ T5981] usb 7-1: Product: ⋬㭱㿱�輒缉ూ�៧�挻꺧筤횧듉�龺�泑⭗鿶�ෛₙ�凒謤裂稰펂ᗄ�⼥둆齸�ᗅ亀Ż
[   47.041023][ T5981] usb 7-1: Manufacturer: 踕扞뜽ﵑ᮹밯猆㊩씬�ꚭ츛佋艃佋��鑟潄틆Ɏ懻�諎怇갔궖�諻씨峪ⱟ商䳀᎔㻓᥿⾙Ⓔ보喿퉴㧂猑ꄘ㶞ᗺ儵粧
[   47.046241][ T5981] usb 7-1: SerialNumber: syz
[   47.455512][ T6000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.457860][ T6000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.463024][ T6014] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7'.
[   47.471704][ T5981] usbhid 7-1:1.0: can't add hid device: -71
[   47.473418][ T5981] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[   47.480956][ T5981] usb 7-1: USB disconnect, device number 2
[   47.750426][ T6038] ip6t_srh: unknown srh match flags  B153
[   47.756714][ T6047] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.077576][ T5948] Bluetooth: Unknown BR/EDR signaling command 0x0f
[   48.079353][ T5948] Bluetooth: Wrong link type (-22)
[   48.807790][ T6134] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   48.835055][ T5940] Bluetooth: hci2: command tx timeout
[   48.835504][ T5297] Bluetooth: hci3: command tx timeout
[   48.836519][ T5940] Bluetooth: hci1: command tx timeout
[   48.839438][ T5948] Bluetooth: hci0: command tx timeout
[   48.869246][ T6134] Zero length message leads to an empty skb
[   49.086664][ T6141] nbd0: detected capacity change from 0 to 2199023255576
[   49.092607][ T5949] block nbd0: Send control failed (result -89)
[   49.094418][ T5949] block nbd0: Request send failed, requeueing
[   49.097550][ T5948] block nbd0: Receive control failed (result -32)
[   49.098336][ T2609] block nbd0: Dead connection, failed to find a fallback
[   49.101892][ T2609] block nbd0: shutting down sockets
[   49.103466][ T2609] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.106620][ T2609] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.113654][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.116182][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.118384][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.120739][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.122790][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.125819][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.127925][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.130337][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.132744][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.135161][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.137428][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.139982][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.142326][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.145277][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.147276][ T5949] ldm_validate_partition_table(): Disk read failed.
[   49.149208][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.151541][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.153632][ T5949] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   49.156099][ T5949] Buffer I/O error on dev nbd0, logical block 0, async page read
[   49.156960][ T6162] netlink: 28 bytes leftover after parsing attributes in process `syz.2.51'.
[   49.158211][ T5949] Dev nbd0: unable to read RDB block 0
[   49.160459][ T6162] netlink: 'syz.2.51': attribute type 7 has an invalid length.
[   49.162136][ T5949]  nbd0: unable to read partition table
[   49.164224][ T6162] netlink: 'syz.2.51': attribute type 8 has an invalid length.
[   49.167999][ T6162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.51'.
[   49.171177][ T5949] ldm_validate_partition_table(): Disk read failed.
[   49.173409][ T5949] Dev nbd0: unable to read RDB block 0
[   49.175251][ T5949]  nbd0: unable to read partition table
[   49.239557][ T6166] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   49.411796][ T6184] ieee802154 phy0 wpan0: encryption failed: -22
[   49.414747][ T6185] netlink: 12 bytes leftover after parsing attributes in process `syz.1.58'.
[   49.415180][ T6184] binder: 6182:6184 unknown command 0
[   49.419069][ T6184] binder: 6182:6184 ioctl c0306201 20000080 returned -22
[   49.419170][ T6185] xfrm1: entered promiscuous mode
[   49.422772][ T6185] xfrm1: entered allmulticast mode
[   49.423258][ T6187] ieee802154 phy0 wpan0: encryption failed: -22
[   49.448269][   T39] kauditd_printk_skb: 160 callbacks suppressed
[   49.448278][   T39] audit: type=1400 audit(1734201747.736:275): avc:  denied  { ioctl } for  pid=6189 comm="syz.1.59" path="socket:[8870]" dev="sockfs" ino=8870 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   49.486147][   T39] audit: type=1400 audit(1734201747.776:276): avc:  denied  { ioctl } for  pid=6196 comm="syz.1.61" path="socket:[11325]" dev="sockfs" ino=11325 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   49.492446][   T39] audit: type=1400 audit(1734201747.776:277): avc:  denied  { unlink } for  pid=6196 comm="syz.1.61" name="#1" dev="tmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   49.492881][ T6197] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   49.502475][   T39] audit: type=1400 audit(1734201747.786:278): avc:  denied  { mount } for  pid=6196 comm="syz.1.61" name="/" dev="overlay" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   49.507960][ T6197] (syz.1.61,6197,2):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "grpquota../file0/file0" or missing value
[   49.508252][   T39] audit: type=1400 audit(1734201747.786:279): avc:  denied  { getopt } for  pid=6196 comm="syz.1.61" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   49.512506][ T6197] (syz.1.61,6197,2):ocfs2_fill_super:1178 ERROR: status = -22
[   49.518013][   T39] audit: type=1400 audit(1734201747.786:280): avc:  denied  { mounton } for  pid=6196 comm="syz.1.61" path="/19/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   49.523824][ T6197] @: renamed from vlan0 (while UP)
[   49.524691][   T39] audit: type=1400 audit(1734201747.806:281): avc:  denied  { create } for  pid=6200 comm="syz.0.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   49.530645][   T39] audit: type=1400 audit(1734201747.806:282): avc:  denied  { ioctl } for  pid=6196 comm="syz.1.61" path="socket:[9548]" dev="sockfs" ino=9548 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   49.532773][ T6197] cgroup2: Unknown parameter 'group_id'
[   49.537169][   T39] audit: type=1400 audit(1734201747.816:283): avc:  denied  { create } for  pid=6200 comm="syz.0.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   49.543530][   T39] audit: type=1400 audit(1734201747.816:284): avc:  denied  { remount } for  pid=6196 comm="syz.1.61" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   49.644707][ T5994] libceph: connect (1)[c::]:6789 error -101
[   49.647328][ T5994] libceph: mon0 (1)[c::]:6789 connect error
[   49.906348][ T5994] libceph: connect (1)[c::]:6789 error -101
[   49.908454][ T5994] libceph: mon0 (1)[c::]:6789 connect error
[   50.020787][ T6236] netlink: 36 bytes leftover after parsing attributes in process `syz.2.70'.
[   50.071537][ T6242] syz.0.73 uses obsolete (PF_INET,SOCK_PACKET)
[   50.075410][ T6242] netlink: 64 bytes leftover after parsing attributes in process `syz.0.73'.
[   50.239887][ T6246] netlink: 9864 bytes leftover after parsing attributes in process `syz.0.75'.
[   50.244368][ T6246] netlink: 76 bytes leftover after parsing attributes in process `syz.0.75'.
[   50.329730][ T6255] fuse: Unknown parameter ''
[   50.335994][ T6255] syzkaller0: entered allmulticast mode
[   50.426060][ T5994] libceph: connect (1)[c::]:6789 error -101
[   50.427678][ T5994] libceph: mon0 (1)[c::]:6789 connect error
[   50.461944][ T6214] ceph: No mds server is up or the cluster is laggy
[   50.509619][ T6257] process 'syz.1.78' launched '/dev/fd/5' with NULL argv: empty string added
[   50.607938][ T6266] netlink: 'syz.0.82': attribute type 21 has an invalid length.
[   50.609927][ T6266] netlink: 132 bytes leftover after parsing attributes in process `syz.0.82'.
[   50.613087][ T6268] netlink: 'syz.0.82': attribute type 21 has an invalid length.
[   50.615466][ T6268] netlink: 132 bytes leftover after parsing attributes in process `syz.0.82'.
[   50.648044][ T6270] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[   50.815011][   T25] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   50.821589][ T6272] bridge_slave_1: left allmulticast mode
[   50.823713][ T6272] bridge_slave_1: left promiscuous mode
[   50.826385][ T6272] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.831856][ T6272] bridge_slave_0: left allmulticast mode
[   50.833840][ T6272] bridge_slave_0: left promiscuous mode
[   50.838683][ T6272] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.915518][ T5948] Bluetooth: hci1: command tx timeout
[   50.915539][ T5940] Bluetooth: hci0: command tx timeout
[   50.915610][ T5947] Bluetooth: hci2: command tx timeout
[   50.923641][ T6274] futex_wake_op: syz.2.85 tries to shift op by 32; fix this program
[   50.975046][   T25] usb 6-1: Using ep0 maxpacket: 8
[   50.978973][   T25] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   50.982598][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   50.986106][   T25] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   50.989417][   T25] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   50.993641][   T25] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   50.997197][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   51.003684][ T6276] trusted_key: syz.2.86 sent an empty control message without MSG_MORE.
[   51.071205][ T6280] overlayfs: missing 'lowerdir'
[   51.078787][ T5940] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[   51.081395][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: kworker/u33:3 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[   51.084220][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   51.087028][ T5940] Workqueue: hci3 hci_rx_work
[   51.088305][ T5940] Call Trace:
[   51.089196][ T5940]  <TASK>
[   51.089978][ T5940]  dump_stack_lvl+0x16c/0x1f0
[   51.091223][ T5940]  sysfs_warn_dup+0x7f/0xa0
[   51.092425][ T5940]  sysfs_create_dir_ns+0x24d/0x2b0
[   51.093837][ T5940]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   51.095898][ T5940]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   51.097877][ T5940]  ? kobject_add_internal+0x12d/0x990
[   51.099487][ T5940]  ? do_raw_spin_unlock+0x172/0x230
[   51.100900][ T5940]  kobject_add_internal+0x2c8/0x990
[   51.102273][ T5940]  kobject_add+0x16f/0x240
[   51.103459][ T5940]  ? __pfx_kobject_add+0x10/0x10
[   51.104769][ T5940]  ? class_to_subsys+0x3e/0x160
[   51.106060][ T5940]  ? do_raw_spin_unlock+0x172/0x230
[   51.107428][ T5940]  ? kobject_put+0xab/0x5a0
[   51.108647][ T5940]  device_add+0x289/0x1a70
[   51.109826][ T5940]  ? __pfx_dev_set_name+0x10/0x10
[   51.111537][ T5940]  ? __pfx_device_add+0x10/0x10
[   51.113340][ T5940]  ? mgmt_send_event_skb+0x2f2/0x460
[   51.115282][ T5940]  hci_conn_add_sysfs+0x17e/0x230
[   51.117212][ T5940]  le_conn_complete_evt+0x107f/0x1da0
[   51.118687][ T5940]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   51.120322][ T5940]  ? trace_contention_end+0xee/0x140
[   51.121704][ T5940]  ? __mutex_lock+0x1cc/0xa60
[   51.122928][ T5940]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   51.124454][ T5940]  ? skb_pull_data+0x166/0x210
[   51.125713][ T5940]  hci_le_meta_evt+0x2e2/0x5d0
[   51.126961][ T5940]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   51.128632][ T5940]  hci_event_packet+0x666/0x1180
[   51.129925][ T5940]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   51.131311][ T5940]  ? __pfx_hci_event_packet+0x10/0x10
[   51.133274][ T5940]  ? mark_held_locks+0x9f/0xe0
[   51.135028][ T5940]  ? kcov_remote_start+0x3cf/0x6e0
[   51.136683][ T5940]  ? lockdep_hardirqs_on+0x7c/0x110
[   51.138065][ T5940]  hci_rx_work+0x2c5/0x16b0
[   51.139278][ T5940]  ? process_one_work+0x921/0x1ba0
[   51.140664][ T5940]  process_one_work+0x9c5/0x1ba0
[   51.141972][ T5940]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   51.143441][ T5940]  ? __pfx_process_one_work+0x10/0x10
[   51.144844][ T5940]  ? rcu_is_watching+0x12/0xc0
[   51.146107][ T5940]  ? assign_work+0x1a0/0x250
[   51.147324][ T5940]  worker_thread+0x6c8/0xf00
[   51.148571][ T5940]  ? __pfx_worker_thread+0x10/0x10
[   51.149914][ T5940]  kthread+0x2c1/0x3a0
[   51.151256][ T5940]  ? _raw_spin_unlock_irq+0x23/0x50
[   51.153161][ T5940]  ? __pfx_kthread+0x10/0x10
[   51.154862][ T5940]  ret_from_fork+0x45/0x80
[   51.156245][ T5940]  ? __pfx_kthread+0x10/0x10
[   51.157471][ T5940]  ret_from_fork_asm+0x1a/0x30
[   51.158756][ T5940]  </TASK>
[   51.159668][    C1] vkms_vblank_simulate: vblank timer overrun
[   51.162559][ T5940] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   51.166983][ T5940] Bluetooth: hci3: failed to register connection device
[   51.210284][ T6262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.213047][ T6262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.216128][   T25] usb 6-1: GET_CAPABILITIES returned 0
[   51.217612][   T25] usbtmc 6-1:16.0: can't read capabilities
[   51.308124][ T6295] trusted_key: encrypted_key: master key parameter '' is invalid
[   51.350620][ T6297] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=3330293724 (106569399168 ns) > initial count (94670087904 ns). Using initial count to start timer.
[   51.418979][ T6262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.421337][ T6262] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.428770][  T833] usb 6-1: USB disconnect, device number 2
[   51.435179][ T6052] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   51.565197][ T6052] usb 5-1: device descriptor read/64, error -71
[   51.635070][ T5948] Bluetooth: hci3: command tx timeout
[   51.805186][ T6052] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   51.843477][ T6312] 9pnet_fd: p9_fd_create_tcp (6312): problem connecting socket to 127.0.0.1
[   51.954099][ T6323] mmap: syz.2.98 (6323) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   51.958333][ T6052] usb 5-1: device descriptor read/64, error -71
[   51.959475][ T6323] binder_alloc: binder_alloc_mmap_handler: 6322 20ffc000-20ffd000 already mapped failed -16
[   52.034110][ T6342] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   52.069363][ T6052] usb usb5-port1: attempt power cycle
[   52.326895][ T6361] netlink: 'syz.1.109': attribute type 16 has an invalid length.
[   52.328974][ T6361] netlink: 'syz.1.109': attribute type 3 has an invalid length.
[   52.336970][ T6361] batman_adv: batadv0: Adding interface: dummy0
[   52.338704][ T6361] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.345353][ T6361] batman_adv: batadv0: Interface activated: dummy0
[   52.350402][ T6361] batadv0: mtu less than device minimum
[   52.352619][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.356153][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.359555][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.362940][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.366389][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.369776][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.373163][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.376612][ T6361] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.405032][ T6052] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   52.425541][ T6052] usb 5-1: device descriptor read/8, error -71
[   52.537808][ T6363] __nla_validate_parse: 4 callbacks suppressed
[   52.537824][ T6363] netlink: 8 bytes leftover after parsing attributes in process `syz.1.110'.
[   52.544419][ T6363] netlink: 12 bytes leftover after parsing attributes in process `syz.1.110'.
[   52.584652][ T6368] Process accounting resumed
[   52.675163][ T6052] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   52.681232][ T6375] sg_write: data in/out 43/14 bytes for SCSI command 0x9-- guessing data in;
[   52.681232][ T6375]    program syz.1.114 not setting count and/or reply_len properly
[   52.695705][ T6052] usb 5-1: device descriptor read/8, error -71
[   52.712149][ T6380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.115'.
[   52.714535][ T6380] netlink: 4 bytes leftover after parsing attributes in process `syz.2.115'.
[   52.806069][ T6052] usb usb5-port1: unable to enumerate USB device
[   52.867395][ T6383] tipc: Started in network mode
[   52.869260][ T6383] tipc: Node identity ac1414aa, cluster identity 4711
[   52.872472][ T6383] tipc: Enabled bearer <udp:s>, priority 10
[   52.995508][ T5948] Bluetooth: hci0: command tx timeout
[   53.005091][ T5948] Bluetooth: hci1: command tx timeout
[   53.005455][ T5947] Bluetooth: hci2: command tx timeout
[   53.028161][ T6389] netlink: 'syz.2.119': attribute type 2 has an invalid length.
[   53.996311][   T35] tipc: Node number set to 2886997162
[   54.218100][ T6427] netlink: 'syz.2.132': attribute type 2 has an invalid length.
[   54.268341][ T6433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.135'.
[   54.270662][ T6433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.135'.
[   54.309436][ T6429] warning: `syz.0.133' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   54.313703][ T6436] syzkaller1: entered promiscuous mode
[   54.316060][ T6436] syzkaller1: entered allmulticast mode
[   54.327364][ T6436] netlink: 'syz.2.136': attribute type 10 has an invalid length.
[   54.339190][ T6436] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.344225][ T6436] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   54.380625][ T6438] random: crng reseeded on system resumption
[   54.555639][ T6449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.141'.
[   54.557910][ T6449] netlink: 12 bytes leftover after parsing attributes in process `syz.0.141'.
[   54.560239][ T6449] netlink: 'syz.0.141': attribute type 5 has an invalid length.
[   54.566479][   T39] kauditd_printk_skb: 150 callbacks suppressed
[   54.566487][   T39] audit: type=1400 audit(1734201752.856:435): avc:  denied  { connect } for  pid=6448 comm="syz.0.141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   54.589617][   T39] audit: type=1400 audit(1734201752.876:436): avc:  denied  { write } for  pid=6448 comm="syz.0.141" path="socket:[9128]" dev="sockfs" ino=9128 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   54.618180][   T39] audit: type=1400 audit(1734201752.906:437): avc:  denied  { create } for  pid=6454 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   54.623135][   T39] audit: type=1400 audit(1734201752.906:438): avc:  denied  { listen } for  pid=6454 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   54.635263][   T39] audit: type=1400 audit(1734201752.906:439): avc:  denied  { accept } for  pid=6454 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   54.661318][ T6457] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   54.665402][ T6457] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   54.670431][ T6457] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[   54.675985][   T39] audit: type=1400 audit(1734201752.966:440): avc:  denied  { read } for  pid=6456 comm="syz.2.142" name="cec2" dev="devtmpfs" ino=986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.677215][ T6457] netlink: 36 bytes leftover after parsing attributes in process `syz.2.142'.
[   54.681844][   T39] audit: type=1400 audit(1734201752.966:441): avc:  denied  { open } for  pid=6456 comm="syz.2.142" path="/dev/cec2" dev="devtmpfs" ino=986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.690324][   T39] audit: type=1400 audit(1734201752.966:442): avc:  denied  { ioctl } for  pid=6456 comm="syz.2.142" path="/dev/cec2" dev="devtmpfs" ino=986 ioctlcmd=0x6109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.847653][   T39] audit: type=1400 audit(1734201753.136:443): avc:  denied  { read } for  pid=6483 comm="syz.1.151" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   54.854230][   T39] audit: type=1400 audit(1734201753.136:444): avc:  denied  { open } for  pid=6483 comm="syz.1.151" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   54.912599][ T6488] trusted_key: encrypted_key: hex blob is missing
[   54.919102][    T8] IPVS: starting estimator thread 0...
[   55.015105][ T6489] IPVS: using max 40 ests per chain, 96000 per kthread
[   55.087226][ T5940] Bluetooth: hci0: command 0x0406 tx timeout
[   55.088938][ T6512] netlink: 'syz.2.159': attribute type 1 has an invalid length.
[   55.103494][ T6512] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.110312][ T6512] 8021q: adding VLAN 0 to HW filter on device batadv1
[   55.114179][ T6512] bond1: (slave batadv1): making interface the new active one
[   55.117431][ T6512] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   55.164899][ T6516] 9pnet: Unknown protocol version 9p2000.u„Qï.HrõÂþoª÷^\ÄÞôäößj“kNÂ|s›³š

[   55.174601][ T6512] syz.2.159 (6512) used greatest stack depth: 21216 bytes left
[   55.231757][ T6520] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   55.246814][   T69] Bluetooth: hci4: Frame reassembly failed (-84)
[   55.356561][ T6520] =======================================================
[   55.356561][ T6520] WARNING: The mand mount option has been deprecated and
[   55.356561][ T6520]          and is ignored by this kernel. Remove the mand
[   55.356561][ T6520]          option from the mount to silence this warning.
[   55.356561][ T6520] =======================================================
[   55.365916][ T6520] hugetlbfs: Bad value '-m' for mount option 'nr_inodes'
[   55.365916][ T6520] 
[   56.034114][ T6528] random: crng reseeded on system resumption
[   56.035267][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.163'.
[   56.978134][ T6547] netlink: 'syz.3.170': attribute type 10 has an invalid length.
[   56.987599][ T6547] team0: Port device netdevsim0 added
[   56.998154][ T6547] pim6reg1: entered promiscuous mode
[   57.000219][ T6547] pim6reg1: entered allmulticast mode
[   57.215854][ T6562] capability: warning: `syz.0.176' uses deprecated v2 capabilities in a way that may be insecure
[   57.325464][ T5940] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   57.325604][ T5947] Bluetooth: hci4: command 0x1003 tx timeout
[   57.390421][ T6571] hsr_slave_1 (unregistering): left promiscuous mode
[   57.410220][ T6580] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[   57.417543][ T6578] overlay: Bad value for 'nfs_export'
[   57.516084][   T35] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   57.537744][ T6601] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[   57.695575][   T35] usb 6-1: Using ep0 maxpacket: 8
[   57.707870][   T35] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[   57.709997][   T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   57.712453][   T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   57.714849][   T35] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   57.717689][   T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   57.720913][   T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   57.723080][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.728470][   T35] usbtmc 6-1:16.0: bulk endpoints not found
[   57.997654][ T6631] omfs: Invalid superblock (0)
[   58.040995][ T6633] program syz.0.198 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   58.376961][ T6649] GUP no longer grows the stack in syz.0.203 (6649): 20004000-20008000 (20002000)
[   58.386062][ T6649] CPU: 2 UID: 0 PID: 6649 Comm: syz.0.203 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[   58.388704][ T6649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.391424][ T6649] Call Trace:
[   58.392341][ T6649]  <TASK>
[   58.393094][ T6649]  dump_stack_lvl+0x16c/0x1f0
[   58.394305][ T6649]  gup_vma_lookup+0x1d2/0x220
[   58.395537][ T6649]  __get_user_pages+0x236/0x3b50
[   58.396823][ T6649]  ? find_held_lock+0x2d/0x110
[   58.398074][ T6649]  ? mtree_load+0x30a/0xa40
[   58.399277][ T6649]  ? __pfx_lock_release+0x10/0x10
[   58.400583][ T6649]  ? __pfx___get_user_pages+0x10/0x10
[   58.401942][ T6649]  get_user_pages_remote+0x25e/0xb30
[   58.403333][ T6649]  ? __pfx_get_user_pages_remote+0x10/0x10
[   58.404856][ T6649]  __access_remote_vm+0x235/0x7b0
[   58.406181][ T6649]  ? __pfx___access_remote_vm+0x10/0x10
[   58.407613][ T6649]  ? _copy_to_user+0xbb/0xd0
[   58.408854][ T6649]  proc_pid_cmdline_read+0x4f5/0x900
[   58.410231][ T6649]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   58.411749][ T6649]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   58.413341][ T6649]  vfs_readv+0x6bf/0x890
[   58.414453][ T6649]  ? __pfx___lock_acquire+0x10/0x10
[   58.415814][ T6649]  ? __pfx_vfs_readv+0x10/0x10
[   58.417072][ T6649]  ? __fget_files+0x1fc/0x3a0
[   58.418321][ T6649]  ? __pfx_lock_release+0x10/0x10
[   58.419613][ T6649]  ? __fget_files+0x206/0x3a0
[   58.420849][ T6649]  ? do_preadv+0x1b1/0x270
[   58.422049][ T6649]  do_preadv+0x1b1/0x270
[   58.423161][ T6649]  ? __pfx_do_preadv+0x10/0x10
[   58.424416][ T6649]  do_syscall_64+0xcd/0x250
[   58.425571][ T6649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.427020][ T6649] RIP: 0033:0x7fa9c7b85d19
[   58.428180][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.432800][ T6649] RSP: 002b:00007fa9c8924038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   58.435062][ T6649] RAX: ffffffffffffffda RBX: 00007fa9c7d76080 RCX: 00007fa9c7b85d19
[   58.437122][ T6649] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000009
[   58.439141][ T6649] RBP: 00007fa9c7c01a20 R08: 0000000000000000 R09: 0000000000000000
[   58.441157][ T6649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   58.443180][ T6649] R13: 0000000000000000 R14: 00007fa9c7d76080 R15: 00007ffebd232dd8
[   58.445226][ T6649]  </TASK>
[   58.485113][ T6654] block nbd0: not configured, cannot reconfigure
[   58.489213][ T6654] xt_hashlimit: overflow, rate too high: 0
[   58.537813][   T30] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   58.542494][   T30] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   58.571735][ T6659] __nla_validate_parse: 4 callbacks suppressed
[   58.571744][ T6659] netlink: 28 bytes leftover after parsing attributes in process `syz.0.207'.
[   58.575959][ T6659] netlink: 'syz.0.207': attribute type 7 has an invalid length.
[   58.578154][ T6659] netlink: 'syz.0.207': attribute type 8 has an invalid length.
[   58.580184][ T6659] netlink: 4 bytes leftover after parsing attributes in process `syz.0.207'.
[   58.646414][   T35] usb 6-1: USB disconnect, device number 3
[   58.795991][ T6687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.214'.
[   58.825317][    T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   58.893238][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.217'.
[   58.899006][ T6692] binder: 6691:6692 ioctl c0306201 0 returned -14
[   58.900878][ T6692] binder: 6691:6692 ioctl c0306201 20000080 returned -11
[   58.976547][    T8] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   58.979206][    T8] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   58.981593][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.989319][ T6663] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   58.994654][    T8] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   59.015984][ T6694] /dev/sr0: Can't open blockdev
[   59.262648][ T6663] xt_CT: No such helper "pptp"
[   59.319765][   T30] usb 7-1: USB disconnect, device number 3
[   59.396110][ T6723] pim6reg1: entered promiscuous mode
[   59.398721][ T6723] pim6reg1: entered allmulticast mode
[   59.491409][ T6730] netlink: 'syz.3.227': attribute type 21 has an invalid length.
[   59.493570][ T6730] netlink: 'syz.3.227': attribute type 20 has an invalid length.
[   59.495876][ T6730] IPv6: NLM_F_CREATE should be specified when creating new route
[   59.550136][ T6743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.228'.
[   59.638629][   T39] kauditd_printk_skb: 66 callbacks suppressed
[   59.638640][   T39] audit: type=1400 audit(1734201757.926:511): avc:  denied  { ioctl } for  pid=6750 comm="syz.2.232" path="/dev/sg0" dev="devtmpfs" ino=721 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   59.658295][ T6759] net_ratelimit: 11 callbacks suppressed
[   59.658309][ T6759] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[   59.665638][ T6759] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6759 comm=syz.3.235
[   59.722903][ T6765] program syz.2.236 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   59.726478][ T6765] ata1.00: invalid command format 0
[   59.833894][ T6777] xt_recent: Unsupported userspace flags (00000042)
[   59.867239][ T5940] Bluetooth: hci0: ACL packet for unknown connection handle 192
[   59.882548][ T6785] dvmrp8: entered allmulticast mode
[   59.887764][ T6785] dvmrp8: left allmulticast mode
[   60.016068][   T69] Bluetooth: Error in BCSP hdr checksum
[   60.019542][ T6800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'.
[   60.022293][ T6800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'.
[   60.091634][   T39] audit: type=1400 audit(1734201758.376:512): avc:  denied  { read } for  pid=6807 comm="syz.0.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   60.135896][ T6815] FAT-fs (nullb0): bogus number of reserved sectors
[   60.137835][ T6815] FAT-fs (nullb0): Can't find a valid FAT filesystem
[   60.169829][ T5974] IPVS: starting estimator thread 0...
[   60.255224][ T6816] IPVS: using max 40 ests per chain, 96000 per kthread
[   60.356075][   T39] audit: type=1400 audit(1734201758.646:513): avc:  denied  { bind } for  pid=6834 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   60.426910][   T39] audit: type=1400 audit(1734201758.716:514): avc:  denied  { search } for  pid=5652 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.463066][   T39] audit: type=1400 audit(1734201758.746:515): avc:  denied  { read } for  pid=6840 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.469244][   T39] audit: type=1400 audit(1734201758.746:516): avc:  denied  { open } for  pid=6840 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.475859][   T39] audit: type=1400 audit(1734201758.746:517): avc:  denied  { getattr } for  pid=6840 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.482405][   T39] audit: type=1400 audit(1734201758.756:518): avc:  denied  { write } for  pid=6839 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1767 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.488779][   T39] audit: type=1400 audit(1734201758.756:519): avc:  denied  { add_name } for  pid=6839 comm="dhcpcd-run-hook" name="resolv.conf.cfptm1.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   60.503370][   T39] audit: type=1400 audit(1734201758.786:520): avc:  denied  { remove_name } for  pid=6842 comm="rm" name="resolv.conf.cfptm1.link" dev="tmpfs" ino=3057 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   61.198694][ T6881] Bluetooth: MGMT ver 1.23
[   62.035130][ T5940] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   62.035300][ T5947] Bluetooth: hci4: command 0x1003 tx timeout
[   62.082734][ T6982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.274'.
[   62.133122][ T6987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.276'.
[   62.138250][ T6987] netlink: 3 bytes leftover after parsing attributes in process `syz.1.276'.
[   62.219576][ T6997] netlink: 'syz.3.279': attribute type 10 has an invalid length.
[   62.230870][ T6997] team0: Port device netdevsim0 removed
[   62.233618][ T6997] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   62.288735][ T7003] openvswitch: netlink: VXLAN extension 15883 out of range max 1
[   62.368582][ T7023] xt_l2tp: invalid flags combination: c
[   62.417485][ T7028] netlink: 'syz.3.289': attribute type 4 has an invalid length.
[   62.433555][ T7028] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   62.514077][ T7035] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   62.650779][ T7056] binder: 7055:7056 ioctl c0306201 0 returned -14
[   62.838606][ T7065] netlink: 'syz.3.300': attribute type 1 has an invalid length.
[   62.840699][ T7065] netlink: 'syz.3.300': attribute type 4 has an invalid length.
[   63.512630][ T7094] vlan0: entered promiscuous mode
[   63.519993][ T7094] team0: Port device vlan0 added
[   63.561428][ T7101] 8021q: adding VLAN 0 to HW filter on device bond1
[   63.566221][ T7101] bond0: (slave bond1): Enslaving as an active interface with an up link
[   63.707738][ T7119] overlay: ./file1 is not a directory
[   63.916691][ T7145] __nla_validate_parse: 6 callbacks suppressed
[   63.916701][ T7145] netlink: 12 bytes leftover after parsing attributes in process `syz.3.323'.
[   63.923180][ T7145] netlink: 28 bytes leftover after parsing attributes in process `syz.3.323'.
[   64.081868][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.329'.
[   64.126340][ T7163] xt_hashlimit: size too large, truncated to 1048576
[   64.299437][ T7183] ptm ptm0: ldisc open failed (-12), clearing slot 0
[   64.347416][ T7190] TCP: TCP_TX_DELAY enabled
[   64.498574][ T7205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.341'.
[   64.618562][ T7216] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   64.771128][ T7218] netlink: 12 bytes leftover after parsing attributes in process `syz.3.346'.
[   64.875063][   T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   64.955291][   T39] kauditd_printk_skb: 112 callbacks suppressed
[   64.955303][   T39] audit: type=1400 audit(1734201763.246:633): avc:  denied  { block_suspend } for  pid=7225 comm="syz.3.348" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   65.060892][   T25] usb 5-1: config 0 has no interfaces?
[   65.062437][   T25] usb 5-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[   65.064847][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.069482][   T25] usb 5-1: config 0 descriptor??
[   65.125208][ T7232] openvswitch: netlink: ct_state flags 010000e0 unsupported
[   65.384725][ T7237] IPVS: Scheduler module ip_vs_non	 not found
[   65.587257][ T7252] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=36583 sclass=netlink_route_socket pid=7252 comm=syz.1.356
[   65.624984][ T7257] kvm: apic: phys broadcast and lowest prio
[   65.646627][   T39] audit: type=1400 audit(1734201763.936:634): avc:  denied  { mounton } for  pid=7255 comm="syz.1.358" path="/proc/272/cgroup" dev="proc" ino=16396 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[   65.651655][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   65.657849][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   65.658375][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   65.659697][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   65.661283][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   65.681791][   T39] audit: type=1400 audit(1734201763.966:635): avc:  denied  { mounton } for  pid=7255 comm="syz.1.358" path="/proc/272/cgroup" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   65.695724][ T7259] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[   65.698579][ T7259] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[   65.753468][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   66.001322][   T39] audit: type=1400 audit(1734201764.286:636): avc:  denied  { ioctl } for  pid=7280 comm="syz.2.365" path="socket:[16411]" dev="sockfs" ino=16411 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   66.001671][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.2.365'.
[   66.007859][   T39] audit: type=1400 audit(1734201764.286:637): avc:  denied  { mount } for  pid=7278 comm="syz.1.364" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   66.021287][ T7281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'.
[   66.073241][   T39] audit: type=1400 audit(1734201764.356:638): avc:  denied  { getopt } for  pid=7269 comm="syz.3.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   66.078290][   T39] audit: type=1400 audit(1734201764.356:639): avc:  denied  { map } for  pid=7269 comm="syz.3.361" path="/proc/213/task" dev="proc" ino=13279 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   66.189108][    T9] hid (null): unknown global tag 0xcc
[   66.191547][    T9] hid-generic 0009:0003:0006.0003: unknown main item tag 0x5
[   66.193482][    T9] hid-generic 0009:0003:0006.0003: unexpected long global item
[   66.198422][    T9] hid-generic 0009:0003:0006.0003: probe with driver hid-generic failed with error -22
[   66.218276][   T39] audit: type=1400 audit(1734201764.506:640): avc:  denied  { mount } for  pid=7286 comm="syz.2.367" name="/" dev="autofs" ino=17696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   66.226037][   T39] audit: type=1400 audit(1734201764.516:641): avc:  denied  { nlmsg_write } for  pid=7286 comm="syz.2.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   66.298362][   T39] audit: type=1400 audit(1734201764.586:642): avc:  denied  { unmount } for  pid=5942 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   66.646261][ T7302] netlink: 12 bytes leftover after parsing attributes in process `syz.2.372'.
[   66.680630][ T7305] overlayfs: failed to resolve './bus': -2
[   66.820408][ T7324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.378'.
[   66.857664][ T7326] netlink: 132 bytes leftover after parsing attributes in process `syz.1.379'.
[   67.562393][   T73] usb 5-1: USB disconnect, device number 6
[   67.815639][ T7358] delete_channel: no stack
[   67.822000][ T7355] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7355 comm=syz.3.387
[   67.884753][ T7370] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   67.917826][ T7375] overlayfs: failed to resolve './file0': -2
[   67.952904][ T7379] netlink: 'syz.2.394': attribute type 16 has an invalid length.
[   67.955068][ T7379] netlink: 'syz.2.394': attribute type 3 has an invalid length.
[   67.957143][ T7379] netlink: 'syz.2.394': attribute type 1 has an invalid length.
[   67.959136][ T7379] netlink: 'syz.2.394': attribute type 2 has an invalid length.
[   68.143187][ T7389] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5125 sclass=netlink_route_socket pid=7389 comm=syz.2.396
[   68.154790][ T7389] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   68.316174][ T7397] overlayfs: missing 'workdir'
[   68.316345][ T7396] overlayfs: missing 'workdir'
[   68.343162][ T7399] netlink: 'syz.2.399': attribute type 5 has an invalid length.
[   68.931727][ T7420] loop2: detected capacity change from 0 to 7
[   68.938471][ T7420] Dev loop2: unable to read RDB block 7
[   68.940008][ T7420]  loop2: unable to read partition table
[   68.941777][ T7420] loop2: partition table beyond EOD, truncated
[   68.943924][ T7420] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   69.191583][ T7399] syz.2.399 (7399) used greatest stack depth: 20448 bytes left
[   69.239111][ T7450] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   69.241177][ T7450] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   69.249381][ T7450] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   69.252234][ T7450] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   69.253837][ T7450] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   69.257884][ T7450] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   69.260595][ T7450] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   69.262172][ T7450] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   69.264011][ T7450] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   69.266979][ T7450] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   69.269143][ T7450] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   69.272194][ T7450] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   69.276813][ T7450] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   69.535354][  T833] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   69.685013][  T833] usb 7-1: Using ep0 maxpacket: 32
[   69.688899][  T833] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[   69.692296][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.697929][  T833] usb 7-1: config 0 descriptor??
[   69.705864][  T833] as10x_usb: device has been detected
[   69.707512][  T833] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[   69.722239][  T833] usb 7-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[   69.740904][  T833] as10x_usb: error during firmware upload part1
[   69.742945][  T833] Registered device nBox DVB-T Dongle
[   69.902103][ T5974] usb 7-1: USB disconnect, device number 4
[   69.913913][ T5974] Unregistered device nBox DVB-T Dongle
[   69.914339][ T5974] as10x_usb: device has been disconnected
[   70.017865][   T39] kauditd_printk_skb: 13 callbacks suppressed
[   70.017880][   T39] audit: type=1400 audit(1734201768.306:656): avc:  denied  { connect } for  pid=7490 comm="syz.0.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   70.026658][   T39] audit: type=1326 audit(1734201768.306:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.033991][   T39] audit: type=1326 audit(1734201768.306:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.040466][   T39] audit: type=1326 audit(1734201768.306:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.048069][   T39] audit: type=1326 audit(1734201768.316:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.050727][ T7491] program syz.0.428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   70.055920][   T39] audit: type=1326 audit(1734201768.316:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.055942][   T39] audit: type=1326 audit(1734201768.316:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.055958][   T39] audit: type=1326 audit(1734201768.316:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.077285][   T39] audit: type=1326 audit(1734201768.316:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.083956][   T39] audit: type=1326 audit(1734201768.316:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7490 comm="syz.0.428" exe="/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa9c7b85d19 code=0x7ffc0000
[   70.388729][ T7513] overlayfs: failed to resolve './file1': -2
[   70.524399][ T7527] ufs: You didn't specify the type of your ufs filesystem
[   70.524399][ T7527] 
[   70.524399][ T7527] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   70.524399][ T7527] 
[   70.524399][ T7527] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   70.535589][ T7527] ufs: ufstype=old is supported read-only
[   70.538641][ T7527] syz.0.438: attempt to access beyond end of device
[   70.538641][ T7527] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[   70.723046][ T7549] xt_socket: unknown flags 0xc
[   71.001512][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[   71.003390][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[   71.315122][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[   71.315156][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   71.317236][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout
[   71.484101][ T7541] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   71.486207][ T7541] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   71.489064][ T7541] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   71.490664][ T7541] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   71.586259][ T7585] binder: BINDER_SET_CONTEXT_MGR already set
[   71.589107][ T7585] binder: 7584:7585 ioctl 4018620d 20000040 returned -16
[   71.613982][ T7587] __nla_validate_parse: 2 callbacks suppressed
[   71.613992][ T7587] netlink: 64 bytes leftover after parsing attributes in process `syz.2.454'.
[   71.616148][ T7591] netlink: 64 bytes leftover after parsing attributes in process `syz.2.454'.
[   71.624729][ T7590] netlink: 'syz.0.455': attribute type 1 has an invalid length.
[   71.629649][ T7590] netlink: 224 bytes leftover after parsing attributes in process `syz.0.455'.
[   71.642363][ T7590] netlink: 'syz.0.455': attribute type 1 has an invalid length.
[   71.650373][ T7590] netlink: 732 bytes leftover after parsing attributes in process `syz.0.455'.
[   71.653516][ T7590] netlink: 732 bytes leftover after parsing attributes in process `syz.0.455'.
[   71.747811][ T7605] Cannot find add_set index 3 as target
[   71.750855][ T7605] netem: change failed
[   71.807297][ T7613] netlink: 8 bytes leftover after parsing attributes in process `syz.0.461'.
[   71.811309][ T7614] ip6t_srh: unknown srh invflags 7863
[   71.916235][ T7619] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   71.918956][ T7619] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   71.921323][ T7619] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   71.923612][ T7619] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   71.929040][ T7619] geneve2: entered promiscuous mode
[   71.930434][ T7619] geneve2: entered allmulticast mode
[   71.978136][ T7627] dvmrp8: entered allmulticast mode
[   71.980358][ T7627] dvmrp8: left allmulticast mode
[   72.096982][ T7630] netlink: 'syz.0.468': attribute type 178 has an invalid length.
[   72.100497][ T7631] vivid-007: =================  START STATUS  =================
[   72.104044][ T7631] vivid-007: Enable Output Cropping: true
[   72.107416][ T7631] vivid-007: Enable Output Composing: true
[   72.109488][ T7631] vivid-007: Enable Output Scaler: true
[   72.111420][ T7631] vivid-007: Tx RGB Quantization Range: Automatic
[   72.113648][ T7631] vivid-007: Transmit Mode: HDMI
[   72.115533][ T7631] vivid-007: Hotplug Present: 0x00000000
[   72.117610][ T7631] vivid-007: RxSense Present: 0x00000000
[   72.119691][ T7631] vivid-007: EDID Present: 0x00000000
[   72.121640][ T7631] vivid-007: ==================  END STATUS  ==================
[   72.124204][ T7630] vivid-007: =================  START STATUS  =================
[   72.127503][ T7630] vivid-007: Enable Output Cropping: true
[   72.130710][ T7630] vivid-007: Enable Output Composing: true
[   72.132627][ T7630] vivid-007: Enable Output Scaler: true
[   72.134457][ T7630] vivid-007: Tx RGB Quantization Range: Automatic
[   72.138343][ T7631] netlink: 'syz.0.468': attribute type 1 has an invalid length.
[   72.140873][ T7631] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.468'.
[   72.141439][ T7630] vivid-007: Transmit Mode: HDMI
[   72.149885][ T7630] vivid-007: Hotplug Present: 0x00000000
[   72.152004][ T7630] vivid-007: RxSense Present: 0x00000000
[   72.154032][ T7630] vivid-007: EDID Present: 0x00000000
[   72.156056][ T7630] vivid-007: ==================  END STATUS  ==================
[   72.203298][ T7636] SELinux:  Context system_u:object_r:dhcpc_var_run_t:s0 is not valid (left unmapped).
[   72.261355][  T833] hid-generic 0000:0003:0000.0004: unknown main item tag 0x0
[   72.264099][  T833] hid-generic 0000:0003:0000.0004: unknown main item tag 0x0
[   72.269065][ T7638] batman_adv: batadv0: Adding interface: erspan1
[   72.270738][ T7638] batman_adv: batadv0: Not using interface erspan1 (retrying later): interface not active
[   72.271304][ T7642] SELinux:  Context #! ./cgroup/file0
[   72.271304][ T7642] l?V�WÔ‚¥ºŸÔJnË£·�¼&(„ý#?²6šš(Ù!	‘åMðèD©p‰4Èu'4úäÜÉö¦aœv°¢¼M¦D]lˆ~@ùû¼)õܾ=Íj0¬’ˆ~vs�ÜÊdLŽß^`Ôúû~E¯êAœ¼dÁ-y†�uí�6ï³z†èã\Ñ)á”{…EϽU{[7ƒªÉw9Y#5 6áBõ«èqy„þrÖ is not valid (left unmapped).
[   72.278629][  T833] hid-generic 0000:0003:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   72.329229][ T7645] overlayfs: failed to resolve './file0': -2
[   72.387763][ T7645] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   72.469450][ T7650] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[   72.583295][ T7652] xt_hashlimit: size too large, truncated to 1048576
[   72.645058][  T833] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   72.755110][ T5947] Bluetooth: hci0: command 0x0c1a tx timeout
[   72.798708][ T7654] netlink: 28 bytes leftover after parsing attributes in process `syz.0.475'.
[   72.799660][  T833] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[   72.803777][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   72.807277][  T833] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[   72.810148][  T833] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[   72.812770][  T833] usb 7-1: Manufacturer: syz
[   72.817516][  T833] usb 7-1: config 0 descriptor??
[   72.865058][  T833] rc_core: IR keymap rc-hauppauge not found
[   72.866661][  T833] Registered IR keymap rc-empty
[   72.869988][  T833] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[   72.873605][  T833] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input9
[   73.021760][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.2.474'.
[   73.024850][ T7649] netlink: 'syz.2.474': attribute type 4 has an invalid length.
[   73.032161][    T9] usb 7-1: USB disconnect, device number 5
[   73.553215][ T7668] netlink: 'syz.3.479': attribute type 13 has an invalid length.
[   73.557238][ T7668] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   73.559456][ T7667] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=4715 sclass=netlink_xfrm_socket pid=7667 comm=syz.0.478
[   73.562918][ T7668] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[   73.564804][ T7668] gretap1: entered promiscuous mode
[   73.565825][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   73.566928][ T7668] gretap1: entered allmulticast mode
[   73.567920][ T5947] Bluetooth: hci2: command 0x0c1a tx timeout
[   73.569172][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout
[   73.591133][ T7667] netlink: 700 bytes leftover after parsing attributes in process `syz.0.478'.
[   73.606780][ T7678] netlink: 'syz.3.481': attribute type 1 has an invalid length.
[   73.609659][ T7667] kAFS: No cell specified
[   73.610679][ T7678] vxcan2: entered promiscuous mode
[   73.615522][ T7678] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7678 comm=syz.3.481
[   73.786604][ T7707] openvswitch: netlink: Either Ethernet header or EtherType is required.
[   73.826777][   T73] IPVS: starting estimator thread 0...
[   73.927853][ T7718] IPVS: using max 40 ests per chain, 96000 per kthread
[   73.997148][ T7733] pim6reg527: entered allmulticast mode
[   74.068394][ T7747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7747 comm=syz.3.501
[   74.076335][ T7750] netlink: 'syz.0.502': attribute type 25 has an invalid length.
[   74.406876][ T7765] smc: net device bond0 applied user defined pnetid SYZ0
[   74.409116][ T7765] smc: net device bond0 erased user defined pnetid SYZ0
[   74.723429][ T7775] VFS: could not find a valid V7 on nullb0.
[   74.837708][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[   75.063324][ T7803] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   75.099443][ T7800] netlink: 'syz.2.515': attribute type 4 has an invalid length.
[   75.154480][ T7805] "syz.1.520" (7805) uses obsolete ecb(arc4) skcipher
[   75.156114][ T7798] netlink: 'syz.2.515': attribute type 4 has an invalid length.
[   75.158035][   T39] kauditd_printk_skb: 87 callbacks suppressed
[   75.158046][   T39] audit: type=1400 audit(1734201773.446:753): avc:  denied  { write } for  pid=7804 comm="syz.1.520" path="socket:[18396]" dev="sockfs" ino=18396 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   75.370469][ T7822] geneve2: entered promiscuous mode
[   75.371915][ T7822] geneve2: entered allmulticast mode
[   75.472485][   T39] audit: type=1400 audit(1734201773.756:754): avc:  denied  { ioctl } for  pid=7826 comm="syz.1.526" path="socket:[19057]" dev="sockfs" ino=19057 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   75.635344][ T5948] Bluetooth: hci2: command 0x0c1a tx timeout
[   75.645114][ T5948] Bluetooth: hci1: command 0x0c1a tx timeout
[   75.645131][ T5947] Bluetooth: hci3: command 0x0c1a tx timeout
[   75.735819][   T73] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   75.739368][ T7835] Unsupported ieee802154 address type: 0
[   75.739376][   T39] audit: type=1400 audit(1734201774.026:755): avc:  denied  { bind } for  pid=7834 comm="syz.1.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   75.834315][   T39] audit: type=1326 audit(1734201774.116:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7840 comm="syz.1.531" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa213585d19 code=0x0
[   75.874881][ T7844] syz.2.532[7844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.874999][ T7844] syz.2.532[7844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.878732][ T7844] syz.2.532[7844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.885002][   T73] usb 8-1: Using ep0 maxpacket: 8
[   75.891996][   T73] usb 8-1: config 1 interface 0 altsetting 248 bulk endpoint 0x82 has invalid maxpacket 1023
[   75.894692][   T73] usb 8-1: config 1 interface 0 altsetting 248 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   75.898261][   T73] usb 8-1: config 1 interface 0 has no altsetting 0
[   75.901918][   T73] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   75.904216][   T73] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.906810][   T73] usb 8-1: Product: ᤑ�឵彿㬈�岚漺斦㆜ꪴ煉诇�轑햫饉䱷䗉Ꞡ֔䯉躓꨹ൈ溻蘲ﮑ甽桛�臵⡿຿Ṡᇒ塨�ᾢ蠸봔㱮㻓븈�继櫨⎥ݒ酺蕸凟�᷅飢无㲳꟦ቭᆗ�⾽璩䟅쨕顒䯥쟞갔⽇톭悪㖩嫭쵵깂ꈖ侰�냆䙚宻��懞軱댟ؖ᧓쒡韱
[   75.914089][   T73] usb 8-1: Manufacturer: à ¬
[   75.916704][   T73] usb 8-1: SerialNumber: 㒞�뗤䰢횎長뗫瞰꿥箣宇�飘�봹쎫柿蘦澔�鮦㇆쫱᛼삚編抢臺耼麫�둞螾��쿔�휤炃
[   75.922563][ T7824] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   75.946360][   T39] audit: type=1400 audit(1734201774.236:757): avc:  denied  { sqpoll } for  pid=7846 comm="syz.2.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   75.962644][   T39] audit: type=1400 audit(1734201774.246:758): avc:  denied  { append } for  pid=7846 comm="syz.2.533" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   76.001877][ T7850] capability: warning: `syz.2.534' uses 32-bit capabilities (legacy support in use)
[   76.117792][ T1331] cfg80211: failed to load regulatory.db
[   76.135817][   T73] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[   76.143877][   T39] audit: type=1400 audit(1734201774.426:759): avc:  denied  { ioctl } for  pid=7859 comm="syz.2.537" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   76.159355][   T39] audit: type=1400 audit(1734201774.446:760): avc:  denied  { watch } for  pid=7859 comm="syz.2.537" path="/137/bus" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[   76.238105][ T7864] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[   76.238343][ T7863] IPVS: stopping master sync thread 7864 ...
[   76.295065][ T5974] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   76.329154][ T7824] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   76.387326][ T1331] usb 8-1: USB disconnect, device number 2
[   76.448587][ T5974] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   76.450911][ T5974] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.453550][ T5974] usb 5-1: Product: syz
[   76.454648][ T5974] usb 5-1: Manufacturer: syz
[   76.456685][ T5974] usb 5-1: SerialNumber: syz
[   76.460458][ T5974] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   76.482091][ T5974] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   76.665121][   T73] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   76.736219][   T39] audit: type=1400 audit(1734201775.026:761): avc:  denied  { read } for  pid=7856 comm="syz.0.536" lport=36223 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   76.815037][   T73] usb 7-1: Using ep0 maxpacket: 8
[   76.817643][   T73] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[   76.819871][   T73] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   76.822386][   T73] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   76.827494][   T73] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   76.830164][   T73] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   76.833613][   T73] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   76.836684][   T73] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.903387][  T220] Bluetooth: hci4: Frame reassembly failed (-84)
[   76.925024][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[   76.953033][ T7889] nftables ruleset with unbound set
[   77.045474][   T73] usb 7-1: usb_control_msg returned -32
[   77.046625][ T7874] program syz.2.541 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   77.046806][   T73] usbtmc 7-1:16.0: can't read capabilities
[   77.565070][ T5974] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[   77.567340][ T5974] ath9k_htc: Failed to initialize the device
[   77.585436][ T5974] usb 5-1: ath9k_htc: USB layer deinitialized
[   77.715213][ T5948] Bluetooth: hci3: command 0x0c1a tx timeout
[   77.909488][   T73] libceph: connect (1)[c::]:6789 error -101
[   77.911254][   T73] libceph: mon0 (1)[c::]:6789 connect error
[   77.963298][ T7904] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7904 comm=syz.3.547
[   78.165497][   T73] libceph: connect (1)[c::]:6789 error -101
[   78.167206][   T73] libceph: mon0 (1)[c::]:6789 connect error
[   78.679246][   T73] libceph: connect (1)[c::]:6789 error -101
[   78.680965][   T73] libceph: mon0 (1)[c::]:6789 connect error
[   78.685847][ T7897] ceph: No mds server is up or the cluster is laggy
[   78.915533][ T5947] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   78.941291][ T7917] __nla_validate_parse: 7 callbacks suppressed
[   78.941300][ T7917] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.551'.
[   78.945673][ T7917] openvswitch: netlink: Actions may not be safe on all matching packets
[   78.948763][ T7917] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.551'.
[   78.951127][ T7917] openvswitch: netlink: Actions may not be safe on all matching packets
[   79.055714][   T73] usb 5-1: USB disconnect, device number 7
[   79.079506][   T39] audit: type=1400 audit(1734201777.366:762): avc:  denied  { setopt } for  pid=7930 comm="syz.0.556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   79.365020][   T25] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   79.446547][    T9] usb 7-1: USB disconnect, device number 6
[   79.495512][   T25] usb 8-1: device descriptor read/64, error -71
[   79.735190][   T25] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   79.765172][ T7959] 9pnet_fd: Insufficient options for proto=fd
[   79.822924][ T7966] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   79.826089][ T7966] IPv6: NLM_F_CREATE should be set when creating new route
[   79.865187][   T25] usb 8-1: device descriptor read/64, error -71
[   79.975360][   T25] usb usb8-port1: attempt power cycle
[   80.335003][   T25] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   80.368960][   T39] kauditd_printk_skb: 4 callbacks suppressed
[   80.368969][   T39] audit: type=1400 audit(1734201778.656:767): avc:  denied  { unlink } for  pid=7987 comm="syz.1.574" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=40372961 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   80.376574][   T25] usb 8-1: device descriptor read/8, error -71
[   80.385031][   T39] audit: type=1400 audit(1734201778.656:768): avc:  denied  { associate } for  pid=7987 comm="syz.1.574" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   80.391283][   T39] audit: type=1400 audit(1734201778.656:769): avc:  denied  { bind } for  pid=7989 comm="syz.0.577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   80.408572][ T7993] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   80.410451][ T7993] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   80.413785][ T7993] vhci_hcd vhci_hcd.0: Device attached
[   80.428817][ T7994] vhci_hcd: connection closed
[   80.435189][ T1140] vhci_hcd: stop threads
[   80.438563][ T1140] vhci_hcd: release socket
[   80.439783][ T1140] vhci_hcd: disconnect device
[   80.537575][ T5947] Bluetooth: hci3: ACL packet for unknown connection handle 200
[   80.539589][ T5947] Bluetooth: hci3: ACL packet for unknown connection handle 200
[   80.645070][   T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   80.653780][ T8063] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   80.667101][   T25] usb 8-1: device descriptor read/8, error -71
[   80.787379][   T25] usb usb8-port1: unable to enumerate USB device
[   80.821350][ T8072] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[   80.895058][   T73] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   81.055129][   T73] usb 5-1: Using ep0 maxpacket: 16
[   81.057891][   T73] usb 5-1: config 0 has no interfaces?
[   81.060947][   T73] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   81.063365][   T73] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.065704][   T73] usb 5-1: Product: syz
[   81.066797][   T73] usb 5-1: Manufacturer: syz
[   81.068006][   T73] usb 5-1: SerialNumber: syz
[   81.071196][   T73] usb 5-1: config 0 descriptor??
[   81.279337][   T39] audit: type=1400 audit(1734201779.566:770): avc:  denied  { bind } for  pid=8062 comm="syz.0.588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   81.885007][ T1331] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   81.915904][ T8088] netlink: 20 bytes leftover after parsing attributes in process `syz.2.594'.
[   81.918263][ T8088] netlink: 20 bytes leftover after parsing attributes in process `syz.2.594'.
[   81.920736][ T8088] netlink: 2 bytes leftover after parsing attributes in process `syz.2.594'.
[   82.064993][ T1331] usb 6-1: Using ep0 maxpacket: 8
[   82.067756][ T1331] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[   82.070630][ T1331] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   82.073331][ T1331] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   82.076221][ T1331] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   82.080627][ T1331] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   82.083137][ T1331] usb 6-1: New USB device strings: Mfr=0, Product=7, SerialNumber=0
[   82.085590][ T1331] usb 6-1: Product: syz
[   82.090420][ T1331] usbtmc 6-1:16.0: bulk endpoints not found
[   82.253519][   T39] audit: type=1400 audit(1734201780.536:771): avc:  denied  { map } for  pid=8099 comm="syz.3.597" path="socket:[20686]" dev="sockfs" ino=20686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[   82.259529][   T39] audit: type=1400 audit(1734201780.536:772): avc:  denied  { accept } for  pid=8099 comm="syz.3.597" path="socket:[20686]" dev="sockfs" ino=20686 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[   82.290423][ T8085] trusted_key: encrypted_key: insufficient parameters specified
[   82.316419][ T8106] netlink: 'syz.3.599': attribute type 2 has an invalid length.
[   82.318520][ T8106] netlink: 132 bytes leftover after parsing attributes in process `syz.3.599'.
[   82.392733][ T8113] kvm: emulating exchange as write
[   82.520940][   T39] audit: type=1326 audit(1734201780.806:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8117 comm="syz.3.603" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbff985d19 code=0x0
[   82.828323][   T39] audit: type=1400 audit(1734201781.116:774): avc:  denied  { create } for  pid=8121 comm="syz.2.604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   83.580411][ T8134] Cannot find set identified by id 4 to match
[   83.608414][ T8137] SELinux: syz.3.610 (8137) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   83.680979][   T73] usb 5-1: USB disconnect, device number 8
[   83.750533][ T8153] cgroup: fork rejected by pids controller in /syz2
[   83.850865][   T39] audit: type=1400 audit(1734201782.136:775): avc:  denied  { connect } for  pid=8263 comm="syz.3.620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   84.214072][   T39] audit: type=1400 audit(1734201782.496:776): avc:  denied  { execute } for  pid=8272 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   84.309764][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.313687][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.316505][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.318997][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.321205][ T5948] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   84.323289][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.412294][ T8273] chnl_net:caif_netlink_parms(): no params data found
[   84.484046][ T8273] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.486970][ T8273] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.489463][ T8273] bridge_slave_0: entered allmulticast mode
[   84.493379][ T8273] bridge_slave_0: entered promiscuous mode
[   84.498980][ T8273] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.501411][ T8273] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.503826][ T8273] bridge_slave_1: entered allmulticast mode
[   84.507288][ T8273] bridge_slave_1: entered promiscuous mode
[   84.526702][ T8273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.530201][ T8273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.551578][ T8273] team0: Port device team_slave_0 added
[   84.555821][ T8273] team0: Port device team_slave_1 added
[   84.572903][ T8273] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.574708][ T8273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.581920][ T8273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.585205][ T8273] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.586869][ T8273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.592829][ T8273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.618822][ T8273] hsr_slave_0: entered promiscuous mode
[   84.620824][ T8273] hsr_slave_1: entered promiscuous mode
[   84.622657][ T8273] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   84.624636][ T8273] Cannot create hsr debugfs directory
[   84.666018][ T1331] usb 6-1: USB disconnect, device number 4
[   84.719556][ T8273] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.813613][ T8273] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.898793][ T8301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.631'.
[   84.901106][ T8301] netlink: 'syz.1.631': attribute type 30 has an invalid length.
[   84.903086][ T8301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.631'.
[   84.928037][ T8273] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.005681][ T8273] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.046490][    T9] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   85.156574][ T8273] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   85.159958][ T8273] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   85.163544][ T8273] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   85.166954][ T8273] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   85.185272][  T833] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   85.208447][ T8273] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.216917][    T9] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   85.217106][ T8273] 8021q: adding VLAN 0 to HW filter on device team0
[   85.219768][    T9] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   85.224606][    T9] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   85.225442][ T1254] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.227557][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.229615][ T1254] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.235030][ T8294] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   85.238629][    T9] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   85.248855][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.250731][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.321085][ T8273] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.340974][ T8273] veth0_vlan: entered promiscuous mode
[   85.345109][  T833] usb 6-1: Using ep0 maxpacket: 16
[   85.345658][ T8273] veth1_vlan: entered promiscuous mode
[   85.349082][  T833] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[   85.356827][ T8273] veth0_macvtap: entered promiscuous mode
[   85.358653][  T833] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[   85.360516][ T8273] veth1_macvtap: entered promiscuous mode
[   85.361646][  T833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.365622][  T833] usb 6-1: Product: syz
[   85.366914][  T833] usb 6-1: Manufacturer: syz
[   85.368332][  T833] usb 6-1: SerialNumber: syz
[   85.371057][  T833] usb 6-1: config 0 descriptor??
[   85.371971][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.375761][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.376643][  T833] hub 6-1:0.0: bad descriptor, ignoring hub
[   85.378439][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.380232][  T833] hub 6-1:0.0: probe with driver hub failed with error -5
[   85.382486][  T833] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input10
[   85.383466][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.390586][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.393690][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.396452][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.399285][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.402660][ T8273] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.406030][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.408842][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.411398][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.414289][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.417033][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.419809][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.422428][ T8273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.425524][ T8273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.429099][ T8273] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.434515][ T8273] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.437017][ T8273] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.439307][ T8273] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.441508][ T8273] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.451510][ T1331] usb 8-1: USB disconnect, device number 7
[   85.487133][ T6958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.489172][ T6958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.505981][ T6969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.508033][ T6969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.512031][   T39] kauditd_printk_skb: 5 callbacks suppressed
[   85.512040][   T39] audit: type=1400 audit(1734201783.796:782): avc:  denied  { mounton } for  pid=8273 comm="syz-executor" path="/syzkaller.9KwZZa/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   85.522262][   T39] audit: type=1400 audit(1734201783.796:783): avc:  denied  { mounton } for  pid=8273 comm="syz-executor" path="/syzkaller.9KwZZa/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   85.529276][   T39] audit: type=1400 audit(1734201783.806:784): avc:  denied  { mount } for  pid=8273 comm="syz-executor" name="/" dev="gadgetfs" ino=10339 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   85.535359][   T39] audit: type=1400 audit(1734201783.806:785): avc:  denied  { mounton } for  pid=8273 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   85.578751][ T8304] befs: (nullb0): No write support. Marking filesystem read-only
[   85.581922][ T8304] befs: (nullb0): invalid magic header
[   85.586604][   T39] audit: type=1400 audit(1734201783.876:786): avc:  denied  { write } for  pid=8303 comm="syz.1.632" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[   85.826935][ T8323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.634'.
[   85.855898][   T39] audit: type=1400 audit(1734201784.146:787): avc:  denied  { create } for  pid=8325 comm="syz.2.635" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   86.085549][ T8344] overlay: Unknown parameter '/dev/bus/usb/00#/00#'
[   86.145479][   T39] audit: type=1400 audit(1734201784.426:788): avc:  denied  { ioctl } for  pid=8356 comm="syz.2.642" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   86.280321][ T8357] openvswitch: netlink: Duplicate or invalid key (type 0).
[   86.286771][ T8357] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   86.343119][   T39] audit: type=1400 audit(1734201784.626:789): avc:  denied  { rename } for  pid=8366 comm="syz.3.644" name="file0" dev="9p" ino=40372936 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1
[   86.350363][   T39] audit: type=1400 audit(1734201784.626:790): avc:  denied  { unlink } for  pid=8366 comm="syz.3.644" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="9p" ino=40372928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   86.368901][ T5947] Bluetooth: hci2: command tx timeout
[   86.486030][ T8372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.647'.
[   86.488343][ T8372] bridge_slave_1: left allmulticast mode
[   86.489852][ T8372] bridge_slave_1: left promiscuous mode
[   86.491943][ T8372] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.501221][ T8372] bridge_slave_0: left allmulticast mode
[   86.502695][ T8372] bridge_slave_0: left promiscuous mode
[   86.504268][ T8372] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.281074][   T39] audit: type=1400 audit(1734201785.566:791): avc:  denied  { remount } for  pid=8386 comm="syz.3.652" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   87.323383][ T8394] netlink: 32 bytes leftover after parsing attributes in process `syz.2.654'.
[   87.352853][ T8400] netlink: 'syz.3.656': attribute type 1 has an invalid length.
[   87.356438][ T8400] netlink: 24 bytes leftover after parsing attributes in process `syz.3.656'.
[   87.542887][ T8421] netlink: 'syz.2.662': attribute type 12 has an invalid length.
[   87.585511][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.1.663'.
[   88.066388][ T8462] netlink: 24 bytes leftover after parsing attributes in process `syz.1.669'.
[   88.109514][ T8465] netlink: 'syz.1.670': attribute type 4 has an invalid length.
[   88.118566][ T8465] netlink: 'syz.1.670': attribute type 4 has an invalid length.
[   88.266627][ T5337] usb 6-1: reset high-speed USB device number 5 using dummy_hcd
[   88.417743][ T5337] usb 6-1: device firmware changed
[   88.419697][   T30] usb 6-1: USB disconnect, device number 5
[   88.435111][ T5947] Bluetooth: hci2: command tx timeout
[   88.565115][   T30] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   88.746378][   T30] usb 6-1: Using ep0 maxpacket: 16
[   88.749937][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.753967][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.757661][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   88.762403][   T30] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   88.765900][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.770642][   T30] usb 6-1: config 0 descriptor??
[   89.177930][   T30] shield 0003:0955:7214.0005: unknown main item tag 0x0
[   89.180471][   T30] shield 0003:0955:7214.0005: unknown main item tag 0x0
[   89.182324][   T30] shield 0003:0955:7214.0005: unknown main item tag 0x0
[   89.184373][   T30] shield 0003:0955:7214.0005: unknown main item tag 0x0
[   89.186889][   T30] shield 0003:0955:7214.0005: unknown main item tag 0x0
[   89.191148][   T30] input: HID 0955:7214 Haptics as /devices/virtual/input/input11
[   89.217518][   T30] shield 0003:0955:7214.0005: Registered Thunderstrike controller
[   89.221924][   T30] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[   89.381532][ T8465] random: crng reseeded on system resumption
[   89.448539][ T8483] netlink: 12 bytes leftover after parsing attributes in process `syz.2.674'.
[   89.464967][ T8483] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.608757][  T142] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   89.608836][  T833] usb 6-1: USB disconnect, device number 6
[   89.611753][  T142] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   89.616428][  T142] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   89.619192][  T142] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   89.803902][ T8499] program syz.2.679 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   89.811129][ T8499] netlink: 4 bytes leftover after parsing attributes in process `syz.2.679'.
[   90.455124][  T833] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[   90.500694][ T8516] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1537 sclass=netlink_route_socket pid=8516 comm=syz.3.685
[   90.504439][ T8516] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10424 sclass=netlink_route_socket pid=8516 comm=syz.3.685
[   90.515268][ T5947] Bluetooth: hci2: command tx timeout
[   90.554065][   T39] kauditd_printk_skb: 8 callbacks suppressed
[   90.554076][   T39] audit: type=1326 audit(1734201788.836:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbff985d19 code=0x7ffc0000
[   90.564134][   T39] audit: type=1326 audit(1734201788.836:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbff985d19 code=0x7ffc0000
[   90.570089][   T39] audit: type=1326 audit(1734201788.846:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fcbff985d19 code=0x7ffc0000
[   90.576533][   T39] audit: type=1326 audit(1734201788.846:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbff985d19 code=0x7ffc0000
[   90.582277][   T39] audit: type=1326 audit(1734201788.846:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fcbff985d19 code=0x7ffc0000
[   90.588575][   T39] audit: type=1326 audit(1734201788.856:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcbff97cce7 code=0x7ffc0000
[   90.594425][   T39] audit: type=1326 audit(1734201788.856:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcbff921f29 code=0x7ffc0000
[   90.601929][   T39] audit: type=1326 audit(1734201788.856:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcbff97cce7 code=0x7ffc0000
[   90.607941][   T39] audit: type=1326 audit(1734201788.856:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcbff921f29 code=0x7ffc0000
[   90.613756][   T39] audit: type=1326 audit(1734201788.856:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.3.687" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcbff97cce7 code=0x7ffc0000
[   90.622459][  T833] usb 6-1: config 0 interface 0 altsetting 18 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   90.628779][  T833] usb 6-1: config 0 interface 0 altsetting 18 endpoint 0x8F has an invalid bInterval 0, changing to 10
[   90.631632][  T833] usb 6-1: config 0 interface 0 altsetting 18 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[   90.634444][  T833] usb 6-1: config 0 interface 0 has no altsetting 0
[   90.638695][  T833] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[   90.641054][  T833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.643106][  T833] usb 6-1: Product: syz
[   90.645037][  T833] usb 6-1: Manufacturer: syz
[   90.648212][  T833] usb 6-1: SerialNumber: syz
[   90.655633][  T833] usb 6-1: config 0 descriptor??
[   90.661561][ T8514] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.765511][ T8529] netlink: 32 bytes leftover after parsing attributes in process `syz.2.690'.
[   90.767895][ T8529] netlink: 9 bytes leftover after parsing attributes in process `syz.2.690'.
[   90.770396][ T8529] netlink: 9 bytes leftover after parsing attributes in process `syz.2.690'.
[   90.774280][ T8529] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[   90.874405][ T8514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.876912][ T8514] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.879870][  T833] appledisplay 6-1:0.0: Error while getting initial brightness: -71
[   90.882515][  T833] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -71
[   90.887543][  T833] usb 6-1: USB disconnect, device number 7
[   90.920744][ T8538] FAT-fs (nullb0): bogus number of reserved sectors
[   90.922435][ T8538] FAT-fs (nullb0): Can't find a valid FAT filesystem
[   90.994619][ T8542] mmap: syz.3.696 (8542): VmData 37462016 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[   91.084923][ T8560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'.
[   91.088707][ T8562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'.
[   91.115691][ T8565] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   91.150648][ T8567] syz.2.703: attempt to access beyond end of device
[   91.150648][ T8567] nbd2: rw=4096, sector=2, nr_sectors = 2 limit=0
[   91.153981][ T8567] EXT4-fs (nbd2): unable to read superblock
[   91.441253][ T8583] netlink: 'syz.1.708': attribute type 10 has an invalid length.
[   91.445816][ T8583] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   91.565842][ T8596] netlink: 'syz.2.709': attribute type 4 has an invalid length.
[   91.656472][ T8610] tmpfs: Bad value for 'mpol'
[   91.658718][ T8612] tmpfs: Bad value for 'mpol'
[   91.682275][ T8614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.715'.
[   91.684659][ T8614] netlink: 3 bytes leftover after parsing attributes in process `syz.2.715'.
[   92.001893][ T8638] input input12: cannot allocate more than FF_MAX_EFFECTS effects
[   92.030654][ T8640] netlink: 40 bytes leftover after parsing attributes in process `syz.3.722'.
[   92.073521][ T8646] xt_hashlimit: size too large, truncated to 1048576
[   92.091960][ T8647] netlink: 12 bytes leftover after parsing attributes in process `syz.2.724'.
[   92.373121][ T8665] input: syz1 as /devices/virtual/input/input13
[   92.468742][ T8671] overlayfs: overlapping lowerdir path
[   92.528013][ T8674] netfs: Couldn't get user pages (rc=-14)
[   92.595087][ T5948] Bluetooth: hci2: command tx timeout
[   92.819424][ T8697] syzkaller0: entered allmulticast mode
[   92.875620][ T8696] syzkaller0: left allmulticast mode
[   92.983568][ T5948] Bluetooth: hci1: unexpected event for opcode 0x052d
[   93.506103][ T8721] netlink: 32 bytes leftover after parsing attributes in process `syz.2.749'.
[   93.537651][ T8723] hsr0: entered allmulticast mode
[   93.539328][ T8723] hsr_slave_0: entered allmulticast mode
[   93.540888][ T8723] hsr_slave_1: entered allmulticast mode
[   93.675184][   T25] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   93.731026][ T8736] o2cb: This node has not been configured.
[   93.732729][ T8736] o2cb: Cluster check failed. Fix errors before retrying.
[   93.734610][ T8736] (syz.2.754,8736,2):user_dlm_register:674 ERROR: status = -22
[   93.737316][ T8736] (syz.2.754,8736,2):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "bus"
[   93.845516][   T25] usb 6-1: Using ep0 maxpacket: 8
[   93.855887][   T25] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[   93.861034][   T25] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   93.863401][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   93.865807][   T25] usb 6-1: SerialNumber: syz
[   93.868997][   T25] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[   94.016632][ T8747] netlink: 'syz.2.758': attribute type 6 has an invalid length.
[   94.080487][ T5948] Bluetooth: hci1: ACL packet for unknown connection handle 201
[   94.127630][ T5974] usb 6-1: USB disconnect, device number 8
[   94.198695][ T8764] kvm: pic: non byte write
[   94.244622][ T8772] "syz.3.764" (8772) uses obsolete ecb(arc4) skcipher
[   94.300541][ T8775] vxfs: WRONG superblock magic 00000000 at 1
[   94.304002][ T8775] vxfs: WRONG superblock magic 00000000 at 8
[   94.305790][ T8775] vxfs: can't find superblock.
[   94.346680][ T8779] cgroup: No subsys list or none specified
[   94.392554][ T5948] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[   94.440350][ T8785] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   94.443862][ T8786] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   94.685114][ T5948] Bluetooth: hci2: command 0x0405 tx timeout
[   95.319126][ T8821] kvm: kvm [8820]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[   95.323818][ T8821] kvm: kvm [8820]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[   95.341540][ T8821] kvm: kvm [8820]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[   95.443108][ T8828] fuse: Bad value for 'fd'
[   95.762972][ T5948] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.767197][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.769686][ T5948] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   95.772506][ T5948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   95.774683][ T5948] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   95.777264][ T5948] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   95.859403][ T8847] chnl_net:caif_netlink_parms(): no params data found
[   95.932368][ T8847] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.934265][ T8847] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.939413][ T8847] bridge_slave_0: entered allmulticast mode
[   95.941477][ T8847] bridge_slave_0: entered promiscuous mode
[   95.944049][ T8847] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.946266][ T8847] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.948149][ T8847] bridge_slave_1: entered allmulticast mode
[   95.950290][ T8847] bridge_slave_1: entered promiscuous mode
[   95.965017][ T5974] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   95.973629][ T8847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.977999][ T8847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.998448][ T8847] team0: Port device team_slave_0 added
[   96.001077][ T8847] team0: Port device team_slave_1 added
[   96.018345][ T8847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.020077][ T8847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.027311][ T8847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.030812][ T8847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.032703][ T8847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.044541][ T8847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.068530][ T8847] hsr_slave_0: entered promiscuous mode
[   96.070523][ T8847] hsr_slave_1: entered promiscuous mode
[   96.072379][ T8847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   96.074375][ T8847] Cannot create hsr debugfs directory
[   96.115115][ T5974] usb 7-1: Using ep0 maxpacket: 32
[   96.122827][ T5974] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   96.127405][ T5974] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   96.129603][ T5974] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   96.132184][ T5974] usb 7-1: Product: syz
[   96.133328][ T5974] usb 7-1: Manufacturer: syz
[   96.134548][ T5974] usb 7-1: SerialNumber: syz
[   96.136745][ T5974] usb 7-1: config 0 descriptor??
[   96.138483][ T8844] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   96.149061][ T8847] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   96.152193][ T8847] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   96.155629][ T8847] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   96.158996][ T8847] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   96.168572][ T8847] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.170456][ T8847] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.172440][ T8847] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.174299][ T8847] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.197563][ T8847] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.204317][ T6945] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.207419][ T6945] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.219857][ T8847] 8021q: adding VLAN 0 to HW filter on device team0
[   96.223316][ T8861] syz.3.792[8861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.223364][ T8861] syz.3.792[8861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.228814][ T8861] syz.3.792[8861] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   96.229432][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.236573][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.240918][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.242001][ T8861] overlayfs: disabling nfs_export due to verity=on
[   96.242987][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.246629][ T8861] overlayfs: conflicting lowerdir path
[   96.327199][ T8870] __nla_validate_parse: 4 callbacks suppressed
[   96.327210][ T8870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.794'.
[   96.335510][ T8847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.341313][  T142] usb 7-1: USB disconnect, device number 7
[   96.440791][ T8847] veth0_vlan: entered promiscuous mode
[   96.445118][ T8847] veth1_vlan: entered promiscuous mode
[   96.455345][ T8847] veth0_macvtap: entered promiscuous mode
[   96.458672][ T8847] veth1_macvtap: entered promiscuous mode
[   96.465103][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.468518][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.471732][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.479792][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.482989][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.486504][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.489905][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.493379][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.499406][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.502880][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.509020][ T8847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.513496][ T8891] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   96.516127][ T8891] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   96.518165][ T8891] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   96.520223][ T8891] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   96.522680][ T8891] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[   96.524799][ T8891] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[   96.529813][ T8891] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[   96.531929][ T8891] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[   96.537399][ T8891] geneve2: entered promiscuous mode
[   96.538711][ T8891] geneve2: entered allmulticast mode
[   96.546340][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.549767][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.552934][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.557795][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.561254][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.564833][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.568590][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.572328][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.576137][ T8847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.579633][ T8847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.582858][ T8847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.588010][ T8847] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.590319][ T8847] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.592535][ T8847] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.594704][ T8847] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.631633][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.633655][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.647453][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.649417][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.654508][ T8895] raw_sendmsg: syz.3.800 forgot to set AF_INET. Fix it!
[   96.656422][   T39] kauditd_printk_skb: 482 callbacks suppressed
[   96.656432][   T39] audit: type=1400 audit(1734201794.946:1292): avc:  denied  { mounton } for  pid=8847 comm="syz-executor" path="/syzkaller.MpnFfI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=26901 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   96.668556][ T8895] veth1: entered allmulticast mode
[   96.670398][   T39] audit: type=1400 audit(1734201794.956:1293): avc:  denied  { mount } for  pid=8847 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   96.777699][ T8900] Cannot find add_set index 3 as target
[   96.779438][   T39] audit: type=1400 audit(1734201795.066:1294): avc:  denied  { view } for  pid=8898 comm="syz.3.801" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   96.816403][ T8311] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   96.853837][ T8910] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0
[   96.855383][ T8911] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 1
[   96.860451][ T8912] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 2
[   96.864968][ T8913] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 3
[   96.950266][ T8916] dccp_invalid_packet: pskb_may_pull failed
[   96.987164][ T8311] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   96.990187][ T8311] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   96.992834][ T8311] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   96.995774][ T8311] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.997374][ T5947] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   97.001197][ T5947] Bluetooth: hci1: Injecting HCI hardware error event
[   97.004431][ T5947] Bluetooth: hci1: hardware error 0x00
[   97.013883][ T8893] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   97.017874][ T8311] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   97.240216][ T6052] usb 7-1: USB disconnect, device number 8
[   97.284931][   T39] audit: type=1400 audit(1734201795.566:1295): avc:  denied  { bind } for  pid=8929 comm="syz.3.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   97.362989][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.3.812'.
[   97.366286][ T8937] netlink: 12 bytes leftover after parsing attributes in process `syz.3.812'.
[   97.461488][   T39] audit: type=1326 audit(1734201795.746:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8892 comm="syz.2.799" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f221e985d19 code=0x0
[   97.526885][ T8942] netlink: 8 bytes leftover after parsing attributes in process `syz.3.814'.
[   97.751103][ T8942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.814'.
[   97.753395][ T8942] netlink: 32 bytes leftover after parsing attributes in process `syz.3.814'.
[   97.795108][ T5948] Bluetooth: hci0: command tx timeout
[   97.803169][ T5948] block nbd0: Receive control failed (result -107)
[   97.855275][ T8942] 
[   97.855938][ T8942] ======================================================
[   97.857857][ T8942] WARNING: possible circular locking dependency detected
[   97.859693][ T8942] 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0 Not tainted
[   97.862342][ T8942] ------------------------------------------------------
[   97.864977][ T8942] syz.3.814/8942 is trying to acquire lock:
[   97.866561][ T8942] ffff888106c506f8 (&q->limits_lock){+.+.}-{4:4}, at: __nbd_set_size+0x2c0/0x730
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   97.869121][ T8942] 
[   97.869121][ T8942] but task is already holding lock:
[   97.871897][ T8942] ffff888106c500a8 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[   97.875521][ T8942] 
[   97.875521][ T8942] which lock already depends on the new lock.
[   97.875521][ T8942] 
[   97.879111][ T8942] 
[   97.879111][ T8942] the existing dependency chain (in reverse order) is:
[   97.882282][ T8942] 
[   97.882282][ T8942] -> #5 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[   97.885346][ T8942]        blk_mq_submit_bio+0x1fb6/0x24c0
[   97.887323][ T8942]        __submit_bio+0x384/0x540
[   97.889109][ T8942]        submit_bio_noacct_nocheck+0x698/0xd70
[   97.890745][ T8942]        submit_bio_noacct+0x93a/0x1e20
[   97.892206][ T8942]        mpage_readahead+0x41d/0x590
[   97.893601][ T8942]        read_pages+0x1a8/0xdc0
[   97.894912][ T8942]        page_cache_ra_unbounded+0x3dc/0x750
[   97.896812][ T8942]        force_page_cache_ra+0x24b/0x340
[   97.898295][ T8942]        page_cache_sync_ra+0x110/0x9c0
[   97.899827][ T8942]        filemap_get_pages+0xd7b/0x1be0
[   97.901273][ T8942]        filemap_read+0x3ca/0xd70
[   97.902552][ T8942]        blkdev_read_iter+0x187/0x480
[   97.903937][ T8942]        vfs_read+0x87f/0xbe0
[   97.905254][ T8942]        ksys_read+0x12b/0x250
[   97.906483][ T8942]        do_syscall_64+0xcd/0x250
[   97.907839][ T8942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.909499][ T8942] 
[   97.909499][ T8942] -> #4 (mapping.invalidate_lock#2){.+.+}-{4:4}:
[   97.911675][ T8942]        down_read+0x9a/0x330
[   97.912920][ T8942]        page_cache_ra_unbounded+0x173/0x750
[   97.914476][ T8942]        page_cache_ra_order+0x8f2/0xc80
[   97.915965][ T8942]        filemap_fault+0x14a5/0x2820
[   97.917346][ T8942]        __do_fault+0x10a/0x490
[   97.918623][ T8942]        do_pte_missing+0xebd/0x3e00
[   97.919987][ T8942]        __handle_mm_fault+0x103c/0x2a40
[   97.921444][ T8942]        handle_mm_fault+0x3fa/0xaa0
[   97.922814][ T8942]        __get_user_pages+0x8d9/0x3b50
[   97.924240][ T8942]        get_dump_page+0xff/0x230
[   97.925614][ T8942]        dump_user_range+0x135/0x8c0
[   97.926977][ T8942]        elf_core_dump+0x287c/0x3a50
[   97.928372][ T8942]        do_coredump+0x3ad7/0x49e0
[   97.929692][ T8942]        get_signal+0x230b/0x26c0
[   97.930994][ T8942]        arch_do_signal_or_restart+0x90/0x7e0
[   97.932591][ T8942]        irqentry_exit_to_user_mode+0x13f/0x280
[   97.934195][ T8942]        asm_exc_page_fault+0x26/0x30
[   97.935689][ T8942] 
[   97.935689][ T8942] -> #3 (&mm->mmap_lock){++++}-{4:4}:
[   97.937676][ T8942]        __might_fault+0x11b/0x190
[   97.939049][ T8942]        _copy_from_user+0x29/0xd0
[   97.940391][ T8942]        __blk_trace_setup+0xa8/0x180
[   97.941800][ T8942]        blk_trace_ioctl+0x163/0x290
[   97.943154][ T8942]        blkdev_ioctl+0x109/0x6d0
[   97.944470][ T8942]        __x64_sys_ioctl+0x190/0x200
[   97.945866][ T8942]        do_syscall_64+0xcd/0x250
[   97.947181][ T8942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.948856][ T8942] 
[   97.948856][ T8942] -> #2 (&q->debugfs_mutex){+.+.}-{4:4}:
[   97.950839][ T8942]        __mutex_lock+0x19b/0xa60
[   97.952150][ T8942]        blk_mq_init_sched+0x42b/0x640
[   97.953553][ T8942]        elevator_init_mq+0x2cd/0x420
[   97.954965][ T8942]        add_disk_fwnode+0x113/0x1300
[   97.956447][ T8942]        sd_probe+0xa86/0x1000
[   97.957673][ T8942]        really_probe+0x23e/0xa90
[   97.958961][ T8942]        __driver_probe_device+0x1de/0x440
[   97.960475][ T8942]        driver_probe_device+0x4c/0x1b0
[   97.961904][ T8942]        __device_attach_driver+0x1df/0x310
[   97.963430][ T8942]        bus_for_each_drv+0x157/0x1e0
[   97.964826][ T8942]        __device_attach_async_helper+0x1d3/0x290
[   97.966509][ T8942]        async_run_entry_fn+0x9c/0x530
[   97.967924][ T8942]        process_one_work+0x9c5/0x1ba0
[   97.969313][ T8942]        worker_thread+0x6c8/0xf00
[   97.970629][ T8942]        kthread+0x2c1/0x3a0
[   97.971827][ T8942]        ret_from_fork+0x45/0x80
[   97.973117][ T8942]        ret_from_fork_asm+0x1a/0x30
[   97.974487][ T8942] 
[   97.974487][ T8942] -> #1 (&q->q_usage_counter(queue)#51){++++}-{0:0}:
[   97.976801][ T8942]        blk_queue_enter+0x50f/0x640
[   97.978198][ T8942]        blk_mq_alloc_request+0x59b/0x950
[   97.979685][ T8942]        scsi_execute_cmd+0x1eb/0xf40
[   97.981088][ T8942]        read_capacity_16+0x213/0xe10
[   97.982471][ T8942]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[   97.984110][ T8942]        sd_probe+0x904/0x1000
[   97.985304][ T8942]        really_probe+0x23e/0xa90
[   97.986569][ T8942]        __driver_probe_device+0x1de/0x440
[   97.988081][ T8942]        driver_probe_device+0x4c/0x1b0
[   97.989522][ T8942]        __device_attach_driver+0x1df/0x310
[   97.991063][ T8942]        bus_for_each_drv+0x157/0x1e0
[   97.992466][ T8942]        __device_attach_async_helper+0x1d3/0x290
[   97.994144][ T8942]        async_run_entry_fn+0x9c/0x530
[   97.995602][ T8942]        process_one_work+0x9c5/0x1ba0
[   97.997022][ T8942]        worker_thread+0x6c8/0xf00
[   97.998365][ T8942]        kthread+0x2c1/0x3a0
[   97.999579][ T8942]        ret_from_fork+0x45/0x80
[   98.000860][ T8942]        ret_from_fork_asm+0x1a/0x30
[   98.002223][ T8942] 
[   98.002223][ T8942] -> #0 (&q->limits_lock){+.+.}-{4:4}:
[   98.004184][ T8942]        __lock_acquire+0x249e/0x3c40
[   98.005609][ T8942]        lock_acquire.part.0+0x11b/0x380
[   98.007061][ T8942]        __mutex_lock+0x19b/0xa60
[   98.008371][ T8942]        __nbd_set_size+0x2c0/0x730
[   98.009756][ T8942]        nbd_start_device+0x8fd/0xd70
[   98.011140][ T8942]        nbd_genl_connect+0x1204/0x1c00
[   98.012532][ T8942]        genl_family_rcv_msg_doit+0x202/0x2f0
[   98.013991][ T8942]        genl_rcv_msg+0x565/0x800
[   98.015327][ T8942]        netlink_rcv_skb+0x16b/0x440
[   98.016697][ T8942]        genl_rcv+0x28/0x40
[   98.017907][ T8942]        netlink_unicast+0x53c/0x7f0
[   98.019305][ T8942]        netlink_sendmsg+0x8b8/0xd70
[   98.020689][ T8942]        ____sys_sendmsg+0xaaf/0xc90
[   98.022010][ T8942]        ___sys_sendmsg+0x135/0x1e0
[   98.023343][ T8942]        __sys_sendmsg+0x16e/0x220
[   98.024666][ T8942]        do_syscall_64+0xcd/0x250
[   98.026000][ T8942]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.027692][ T8942] 
[   98.027692][ T8942] other info that might help us debug this:
[   98.027692][ T8942] 
[   98.030288][ T8942] Chain exists of:
[   98.030288][ T8942]   &q->limits_lock --> mapping.invalidate_lock#2 --> &q->q_usage_counter(io)#49
[   98.030288][ T8942] 
[   98.034048][ T8942]  Possible unsafe locking scenario:
[   98.034048][ T8942] 
[   98.036029][ T8942]        CPU0                    CPU1
[   98.037417][ T8942]        ----                    ----
[   98.038838][ T8942]   lock(&q->q_usage_counter(io)#49);
[   98.040235][ T8942]                                lock(mapping.invalidate_lock#2);
[   98.042260][ T8942]                                lock(&q->q_usage_counter(io)#49);
[   98.044298][ T8942]   lock(&q->limits_lock);
[   98.045506][ T8942] 
[   98.045506][ T8942]  *** DEADLOCK ***
[   98.045506][ T8942] 
[   98.047611][ T8942] 5 locks held by syz.3.814/8942:
[   98.048933][ T8942]  #0: ffffffff8ff79e10 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[   98.051045][ T8942]  #1: ffffffff8ff79ec8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x580/0x800
[   98.053359][ T8942]  #2: ffff8880263e2998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_connect+0xa1b/0x1c00
[   98.055972][ T8942]  #3: ffff888106c500a8 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[   98.058746][ T8942]  #4: ffff888106c500e0 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[   98.061550][ T8942] 
[   98.061550][ T8942] stack backtrace:
[   98.063074][ T8942] CPU: 3 UID: 0 PID: 8942 Comm: syz.3.814 Not tainted 6.13.0-rc2-syzkaller-00292-ga446e965a188 #0
[   98.065789][ T8942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.068588][ T8942] Call Trace:
[   98.069440][ T8942]  <TASK>
[   98.070216][ T8942]  dump_stack_lvl+0x116/0x1f0
[   98.071441][ T8942]  print_circular_bug+0x419/0x5d0
[   98.072753][ T8942]  check_noncircular+0x31a/0x400
[   98.074045][ T8942]  ? __pfx_check_noncircular+0x10/0x10
[   98.075528][ T8942]  ? lockdep_lock+0xc6/0x200
[   98.076743][ T8942]  ? __pfx_lockdep_lock+0x10/0x10
[   98.078101][ T8942]  ? __pfx_mark_lock+0x10/0x10
[   98.079365][ T8942]  __lock_acquire+0x249e/0x3c40
[   98.080646][ T8942]  ? __pfx___lock_acquire+0x10/0x10
[   98.082014][ T8942]  ? __lock_acquire+0x15a9/0x3c40
[   98.083326][ T8942]  lock_acquire.part.0+0x11b/0x380
[   98.084666][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.085968][ T8942]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   98.087420][ T8942]  ? rcu_is_watching+0x12/0xc0
[   98.088698][ T8942]  ? trace_lock_acquire+0x14e/0x1f0
[   98.090053][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.091327][ T8942]  ? lock_acquire+0x2f/0xb0
[   98.092519][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.093785][ T8942]  __mutex_lock+0x19b/0xa60
[   98.094990][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.096267][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.097561][ T8942]  ? __lock_acquire+0x15a9/0x3c40
[   98.098878][ T8942]  ? __pfx___mutex_lock+0x10/0x10
[   98.100198][ T8942]  ? __pfx___lock_acquire+0x10/0x10
[   98.101547][ T8942]  ? __nbd_set_size+0x2c0/0x730
[   98.102815][ T8942]  __nbd_set_size+0x2c0/0x730
[   98.104045][ T8942]  ? lock_acquire.part.0+0x11b/0x380
[   98.105467][ T8942]  ? find_held_lock+0x2d/0x110
[   98.106733][ T8942]  ? blk_mq_freeze_queue_wait+0x186/0x190
[   98.108238][ T8942]  ? __pfx_lock_release+0x10/0x10
[   98.109547][ T8942]  ? __pfx___nbd_set_size+0x10/0x10
[   98.110912][ T8942]  ? __pfx_autoremove_wake_function+0x10/0x10
[   98.112504][ T8942]  ? nbd_start_device+0x8ef/0xd70
[   98.113813][ T8942]  nbd_start_device+0x8fd/0xd70
[   98.115132][ T8942]  nbd_genl_connect+0x1204/0x1c00
[   98.116580][ T8942]  ? __pfx_nbd_genl_connect+0x10/0x10
[   98.117972][ T8942]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[   98.119878][ T8942]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[   98.121783][ T8942]  genl_family_rcv_msg_doit+0x202/0x2f0
[   98.123211][ T8942]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   98.124798][ T8942]  ? genl_get_cmd+0x195/0x580
[   98.126073][ T8942]  ? __radix_tree_lookup+0x21f/0x2c0
[   98.127439][ T8942]  genl_rcv_msg+0x565/0x800
[   98.128628][ T8942]  ? __pfx_genl_rcv_msg+0x10/0x10
[   98.129941][ T8942]  ? __pfx_nbd_genl_connect+0x10/0x10
[   98.131328][ T8942]  ? __pfx___lock_acquire+0x10/0x10
[   98.132685][ T8942]  netlink_rcv_skb+0x16b/0x440
[   98.133925][ T8942]  ? __pfx_genl_rcv_msg+0x10/0x10
[   98.135252][ T8942]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   98.136627][ T8942]  ? down_read+0xc9/0x330
[   98.137764][ T8942]  ? __pfx_down_read+0x10/0x10
[   98.139054][ T8942]  ? netlink_deliver_tap+0x1ae/0xd30
[   98.140442][ T8942]  genl_rcv+0x28/0x40
[   98.141491][ T8942]  netlink_unicast+0x53c/0x7f0
[   98.142738][ T8942]  ? __pfx_netlink_unicast+0x10/0x10
[   98.144111][ T8942]  netlink_sendmsg+0x8b8/0xd70
[   98.145411][ T8942]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.146781][ T8942]  ____sys_sendmsg+0xaaf/0xc90
[   98.148035][ T8942]  ? copy_msghdr_from_user+0x10b/0x160
[   98.149471][ T8942]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.150840][ T8942]  ___sys_sendmsg+0x135/0x1e0
[   98.152074][ T8942]  ? __pfx____sys_sendmsg+0x10/0x10
[   98.153424][ T8942]  ? __pfx_lock_release+0x10/0x10
[   98.154720][ T8942]  ? trace_lock_acquire+0x14e/0x1f0
[   98.156078][ T8942]  ? __fget_files+0x206/0x3a0
[   98.157306][ T8942]  __sys_sendmsg+0x16e/0x220
[   98.158530][ T8942]  ? __pfx___sys_sendmsg+0x10/0x10
[   98.159851][ T8942]  ? __x64_sys_futex+0x1e1/0x4c0
[   98.161144][ T8942]  do_syscall_64+0xcd/0x250
[   98.162311][ T8942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.163826][ T8942] RIP: 0033:0x7fcbff985d19
[   98.164909][ T8942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.169654][ T8942] RSP: 002b:00007fcc00706038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.171729][ T8942] RAX: ffffffffffffffda RBX: 00007fcbffb76080 RCX: 00007fcbff985d19
[   98.173610][ T8942] RDX: 0000000000040044 RSI: 00000000200002c0 RDI: 000000000000000b
[   98.175567][ T8942] RBP: 00007fcbffa01a20 R08: 0000000000000000 R09: 0000000000000000
[   98.177503][ T8942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.179441][ T8942] R13: 0000000000000000 R14: 00007fcbffb76080 R15: 00007fffaadc8b78
[   98.181436][ T8942]  </TASK>
[   98.183575][ T8942] nbd0: detected capacity change from 0 to 256
[   98.186059][ T6898] block nbd0: Dead connection, failed to find a fallback
[   98.187970][ T6898] block nbd0: shutting down sockets
[   98.189325][ T6898] blk_print_req_error: 24 callbacks suppressed
[   98.189333][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.193202][ T6898] buffer_io_error: 23 callbacks suppressed
[   98.193208][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.205222][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.207515][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.209798][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.212114][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.214644][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.217425][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.219514][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.222457][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.225526][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.228692][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.230945][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.234189][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.237524][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.239884][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.241955][ T6898] ldm_validate_partition_table(): Disk read failed.
[   98.243663][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.246269][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.248384][ T6898] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   98.250688][ T6898] Buffer I/O error on dev nbd0, logical block 0, async page read
[   98.252785][ T6898] Dev nbd0: unable to read RDB block 0
[   98.254450][ T6898]  nbd0: unable to read partition table
[   98.262268][ T6898] ldm_validate_partition_table(): Disk read failed.
[   98.264084][ T6898] Dev nbd0: unable to read RDB block 0
[   98.266563][ T6898]  nbd0: unable to read partition table
[   98.608245][   T91] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.610918][   T91] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   98.697337][   T91] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.700037][   T91] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   98.747217][   T91] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.749884][   T91] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   98.807663][   T91] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.810353][   T91] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   98.919347][   T91] batman_adv: batadv0: Removing interface: erspan1
[   98.938338][   T91] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.942621][   T91] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.946758][   T91] bond0 (unregistering): Released all slaves
[   99.015800][   T91] IPVS: stopping master sync thread 6580 ...
[   99.075071][ T5947] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   99.222203][   T91] hsr_slave_0: left promiscuous mode
[   99.224427][   T91] hsr_slave_1: left promiscuous mode
[   99.226985][   T91] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.229203][   T91] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.231578][   T91] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.234364][   T91] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.239293][   T91] veth1_macvtap: left promiscuous mode
[   99.241117][   T91] veth0_macvtap: left promiscuous mode
[   99.243015][   T91] veth1_vlan: left promiscuous mode
[   99.244857][   T91] veth0_vlan: left promiscuous mode
[   99.320475][   T91] team0 (unregistering): Port device vlan0 removed
[   99.499239][   T91] team0 (unregistering): Port device team_slave_1 removed
[   99.532776][   T91] team0 (unregistering): Port device team_slave_0 removed
[  100.023273][   T91] IPVS: stop unused estimator thread 0...
[  100.109618][ T1147] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.349556][ T1147] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.409411][ T1147] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.469328][ T1147] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.540225][ T1147] bridge_slave_1: left allmulticast mode
[  100.542268][ T1147] bridge_slave_1: left promiscuous mode
[  100.543852][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.546581][ T1147] bridge_slave_0: left allmulticast mode
[  100.548058][ T1147] bridge_slave_0: left promiscuous mode
[  100.549543][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.662149][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.665555][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.668265][ T1147] bond0 (unregistering): Released all slaves
[  100.891545][ T1147] hsr_slave_0: left promiscuous mode
[  100.893389][ T1147] hsr_slave_1: left promiscuous mode
[  100.895842][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.897794][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.899921][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.901880][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.904827][ T1147] veth1_macvtap: left promiscuous mode
[  100.906297][ T1147] veth0_macvtap: left promiscuous mode
[  100.907729][ T1147] veth1_vlan: left promiscuous mode
[  100.909127][ T1147] veth0_vlan: left promiscuous mode
[  101.058734][ T1147] team0 (unregistering): Port device team_slave_1 removed
[  101.093387][ T1147] team0 (unregistering): Port device team_slave_0 removed
[  101.341635][   T39] audit: type=1400 audit(1734201799.626:1297): avc:  denied  { sys_chroot } for  pid=9024 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  101.347746][   T39] audit: type=1400 audit(1734201799.626:1298): avc:  denied  { setgid } for  pid=9024 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  101.353867][   T39] audit: type=1400 audit(1734201799.626:1299): avc:  denied  { setrlimit } for  pid=9024 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1

VM DIAGNOSIS:
18:43:16  Registers:
info registers vcpu 0

CPU#0
RAX=00000000ffffffff RBX=ffff88804faa7780 RCX=ffffffff82153dd4 RDX=ffff888031aa8000
RSI=0000000000000000 RDI=0000000000000005 RBP=00000000ffffffff RSP=ffffc90004507a38
R8 =0000000000000005 R9 =0000000000000000 R10=00000000ffffffff R11=0000000000000000
R12=ffff88804faa7838 R13=ffffc90004507dd8 R14=ffffc90004507c30 R15=0000000000000000
RIP=ffffffff819a0411 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555585132500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcc00706d58 CR3=000000004925c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebd232080 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa9c7c02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000009d024 RBX=0000000000000001 RCX=ffffffff8b293679 RDX=ffffed100d4e6fee
RSI=ffffffff8bd1d360 RDI=ffffffff81708549 RBP=ffffed1003ad1910 RSP=ffffc90000187e08
R8 =0000000000000000 R9 =ffffed100d4e6fed R10=ffff88806a737f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d68c880 R14=ffffffff905f1a10 R15=0000000000000000
RIP=ffffffff8b294a5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c38d1b9 CR3=0000000062ba8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 004400000000000a 0008000000000000 00000008000c8007 0004000000000002
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001000880070044 00000000000a0008 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000020000 0002000c00000000 000000ff0005000c 0000000100000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c076e3517f89247 c604171364b8d3f6 f11b2b1fb69296af
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3096e556b1eb4fd5 aebf8c4a4e17b896 cfa0070b94ff1790 a061a30e525f13ec
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30cf5229ed60380c 2ba1f8e7c5d4b642 185109b4183cbd8b 1584691d3d78b0d1
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 39de6adb3e459728 9fe1e7e46438db18 cb805680adf154ca a367542fa9afc4f3
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000091bec RBX=0000000000000002 RCX=ffffffff8b293679 RDX=ffffed100d506fee
RSI=ffffffff8bd1d360 RDI=ffffffff81708549 RBP=ffffed1003ad4000 RSP=ffffc90000197e08
R8 =0000000000000000 R9 =ffffed100d506fed R10=ffff88806a837f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6a0000 R14=ffffffff905f1a10 R15=0000000000000000
RIP=ffffffff8b294a5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcc00726f98 CR3=00000000645ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000080000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffd58b81c0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f221ea02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851b94a5 RDI=ffffffff9ab0cc20 RBP=ffffffff9ab0cbe0 RSP=ffffc900217f67b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff851b9440 R15=0000000000000000
RIP=ffffffff851b94cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fcc007066c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fdeda736378 CR3=0000000062ba8000 CR4=00352ef0
DR0=0000000000000006 DR1=0000000000000006 DR2=0000000000000009 DR3=0000000000000006 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffaadc8f10 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbffa02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000048
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000048
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000