last executing test programs:

6.692257394s ago: executing program 3 (id=140):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x400000009)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}, 0x1, 0x0, 0x0, 0x20008040}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/asound/card1/oss_mixer\x00', 0x242, 0x0)
writev(r3, &(0x7f0000003e80)=[{0x0}, {&(0x7f0000000b00)="3bca", 0x2}], 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010b00000000000000000600000020000180140002007665746831000000ab5f0000000000000800030004"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x40002142, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x2, 0x3e, 0x48, 0x66, 0x0, 0x4, 0x6, 0x0, @remote, @local, {[@timestamp_prespec={0x44, 0x1c, 0xd, 0x3, 0xb, [{@multicast2, 0x4}, {@dev={0xac, 0x14, 0x14, 0x41}, 0x2}, {@broadcast, 0x5}]}, @generic={0x7, 0x3, "c0"}]}}, {{0x4e21, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x5, 0x0, 0x5dc}}}}}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x5}, @NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x4}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x380000}, @NFTA_SET_DESC={0x14, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xe}]}]}, @NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x101, 0x0, 0x0, {0x9, 0x0, 0x8}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x3}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x5}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x5}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x40}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x110, 0x18, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xcc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xd2a}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x200}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg0\x00'}, {0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'lo\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'ip6_vti0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfff}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0xf, 0x0, 0x9}, @NFT_OBJECT_CT_HELPER=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}}, @NFT_MSG_DELCHAIN={0x7c, 0x5, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_USERDATA={0x5, 0xc, "d2"}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8}, @NFTA_CHAIN_COUNTERS={0x34, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9e}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xe51}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x9}]}]}, @NFT_MSG_NEWFLOWTABLE={0x5c, 0x16, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWRULE={0x16c, 0x6, 0xa, 0x802, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @tunnel={{0xb}, @void}}, {0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_EXPRESSIONS={0xd0, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @socket={{0xb}, @void}}, {0x4c, 0x1, 0x0, 0x1, @tunnel={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_DREG={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_TUNNEL_MODE={0x8}, @NFTA_TUNNEL_MODE={0x8}, @NFTA_TUNNEL_DREG={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_TUNNEL_DREG={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TUNNEL_MODE={0x8}, @NFTA_TUNNEL_KEY={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x60, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x11}, @NFTA_NAT_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6b36943079056fdd}, @NFTA_NAT_REG_PROTO_MAX={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_NAT_FLAGS={0x8, 0x7, 0x1, 0x0, 0x31}, @NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0x8}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_NAT_REG_PROTO_MAX={0x8, 0x6, 0x1, 0x0, 0xe}, @NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0xd}, @NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_COMPAT={0x3c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x29}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x73}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_RULE_COMPAT_FLAGS={0x8}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}]}], {0x14}}, 0x458}, 0x1, 0x0, 0x0, 0x4000040}, 0x8000)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c0002800500010000000000080008400000000014000580080001"], 0x5c}}, 0x0)

4.914768522s ago: executing program 2 (id=150):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905811765"], 0x0)
syz_usb_disconnect(r1)
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_disconnect(r1)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/tcp\x00')
pread64(r4, &(0x7f0000003b00)=""/195, 0xc3, 0xf000)
read$char_usb(r3, 0x0, 0x0)
syz_usb_disconnect(r2)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r5, 0x0, 0x0)
syz_usb_disconnect(r2)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x2400c006}, 0x8080)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905811765"], 0x0) (async)
syz_usb_disconnect(r1) (async)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[], 0x0) (async)
syz_usb_control_io(r2, 0x0, 0x0) (async)
syz_usb_disconnect(r1) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000240)='net/tcp\x00') (async)
pread64(r4, &(0x7f0000003b00)=""/195, 0xc3, 0xf000) (async)
read$char_usb(r3, 0x0, 0x0) (async)
syz_usb_disconnect(r2) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
write$char_usb(r5, 0x0, 0x0) (async)
syz_usb_disconnect(r2) (async)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x2400c006}, 0x8080) (async)

4.501459956s ago: executing program 3 (id=154):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x22ea0a9, &(0x7f0000000000)={[{}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_int(r1, 0x0, 0x33, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000001800), 0x4)

4.41905365s ago: executing program 3 (id=155):
mount_setattr(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x900, &(0x7f0000000040)={0x9, 0x10000c, 0x20000}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@bloom_filter={0x1e, 0x1, 0x80000000, 0x5, 0x2100, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1, 0x3}, 0x50)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000100))
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00', <r2=>0x0})
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x280100, 0x0)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000003c0)={0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xd, 0x14, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, [@alu={0x4, 0x1, 0x2, 0x2, 0x4, 0xfffffffffffffffc, 0xffffffffffffffff}, @ldst={0x3, 0x1, 0x4, 0x2, 0x4, 0x40, 0x8}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffd}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000280)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x12, '\x00', r2, @sock_ops, r3, 0x8, &(0x7f0000000340)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x4, 0x2, 0x3, 0xa40a}, 0x10, 0xffffffffffffffff, r4, 0x2, &(0x7f0000000400), &(0x7f0000000440)=[{0x3, 0x4, 0x0, 0xc}, {0x5, 0xfffffffe, 0x9, 0x5}], 0x10, 0xf}, 0x94)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000580), r3)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000640)={'syztnl2\x00', &(0x7f00000005c0)={'syztnl2\x00', <r6=>r2, 0x20, 0x700, 0x4, 0xfffffffe, {{0x13, 0x4, 0x2, 0x19, 0x4c, 0x65, 0x0, 0x57, 0x2f, 0x0, @loopback, @private=0xa010101, {[@cipso={0x86, 0x37, 0x2, [{0x2, 0x9, "814e08ef44e701"}, {0x2, 0xa, "f1067628ebd377d0"}, {0x6, 0x4, "7ee4"}, {0x2, 0xe, "ba5730390b1aff010efcb6c8"}, {0x0, 0xc, "6dbfe1a55ce6e6080598"}]}]}}}}})
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x44000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x3c, r5, 0x300, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r6}]}, 0x3c}}, 0x4000000)
r7 = socket$packet(0x11, 0x2, 0x300)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r3, &(0x7f0000000780)={0x4})
ioctl$XFS_IOC_FSBULKSTAT(r0, 0xc0205865, &(0x7f0000000a80)={&(0x7f00000007c0)=0x10001, 0xfffffff2, &(0x7f0000000800)=[{}, {}, {}], &(0x7f0000000a40)})
socket$packet(0x11, 0x3, 0x300)
recvfrom(r7, &(0x7f0000000ac0)=""/97, 0x61, 0x20, 0x0, 0x0)
getsockname$packet(r3, &(0x7f0000000b40)={0x11, 0x0, <r8=>0x0}, &(0x7f0000000b80)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x15, &(0x7f0000000bc0)=@raw=[@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffff7fff}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}], &(0x7f0000000c80)='syzkaller\x00', 0x7, 0xe6, &(0x7f0000000cc0)=""/230, 0x41000, 0x41, '\x00', r2, 0x0, r3, 0x8, &(0x7f0000000dc0)={0x1, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000e00)=[{0x3, 0x2, 0xb, 0x7}, {0x5, 0x2, 0x5, 0x8}, {0x0, 0x4, 0x7, 0x7}, {0x1, 0x1, 0x7, 0x5}, {0x3, 0x3, 0x9, 0x7}, {0x3, 0x2, 0xd, 0x8}], 0x10, 0x9}, 0x94)
r9 = syz_open_dev$vbi(&(0x7f0000000f40), 0x3, 0x2)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r9, 0xc040563e, &(0x7f0000000f80)={0x0, 0x0, 0x102, 0x1, {0x2, 0x3, 0x4, 0x10000}})
bind$xdp(r3, &(0x7f0000000fc0)={0x2c, 0x9, r8, 0x39}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000001080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000001040)={<r10=>0xffffffffffffffff}, 0x0, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f00000010c0)={0x10, 0x30, 0xfa00, {&(0x7f0000001000), 0x2, {0xa, 0x4e21, 0x1, @mcast1, 0x6}, r10}}, 0x38)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r3, 0xc01864c2, &(0x7f0000001100)={<r11=>0x0, 0x1, r3})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r3, 0xc01864c1, &(0x7f0000001140)={r11})
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002380)={0x1b, 0x0, 0x0, 0x5000, 0x0, 0xffffffffffffffff, 0x7, '\x00', r2, r9, 0x2, 0x1, 0x2}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000002400)={&(0x7f0000001180)="c1aef70a141fb0879f6b7ad033f1afb802a1ce59579a3b2a58ff2e2c661e3bc8e5a2a6118d810054b7558efe4b375c2104fd1593b3e2ca826301788ce9a18b1a197c30a9e7d9707a1f6c03", &(0x7f0000001200)=""/216, &(0x7f0000001300)="9188b3e72a0501db366b61ab06e25f09666a4d96bfce9a5663365788aeb5e0736d88e1ba8ed2d79a4d78c3d745fd69814c3ffcba3446a3db27b5843760387639da76563a3873ce5cfc3e849902bb08323f9dd7", &(0x7f0000001380)="ef6c39bc7a3227d09981b15585ace57dbdbe3be42fef993016ee09ed7ded275ba20f1fb9bf85e6ac8d539f5750c87777179235c75e09c0f442575f26c26335dcd8d82e660a5554d613f01b92ac7c140d11a34b978da05bb3517b58ae78c9654ea7b798626851b4d8d154795f3974535dcc16089e4db0a02c8fdeca0de7de4820104bfb69b2f758c979c14fa4351233d029369f21f226c34da4222fbb75a321ca979169ce15258678b9c018928f27b4acfb337c4a0b9c8c94faa2c05aa9d8bcf83206926ac5e100024124ab9dc7e0317f661f1dbc60162b1c49a0d0e8e04a7c3c92a60a5a88521a252452056f8a04d99cc9b7ad533f1b599a462ccfca598f46f18fb15e4d4542db9ce8b0a7192d831e0b1520912570999cf240cc1787bf4fa5cd80d810687446779f786ec17e35796e06154b03c6647fc2f27e937b1a3b95ac43ef1fa610e4521270fde3910002edb5914c80608be6d29d76c5db97ab3fe2c587588d16c411864effca050de06cfdf551946e543bc9e05aab869c18f0d6f14c517c8e0257b82994a5ec53143a09678345e2fd0431876dbb72710424a9762678e287f9f974caadbe4bd7ec46063f97823dce8f377bc2cbf8d13968b822a7afd73c4b66ad4c7efc4c44969c701ab14314e6503134bfd0e41cc8e8e3cbbc2b49e08536bbae1b0797724d2147b5639bc215ff9f941f974429de343ea082ae57647453bb35bae78c171cf5edd7b482b1849447ccc61dc0f84b243aa54e1af5afed51b8627856e9ae1f4f7d66ad55f8424e217d67cd51d340b943e020c5aebe3869c011e23d0088fec4b8382b5909d25473097ba0ec5d2ba9e60d1aa23c81690bef27a4fe863cdbbe0da237f876311d5724608345937245b3aab664eed3f38bcd94599760b32713c0af8ce7fe25f468b84d6864e4b1566061791ed6fd4c7ad69d3e435b1e11640e86db44ce628d96d1258b348986d390871526600fc7309abecfa5e529f566f19fcd76a4c926b3c7f197fa0ca4525305fbfc1e29dc2260a958f8f96425324c9be6b728ae9689378701ce5e1909bcd5dda142cbe4176f51022b06bc8dac91096234bccba197f5573311d50c1070873780c68418ac1697ae315d5b6d7cc74e5f31e2a1f84e655f51ebe2d5e16cb7d87f35b6ffda3b991d36963543bf8ab3237128da265ade6832253538c3110589c990903fa3575efe64fb2362619b65992dfe39a36d8483f6cb4956afec29fb3cc48facad745b00e2040ffef06cfdf2e05b56fce78b2a492fd3af5128053c9b6ee2647a8b9382a10b7b7a4030fe659158838bc23bb373e91bba8e4d7cc353cf90db7e9c4ae023520aaaf939d5b3ea128c179c97a10d63252b15d41007bcc5f6799749a1ba7f27212a663ea39ee2e44c893354abbe2491c41630379bb2c07b3e4622377d2254729a1f9baee0fe274641a103b64aa84f0017bc04b55742c288fa5b3cc88424ffb49cdbffad7adac1ad485cd73484fec3d15d43b308c8e3a16f54ccf8821e01c7bec136482a0d162cb567a273879b3d4d72275ce1d39a31f858be2a4742086c03048f1d08b5d48d9d3865c1bf84771d57c04c4cd6197dd4e6f6e3315f4abe32ee91bf2845e63e059c3de25db51b785accc4d866905907403f8e7a59aead2a3ca0cf0b6af4826e8a91c54e7eace2ec78504bbbcc65854c95a407e03145e1b66b21c18e8c583cf8596ceaf7cd1718595b58825a4a81db1791fa136e57208ae24b4bc4c813fe0860dd9c155c562dbf5d61690c0f20505ba65bec4b48313b8ab50c374268c262aa0d38f103d75c57874503fe9941fdad318006895bd0c775933d60ceaf10deec9f7427e7a8b2efc22d68519aa37ec38ec79e11d5cd529bafdd2f811decad80a45c61c1dc069487199469d52a75544b6dcf2cdc7546bf23785128dd08328a96ade4fea0ed86054f33aa76c537a59c84743cc7aa99ada8ecf83f4afc3503d7e4fb0877d84263bd3191912d5f2b3df71e7a30c914e708f5baddead17834085ef69d268e4b00c9429dcbd68751967f373e902abb319c974f170e3d228fd0ae4a1fc788e7ad3009a00d307e8423f0a5b75ad6aeebe4836727bc5dc3c6ceb658655e5a7fcc838eecf4c9ae1d716e7695f39cc35030651937843fbaa84bf0e40b188a9a908ba5c17ea4ccbcfdc56880215e2351b026d08bc194b3dbf4d1262750a3ebf7e70733f19be8e7640d354ac4f4da25b3fda630ecdd214a3863e8e879bccee401316681f5225786f05b9b5412e202ddb73f0f213d1b4db7be96b6bd48c595effa4ece5323b6e7c2d9c2fa77de1fef8e4b0526c029e7e24118b7ce7579d4809c31ef168857e20980217d3d0dcd92468aedc3ec1848962fb6b3b092f41ded733f498747f5c94eaa694278281fea5c6540c9375787a4bef38adfd4438b56259d40f365b7586901580e9b865a79501dfb2039455dcea4133b0058eeb173b5b0cefc4015b4882165c5ddd8d61e92938fbff5b761c00b120946a377d859123e8100e81f31dac22b67b53022a7219b3ba0d87d0fe7252faca1afeaad7369e72a0faeb65f490a93bb838eabcc355029a9819b24c70e7802475ff309714658810f8c07d92d13da434649344f0a95c552f488dc1e40a78d52cd3e539210a568d3967ba46588c47700251578a53f049ab45689c342217a5457aff37e5d561623c827eefedb2dc02d0e68dbd7a46f81096819f8970e63d000eb56aa7db95d50fe5bf97b12eae74e85c81fdc1e484a1c85bd697239e10f7564bd3b887223bb6b56315275f21324c8d8450da90e263456997b30f2a9127dbb0f510612ee514de582907c2702f629b01da0316244cc91864edcb1accf482d09299c901620a2c7aa4e539bf2855c1c46adc0d554a71179fe29f09176c09112da6376597a7fc36e4437f24a85c0a006f79555394dafdf6832965a8de16984654b2d8dfae340ec6f920406820edff5a4949107ee3c29a126e3b5ce170229cb295e79f47aca89eff75586aa5d0d1277afcb4d4ed0720a108fd60ee9f4f59ef616ae9503c1b9c8549a102bc105fa75ba2929ae45f298dbe36a8c61e7bc0213b2d8d3f01aec8a26100858698225e8dd9840ca51f60dad306e14f9a4103dfb59c929f66fc3e46c94dcdf01dace83fe62332fddc98874234b4ce6b5e2345141033e184b89012defeb27de02cc1350b08edb01934367330f920fce8bf25023c3b1efba15c965376119f87c247a6cc925ec18d075fff2eb3b80631af0c939af00324f9474cd517fc8de86e6bd897f162eb7b4f6c932cc78b1881a4ac9bd871045a6f9e564c63969744e08ce19a64c0a5bdeaa991ad34ff3bfc018c28d2598954204975765a0a41034dfa07980f5f35018eb48fd0420a45c30fbab9719f1c14a358a225ed4fbfaf0805cb883f8be38f8a3acfe3f2042518750659589ea3ad442a01f3cc8a22bf6a5e5a24d29c20d7174c4dc41c6b317366321da30a6cdaa5e0a01071d40cd1c1f34613f41137ccc3b8ce260e18ea1f794d85d11d4e179b53157464184ae8434797bf380a263097d0a234f1d30fe4559f2dd05935aa8e76be50be8bff2ab017f9911b1c9f060cce6eccc35ae983d3fdee84255aa631402e2e4de0206fc8e34333a7b5d5f3bce70211caea21357176cb9dafa8eee12dd8038b972c041346f061a38de6702d600cc593aae123bd0a90204f79bad40e08e1cf657f9d9a30bb4c3b66465136188c210e0c08a1a9e20dd042575f8b746599ea370876910a9fd23607b791fdcf469efce0b3b470ad59019f42a3447a060c5ea1a524b196227114a6dad3c34c83cd4278ef0bde32296c3d15aa91a32ce86c830de9124739d8f059f3fa89101ed11d1852c78086b1d79b6e88e1bed923f72ce182166c1302ad8779023a5b94ea1b1abe40c3abb2bcc006bad5dca271157d6ea2ec5f0390d3701f504ef60467c04159bb2126a90cee881ffbcfdf88d46421fdeea05dd24e725ffd78ead02c254d7328965eed065e3413636da58bca75dc6a945f0b1a5725db1e02ca2a06ee7cae6b5cd15a993896a019b42c8b36d4e487176d161f31d7cfe5f02f6e572683b59b4a5bd040988bf7ce5f27381b3b5a1a0e5767c788c4a8fc1bd6a3394ab56a53dd63e2c16282387b620c5a0c6552df42ba7f73e32ad551b81ee04bbf5df2d94a996a82ede90675da7f70cc12b1ebca0fcf4e0ff624c2686ffe8b9ed2871feba4f126e004926d2e23d5ee68c0abfe405c2fc98a8eb77eec23ef63fd88be4880c6deef7f5c7d7595e64dc291797d2752d0ab4363b951fe17d5b4a09c80ed9536f0db3a400ad3b3664fee978c7a91b26c4675734bb695d707592d506c2cdd91d2cef8583335bb640690648068e798642da1f66ab14031b2028ab25c5e5bb0fd2389ade690c4e6dbbc8c27ae2df72fc924cec5e405eb4808f9f7129f44744484c7eff1262d79d48dfe9b2acf73f35c45aaa910318bac0e7ed67c282e281a8b4ee31feff2145ed9aa9f831d414819f4e8551332ce91bad4fe29647f75434a6e18e0c5b2e7ef70b8ce8032dbdbeadbef9d7c942ea76364ad4e760364a03c084e18322b45e7da310420db1a19e0997f24ee6f671966b0da4baad3bf2e65c09ed853903e1b6668876f6b235cd148759ccb619d0accdb4e1101a2373c18cee7385450fa9f547895dc986ddc5a0f20eda23b7f4863d947cd5df3f60aa028def180751ad27b17829bae7e165dc920c8cef50e9c6af6b61549c54c1787194debf96b11e3f917cd11190213ed64bf4ab9073428536e39070c897d13ea7c9ffc470e7ced2420f5001f9f3711f115d88f229b0453cd693c11ff04cdc7a6cc70eb18486ed3887af82c48d7da9904cd1a8f8b9bcda655b4cf8a84511f6920c06aa1201b6220e365037e9f9fec540d94d97e3391ce7132fd67ed1ffe0eb2808e7632fb3a41f2635307ee8a77b40d394644629bd84733a8323082bdbf6305ad2ce6e0bd19d4248f324cdb0c28235c841645bb886225f1a7964abd8f59936cb113423d1cf7c39fa4ac26654fc93727777ca6bcd4d199141e60b9ed646ebaaf00cdcad5adf364c21714399ab94c6fcb1219d08e81af9d7eb576f2449211431d5a4a4d3d2e417d3d8f5349e63571c73ae1fdd4ebdf65768274b4945b20ca7b002bc3296fe749e4c96f44397357076d207a3a5b2778c1902f496aa6785bd6351e194a3338eb5f68a6269c51944524b031ce472101540fd0c2f13a7152dd89198c9b8f7f66ddd74cbac9df62a61b4937fb25bcf818df174b2b55a23ae7848ae7e54e04a768b2a7e6434922fe8e0a99c29cb12ba935b6fe8687ad1c73496a267622e3a56e628aa6538626b81232971c890d95204a3828c71ecc8992751b6cc6fd2185e895bafec2d04ed26d59229d000251fcf3ff1e27f8d7610c38cacdd8b466759d7ae146e8ed2fb14639a6a1c79562eb8a2ad7bb6f1d2843318e3d905b93980aaec148465f2087f11ef38268ad2970ae40b72b85a2cb1cdeda9a102524467369722e0693c307b9c78d04090ce10d62e8dc85c24a4d99756401d32d7140b50b533b1a533a290936bb01c4723903fa445b7be27afbf7e05df5012d5266de1a70c7b8e7851d0abf21c4cc08f7827bdf9cf6e15ada287e020fa028f2e66f3f886d2267b5a93f174c046f5c5ab25a86cb9ce8fb2693da03c70ba3ac7534ed92d85179592216c17e15c21ef2a538bc2144cf8aeffe24fa0e484ca94ae632a693a675b9de0fd17a439af7f2318d0104bb491b0ab65f56c95ccd44033c4a5a7910abb", 0x6, r12, 0x4}, 0x38)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000002440))

3.612876858s ago: executing program 3 (id=160):
r0 = socket(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x880)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
sendfile(0xffffffffffffffff, r2, &(0x7f00000002c0)=0xffffffffffffff01, 0x8) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x1}}}}}}]}, 0x48}, 0x1, 0x4801000000000000}, 0x4004)

3.214499156s ago: executing program 3 (id=164):
r0 = socket$nl_route(0x10, 0x3, 0x0)
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x12)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001a000100090000007cdbdf2502000000", @ANYRES32=0x0, @ANYBLOB="00000000140003000700000000000000000008000000000014000100fe8000080000000000000000000000bb"], 0x99}}, 0x0)

3.024331952s ago: executing program 3 (id=165):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0xf)
ioctl$KDFONTOP_SET_DEF(r2, 0x800455ca, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r4, r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6, <r7=>r6}, &(0x7f0000000600), &(0x7f0000000640)=r5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c80)={{r7}, &(0x7f0000000040), &(0x7f0000000080)=r3}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r10, 0xae9a)
ioctl$KVM_IRQFD(r9, 0x4020ae76, &(0x7f0000000040)={0xffffffffffffffff, 0x4, 0x1})
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000440)={[0x7, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000001, 0x0, 0x40000000001c, 0x1, 0xffffffffffffffff, 0x103], 0x0, 0x41901})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$TIOCSSOFTCAR(r2, 0x541a, &(0x7f0000000100)=0x16)

2.724827947s ago: executing program 1 (id=167):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x285)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x50, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x32b, 0x28000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x698241, 0x0)
write$dsp(r2, &(0x7f0000000900)='B', 0x1)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xc, 0x4000010, r2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000880)=@allocspi={0x104, 0x16, 0x401, 0x0, 0x0, {{{@in=@local, @in6=@mcast1, 0x0, 0xfd1, 0x4, 0x2, 0x2, 0x0, 0x0, 0xc}, {@in6=@private2, 0x0, 0x33}, @in6=@loopback, {0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x80000001}, {0x101, 0x0, 0x0, 0x800}, {0x4, 0x6, 0x400}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x94}, 0x0, 0x4ad}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0xb2}}]}, 0x104}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
close(r2)
ioctl$SG_IO(r0, 0x2285, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003600010000000000ffdbdf25fcff0080a7317a0f8042d49d5ea54c183f7d9c47856edac9087b71c90ce2df19b6e82fbd762e73ca09d08d05c02678e5346b106d3fd3a5a7388c293862d82a4ec1da9ab111980074cfaae30dbfab1458ba4cb56e226578d0b779c3890f8c509f3f6d0bbd31ce2463a0616a"], 0x14}], 0x1}, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="58000000020605000000000000000000000000030c000300686173683a6970000900020073797a32000000000500040000000000050005000a000000050001000600000014000780080006400000000208000c"], 0x58}}, 0x20000000)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)

2.514699588s ago: executing program 1 (id=168):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) (async)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000080)=<r1=>0x0)
setresuid(0x0, 0xee00, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r3 = fsmount(r0, 0x0, 0x0)
fchdir(r3) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

2.368194282s ago: executing program 1 (id=169):
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, 0x0, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000d40), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000d80)=@e={0xff, 0xa, 0x3, 0x0, @SEQ_CONTROLLER=0xfe, 0x0, 0x4})
syz_usb_connect(0x6, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d00090509", @ANYBLOB="351cca4661fa9187e6ab8fe0b03819ec0593e189fdbeb0b52d5a0ade2e02000000c527a20568ff93d40a420d1e60e80df385a4d538036997d76869239b3bf3083389516b8290037e68d7eb8d038ebdf327898e11a4d43c62", @ANYRESOCT=r0, @ANYRESDEC=r1, @ANYRES32], 0x0)
r2 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write(r3, &(0x7f0000001280)='\f', 0x1)
close(r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002c40)={0x1c, 0x39, 0x2, 0x870bd26, 0xfffffff9, {0x2}, [@nested={0x8, 0x3d, 0x0, 0x1, [@nested={0x4, 0x123}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1000c957}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x5, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x9, 0xa, 0x64, 0x8}, @alu={0x7, 0x1, 0xd, 0x1e, 0x2, 0x80, 0xffffffffffffffff}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffef0}, 0x94)

1.84481918s ago: executing program 2 (id=172):
prctl$PR_GET_NO_NEW_PRIVS(0x27) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030069087a300000000060000000060a010400000000000000000500400008000b400000000038000480340001800b00010074756e6e656c00002400028008"], 0xd4}}, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000280)={0x3, 0x0, [{0x4, 0x1000, &(0x7f0000000600)=""/4096}, {0x3000, 0x49, &(0x7f0000000140)=""/73}, {0xdddd1000, 0x1000, &(0x7f00000022c0)=""/4096}]}) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (async, rerun: 32)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000000240)="800000800000210ee7decd7a000000008100", 0x36, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @broadcast}, 0x14) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv6_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x400}, [@RTA_GATEWAY={0x14, 0x5, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x2400c0c1}, 0x8000)

1.753973793s ago: executing program 1 (id=173):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000001850000002c00000095000000000000004495e980d4ab43a654dbda1289491fde9751ca443daaa97c18e213"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x801, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42404}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8, 0x1, r3}, @IFLA_XDP_EXPECTED_FD={0x8, 0x8, r1}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x303}, "8491badbf9b30683", "ca0bed55e79b4eed9b4fdccef6728c15", "029c324f", "eb05ce6c573deca4"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x304}, "f64e4099107323f5", "53c272d8b763f690b35605dff8a4a8d2", "3da2d199", "72392a24199b5903"}, 0x28)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
r5 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r5, 0x40146f2c, &(0x7f00000000c0)={0x1, 0x0, 0x3, 0x13, 0x4})
ioctl$DVB_DEMUX_DMX_ADD_PID(r5, 0x40026f33, &(0x7f0000000100)=0x5)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, r7, 0x8003, 0x2000000}, [@IFLA_MASTER={0x8, 0xa, r7}]}, 0x28}, 0x1, 0x0, 0x0, 0x24044005}, 0x4054)
write$P9_RSETATTR(r4, &(0x7f00000000c0)={0x7, 0x1b, 0x1}, 0x7)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="01002cbd7000fddbdf252b00000018000180140002"], 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="24000000700001002abd7000fbdbdf2507000000", @ANYRES32=r9, @ANYBLOB='\f'], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.493304263s ago: executing program 2 (id=175):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x64, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1715, 0x4b7bc}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24004844}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x240488c0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000600)=0x1, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x7, 0x201, 0x0, 0x0, {0x5, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x8804}, 0x8004)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = openat$incfs(0xffffffffffffffff, &(0x7f0000000380)='.log\x00', 0x20000, 0x20)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'syztnl0\x00', &(0x7f00000003c0)={'syztnl1\x00', <r3=>0x0, 0x0, 0x5, 0x30, 0x9, 0x24, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4={'\x00', '\xff\xff', @broadcast}, 0x8000, 0x8, 0x4, 0x9}})
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="d800000000000000f9ffffffffffffff000000000000020000000000008000010000000000000200000009000000060000000000000009000000000000000000000000000000ff0000000000008003000000000000000000000000000000ffffff7f58000000ffffffff008000000900"/124, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="010000000400000000000000000000000000200003000000000000002b"], 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000480)={{{@in=@broadcast, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e23, 0x8001, 0x4e20, 0x7, 0x2, 0x0, 0x0, 0x2c, r3, r6}, {0x9, 0x8000000000000000, 0x401, 0x4, 0x9, 0xd87e, 0x80000000, 0x4c6}, {0x9, 0x780, 0x5, 0x1}, 0x1, 0x6e6bbf, 0x2, 0x1, 0x2, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d3, 0x3c}, 0x2, @in=@rand_addr=0x64010102, 0x3505, 0x2, 0x1, 0x3, 0x9, 0x3, 0x7}}, 0xe8)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.424823099s ago: executing program 2 (id=176):
r0 = syz_open_dev$video4linux(&(0x7f00000001c0), 0x2, 0x109080)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000040)=0x1)
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r3, &(0x7f0000000240)={0x11, 0x2, 0x0, 0x1, 0x3, 0x6, @random="da0a311bc11e"}, 0x14)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000240)=ANY=[], 0xfdef)
sync_file_range(r0, 0x9, 0x4e5, 0x5)
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205649, &(0x7f00000002c0)={0xf000000, 0x1, 0x7, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={0x980901, 0xa, '\x00', @p_u16=0x0}})
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000740)={0x0, 0x3ff}, &(0x7f0000000780)=0x8)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x329000, 0x0)
ioctl$TCXONC(r5, 0x560b, 0x0)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000140)="480100001a000708ab0925040900070002ab0700a90100001d60369321001d000a800000000000000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc00030026000000140000270400117c22ebc205214000000000008934d07302ade01720d7d5bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a87", 0x148)

1.32765675s ago: executing program 1 (id=178):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{0x0}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010006017d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB='!\x00'], 0x48)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, 0x0, 0x20040891)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000008c0)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}}, 0x24}}, 0x4048000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0xa)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)

1.325810427s ago: executing program 0 (id=179):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
socket$inet6(0xa, 0x2, 0x3a) (async)
socket$inet6(0xa, 0x2, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x4, 0x2000000000000164, &(0x7f0000000000)=ANY=[@ANYBLOB="0b00000000ecd6518d7e000000000058550ade4c"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = socket(0x18, 0x2, 0x0)
r1 = socket$inet(0x2, 0x803, 0x4)
getsockopt$inet_int(r1, 0x0, 0x16, 0x0, &(0x7f0000008e80)) (async)
getsockopt$inet_int(r1, 0x0, 0x16, 0x0, &(0x7f0000008e80))
accept$ax25(r0, &(0x7f0000000480)={{0x3, @rose}, [@null, @bcast, @bcast, @remote, @null, @bcast, @remote, @rose]}, &(0x7f00000001c0)=0x48) (async)
accept$ax25(r0, &(0x7f0000000480)={{0x3, @rose}, [@null, @bcast, @bcast, @remote, @null, @bcast, @remote, @rose]}, &(0x7f00000001c0)=0x48)
getsockopt$nfc_llcp(r0, 0x88, 0x68, 0x0, 0xfffffffffffffc9a)
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0, 0x76, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xcf, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0, 0x76, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x0, 0x0, 0xcf, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000380)=""/100, 0x64}], 0x1)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) (async)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000))
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
ioctl$sock_rose_SIOCADDRT(r4, 0x890b, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r5, 0x890b, 0x0)
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r6, 0x890b, 0x0)
ioctl$sock_rose_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, @null, @bpq0, 0x0, [@bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}) (async)
ioctl$sock_rose_SIOCDELRT(r6, 0x890c, &(0x7f00000000c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, @null, @bpq0, 0x0, [@bcast, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]})
sendmsg$nl_route(r0, 0x0, 0x20020851)
connect$netrom(r0, 0x0, 0x1a) (async)
connect$netrom(r0, 0x0, 0x1a)
listen(r2, 0x1ad72f7)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, 0x0)

976.757858ms ago: executing program 0 (id=180):
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000004c0)={0x0, &(0x7f0000000000)=[@enable_nested={0x12c, 0x18}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x3, @host16=0xc00, 0x3, 0x7, 0x1}}, @nested_amd_set_intercept={0x181, 0x30, {0x2, 0xe2, 0xc5a, 0x1}}, @wr_crn={0x67, 0x20, {0x4, 0x6}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x2, @guest64=0x280c, 0x5, 0xfff, 0xfff}}, @out_dx={0x6a, 0x28, {0xe524, 0x4, 0x4}}, @wr_crn={0x67, 0x20, {0x3, 0x1ff}}, @set_irq_handler={0xc8, 0x20, {0x5d}}, @wr_drn={0x68, 0x20, {0x7, 0x2ff7}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0xac, 0x51b6, 0x5, 0x7c}}, @nested_vmlaunch={0x12f, 0x18, 0x1}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0x100000001}}, @wr_drn={0x68, 0x20, {0x3}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x1, @guest_nat=0x6808, 0x1, 0xe, 0x8}}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_vmresume={0x130, 0x18}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0xae, 0xffffffffd4b62b16, 0x9, 0x7}}, @wrmsr={0x65, 0x20, {0x265, 0x10000}}, @rdmsr={0x66, 0x18, {0xaed84da6c6a7f27f}}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_vmresume={0x130, 0x18, 0x2}, @nested_amd_vmload={0x182, 0x18}, @wr_drn={0x68, 0x20, {0x2}}, @wrmsr={0x65, 0x20, {0x84f, 0x89d3}}, @nested_load_syzos={0x136, 0xa6, {0x1, 0x5, [@code={0xa, 0x6e, {"410fc71e440fc7700065263e440ff87300f010b300800000470f01df48b803000000010000000f23c00f21f83503000b000f23f866b82a018ee0b9800000c00f3235010000000f302e0f228466baf80cb87fc7418cef66bafc0cb0eeee"}}, @uexit={0x0, 0x18, 0x2}]}}, @nested_load_code={0x12e, 0x75, {0x0, "c4a27d9efcc4c17a2d222e430f01c2b91f0a00000f32b805000000b9d608d2a90f01d9c744240026400000c74424022c7c0000c7442406000000000f01142446abc443754a9e04000000fb3e3e0f01c9b805000000b9e2ea8fdc0f01c1"}}, @nested_amd_clgi={0x17f, 0x10}], 0x48b})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000500), 0x1, 0x23c140)
ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000540)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]})
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000680)={'mangle\x00', 0x69, "7047f7e58668d8578291f463e489cfcc9ad049240e894c988165f98228b0225c99c8b1c9eee2af1881318dc1cec2c3e5526e1e1ebfb7bb70e64f01e1a082f5285355996356aa8d60622d27786304414c4840a7b4ea94d6c84b2b9e900ed5d6772aa6f0485679775f89"}, &(0x7f0000000740)=0x8d)
r2 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
write$6lowpan_control(r2, &(0x7f00000007c0)='disconnect aa:aa:aa:aa:aa:10 1', 0x1e)
write$6lowpan_control(r2, &(0x7f0000000800)='disconnect aa:aa:aa:aa:aa:11 0', 0x1e)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000880)={0x1, 0x7f, 0x3, &(0x7f0000000840)={0x5, "49da7f034d9c8cf5b4e396604013a0104f7998dbe2dceac7bce8d55e9429d3c195"}})
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f00000008c0)={0x6, 0x0, [{0x80000001, 0x1, 0x2, 0x0, 0x400, 0x17b5}, {0x40000001, 0x3, 0x6, 0x4, 0x9, 0x9, 0x8524}, {0x40000018, 0x800, 0x6, 0x0, 0x7d, 0x2, 0x3}, {0x1, 0x7e3, 0x1, 0x7, 0x1, 0x3ff, 0x3}, {0xa, 0x2, 0x7, 0x40, 0x4, 0xb, 0x3}, {0xd, 0xfff, 0x7, 0x401, 0x9, 0x0, 0x7}]})
ioctl$NILFS_IOCTL_GET_BDESCS(r1, 0xc0186e87, &(0x7f0000000ac0)={&(0x7f00000009c0)=[{0x2, 0x2, 0x0, 0x7f, 0xfffffff8}, {0x6dd7, 0x1, 0x0, 0x3, 0x1ff}, {0xfffffffffffffffe, 0x8, 0x100, 0x400000, 0x5}, {0xb, 0x2, 0x9, 0x5, 0xfca}, {0x20811d2f, 0xff94, 0x7, 0x3}], 0x5, 0x28, 0x6, 0x3})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000b00), 0x200, 0x0)
r4 = accept$nfc_llcp(r3, 0x0, &(0x7f0000000b40))
r5 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000c80)={0x0, &(0x7f0000000b80)=[@nested_amd_set_intercept={0x181, 0x30, {0x0, 0xfff, 0x1000, 0x3}}, @in_dx={0x69, 0x20, {0x13a1, 0x2}}, @rdmsr={0x66, 0x18, {0x242}}, @in_dx={0x69, 0x20, {0x7f10, 0x2}}, @rdmsr={0x66, 0x18, {0xbce}}, @set_irq_handler={0xc8, 0x20, {0x80}}, @in_dx={0x69, 0x20, {0x485c, 0x2}}], 0xe0})
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000d40)=[@text32={0x20, &(0x7f0000000cc0)="66f30f2a87003800000f1a9e00700000b9800000c00f3235000800000f300f01d1b92d090000b845000000ba000000000f3066b847000f00d065660f38807caf2a0f01d166bad104ec0f20e035000001000f22e0", 0x54}], 0x1, 0x60, &(0x7f0000000d80), 0x0)
r6 = openat$incfs(r2, &(0x7f0000000dc0)='.log\x00', 0x2400, 0x106)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e40), r3)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000f40)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x3752b36ad132fd9d}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x54, r7, 0x200, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "440a00e4d6a0601eec3a4507a9d520bd9057a3ecbb98ff03"}], @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = syz_open_dev$admmidi(&(0x7f0000000f80), 0xfffffffffffffffd, 0x101a00)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r8, 0x40045731, &(0x7f0000000fc0)=0xf)
io_cancel(0x0, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x6, 0x0, r4, &(0x7f0000001000)="c931e1839aa9427b700c3d4bca109f3a821aeed5e408fd1eed5cd7f2c15aac5fd81d57c3d090e02a5e897193522841079c78ca054bb06ee30264e157cdb0ecb762144ca70de57b4e9410138478b95f", 0x4f, 0x4, 0x0, 0x2}, &(0x7f00000010c0))
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x54a2)
r9 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000011c0)={0x0, &(0x7f0000001100)=[@nested_load_syzos={0x136, 0x38, {0x2, 0x9, [@nested_vmlaunch={0x12f, 0x18, 0x1}]}}, @wrmsr={0x65, 0x20, {0xb53, 0xafd}}, @nested_amd_stgi={0x17e, 0x10}, @out_dx={0x6a, 0x28, {0x90be, 0x0, 0x4ae8}}, @wr_drn={0x68, 0x20, {0x1, 0x6}}], 0xb0})
ioctl$KVM_SET_ONE_REG(r9, 0x4010aeac, &(0x7f0000001240)=@arm64_ccsidr={0x602000000011000c, &(0x7f0000001200)=0x7fff})
r10 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_cpu(r3, 0xc008aec1, &(0x7f0000001280)={0x4, 0x0, [{0x7, 0x5, 0x5, 0x6, 0x1a, 0x0, 0xffff}, {0x2, 0x0, 0x4, 0x9, 0x101, 0x4, 0x1968}, {0x40000001, 0xf78, 0x60a71f5d46e8121d, 0x7f, 0x6, 0x3ff, 0x9}, {0x40000000, 0x6, 0x2, 0x20000, 0x9827, 0x7, 0x5}]})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000001340)={{0x1, 0x1, 0x18, <r11=>r8, {r10}}, './file0\x00'})
ioctl$TIOCL_BLANKSCREEN(r11, 0x541c, &(0x7f0000001380))
ioctl$PIO_FONT(r6, 0x4b61, &(0x7f00000013c0)="6e1ca43564d4dd79f414329cb4f5ba5e455a14732589ac2b9f1dd671adaf79db9db9579fa49edd65df54d3f5f44c297117a8fe6502e1f008d22af9f97c9aab71e5260347e4f772b72607af70bcde8d5ab3d0e3049a3be6054114eac7f5c8cb00318db7351b6685881f59c8355fb4923df30105d0169ba7c3")
recvfrom$unix(r3, &(0x7f0000001440)=""/17, 0x11, 0x10000, &(0x7f0000001480)=@file={0x1, './file0\x00'}, 0x6e)

789.164247ms ago: executing program 0 (id=181):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x29, 0x8, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000000)={r0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_ZERO_CSUM6_TX={0x5}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

778.243259ms ago: executing program 2 (id=182):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x2c, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x70, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a40000c}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000001540), 0x80, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000100)={0x0, 0x3, 0x1, 'x'}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r4, 0x84, 0x19, &(0x7f0000000580)={0x0, 0x3}, 0x8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x7, &(0x7f0000001d80)=0x7, 0x4)
ioctl$CDROM_GET_MCN(r3, 0x5311, 0x0)

694.422463ms ago: executing program 0 (id=183):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000002b80)={0x30, r1, 0x11, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000811}, 0x24000040)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="360a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x20, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f0000000000)={0x8, 'veth0_to_team\x00', {'veth1_to_team\x00'}, 0x6})

527.962552ms ago: executing program 0 (id=184):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x84, r2, 0x200, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}]]}, 0x84}}, 0x20000080)
r4 = epoll_create(0x4)
epoll_wait(r4, &(0x7f0000000180)=[{}], 0x1, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(michael_mic-generic)\x00'}, 0x58)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r6, 0x84, 0x66, &(0x7f0000000240)={0x0, 0x7}, &(0x7f0000000280)=0x8)
r7 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000ac0)={0x20, r7, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8}, {0x4}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000004)

306.988287ms ago: executing program 1 (id=185):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000021000100000000000000000002002000000000000d000000080002"], 0x44}}, 0x20000040)
r1 = syz_open_dev$audion(&(0x7f0000000180), 0x4000200, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa"], 0xcfa4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000000d0a01030000000000000000070000010b00020073797a31000000000900010073797a3100000000"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x240480b1)
sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r0], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x4000)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x9)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x1fb, 0x2, 0x0, 0x1000, &(0x7f00001ff000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000004c0)=@o_path={&(0x7f0000000480)='./file0\x00', 0x0, 0x4010, r0}, 0x18)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc), 0x80, 0x2, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000005c0)=[<r8=>0x0], 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0], 0x1, r8})

71.69048ms ago: executing program 0 (id=186):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0xb, 0x40042)
r1 = userfaultfd(0x80001)
fallocate(0xffffffffffffffff, 0x46, 0x95, 0x7)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r2, 0x0)
ftruncate(r2, 0xc17a)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xe}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x1144280, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r6 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0xfac7})
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x3, <r7=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040)={r7}, 0x4)
r8 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r8, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(r8)

0s ago: executing program 2 (id=187):
mkdir(&(0x7f0000000080)='./file1\x00', 0xb)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x101000)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000a9171809f8dcf159569d5475991f7de1a0d0c119cfcf6b98741c23fb7f8d3002ec85db75af955427e91496087a51a0a78f269a9e216a0d0177c4fe3552396a180330807a5b6e8c79aa92038c78d1f16c1323f0e0c8d45c641a21757847cb22230e4321cc3581e40c62c4defee8cffe359cfeef7f58fffdb48647d28ae810f6d22d20271e9e88e94aa6982bf48356652b08e2fbd404e41e0058aae0478fbe542b648421d1b4486a542a7d478fbe6b5e000000293853f9c68e235184b7ad5b6c4fe70ec8320500db0db7fda3da6171a05509ffecef2cb9802d4f36c9a1ce46d3b355fec188ccfc2f0fc89e164561fb06ee9a0153981a47b5de9edd3536d5534f9a699f73b2c9341d2d05043748ce1f4577ed76cdf5b3c697089daa4abda69a8c0c992404610a6be9e103c972459065dec0488e85a6a0418fc87dd8019ef7bb4ef4fa6ee08d81797570578f2e8198e687012f25a69a90e7515e35f8abbddfa96c3f0485f01f0e9e144a2bd31c1b594c50de7c9efd826f1e19b7bd89ca4052b1985287bd13957a48467e0eeddf564d175bf4340885b63976df609806c3b2a3667539dfd66a7400000000003be6026e60205f761ce85cdf75cdb95ca5d32b5bf87eed4184d49f8f48181ef2419efe82ebb18ee55772d562b3b49551714e805a5211a3f4e8e703c03e23b2074bc573dbb66d59e269b722637c4a2efb5241cae2f14774609ad91d66724c438455dc4fcf0b4c8fc235f6c190b4c82bb2556d1fbcd4468369e98e900c743162ce2c7e60610acf0c8e4ba94a7e7127c7de0e6c35acecee1b8434fdca4579f9ebc6a515f7d910b466eb583fb0a7e65fbecb2b8ee0e9da33afb88aa5da8da3a5e0e58fcb48de6f165826b046a8951a47e040bd419d0efa0f54e8e3694085a7bde6f6494968d8200000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000080)=0x7fffffff, 0x4)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000000040)=r0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="b7000000ecffffff0c0000000000000095000000000000005e0c83dfb64a3eb1cdfa541cd3957aa8a96b9fa4591c1eb556e38defc504b011face5a06294c2115a9ad943bac350e8d7961537181f79ead9176dc7c3ed2d45004deb987fa0d"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff37}, 0x48)
r3 = dup2(r2, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r3, 0x4)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x12, &(0x7f0000000200)={'trans=virtio,', {[{@noextend}]}})

kernel console output (not intermixed with test programs):

[   96.543268][   T40] audit: type=1400 audit(1773172956.339:61): avc:  denied  { siginh } for  pid=5836 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:58766' (ED25519) to the list of known hosts.
[  101.631537][   T40] audit: type=1400 audit(1773172961.449:62): avc:  denied  { name_bind } for  pid=5889 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  101.684307][   T40] audit: type=1400 audit(1773172961.519:63): avc:  denied  { execute } for  pid=5891 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  101.734518][   T40] audit: type=1400 audit(1773172961.519:64): avc:  denied  { execute_no_trans } for  pid=5891 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  106.675193][   T40] audit: type=1400 audit(1773172966.509:65): avc:  denied  { mounton } for  pid=5891 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  106.691164][   T40] audit: type=1400 audit(1773172966.529:66): avc:  denied  { mount } for  pid=5891 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  106.694447][ T5891] cgroup: Unknown subsys name 'net'
[  106.731692][   T40] audit: type=1400 audit(1773172966.569:67): avc:  denied  { unmount } for  pid=5891 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  106.959924][ T5891] cgroup: Unknown subsys name 'cpuset'
[  106.972234][ T5891] cgroup: Unknown subsys name 'rlimit'
[  107.214547][   T40] audit: type=1400 audit(1773172967.049:68): avc:  denied  { setattr } for  pid=5891 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  107.224449][   T40] audit: type=1400 audit(1773172967.049:69): avc:  denied  { create } for  pid=5891 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.257304][   T40] audit: type=1400 audit(1773172967.059:70): avc:  denied  { write } for  pid=5891 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.300369][   T40] audit: type=1400 audit(1773172967.059:71): avc:  denied  { read } for  pid=5891 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  107.326458][   T40] audit: type=1400 audit(1773172967.089:72): avc:  denied  { mounton } for  pid=5891 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  107.358515][   T40] audit: type=1400 audit(1773172967.089:73): avc:  denied  { mount } for  pid=5891 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  107.391571][   T40] audit: type=1400 audit(1773172967.179:74): avc:  denied  { read } for  pid=5640 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  107.419545][ T5928] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[  109.158221][ T5891] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  113.308592][   T10] cfg80211: failed to load regulatory.db
[  118.639719][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  118.639738][   T40] audit: type=1400 audit(1773172978.469:82): avc:  denied  { execmem } for  pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  118.971140][   T40] audit: type=1400 audit(1773172978.779:83): avc:  denied  { create } for  pid=5940 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  118.990542][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  118.995258][   T40] audit: type=1400 audit(1773172978.779:84): avc:  denied  { read write } for  pid=5940 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  119.020732][ T5943] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  119.025164][   T40] audit: type=1400 audit(1773172978.779:85): avc:  denied  { open } for  pid=5940 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  119.025682][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  119.036696][   T40] audit: type=1400 audit(1773172978.809:86): avc:  denied  { ioctl } for  pid=5940 comm="syz-executor" path="socket:[3056]" dev="sockfs" ino=3056 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  119.045540][ T5945] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  119.049616][ T5947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  119.050540][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  119.050646][ T5945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  119.051670][ T5945] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  119.057399][ T5945] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  119.077888][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  119.089449][ T5953] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  119.095172][ T5945] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  119.095739][ T5945] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  119.116622][   T63] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  119.125339][   T40] audit: type=1400 audit(1773172978.949:87): avc:  denied  { read } for  pid=5941 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  119.125387][   T40] audit: type=1400 audit(1773172978.949:88): avc:  denied  { open } for  pid=5941 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  119.126159][   T63] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  119.127443][   T40] audit: type=1400 audit(1773172978.969:89): avc:  denied  { mounton } for  pid=5941 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  119.140267][   T63] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  119.164363][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  119.174012][   T63] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  119.191158][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  119.222407][ T5953] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  119.555343][   T40] audit: type=1400 audit(1773172979.389:90): avc:  denied  { module_request } for  pid=5941 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  119.680184][ T5941] chnl_net:caif_netlink_parms(): no params data found
[  120.050671][ T5946] chnl_net:caif_netlink_parms(): no params data found
[  120.094499][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.111320][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.116193][ T5941] bridge_slave_0: entered allmulticast mode
[  120.121052][ T5941] bridge_slave_0: entered promiscuous mode
[  120.152007][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.160834][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.171849][ T5941] bridge_slave_1: entered allmulticast mode
[  120.177057][ T5941] bridge_slave_1: entered promiscuous mode
[  120.364902][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.377867][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.388666][ T5949] chnl_net:caif_netlink_parms(): no params data found
[  120.529682][ T5941] team0: Port device team_slave_0 added
[  120.533581][ T5940] chnl_net:caif_netlink_parms(): no params data found
[  120.562608][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.565511][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.568770][ T5946] bridge_slave_0: entered allmulticast mode
[  120.587746][ T5946] bridge_slave_0: entered promiscuous mode
[  120.614552][ T5941] team0: Port device team_slave_1 added
[  120.668655][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.671170][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.673645][ T5946] bridge_slave_1: entered allmulticast mode
[  120.680301][ T5946] bridge_slave_1: entered promiscuous mode
[  120.786288][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.789866][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  120.802845][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.812410][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.816242][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  120.836165][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.952982][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.000825][ T5941] hsr_slave_0: entered promiscuous mode
[  121.006321][ T5941] hsr_slave_1: entered promiscuous mode
[  121.022633][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.041299][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.045942][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.049963][ T5949] bridge_slave_0: entered allmulticast mode
[  121.058131][ T5949] bridge_slave_0: entered promiscuous mode
[  121.064543][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.067466][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.072282][ T5940] bridge_slave_0: entered allmulticast mode
[  121.083012][ T5940] bridge_slave_0: entered promiscuous mode
[  121.121256][ T5947] Bluetooth: hci1: command tx timeout
[  121.125646][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.128593][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.132550][ T5949] bridge_slave_1: entered allmulticast mode
[  121.139567][ T5949] bridge_slave_1: entered promiscuous mode
[  121.144379][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.147353][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.150150][ T5940] bridge_slave_1: entered allmulticast mode
[  121.153364][ T5940] bridge_slave_1: entered promiscuous mode
[  121.171297][ T5946] team0: Port device team_slave_0 added
[  121.187598][ T5946] team0: Port device team_slave_1 added
[  121.285274][ T5947] Bluetooth: hci0: command tx timeout
[  121.300707][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.313864][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.317507][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.331668][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.340437][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.343880][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.356637][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.356730][ T5947] Bluetooth: hci2: command tx timeout
[  121.365463][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.368898][ T5947] Bluetooth: hci3: command tx timeout
[  121.383249][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.417767][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.512338][ T5949] team0: Port device team_slave_0 added
[  121.526927][ T5949] team0: Port device team_slave_1 added
[  121.617389][ T5940] team0: Port device team_slave_0 added
[  121.733203][ T5940] team0: Port device team_slave_1 added
[  121.797910][ T5946] hsr_slave_0: entered promiscuous mode
[  121.805801][ T5946] hsr_slave_1: entered promiscuous mode
[  121.809879][ T5946] debugfs: 'hsr0' already exists in 'hsr'
[  121.812598][ T5946] Cannot create hsr debugfs directory
[  121.816326][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.818965][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.831015][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.901984][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.904678][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.920344][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.927996][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.932451][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  121.951613][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.984837][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.990297][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  122.007734][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.234439][ T5940] hsr_slave_0: entered promiscuous mode
[  122.239318][ T5940] hsr_slave_1: entered promiscuous mode
[  122.241754][ T5940] debugfs: 'hsr0' already exists in 'hsr'
[  122.244255][ T5940] Cannot create hsr debugfs directory
[  122.252293][ T5949] hsr_slave_0: entered promiscuous mode
[  122.259400][ T5949] hsr_slave_1: entered promiscuous mode
[  122.267589][ T5949] debugfs: 'hsr0' already exists in 'hsr'
[  122.270109][ T5949] Cannot create hsr debugfs directory
[  122.425336][ T5941] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  122.468377][ T5941] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  122.537027][ T5941] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  122.556107][ T5941] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  122.909529][ T5946] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  122.948901][ T5946] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  122.958533][ T5946] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  123.000457][ T5946] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  123.210811][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.216045][ T5947] Bluetooth: hci1: command tx timeout
[  123.228189][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.250571][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.263144][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.282467][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.366403][ T5947] Bluetooth: hci0: command tx timeout
[  123.413253][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[  123.477902][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.481314][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.488142][ T5943] Bluetooth: hci3: command tx timeout
[  123.488327][ T5947] Bluetooth: hci2: command tx timeout
[  123.514170][ T5949] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  123.548334][ T5949] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  123.556430][ T5949] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  123.577735][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.580871][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.629095][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[  123.643620][ T5949] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  123.913097][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[  123.945676][   T40] audit: type=1400 audit(1773172983.769:91): avc:  denied  { sys_module } for  pid=5941 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  123.971479][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.974826][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.081470][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.085278][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.106135][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.211507][ T5946] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  124.229245][ T5946] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  124.348371][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[  124.425640][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.441975][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.444809][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.513384][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.524628][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.614459][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[  124.636424][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.661269][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.740258][ T5940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  124.807591][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.810981][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.920978][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.930257][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.992709][ T5941] veth0_vlan: entered promiscuous mode
[  125.064849][ T5946] veth0_vlan: entered promiscuous mode
[  125.091475][ T5941] veth1_vlan: entered promiscuous mode
[  125.114752][ T5946] veth1_vlan: entered promiscuous mode
[  125.264489][ T5941] veth0_macvtap: entered promiscuous mode
[  125.275292][ T5947] Bluetooth: hci1: command tx timeout
[  125.307874][ T5946] veth0_macvtap: entered promiscuous mode
[  125.328056][ T5941] veth1_macvtap: entered promiscuous mode
[  125.333917][ T5946] veth1_macvtap: entered promiscuous mode
[  125.369171][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.406261][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.424905][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.436879][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.438902][ T5947] Bluetooth: hci0: command tx timeout
[  125.473554][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.535601][ T5947] Bluetooth: hci3: command tx timeout
[  125.537633][ T5947] Bluetooth: hci2: command tx timeout
[  125.606751][  T104] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.613388][  T104] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.633743][  T104] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.638762][  T104] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.662283][ T5940] veth0_vlan: entered promiscuous mode
[  125.672378][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.679516][  T104] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.683255][  T104] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.687252][  T104] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.699516][ T5940] veth1_vlan: entered promiscuous mode
[  125.741901][  T104] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.910180][ T5940] veth0_macvtap: entered promiscuous mode
[  125.972001][ T5940] veth1_macvtap: entered promiscuous mode
[  126.047070][ T1255] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.052339][ T1255] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.063774][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.065938][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.070297][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.113487][ T5949] veth0_vlan: entered promiscuous mode
[  126.219100][ T5949] veth1_vlan: entered promiscuous mode
[  126.250902][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.265135][  T104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.268302][  T104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.295586][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.299132][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.301051][ T1150] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.309862][ T1150] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.355172][   T40] audit: type=1400 audit(1773172986.189:92): avc:  denied  { mount } for  pid=5946 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  126.375629][   T40] audit: type=1400 audit(1773172986.189:93): avc:  denied  { mounton } for  pid=5946 comm="syz-executor" path="/syzkaller.NFgAsj/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  126.396197][   T40] audit: type=1400 audit(1773172986.189:94): avc:  denied  { mount } for  pid=5946 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  126.412942][   T40] audit: type=1400 audit(1773172986.199:95): avc:  denied  { mounton } for  pid=5946 comm="syz-executor" path="/syzkaller.NFgAsj/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  126.426954][   T40] audit: type=1400 audit(1773172986.199:96): avc:  denied  { mounton } for  pid=5946 comm="syz-executor" path="/syzkaller.NFgAsj/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  126.427134][ T1150] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.447461][   T40] audit: type=1400 audit(1773172986.219:97): avc:  denied  { unmount } for  pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  126.447505][   T40] audit: type=1400 audit(1773172986.259:98): avc:  denied  { mounton } for  pid=5946 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2840 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  126.447542][   T40] audit: type=1400 audit(1773172986.259:99): avc:  denied  { mount } for  pid=5946 comm="syz-executor" name="/" dev="gadgetfs" ino=7095 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  126.447573][   T40] audit: type=1400 audit(1773172986.259:100): avc:  denied  { mount } for  pid=5946 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  126.548271][ T1150] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.570414][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  126.581318][ T5949] veth0_macvtap: entered promiscuous mode
[  126.629815][ T5949] veth1_macvtap: entered promiscuous mode
[  126.752101][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.791850][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.805107][  T104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.846147][  T104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.930800][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.963216][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.080715][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.084167][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.101402][ T1255] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.118056][ T1255] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.155234][ T6034] pimreg: tun_chr_ioctl cmd 1074025677
[  127.194592][ T6034] pimreg: linktype set to 780
[  127.361153][ T6040] warning: `syz.3.5' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  127.365227][ T5947] Bluetooth: hci1: command tx timeout
[  127.368746][ T5947] Bluetooth: hci2: Malformed Event: 0x2f
[  127.370628][ T6039] Bluetooth: MGMT ver 1.23
[  127.376818][  T104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.381950][  T104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.383978][ T6039] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  127.522410][ T5947] Bluetooth: hci0: command tx timeout
[  127.557691][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.563204][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.603637][ T5947] Bluetooth: hci2: command tx timeout
[  127.606783][ T5947] Bluetooth: hci3: command tx timeout
[  127.637722][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'.
[  127.976160][ T6052] syz.1.7 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  127.997487][ T6048] syzkaller1: entered promiscuous mode
[  127.997512][ T6048] syzkaller1: entered allmulticast mode
[  128.019626][ T6049] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  128.420341][ T6061] support for cryptoloop has been removed.  Use dm-crypt instead.
[  128.529653][ T6064] netlink: 76 bytes leftover after parsing attributes in process `syz.1.10'.
[  128.963956][   T40] kauditd_printk_skb: 50 callbacks suppressed
[  128.963973][   T40] audit: type=1326 audit(1773172988.799:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.1.14" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc4eab9c799 code=0x0
[  129.041507][ T6078] Zero length message leads to an empty skb
[  129.058483][ T6078] netlink: 68 bytes leftover after parsing attributes in process `syz.1.14'.
[  129.064625][  T957] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  129.080974][   T40] audit: type=1326 audit(1773172988.919:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6075 comm="syz.1.14" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc4eab9c799 code=0x0
[  129.157431][ T6082] mkiss: ax0: crc mode is auto.
[  129.292102][  T957] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  129.298012][  T957] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  129.303163][  T957] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  129.309319][  T957] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.317065][  T957] usb 7-1: config 0 descriptor??
[  129.340900][  T957] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  129.352803][  T957] dvb-usb: bulk message failed: -22 (3/0)
[  129.365667][  T957] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  129.371605][  T957] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  129.377534][  T957] usb 7-1: media controller created
[  129.383586][  T957] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  129.396305][  T957] dvb-usb: bulk message failed: -22 (6/0)
[  129.396431][  T957] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  129.428510][  T957] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input5
[  129.450614][  T957] dvb-usb: schedule remote query interval to 150 msecs.
[  129.450635][  T957] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  129.527079][   T40] audit: type=1400 audit(1773172989.359:153): avc:  denied  { read } for  pid=6065 comm="syz.2.11" name="event4" dev="devtmpfs" ino=2857 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.538676][   T40] audit: type=1400 audit(1773172989.359:154): avc:  denied  { open } for  pid=6065 comm="syz.2.11" path="/dev/input/event4" dev="devtmpfs" ino=2857 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.551794][   T40] audit: type=1400 audit(1773172989.359:155): avc:  denied  { ioctl } for  pid=6065 comm="syz.2.11" path="/dev/input/event4" dev="devtmpfs" ino=2857 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  129.568855][   T40] audit: type=1400 audit(1773172989.379:156): avc:  denied  { create } for  pid=6065 comm="syz.2.11" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  129.612530][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  129.616501][   T10] dvb-usb: error while querying for an remote control event.
[  129.620855][ T6030] usb 7-1: USB disconnect, device number 2
[  129.674972][ T6030] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  129.875203][   T40] audit: type=1400 audit(1773172989.709:157): avc:  denied  { mount } for  pid=6083 comm="syz.0.16" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  129.891728][   T40] audit: type=1400 audit(1773172989.709:158): avc:  denied  { read } for  pid=6083 comm="syz.0.16" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  129.893516][ T6087] netlink: 'syz.1.17': attribute type 1 has an invalid length.
[  129.918201][   T40] audit: type=1400 audit(1773172989.709:159): avc:  denied  { open } for  pid=6083 comm="syz.0.16" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  129.941855][   T40] audit: type=1400 audit(1773172989.709:160): avc:  denied  { ioctl } for  pid=6083 comm="syz.0.16" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  129.943689][ T6087] team0: Port device ip6gretap1 added
[  130.659533][ T6109] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  130.664717][ T6109] block device autoloading is deprecated and will be removed.
[  131.212475][ T6125] efs: device does not support 512 byte blocks
[  131.222546][ T6125] device does not support 512 byte blocks
[  131.222546][ T6125] 
[  131.233384][ T6125] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30'.
[  131.300308][ T6125] 8021q: adding VLAN 0 to HW filter on device bond1
[  131.356276][ T6132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.381152][ T6125] netlink: 'syz.1.30': attribute type 4 has an invalid length.
[  131.386449][ T6125] netlink: 152 bytes leftover after parsing attributes in process `syz.1.30'.
[  131.399090][ T6125] .`: renamed from bond0 (while UP)
[  131.408328][ T6132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.444890][ T6117] netem: change failed
[  131.608148][   T10] usb 8-1: new low-speed USB device number 2 using dummy_hcd
[  131.640232][ T6129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.649706][ T6129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.769449][ T6140] netlink: 24 bytes leftover after parsing attributes in process `syz.1.34'.
[  131.784118][   T10] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  131.797305][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  131.808411][ T6139] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  131.822716][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  131.822762][   T10] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  131.822782][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.855484][ T6131] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  131.859927][ T6139] overlayfs: failed to set xattr on upper
[  131.869466][ T6139] overlayfs: ...falling back to redirect_dir=nofollow.
[  131.871089][   T10] hub 8-1:1.0: bad descriptor, ignoring hub
[  131.872794][ T6139] overlayfs: ...falling back to index=off.
[  131.884974][ T6139] overlayfs: ...falling back to uuid=null.
[  131.889653][ T6139] overlayfs: conflicting lowerdir path
[  131.892589][   T10] hub 8-1:1.0: probe with driver hub failed with error -5
[  131.902654][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  131.906614][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  131.937786][   T10] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  131.942714][   T10] cdc_wdm 8-1:1.0: Unknown control protocol
[  132.221189][  T832] usb 8-1: USB disconnect, device number 2
[  132.578342][ T1150] nci: nci_rx_work: unknown MT 0x5
[  132.835561][ T6169] capability: warning: `syz.1.42' uses 32-bit capabilities (legacy support in use)
[  135.421238][ T6157] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  135.841024][ T6187] netlink: 'syz.0.47': attribute type 11 has an invalid length.
[  135.845248][ T6187] netlink: 244 bytes leftover after parsing attributes in process `syz.0.47'.
[  135.857117][ T5766] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  135.956423][   T40] kauditd_printk_skb: 57 callbacks suppressed
[  135.956442][   T40] audit: type=1400 audit(1773172995.799:218): avc:  denied  { search } for  pid=5640 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  135.972905][   T40] audit: type=1400 audit(1773172995.799:219): avc:  denied  { search } for  pid=5640 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  135.983537][   T40] audit: type=1400 audit(1773172995.799:220): avc:  denied  { search } for  pid=5640 comm="dhcpcd" name="data" dev="tmpfs" ino=13 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  136.045495][   T40] audit: type=1400 audit(1773172995.879:221): avc:  denied  { read open } for  pid=6192 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1906 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  136.065445][   T40] audit: type=1400 audit(1773172995.879:222): avc:  denied  { getattr } for  pid=6192 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1906 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  136.115478][  T957] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  136.120306][ T5766] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  136.123146][   T40] audit: type=1400 audit(1773172995.899:223): avc:  denied  { create } for  pid=6193 comm="syz.0.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  136.130142][ T5766] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  136.157069][   T40] audit: type=1400 audit(1773172995.899:224): avc:  denied  { add_name } for  pid=6191 comm="dhcpcd-run-hook" name="resolv.conf.wlan2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  136.157111][ T1150] Bluetooth: (null): Invalid header checksum
[  136.157117][   T40] audit: type=1400 audit(1773172995.899:225): avc:  denied  { create } for  pid=6191 comm="dhcpcd-run-hook" name="resolv.conf.wlan2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  136.157159][   T40] audit: type=1326 audit(1773172995.899:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6193 comm="syz.0.49" exe="/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f6c5a59c799 code=0x0
[  136.157195][   T40] audit: type=1400 audit(1773172995.899:227): avc:  denied  { write } for  pid=6191 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.wlan2.link" dev="tmpfs" ino=2249 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  136.174682][ T6194] syz.0.49 uses obsolete (PF_INET,SOCK_PACKET)
[  136.178833][ T5766] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  136.221113][ T6194] netlink: 880 bytes leftover after parsing attributes in process `syz.0.49'.
[  136.227195][ T5766] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.260788][   T42] Bluetooth: (null): Invalid header checksum
[  136.327349][ T6180] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  136.368188][  T184] Bluetooth: (null): Invalid header checksum
[  136.378903][ T5766] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  136.434139][  T957] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  136.452018][  T957] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  136.463010][  T957] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  136.475977][  T184] Bluetooth: (null): Invalid header checksum
[  136.489399][  T957] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  136.630361][  T184] Bluetooth: (null): Invalid header checksum
[  136.743997][   T42] Bluetooth: (null): Invalid header checksum
[  136.828155][  T957] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  136.836539][   T42] Bluetooth: (null): Invalid header checksum
[  136.848534][  T957] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.905087][  T957] usb 8-1: Product: syz
[  136.909663][  T957] usb 8-1: Manufacturer: syz
[  136.938475][  T957] usb 8-1: SerialNumber: syz
[  136.948700][   T42] Bluetooth: (null): Invalid header checksum
[  136.957754][ T5766] usb 6-1: USB disconnect, device number 2
[  137.013670][  T957] usb 8-1: config 0 descriptor??
[  137.111961][   T42] Bluetooth: (null): Invalid header checksum
[  137.240121][   T42] Bluetooth: (null): Invalid header checksum
[  137.279256][  T957] adutux 8-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  137.311674][   T42] Bluetooth: (null): Invalid header checksum
[  137.557943][   T53] usb 8-1: USB disconnect, device number 3
[  138.326649][ T6243] netlink: 12 bytes leftover after parsing attributes in process `syz.3.56'.
[  139.073286][ T6276] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  139.764071][ T6299] xt_l2tp: v2 doesn't support IP mode
[  141.143075][   T40] kauditd_printk_skb: 57 callbacks suppressed
[  141.143093][   T40] audit: type=1400 audit(1773173000.979:285): avc:  denied  { map_read map_write } for  pid=6181 comm="syz.2.46" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  141.267433][   T40] audit: type=1400 audit(1773173001.099:286): avc:  denied  { create } for  pid=6326 comm="syz.2.81" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  141.426765][ T6333] netlink: 36 bytes leftover after parsing attributes in process `syz.2.82'.
[  141.631057][   T40] audit: type=1400 audit(1773173001.429:287): avc:  denied  { prog_load } for  pid=6335 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  141.683950][   T40] audit: type=1400 audit(1773173001.429:288): avc:  denied  { prog_run } for  pid=6335 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  142.142636][ T6345] netlink: 244 bytes leftover after parsing attributes in process `syz.0.87'.
[  142.186994][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.87'.
[  142.196354][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.87'.
[  142.208001][   T40] audit: type=1400 audit(1773173002.039:289): avc:  denied  { allowed } for  pid=6346 comm="syz.2.86" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  142.247741][ T6345] openvswitch: netlink: Flow key attr not present in new flow.
[  142.470155][   T40] audit: type=1400 audit(1773173002.309:290): avc:  denied  { create } for  pid=6358 comm="syz.0.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  142.708874][ T6360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.88'.
[  142.771584][ T6364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.88'.
[  142.775335][ T6364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'.
[  142.807111][   T40] audit: type=1400 audit(1773173002.639:291): avc:  denied  { mounton } for  pid=6367 comm="syz.1.91" path="/33/file0" dev="tmpfs" ino=211 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  142.807163][ T6368] fuse: Unknown parameter 'group_i�h����d'
[  142.874526][ T6360] 8021q: adding VLAN 0 to HW filter on device bond1
[  142.910898][ T6371] netlink: 'syz.3.92': attribute type 1 has an invalid length.
[  142.915705][   T40] audit: type=1400 audit(1773173002.749:292): avc:  denied  { write } for  pid=6370 comm="syz.3.92" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  142.917813][ T6364] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.918752][ T6371] netlink: 'syz.3.92': attribute type 2 has an invalid length.
[  142.936261][ T6364] bond1: (slave bond0): making interface the new active one
[  142.962406][   T40] audit: type=1400 audit(1773173002.749:293): avc:  denied  { open } for  pid=6370 comm="syz.3.92" path="/dev/ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  142.969788][ T6364] bond1: (slave bond0): Enslaving as an active interface with an up link
[  142.971408][   T40] audit: type=1400 audit(1773173002.749:294): avc:  denied  { ioctl } for  pid=6370 comm="syz.3.92" path="/dev/ptp0" dev="devtmpfs" ino=729 ioctlcmd=0x3d10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  143.105293][ T1335] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  143.329895][ T1335] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.336078][ T1335] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.340766][ T1335] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  143.346315][ T1335] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  143.353516][ T1335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.394107][ T1335] usb 6-1: config 0 descriptor??
[  143.807436][ T6388] futex_wake_op: syz.0.95 tries to shift op by -1; fix this program
[  143.906067][ T1335] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  144.289649][   T10] usb 6-1: USB disconnect, device number 3
[  144.321506][ T6398] plantronics 0003:047F:FFFF.0002: usb_submit_urb(ctrl) failed: -19
[  144.639713][ T6415] xt_l2tp: wrong L2TP version: 0
[  144.893298][ T6423] ufs: You didn't specify the type of your ufs filesystem
[  144.893298][ T6423] 
[  144.893298][ T6423] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  144.893298][ T6423] 
[  144.893298][ T6423] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  144.917347][ T6423] ufs: ufstype=old is supported read-only
[  144.938501][ T6423] ufs: ufs_fill_super(): bad magic number
[  145.308203][ T6433] program syz.2.106 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  145.633311][ T6440] netlink: 'syz.1.109': attribute type 29 has an invalid length.
[  145.637694][ T6440] netlink: 'syz.1.109': attribute type 29 has an invalid length.
[  145.638231][ T5766] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  145.655787][ T6440] netlink: 500 bytes leftover after parsing attributes in process `syz.1.109'.
[  145.656657][ T6440] process 'syz.1.109' launched './file2' with NULL argv: empty string added
[  145.793897][ T6442] xt_bpf: check failed: parse error
[  145.829559][ T6444] overlayfs: failed to resolve './file0': -2
[  145.901981][ T5766] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  145.914396][ T5766] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  145.930825][ T5766] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  145.956492][ T5766] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.175610][ T6458] fuse: Bad value for 'group_id'
[  146.177491][ T6458] fuse: Bad value for 'group_id'
[  146.209191][ T5766] usb 7-1: usb_control_msg returned -32
[  146.245224][ T5766] usbtmc 7-1:16.0: can't read capabilities
[  146.261714][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  146.261731][   T40] audit: type=1400 audit(1773173006.099:306): avc:  denied  { create } for  pid=6456 comm="syz.3.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  146.273812][ T6457] =======================================================
[  146.273812][ T6457] WARNING: The mand mount option has been deprecated and
[  146.273812][ T6457]          and is ignored by this kernel. Remove the mand
[  146.273812][ T6457]          option from the mount to silence this warning.
[  146.273812][ T6457] =======================================================
[  146.286503][   T40] audit: type=1400 audit(1773173006.099:307): avc:  denied  { setopt } for  pid=6456 comm="syz.3.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  146.335124][   T40] audit: type=1400 audit(1773173006.109:308): avc:  denied  { remount } for  pid=6456 comm="syz.3.113" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  146.568856][   T40] audit: type=1400 audit(1773173006.409:309): avc:  denied  { write } for  pid=6430 comm="syz.2.106" name="usbtmc0" dev="devtmpfs" ino=2900 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  146.641521][ T6466] binder: 6465:6466 ioctl 4018620d 0 returned -22
[  146.659592][   T40] audit: type=1400 audit(1773173006.419:310): avc:  denied  { execute } for  pid=6465 comm="syz.0.115" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=12679 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  146.679841][   T40] audit: type=1400 audit(1773173006.479:311): avc:  denied  { read } for  pid=6465 comm="syz.0.115" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  146.695264][ T1335] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  146.695999][   T40] audit: type=1400 audit(1773173006.479:312): avc:  denied  { open } for  pid=6465 comm="syz.0.115" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  146.716286][   T40] audit: type=1400 audit(1773173006.479:313): avc:  denied  { ioctl } for  pid=6465 comm="syz.0.115" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  146.736749][   T40] audit: type=1400 audit(1773173006.479:314): avc:  denied  { watch_mount watch_reads } for  pid=6465 comm="syz.0.115" path="/27" dev="tmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  146.753176][   T40] audit: type=1400 audit(1773173006.509:315): avc:  denied  { unlink } for  pid=6430 comm="syz.2.106" name="#f" dev="tmpfs" ino=133 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  146.842398][ T6472] netlink: 32 bytes leftover after parsing attributes in process `syz.0.116'.
[  146.852273][ T1335] usb 8-1: Using ep0 maxpacket: 8
[  146.871502][ T1335] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  146.882958][ T1335] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  146.902448][ T1335] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  146.918281][ T1335] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  146.928530][ T1335] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  146.933745][ T1335] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.184185][ T1335] usb 8-1: GET_CAPABILITIES returned 0
[  147.195208][ T1335] usbtmc 8-1:16.0: can't read capabilities
[  147.542561][ T6457] overlayfs: statfs failed on './file0'
[  147.558863][ T6004] usb 8-1: USB disconnect, device number 4
[  147.925899][ T6488] usb 7-1: USB disconnect, device number 3
[  148.349235][ T6502] netlink: 36 bytes leftover after parsing attributes in process `syz.0.123'.
[  148.363424][ T6502] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.377865][ T6502] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.398331][ T6499] overlayfs: failed lookup in lower (newroot/41, name='bus', err=-40): overlapping layers
[  148.575668][ T6509] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  148.944068][ T1335] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  149.127159][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  149.156339][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  149.187472][ T1335] usb 8-1: Using ep0 maxpacket: 8
[  149.194818][ T1335] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  149.199350][ T1335] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.204612][ T1335] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  149.210968][ T1335] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  149.217442][ T1335] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.222683][ T1335] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  149.226382][ T1335] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.515388][ T1335] usb 8-1: usb_control_msg returned -32
[  149.539556][ T1335] usbtmc 8-1:16.0: can't read capabilities
[  149.705282][ T6031] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  149.751781][ T6538] loop4: detected capacity change from 0 to 7
[  149.755738][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.763605][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.768873][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.773246][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.778418][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.781639][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.796889][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.802213][ T6538] ldm_validate_partition_table(): Disk read failed.
[  149.824256][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.840590][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.857893][ T6538] Buffer I/O error on dev loop4, logical block 0, async page read
[  149.860935][ T6538] Dev loop4: unable to read RDB block 0
[  149.863094][ T6538]  loop4: unable to read partition table
[  149.865804][ T6538] loop4: partition table beyond EOD, truncated
[  149.879677][ T6540] usbtmc 8-1:16.0: INITIATE_ABORT_BULK_IN returned 0
[  149.880018][ T6031] usb 5-1: Using ep0 maxpacket: 8
[  149.885303][ T6538] loop_reread_partitions: partition scan of loop4 (���������S�j��	���%��`��ր����5) failed (rc=-5)
[  149.934674][ T6031] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  149.936515][ T6540] vcan0: entered promiscuous mode
[  149.941660][ T6031] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.942856][ T6540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.127'.
[  149.949832][ T6031] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  149.949859][ T6031] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  149.949876][ T6031] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.949908][ T6031] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  149.949925][ T6031] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.966665][ T6542] unsupported nla_type 4111
[  150.048532][ T6544] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6544 comm=syz.1.133
[  150.065916][ T6542] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4102 sclass=netlink_route_socket pid=6542 comm=syz.1.133
[  150.074052][ T6542] netlink: 12 bytes leftover after parsing attributes in process `syz.1.133'.
[  150.092769][ T1335] usb 8-1: USB disconnect, device number 5
[  150.115478][ T6542] netlink: 12 bytes leftover after parsing attributes in process `syz.1.133'.
[  150.187083][ T6031] usb 5-1: usb_control_msg returned -32
[  150.192210][ T6031] usbtmc 5-1:16.0: can't read capabilities
[  150.260412][ T6550] fuse: Invalid rootmode
[  150.472633][ T6558] random: crng reseeded on system resumption
[  150.518070][ T6558] Unrecognized hibernate image header format!
[  150.520751][ T6558] PM: hibernation: Image mismatch: architecture specific data
[  150.740495][   T39] usb 5-1: USB disconnect, device number 2
[  150.852216][ T6569] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  150.879849][ T6569] tipc: Started in network mode
[  150.882820][ T6569] tipc: Node identity ac14140f, cluster identity 4711
[  150.887094][ T6569] tipc: New replicast peer: 255.255.255.255
[  150.907395][ T6569] tipc: Enabled bearer <udp:syz2>, priority 10
[  151.058612][ T6575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.140'.
[  151.061873][ T6575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.140'.
[  151.571857][ T6566] ALSA: mixer_oss: invalid OSS volume ';�'
[  151.866307][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  151.866323][   T40] audit: type=1400 audit(1773173011.709:341): avc:  denied  { create } for  pid=6591 comm="syz.1.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  151.906649][ T1335] tipc: Node number set to 2886997007
[  151.939547][ T6597] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  151.970158][ T6597] CIFS mount error: No usable UNC path provided in device string!
[  151.970158][ T6597] 
[  151.980731][ T6597] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  152.352731][ T6605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6605 comm=syz.0.148
[  152.365942][ T6605] netlink: 'syz.0.148': attribute type 1 has an invalid length.
[  152.402550][ T6605] bond2: entered promiscuous mode
[  152.407034][ T6605] 8021q: adding VLAN 0 to HW filter on device bond2
[  152.422540][ T6605] netlink: 28 bytes leftover after parsing attributes in process `syz.0.148'.
[  152.442772][ T6605] bond2: entered allmulticast mode
[  152.490377][ T6605] bond2: (slave bridge1): making interface the new active one
[  152.509653][ T6605] bridge1: entered promiscuous mode
[  152.512578][ T6605] bridge1: entered allmulticast mode
[  152.528047][ T6605] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  152.666684][   T40] audit: type=1400 audit(1773173012.489:342): avc:  denied  { getopt } for  pid=6613 comm="syz.0.152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  152.688590][   T40] audit: type=1400 audit(1773173012.519:343): avc:  denied  { append } for  pid=6616 comm="syz.1.151" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  152.797588][ T5947] Bluetooth: hci4: command 0xfc11 tx timeout
[  152.806550][ T5943] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  152.871572][   T40] audit: type=1400 audit(1773173012.689:344): avc:  denied  { remount } for  pid=6622 comm="syz.3.154" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  152.956027][   T40] audit: type=1400 audit(1773173012.779:345): avc:  denied  { unmount } for  pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  153.115413][   T40] audit: type=1400 audit(1773173012.949:346): avc:  denied  { read } for  pid=6630 comm="syz.3.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  153.592840][   T40] audit: type=1400 audit(1773173013.419:347): avc:  denied  { create } for  pid=6641 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  153.623707][   T40] audit: type=1400 audit(1773173013.459:348): avc:  denied  { setopt } for  pid=6641 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  153.877274][   T40] audit: type=1400 audit(1773173013.679:349): avc:  denied  { write } for  pid=6649 comm="syz.1.161" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  154.239031][ T6662] netlink: 'syz.3.164': attribute type 3 has an invalid length.
[  154.242236][ T6662] netlink: 'syz.3.164': attribute type 1 has an invalid length.
[  154.252908][   T40] audit: type=1400 audit(1773173014.059:350): avc:  denied  { append } for  pid=6660 comm="syz.1.163" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  154.762898][ T6674] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  154.762898][ T6674]    program syz.1.167 not setting count and/or reply_len properly
[  155.336128][ T6683] program syz.0.170 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  155.341048][ T6683] ata1.00: invalid transfer count 0
[  155.717450][ T6695] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  155.903834][ T6704] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  156.290351][ T6719] bpq0: entered allmulticast mode
[  156.331305][ T6714] netlink: 'syz.2.176': attribute type 29 has an invalid length.
[  156.337133][ T6714] netlink: 'syz.2.176': attribute type 3 has an invalid length.
[  156.342859][ T6714] netlink: 76 bytes leftover after parsing attributes in process `syz.2.176'.
[  156.599868][ T6727] geneve3: entered promiscuous mode
[  157.142438][ T6743] netlink: 32 bytes leftover after parsing attributes in process `syz.1.185'.
[  157.154653][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  157.154670][   T40] audit: type=1400 audit(1773173016.989:365): avc:  denied  { create } for  pid=6742 comm="syz.1.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  157.174591][   T40] audit: type=1400 audit(1773173016.989:366): avc:  denied  { write } for  pid=6742 comm="syz.1.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  157.438179][   T40] audit: type=1400 audit(1773173017.269:367): avc:  denied  { setopt } for  pid=6745 comm="syz.0.186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  157.498740][    C3] ==================================================================
[  157.503339][    C3] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x3a/0x60
[  157.508368][    C3] Read of size 1 at addr ffff888026f27418 by task syz.0.186/6747
[  157.512905][    C3] 
[  157.514051][    C3] CPU: 3 UID: 0 PID: 6747 Comm: syz.0.186 Not tainted syzkaller #0 PREEMPT(full) 
[  157.514072][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.514083][    C3] Call Trace:
[  157.514089][    C3]  <IRQ>
[  157.514096][    C3]  dump_stack_lvl+0x100/0x190
[  157.514127][    C3]  print_report+0x156/0x4c9
[  157.514150][    C3]  ? __virt_addr_valid+0x81/0x620
[  157.514173][    C3]  ? __phys_addr+0xe8/0x180
[  157.514195][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.514221][    C3]  kasan_report+0xdf/0x1e0
[  157.514238][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.514264][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.514288][    C3]  __kasan_check_byte+0x36/0x50
[  157.514313][    C3]  lock_acquire+0x148/0x380
[  157.514337][    C3]  ? do_raw_spin_unlock+0x53/0x1e0
[  157.514353][    C3]  ? .slowpath+0x9/0x18
[  157.514369][    C3]  _raw_spin_lock_irqsave+0x3a/0x60
[  157.514393][    C3]  ? p9_req_put+0xaf/0x250
[  157.514410][    C3]  p9_req_put+0xaf/0x250
[  157.514428][    C3]  req_done+0x1dc/0x2e0
[  157.514453][    C3]  ? __pfx_req_done+0x10/0x10
[  157.514476][    C3]  ? clockevents_program_event+0x151/0x360
[  157.514496][    C3]  ? __pfx_req_done+0x10/0x10
[  157.514518][    C3]  vring_interrupt+0x2ef/0x650
[  157.514559][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[  157.514583][    C3]  __handle_irq_event_percpu+0x232/0x8e0
[  157.514610][    C3]  handle_irq_event+0xab/0x1e0
[  157.514630][    C3]  handle_edge_irq+0x375/0x970
[  157.514651][    C3]  __common_interrupt+0xd8/0x2f0
[  157.514674][    C3]  common_interrupt+0xb9/0xe0
[  157.514718][    C3]  </IRQ>
[  157.514723][    C3]  <TASK>
[  157.514730][    C3]  asm_common_interrupt+0x26/0x40
[  157.514746][    C3] RIP: 0010:lock_acquire+0x5e/0x380
[  157.514771][    C3] Code: 05 3b ab 28 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 06 9e f4 0e 0f 82 c2 02 00 00 8b 35 ee d1 f4 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 dd aa 28 12 0f 85 02 03 00 00 48 83 c4
[  157.514786][    C3] RSP: 0018:ffffc90004306908 EFLAGS: 00000206
[  157.514800][    C3] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000006
[  157.514810][    C3] RDX: 0000000000000000 RSI: ffffffff8de4ec23 RDI: ffffffff8c1afaa0
[  157.514821][    C3] RBP: ffffffff8e7e7520 R08: 00000000e24ebdd4 R09: 000000000000001e
[  157.514831][    C3] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[  157.514841][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.514860][    C3]  page_table_check_set+0x6b/0xa10
[  157.514884][    C3]  ? page_table_check_set+0x4f/0xa10
[  157.514906][    C3]  ? find_held_lock+0x2b/0x80
[  157.514927][    C3]  __page_table_check_ptes_set+0x27a/0x4e0
[  157.514952][    C3]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  157.514980][    C3]  set_pte_range+0x936/0xb10
[  157.515000][    C3]  filemap_map_pages+0x7ea/0x2020
[  157.515027][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.515049][    C3]  ? __pfx_filemap_map_pages+0x10/0x10
[  157.515072][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.515097][    C3]  ? __pfx_filemap_map_pages+0x10/0x10
[  157.515117][    C3]  do_fault+0x9e5/0x1950
[  157.515135][    C3]  __handle_mm_fault+0x180f/0x2b60
[  157.515157][    C3]  ? __pfx___handle_mm_fault+0x10/0x10
[  157.515176][    C3]  ? pte_offset_map_lock+0x174/0x320
[  157.515201][    C3]  ? find_held_lock+0x2b/0x80
[  157.515223][    C3]  ? follow_page_pte+0x5b3/0x1400
[  157.515243][    C3]  handle_mm_fault+0x36d/0xa20
[  157.515265][    C3]  __get_user_pages+0xf9c/0x34d0
[  157.515284][    C3]  ? __pfx___get_user_pages+0x10/0x10
[  157.515304][    C3]  get_dump_page+0x27e/0x3d0
[  157.515320][    C3]  ? __pfx_get_dump_page+0x10/0x10
[  157.515337][    C3]  ? dump_user_range+0x73b/0xb50
[  157.515443][    C3]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  157.515468][    C3]  dump_user_range+0x18d/0xb50
[  157.515490][    C3]  ? __pfx_dump_user_range+0x10/0x10
[  157.515512][    C3]  ? __pfx_writenote+0x10/0x10
[  157.515535][    C3]  elf_core_dump+0x2d5f/0x3d10
[  157.515557][    C3]  ? __pfx_elf_core_dump+0x10/0x10
[  157.515577][    C3]  ? kasan_save_stack+0x3f/0x50
[  157.515597][    C3]  ? kasan_save_stack+0x30/0x50
[  157.515616][    C3]  ? __kasan_kmalloc+0xaa/0xb0
[  157.515634][    C3]  ? __kvmalloc_node_noprof+0x360/0xa00
[  157.515655][    C3]  ? vfs_coredump+0x2105/0x5570
[  157.515671][    C3]  ? asm_exc_page_fault+0x26/0x30
[  157.515689][    C3]  ? 0xffffffffff600000
[  157.515715][    C3]  ? vfs_coredump+0x27bc/0x5570
[  157.515732][    C3]  vfs_coredump+0x27bc/0x5570
[  157.515750][    C3]  ? __pfx_vfs_coredump+0x10/0x10
[  157.515767][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.515791][    C3]  ? lock_acquire+0x1cf/0x380
[  157.515816][    C3]  ? is_bpf_text_address+0x8a/0x1a0
[  157.515837][    C3]  ? bpf_ksym_find+0x128/0x1c0
[  157.515854][    C3]  ? __kernel_text_address+0xd/0x30
[  157.515871][    C3]  ? unwind_get_return_address+0x59/0xa0
[  157.515892][    C3]  ? arch_stack_walk+0xa6/0xf0
[  157.515913][    C3]  ? __sigqueue_free+0xbe/0x2a0
[  157.515934][    C3]  ? stack_trace_save+0x8e/0xc0
[  157.515954][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[  157.515974][    C3]  ? stack_depot_save_flags+0x27/0x9d0
[  157.515999][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.516047][    C3]  ? proc_coredump_connector+0x2d3/0x4f0
[  157.516064][    C3]  ? __pfx_proc_coredump_connector+0x10/0x10
[  157.516082][    C3]  ? rcu_is_watching+0x12/0xc0
[  157.516102][    C3]  get_signal+0x1f2a/0x21e0
[  157.516124][    C3]  ? __pfx_get_signal+0x10/0x10
[  157.516147][    C3]  arch_do_signal_or_restart+0x91/0x7a0
[  157.516169][    C3]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  157.516193][    C3]  ? do_user_addr_fault+0x8d6/0x12f0
[  157.516214][    C3]  irqentry_exit+0x1f8/0x670
[  157.516234][    C3]  asm_exc_page_fault+0x26/0x30
[  157.516247][    C3] RIP: 0033:0x7f6c5a59c7a1
[  157.516259][    C3] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  157.516273][    C3] RSP: 002b:0000200000000000 EFLAGS: 00010217
[  157.516286][    C3] RAX: 0000000000000000 RBX: 00007f6c5a815fa0 RCX: 00007f6c5a59c799
[  157.516295][    C3] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000001144280
[  157.516305][    C3] RBP: 00007f6c5a632c99 R08: 0000000000000000 R09: 0000000000000000
[  157.516315][    C3] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  157.516325][    C3] R13: 00007f6c5a816038 R14: 00007f6c5a815fa0 R15: 00007fff62269c38
[  157.516341][    C3]  </TASK>
[  157.516347][    C3] 
[  157.528511][ T6753] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=129 sclass=netlink_route_socket pid=6753 comm=syz.2.188
[  157.536783][    C3] Allocated by task 6751:
[  157.536800][    C3]  kasan_save_stack+0x30/0x50
[  157.536831][    C3]  kasan_save_track+0x14/0x30
[  157.536852][    C3]  __kasan_kmalloc+0xaa/0xb0
[  157.536872][    C3]  p9_client_create+0xaf/0xd40
[  157.536889][    C3]  v9fs_session_init+0x40/0xce0
[  157.536909][    C3]  v9fs_get_tree+0xb8/0xb50
[  157.536930][    C3]  vfs_get_tree+0x92/0x320
[  157.536949][    C3]  path_mount+0x7d0/0x23d0
[  157.536966][    C3]  __x64_sys_mount+0x293/0x310
[  157.536985][    C3]  do_syscall_64+0x106/0xf80
[  157.537001][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.537016][    C3] 
[  157.537019][    C3] Freed by task 6751:
[  157.537027][    C3]  kasan_save_stack+0x30/0x50
[  157.537047][    C3]  kasan_save_track+0x14/0x30
[  157.537068][    C3]  kasan_save_free_info+0x3b/0x70
[  157.537087][    C3]  __kasan_slab_free+0x5f/0x80
[  157.537109][    C3]  kfree+0x1f6/0x6b0
[  157.537126][    C3]  p9_client_create+0x72d/0xd40
[  157.537143][    C3]  v9fs_session_init+0x40/0xce0
[  157.537162][    C3]  v9fs_get_tree+0xb8/0xb50
[  157.537182][    C3]  vfs_get_tree+0x92/0x320
[  157.537201][    C3]  path_mount+0x7d0/0x23d0
[  157.537217][    C3]  __x64_sys_mount+0x293/0x310
[  157.537234][    C3]  do_syscall_64+0x106/0xf80
[  157.537247][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.537262][    C3] 
[  157.537266][    C3] The buggy address belongs to the object at ffff888026f27400
[  157.537266][    C3]  which belongs to the cache kmalloc-512 of size 512
[  157.537279][    C3] The buggy address is located 24 bytes inside of
[  157.537279][    C3]  freed 512-byte region [ffff888026f27400, ffff888026f27600)
[  157.537294][    C3] 
[  157.537298][    C3] The buggy address belongs to the physical page:
[  157.537306][    C3] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26f24
[  157.537320][    C3] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  157.537332][    C3] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  157.537348][    C3] page_type: f5(slab)
[  157.537363][    C3] raw: 00fff00000000040 ffff88801b842c80 dead000000000100 dead000000000122
[  157.537377][    C3] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  157.537392][    C3] head: 00fff00000000040 ffff88801b842c80 dead000000000100 dead000000000122
[  157.537406][    C3] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  157.537420][    C3] head: 00fff00000000002 ffffea00009bc901 00000000ffffffff 00000000ffffffff
[  157.537434][    C3] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  157.537442][    C3] page dumped because: kasan: bad access detected
[  157.537450][    C3] page_owner tracks the page as allocated
[  157.537455][    C3] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 13974921224, free_ts 0
[  157.537481][    C3]  post_alloc_hook+0x153/0x170
[  157.537500][    C3]  get_page_from_freelist+0x111d/0x3140
[  157.537527][    C3]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  157.537548][    C3]  new_slab+0xa6/0x6c0
[  157.537563][    C3]  refill_objects+0x26b/0x400
[  157.537581][    C3]  __pcs_replace_empty_main+0x1ab/0x600
[  157.537602][    C3]  __kmalloc_cache_noprof+0x493/0x6f0
[  157.537619][    C3]  drm_atomic_helper_connector_duplicate_state+0x72/0xd0
[  157.537639][    C3]  drm_atomic_get_connector_state+0x401/0x8f0
[  157.537661][    C3]  __drm_atomic_helper_set_config+0x991/0xee0
[  157.537682][    C3]  drm_client_modeset_commit_atomic+0x53d/0x7e0
[  157.537699][    C3]  drm_client_modeset_commit_locked+0x14d/0x580
[  157.537714][    C3]  drm_client_modeset_commit+0x4f/0x80
[  157.537728][    C3]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  157.537755][    C3]  drm_fb_helper_set_par+0x15a/0x1b0
[  157.537777][    C3]  fbcon_init+0x139c/0x1820
[  157.537795][    C3] page_owner free stack trace missing
[  157.537801][    C3] 
[  157.537805][    C3] Memory state around the buggy address:
[  157.537813][    C3]  ffff888026f27300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  157.537825][    C3]  ffff888026f27380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  157.537836][    C3] >ffff888026f27400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  157.537845][    C3]                             ^
[  157.537853][    C3]  ffff888026f27480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  157.537864][    C3]  ffff888026f27500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  157.537873][    C3] ==================================================================
[  157.537882][    C3] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  157.537893][    C3] CPU: 3 UID: 0 PID: 6747 Comm: syz.0.186 Not tainted syzkaller #0 PREEMPT(full) 
[  157.537911][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.537920][    C3] Call Trace:
[  157.537926][    C3]  <IRQ>
[  157.537933][    C3]  dump_stack_lvl+0x100/0x190
[  157.537959][    C3]  vpanic+0x552/0x970
[  157.537975][    C3]  ? __pfx_vpanic+0x10/0x10
[  157.537991][    C3]  ? __pfx_vprintk_emit+0x10/0x10
[  157.538013][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.538038][    C3]  panic+0xd1/0xe0
[  157.538053][    C3]  ? __pfx_panic+0x10/0x10
[  157.538070][    C3]  ? end_report.part.0+0x23/0x90
[  157.538092][    C3]  ? rcu_is_watching+0x12/0xc0
[  157.538110][    C3]  ? end_report.part.0+0x23/0x90
[  157.538132][    C3]  ? check_panic_on_warn+0x1f/0x90
[  157.538159][    C3]  check_panic_on_warn.cold+0x19/0x34
[  157.538177][    C3]  end_report.part.0+0x3a/0x90
[  157.538199][    C3]  kasan_report.cold+0xe/0x18
[  157.538222][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.538248][    C3]  ? _raw_spin_lock_irqsave+0x3a/0x60
[  157.538274][    C3]  __kasan_check_byte+0x36/0x50
[  157.538299][    C3]  lock_acquire+0x148/0x380
[  157.538324][    C3]  ? do_raw_spin_unlock+0x53/0x1e0
[  157.538341][    C3]  ? .slowpath+0x9/0x18
[  157.538358][    C3]  _raw_spin_lock_irqsave+0x3a/0x60
[  157.538383][    C3]  ? p9_req_put+0xaf/0x250
[  157.538400][    C3]  p9_req_put+0xaf/0x250
[  157.538418][    C3]  req_done+0x1dc/0x2e0
[  157.538445][    C3]  ? __pfx_req_done+0x10/0x10
[  157.538468][    C3]  ? clockevents_program_event+0x151/0x360
[  157.538488][    C3]  ? __pfx_req_done+0x10/0x10
[  157.538517][    C3]  vring_interrupt+0x2ef/0x650
[  157.538542][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[  157.538567][    C3]  __handle_irq_event_percpu+0x232/0x8e0
[  157.538590][    C3]  handle_irq_event+0xab/0x1e0
[  157.538612][    C3]  handle_edge_irq+0x375/0x970
[  157.538634][    C3]  __common_interrupt+0xd8/0x2f0
[  157.538657][    C3]  common_interrupt+0xb9/0xe0
[  157.538708][    C3]  </IRQ>
[  157.538715][    C3]  <TASK>
[  157.538722][    C3]  asm_common_interrupt+0x26/0x40
[  157.538740][    C3] RIP: 0010:lock_acquire+0x5e/0x380
[  157.538765][    C3] Code: 05 3b ab 28 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 06 9e f4 0e 0f 82 c2 02 00 00 8b 35 ee d1 f4 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 dd aa 28 12 0f 85 02 03 00 00 48 83 c4
[  157.538780][    C3] RSP: 0018:ffffc90004306908 EFLAGS: 00000206
[  157.538797][    C3] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000006
[  157.538807][    C3] RDX: 0000000000000000 RSI: ffffffff8de4ec23 RDI: ffffffff8c1afaa0
[  157.538818][    C3] RBP: ffffffff8e7e7520 R08: 00000000e24ebdd4 R09: 000000000000001e
[  157.538827][    C3] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[  157.538837][    C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.538855][    C3]  page_table_check_set+0x6b/0xa10
[  157.538879][    C3]  ? page_table_check_set+0x4f/0xa10
[  157.538901][    C3]  ? find_held_lock+0x2b/0x80
[  157.538923][    C3]  __page_table_check_ptes_set+0x27a/0x4e0
[  157.538948][    C3]  ? __pfx___page_table_check_ptes_set+0x10/0x10
[  157.538976][    C3]  set_pte_range+0x936/0xb10
[  157.538996][    C3]  filemap_map_pages+0x7ea/0x2020
[  157.539021][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.539048][    C3]  ? __pfx_filemap_map_pages+0x10/0x10
[  157.539073][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.539098][    C3]  ? __pfx_filemap_map_pages+0x10/0x10
[  157.539120][    C3]  do_fault+0x9e5/0x1950
[  157.539138][    C3]  __handle_mm_fault+0x180f/0x2b60
[  157.539161][    C3]  ? __pfx___handle_mm_fault+0x10/0x10
[  157.539182][    C3]  ? pte_offset_map_lock+0x174/0x320
[  157.539207][    C3]  ? find_held_lock+0x2b/0x80
[  157.539229][    C3]  ? follow_page_pte+0x5b3/0x1400
[  157.539249][    C3]  handle_mm_fault+0x36d/0xa20
[  157.539270][    C3]  __get_user_pages+0xf9c/0x34d0
[  157.539292][    C3]  ? __pfx___get_user_pages+0x10/0x10
[  157.539312][    C3]  get_dump_page+0x27e/0x3d0
[  157.539329][    C3]  ? __pfx_get_dump_page+0x10/0x10
[  157.539347][    C3]  ? dump_user_range+0x73b/0xb50
[  157.539366][    C3]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  157.539391][    C3]  dump_user_range+0x18d/0xb50
[  157.539414][    C3]  ? __pfx_dump_user_range+0x10/0x10
[  157.539437][    C3]  ? __pfx_writenote+0x10/0x10
[  157.539460][    C3]  elf_core_dump+0x2d5f/0x3d10
[  157.539487][    C3]  ? __pfx_elf_core_dump+0x10/0x10
[  157.539514][    C3]  ? kasan_save_stack+0x3f/0x50
[  157.539536][    C3]  ? kasan_save_stack+0x30/0x50
[  157.539558][    C3]  ? __kasan_kmalloc+0xaa/0xb0
[  157.539579][    C3]  ? __kvmalloc_node_noprof+0x360/0xa00
[  157.539600][    C3]  ? vfs_coredump+0x2105/0x5570
[  157.539620][    C3]  ? asm_exc_page_fault+0x26/0x30
[  157.539637][    C3]  ? 0xffffffffff600000
[  157.539667][    C3]  ? vfs_coredump+0x27bc/0x5570
[  157.539685][    C3]  vfs_coredump+0x27bc/0x5570
[  157.539709][    C3]  ? __pfx_vfs_coredump+0x10/0x10
[  157.539729][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.539758][    C3]  ? lock_acquire+0x1cf/0x380
[  157.539786][    C3]  ? is_bpf_text_address+0x8a/0x1a0
[  157.539808][    C3]  ? bpf_ksym_find+0x128/0x1c0
[  157.539826][    C3]  ? __kernel_text_address+0xd/0x30
[  157.539844][    C3]  ? unwind_get_return_address+0x59/0xa0
[  157.539864][    C3]  ? arch_stack_walk+0xa6/0xf0
[  157.539886][    C3]  ? __sigqueue_free+0xbe/0x2a0
[  157.539911][    C3]  ? stack_trace_save+0x8e/0xc0
[  157.539932][    C3]  ? __pfx_stack_trace_save+0x10/0x10
[  157.539952][    C3]  ? stack_depot_save_flags+0x27/0x9d0
[  157.539979][    C3]  ? __lock_acquire+0x4a5/0x2630
[  157.540020][    C3]  ? proc_coredump_connector+0x2d3/0x4f0
[  157.540037][    C3]  ? __pfx_proc_coredump_connector+0x10/0x10
[  157.540056][    C3]  ? rcu_is_watching+0x12/0xc0
[  157.540076][    C3]  get_signal+0x1f2a/0x21e0
[  157.540100][    C3]  ? __pfx_get_signal+0x10/0x10
[  157.540123][    C3]  arch_do_signal_or_restart+0x91/0x7a0
[  157.540145][    C3]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  157.540169][    C3]  ? do_user_addr_fault+0x8d6/0x12f0
[  157.540191][    C3]  irqentry_exit+0x1f8/0x670
[  157.540211][    C3]  asm_exc_page_fault+0x26/0x30
[  157.540226][    C3] RIP: 0033:0x7f6c5a59c7a1
[  157.540240][    C3] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  157.540254][    C3] RSP: 002b:0000200000000000 EFLAGS: 00010217
[  157.540267][    C3] RAX: 0000000000000000 RBX: 00007f6c5a815fa0 RCX: 00007f6c5a59c799
[  157.540278][    C3] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000001144280
[  157.540288][    C3] RBP: 00007f6c5a632c99 R08: 0000000000000000 R09: 0000000000000000
[  157.540298][    C3] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  157.540308][    C3] R13: 00007f6c5a816038 R14: 00007f6c5a815fa0 R15: 00007fff62269c38
[  157.540325][    C3]  </TASK>
[  157.541575][    C3] Kernel Offset: disabled

VM DIAGNOSIS:
20:03:38  Registers:
info registers vcpu 0

CPU#0
RAX=ffffed1004dd0378 RBX=ffffed1004dd0379 RCX=ffffffff81c6b7bc RDX=ffffed1004dd0379
RSI=0000000000000004 RDI=ffff888026e81bc0 RBP=ffffed1004dd0378 RSP=ffffc900038d7a48
R8 =0000000000000000 R9 =ffffed1004dd0378 R10=ffff888026e81bc3 R11=0000000000000000
R12=ffff8880284ea4c0 R13=ffffc900038d7d40 R14=0000000000000000 R15=00000000003d0f00
RIP=ffffffff827538f0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558eeca500 ffffffff 00c00000
GS =0000 ffff8880d6347000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055558eedd9e8 CR3=000000011ef98000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=0000000002fefefc Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5114d560
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff71783f76
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff71783f76 00007fff71783f7c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5043327c
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d504332bc
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d50433420
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d504332ae
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d505ec600 00007f9d505ec5e0 00007f9d505ec5e8 00007f9d505ec618
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d5114d020 00007f9d505ec5c0 00007f9d505ec5d0 00007f9d505ec610
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d505ec5f8 00007f9d505ec5c8 00007f9d505ec600 00007f9d505ec5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000080
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90000015000 RBX=0000000000000360 RCX=0000000000000004 RDX=0000000000000010
RSI=ffffc900006a0a50 RDI=ffff88801cee2360 RBP=0000000000000001 RSP=ffffc900006a0948
R8 =0000000000000001 R9 =ffffed10039dc46b R10=ffff88801cee235f R11=0000000000000000
R12=dffffc0000000000 R13=0000000000000010 R14=0000000000000000 R15=ffff88801b8fcf80
RIP=ffffffff858bd6ea RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff66e007300 ffffffff 00c00000
GS =0000 ffff8880d6447000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000004000 CR3=00000000133cf000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002000000100008 0000000000000004 000c001a00100000 0014010000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000c000000080004 0020000e00000000 0000000000000000 00bb000000200000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00230000000007b0 6240000000180000 00200000000e0014
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000030000000000 0008ffffff8e0000 0000030000000000 0008ffffff7e0000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000030000000000 00790000000c0000 000a00040008000f 0010000a00000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03e6000000080004 0000000a00080000 0020000000380000 004c000000600000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0074000000880000 009c000000b00000 00c4000000e40000 000a000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300000000000008 ffffffae00000000 0300000000000008 ffffff9e00000000
ZMM25=d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78 d044fa78d044fa78
ZMM26=7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0 7496f8f07496f8f0
ZMM27=12bc547312bc5473 12bc547312bc5473 12bc547312bc5473 12bc547312bc5473 12bc547312bc5473 12bc547312bc5473 12bc547312bc5473 12bc547312bc5473
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=ea010000ea010000 ea010000ea010000 ea010000ea010000 ea010000ea010000 ea010000ea010000 ea010000ea010000 ea010000ea010000 ea010000ea010000
info registers vcpu 2

CPU#2
RAX=0000000080010003 RBX=0000000000000000 RCX=ffffffff81ad9f63 RDX=ffff888036b8c980
RSI=ffffffff81ad9fab RDI=ffffffff9412bfa0 RBP=0000000000000000 RSP=ffffc90000648fd0
R8 =0000000000000001 R9 =fffffbfff28257f4 R10=ffffffff9412bfa7 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81ad9fac RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 000fffff 00000000
FS =0000 00007f6cb93256c0 000fffff 00000000
GS =0000 ffff8880d6547000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00001ffffffff6c0 CR3=0000000055481000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000100001 Opmask01=000000000000001f Opmask02=00000000ffff7fdf Opmask03=0000000020400004
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000563196ec0c40
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f7b26b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f7b26b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73732542e5984483 7373254786ada659
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 af310cf2d3a26e8e 73737376106a1dcd
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 772f766564752f6e 75722f00646c6f2e 68637461772f7665 64752f6e75722f00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 520a534041500a4b 50570a0041494a0b 4d465144520a5340 41500a4b50570a00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000563196ec2930 00005634f5f5d25c 0000000000000031 0000000000000032
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dc427f81a0d11dfd 00005634f5f2fbd3 0000000000000221 0000003177617264
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3139312c3039312c 4638312c4538312c 4238312c3938312c 3838312c3538312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3438312c3138312c 3937312c3737312c 3437312c4436312c 4336312c3636312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3336312c3136312c 3036312c30462c46 442c30442c46432c 38412c37412c4639
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85798f15 RDI=ffffffff9b49ea40 RBP=ffffffff9b49ea00 RSP=ffffc900006f8780
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000012
R12=0000000000000000 R13=0000000000000035 R14=0000000000000010 R15=ffffffff85798eb0
RIP=ffffffff85798f3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f6c5b4ec6c0 ffffffff 00c00000
GS =0000 ffff8880d6647000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6c5a5e9e80 CR3=000000011114b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000