last executing test programs:

4m49.972695221s ago: executing program 32 (id=2160):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x7, 0x6, @local}, 0x14)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], 0x34}], 0x1, 0x0, 0x0, 0x20000090}, 0x48091)

3m7.34841391s ago: executing program 0 (id=4327):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000170100000300000001"], 0x18}], 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)

3m7.346316159s ago: executing program 0 (id=4328):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000340)={&(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x10000})

3m7.315445519s ago: executing program 0 (id=4329):
r0 = epoll_create1(0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)={0x90000001})
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29308f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

3m7.180110151s ago: executing program 0 (id=4332):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)

3m7.152989921s ago: executing program 0 (id=4334):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x400000001e1101, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0x4148, 0x0)

3m7.051684167s ago: executing program 0 (id=4335):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x3, 0x2f8, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x228, 0xffffffff, 0xffffffff, 0x228, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xff000000, 0xffffff00, 0x6dc8f3d6512d1aed, 0xffffffff], [0xff, 0xff000000, 0xff000000], 'bond_slave_0\x00', 'batadv0\x00', {}, {}, 0x2f, 0x2, 0x3, 0xe}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x17}, @mcast1, [], [], 'veth1\x00', 'wlan1\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x7fffffff, 0x9, 0xb3, 0x1, 0x0, "86d6b549c4bf723e1f33da7c11e5cee0b1adedc05fbfc6af15c3f8b75adf8819ec9d8cd0614114f5f1d3b7ba1d33f3750c2e3b8acf37107767e107dac4688212"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x166)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)

3m6.985158357s ago: executing program 33 (id=4335):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x3, 0x2f8, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x228, 0xffffffff, 0xffffffff, 0x228, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xff000000, 0xffffff00, 0x6dc8f3d6512d1aed, 0xffffffff], [0xff, 0xff000000, 0xff000000], 'bond_slave_0\x00', 'batadv0\x00', {}, {}, 0x2f, 0x2, 0x3, 0xe}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x17}, @mcast1, [], [], 'veth1\x00', 'wlan1\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x7fffffff, 0x9, 0xb3, 0x1, 0x0, "86d6b549c4bf723e1f33da7c11e5cee0b1adedc05fbfc6af15c3f8b75adf8819ec9d8cd0614114f5f1d3b7ba1d33f3750c2e3b8acf37107767e107dac4688212"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358)
syz_open_procfs(0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
creat(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x166)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)

2m42.109627832s ago: executing program 3 (id=4814):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="b2", 0x1}], 0x1, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x8800}}], 0x1, 0x8041)

2m42.104681021s ago: executing program 3 (id=4816):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

2m42.008549786s ago: executing program 3 (id=4817):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000100)="c2ff4f8d5db2268e", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

2m41.947530083s ago: executing program 3 (id=4821):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)

2m41.868097746s ago: executing program 3 (id=4823):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x3e8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)=@arm64={0x80, 0x5, 0x4, '\x00', 0x100000001})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m41.636233372s ago: executing program 3 (id=4831):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578060109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
syz_usb_disconnect(r0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5, 0xfff1}, {0xffff, 0xffff}, {0xb}}}, 0x24}}, 0x0)
write$char_usb(r1, &(0x7f0000001300)='7', 0x1)

2m41.563468819s ago: executing program 34 (id=4831):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578060109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
syz_usb_disconnect(r0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5, 0xfff1}, {0xffff, 0xffff}, {0xb}}}, 0x24}}, 0x0)
write$char_usb(r1, &(0x7f0000001300)='7', 0x1)

2m37.739095338s ago: executing program 4 (id=4900):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
mlockall(0x5)

2m37.660798535s ago: executing program 4 (id=4903):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={'\x00', 0x5, 0x9, 0x1, 0xa, 0xd})
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)

2m37.50194914s ago: executing program 4 (id=4907):
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x6ea4, @empty}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r2, &(0x7f00000004c0)={0x2, 0x6e24, @empty}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

2m37.427402102s ago: executing program 4 (id=4910):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

2m37.416251547s ago: executing program 4 (id=4911):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000340)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000080)={0x1, 0x0, @ioapic={0x4, 0x1, 0x3, 0x2, 0x0, [{0xf, 0x0, 0x0, '\x00', 0xe}, {0x5, 0x0, 0x0, '\x00', 0xfc}, {0x1, 0x1, 0x7, '\x00', 0x3}, {0xfa, 0x8, 0x1, '\x00', 0xa0}, {0x1, 0x9}, {0xa, 0x3, 0x5}, {0xb8, 0xda, 0xd, '\x00', 0x59}, {0xb, 0x1, 0xc, '\x00', 0x3}, {0x9, 0x7, 0x81, '\x00', 0x9}, {0x4, 0x6, 0x4, '\x00', 0x9}, {0x7, 0x5, 0xd, '\x00', 0xa}, {0x0, 0x4b, 0x45, '\x00', 0xc2}, {0x8, 0xab, 0x8, '\x00', 0x3}, {0x1, 0x3, 0xfe, '\x00', 0x81}, {0x5, 0xfb, 0x1, '\x00', 0x2}, {0xfe, 0x4, 0x6, '\x00', 0x9}, {0xc2, 0x9, 0x7, '\x00', 0x4}, {0x4, 0x7, 0x4, '\x00', 0x9}, {0xab, 0xef, 0x40, '\x00', 0x6}, {0x8, 0x10, 0x80, '\x00', 0x10}, {0x3, 0x3, 0x2, '\x00', 0x86}, {0x9, 0xb, 0xa, '\x00', 0x8}, {0x86, 0x8e, 0x5, '\x00', 0x9}, {0x56, 0x3, 0x4, '\x00', 0x7f}]}})

2m37.141546426s ago: executing program 4 (id=4914):
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x4, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

2m37.060075996s ago: executing program 35 (id=4914):
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x4, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1m50.528797615s ago: executing program 7 (id=5819):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f00000001c0)=@name={0x1e, 0x2, 0x3, {{0x42, 0x4}, 0x1}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

1m50.528577763s ago: executing program 7 (id=5820):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000780)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

1m50.461046904s ago: executing program 6 (id=5821):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m50.310842058s ago: executing program 7 (id=5822):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
poll(&(0x7f0000000000)=[{r1, 0x3009}, {r4, 0x101}], 0x2, 0xfc6)

1m50.310595614s ago: executing program 6 (id=5823):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f00000003c0), &(0x7f00000004c0)=ANY=[@ANYBLOB="05"], 0x93, 0x1)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
utime(&(0x7f0000000000)='./file0\x00', 0x0)

1m50.247735084s ago: executing program 6 (id=5824):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0xc0086202, &(0x7f0000000080)=0x2)

1m50.246235091s ago: executing program 6 (id=5825):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

1m50.161293199s ago: executing program 6 (id=5826):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0xb9, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x7, 0x1000000, 0x0})
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg/2:0:0:0\x00', 0xe1669e11e3e5667d, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x400c6314}], 0x0, 0x0, 0x0})

1m49.881190028s ago: executing program 6 (id=5828):
r0 = syz_io_uring_setup(0x749, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x4, 0x700000000000000}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1m49.76570371s ago: executing program 36 (id=5828):
r0 = syz_io_uring_setup(0x749, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x4, 0x700000000000000}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1m48.570642879s ago: executing program 7 (id=5845):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

1m48.46038776s ago: executing program 7 (id=5847):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", ' \x00'}, 0x28)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000f00)="6e37cf", 0x3}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
recvfrom$inet6(r0, &(0x7f0000000040)=""/19, 0xff1, 0x40000041, 0x0, 0x0)

1m48.060941387s ago: executing program 7 (id=5854):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000000c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

1m47.98448663s ago: executing program 37 (id=5854):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000000c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

1m8.711085274s ago: executing program 1 (id=6220):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r1])
ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f0000000080))

1m8.555994315s ago: executing program 1 (id=6221):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x8, 0x8040)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000040)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r1 = landlock_create_ruleset(0x0, 0x0, 0x2)
syz_io_uring_setup(0x7071, 0x0, &(0x7f00000004c0), 0x0)
ioctl$VIDIOC_S_STD(r1, 0x40085618, 0x0)
r2 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000580), &(0x7f00000005c0)=0x10)
ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, &(0x7f0000000740)={0x1, 0x8, 0xdb, &(0x7f0000000640)=""/219})
syz_genetlink_get_family_id$l2tp(&(0x7f00000007c0), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r3, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x90, 0x0, 0x7, 0x101, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0xffffffffffff7fff}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x4}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x7f}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xf0ba}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffffffff}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x8}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x2}]}, 0x90}, 0x1, 0x0, 0x0, 0xc000}, 0x4000810)

1m8.526134673s ago: executing program 1 (id=6222):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x1000000, &(0x7f0000000640)='!'})

1m8.484361178s ago: executing program 1 (id=6223):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x400, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
unlinkat(r0, &(0x7f0000000000)='./file1\x00', 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x66842, 0x0)

1m8.390262811s ago: executing program 1 (id=6224):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x42)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

1m8.356384648s ago: executing program 1 (id=6225):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x78, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0x18}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

54.640908406s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

53.329530274s ago: executing program 38 (id=6225):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x78, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0x18}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

45.592129854s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

35.34350751s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27.39048675s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17.169744983s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.887814132s ago: executing program 5 (id=5922):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @multicast1, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2000, 0x9, 0x4, 0x12d5c}}, 0x44)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f00000005c0)=[@text16={0x10, 0x0}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.037702637s ago: executing program 9 (id=6686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0)

1.948098234s ago: executing program 9 (id=6687):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)

1.94777708s ago: executing program 9 (id=6688):
syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000000)="dc", 0x1}, {&(0x7f00000002c0)='Le', 0xbf}], 0x2)

759.116171ms ago: executing program 9 (id=6714):
setresuid(0xffffffffffffffff, 0x0, 0xee01)
getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200))
mount$9p_fd(0x0, 0x0, 0x0, 0x400, 0x0)
write$nbd(0xffffffffffffffff, 0x0, 0x40)
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r1=>0x0})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1}, 0x10)

700.194637ms ago: executing program 9 (id=6716):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000200)={[0xd000, 0x4, 0x4, 0xeeef0000], 0xc, 0x4})

577.672961ms ago: executing program 9 (id=6719):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @dev}], 0x10)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000240)=0x2, 0x4)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4)

577.374689ms ago: executing program 8 (id=6720):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@hyper, 0x1})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@host}, {@hyper}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa574fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64db7a247d81f968f26945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2b03f113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc903000"}, 0x418})

530.199312ms ago: executing program 8 (id=6721):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, 0x0)

530.059785ms ago: executing program 8 (id=6722):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000004000040"])

480.140872ms ago: executing program 8 (id=6723):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x34, r1, 0x101, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='n'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x4}]}, 0x34}}, 0x200000d0)

479.930402ms ago: executing program 8 (id=6724):
setresuid(0xffffffffffffffff, 0x0, 0xee01)
getresuid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200))
mount$9p_fd(0x0, 0x0, 0x0, 0x400, 0x0)
write$nbd(0xffffffffffffffff, 0x0, 0x40)
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r1=>0x0})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000003c0)=0x6121, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1}, 0x10)

389.897929ms ago: executing program 8 (id=6725):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001cc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123f51c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e3962dcddef6af1a11972a6b4975022278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd0971d379380bf63432872cfed453870000b219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d3f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d3112874ec51d6fe048ba6866adebab53168770a71ad901ace383e7927de217d6bf74daf41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafce5c1b3f97a297c9e490f241999085afabdd529f62ca0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637f99f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec737555392a0b06491cba71f897144910fe050038ec9e475e89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb6179d257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0117c9b737b9b59418006c1bc1aafa2768e82597251e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b101000f49e298727340e87cdefb40e56e9cfad973347d0de7ba4754ff231a1b933d8f931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf444b032dad13007b82e6044f643fc8cd07a97e2bbe636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935f602325984386b21b96492ae662082b56cf666e63a757c0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e71338a40c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2603bfab96831957a08e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d01af43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627ebe92d48aa5fc0a7bf1b5108b34d22ad004de8274c22c8ba823d964969c9f02bb78c598fa8701b000884de710b54e5ab2e8ff0c7ae23e0b601ac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105b65007c8ff1f00a8ce7e31f7c9c3e3fa61aab967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa1904122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700ba363ca3182105960bef3378a980000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450cfe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c32e4f1f22af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b404797056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa58291c4eb9d4e08ad7a9c5f04be1ab59719a8200007bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b7f76c78ba0b44ec0bdfa0d32d7030000003a073b12eb579032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e02b7cd25385f3b9628471b4364987b0b2c82a8b0f976387ebb62ead0e1b761e6ec9b824fe006ea52c0c469e3bd8fed05a486bd5511144ebb63d56d61da5fcb58e196a8923edaf228b0cb96b856b15c90b154494fb0cff768b3417fcc89acb9b9b4f8581c82ff3121b5920f4e71508eea4341ec618f4d9110928ea8dd17e36f3beb0c07d911c00eb4054ad48cab563c5ad97d732c3653635df7600091973d44ff94ac6d670ecc085501bd91b586adf858b41d918fd58f8577adb541857dbbf33be97c4809c6595ebfff19b34cec7fd877e8f2aad6a1a6a4ec6dbb3de42bb2e75b4768d139d7b7ff5d51e6863b6704901b59fd92495608395fce98c267a3846b67e7a5b57d995e07dca8db555aea5a0f6f1cd85d791f22d06ff37fcbb22b2d9296b36faee22e513b276fc8494ce31699343278aa8f531ee549d2ba495059c80d5748d8a0cb19df27338aaafbf0849c31572d17a786383b3f619212651a076e5148fa6421f5405e65ee31e6fbd510d92c17fe12a7f203066848e2a9adef66ad7ae8edea20fb8c7233de3736949e15b88699c2f8576060cf95d2593828abde6e2eed2a717655782ae9e589f5de9792c810ec07a842bca96e594f13211eae7ee1919b7af1e33ff726792cbb1366fb8a3684370e35122b0ad40f55846ca7d39cf6f9a1cfa5460f537e89e1c5f3cd10a3d8ae3ecec0c7e4114aec30742d88f313d74447723808da0889e34b31c13a79b8bb105cdcb234d56246bbf003c0ad03ff20f573df9604720d652b0a0cc5d90a284b5c7824bfdc4e3f18eaf9820ffbd8c4f32c8de631c181ab76505dac753fec759b0414cb3c5dfa02b6a3b93ff79bcf8c613b4a9124923e7e6ce74266fd78564000000000ce0d3ac2350502cf4a410152ee893d57622bee2b52df83cd30b4ae17d507fba05e7055db7e6d4cfc085773b900ca50bee4d49529f24bab389fb87fbb481340e8ce1810727212dc5e96d99de07611cb588a5d8b5c510c1f5b3fb568971646821b50dc2542003eb60a4ee9398ae4b6681c29cd921fb35b12ca111f12c59ac39dde4bf4f7524362304610979f5199ef9d271af60a421e29c6483423157ed4c2721123ddf33313a97ec1a55115b6df23157ad17b5e544db26c46d31b2e7375c37ace025955c9482e1ef841554c202c356842233c57c258f8f2043b4b6de433e8a2fb9365b65496c5777c1a1a223763d51190a24fb4047ad7ff6258f1b000000000000000000000000e0ef07726228fb150d09f697ee3db6cc096676225780d422fe917a5c57bedabb42399727b386e979dde3b7243dad1f78e8592937866cfc017f3a8ad31c53115fb7f3452bd3318c4a17cc80bcab32d9ed35273c3c930719ddb5b757f9d85cc86ddd"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000001c0)=r1, 0x4)
sendmsg$inet(r2, &(0x7f0000000300)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000015)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000180)={<r3=>r0})
sendmsg$inet(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)='R', 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000100)={r2})
close(r3)

189.47931ms ago: executing program 2 (id=6726):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1, 0xffffffff}, @any, 0x0, 0x0, 0x8000000, 0x0, 0x6})

189.234885ms ago: executing program 2 (id=6727):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000001040)=@assoc_value={<r2=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000980)={0x8, 0x8000, 0x4, 0x10000c, r2}, &(0x7f00000009c0)=0x10)

150.170709ms ago: executing program 2 (id=6728):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x1, @mcast2, 0x1}}, {{0xa, 0x0, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffffffd}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)

148.584425ms ago: executing program 2 (id=6729):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x7f, &(0x7f0000002400)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

143.991µs ago: executing program 2 (id=6730):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=6731):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x34}}, 0x84)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

n process `syz.1.6136'.
[  330.500056][   T40] audit: type=1400 audit(1751159719.616:687): avc:  denied  { create } for  pid=21020 comm="syz.1.6138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  330.509819][   T40] audit: type=1400 audit(1751159719.616:688): avc:  denied  { ioctl } for  pid=21020 comm="syz.1.6138" path="socket:[96247]" dev="sockfs" ino=96247 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  330.647321][T21030] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6142'.
[  331.173703][   T95] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.175275][T21043] uprobe: syz.1.6147:21043 failed to unregister, leaking uprobe
[  331.699265][T21049] ip6erspan0: entered promiscuous mode
[  331.818805][ T5295] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  331.824304][ T5295] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  331.834193][ T5295] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  331.839042][ T5295] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  331.841856][ T5295] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  331.870529][T21057] lo speed is unknown, defaulting to 1000
[  331.887258][T21064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6155'.
[  331.950077][T21066] netlink: 'syz.9.6156': attribute type 4 has an invalid length.
[  331.967907][T21066] netlink: 'syz.9.6156': attribute type 4 has an invalid length.
[  331.972738][   T40] audit: type=1400 audit(1751159721.086:689): avc:  denied  { watch watch_reads } for  pid=21067 comm="syz.1.6157" path="/" dev="configfs" ino=1070 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  332.016550][T21070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6158'.
[  332.186584][T21057] chnl_net:caif_netlink_parms(): no params data found
[  332.275234][T21090] netlink: 'syz.1.6163': attribute type 1 has an invalid length.
[  332.324624][T21057] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.326928][T21057] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.329253][T21057] bridge_slave_0: entered allmulticast mode
[  332.332011][T21057] bridge_slave_0: entered promiscuous mode
[  332.366499][T21090] veth9: entered promiscuous mode
[  332.372517][T21090] bond6: (slave veth9): Enslaving as a backup interface with a down link
[  332.377041][T21057] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.379741][T21057] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.382090][T21057] bridge_slave_1: entered allmulticast mode
[  332.385524][T21057] bridge_slave_1: entered promiscuous mode
[  332.421715][T21057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  332.429782][T21057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  332.469534][T21057] team0: Port device team_slave_0 added
[  332.477051][T21057] team0: Port device team_slave_1 added
[  332.534024][T21057] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.536368][T21057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.545788][T21057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.550632][T21057] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.552870][T21057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.564382][T21057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.647222][T21057] hsr_slave_0: entered promiscuous mode
[  332.649530][T21057] hsr_slave_1: entered promiscuous mode
[  332.652898][T21057] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  332.657417][T21057] Cannot create hsr debugfs directory
[  333.018955][   T95] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.101988][   T95] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.180870][   T95] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.352559][   T40] audit: type=1400 audit(1751159722.466:690): avc:  denied  { name_bind 0x1000000 } for  pid=21118 comm="syz.1.6177" path="socket:[100365]" dev="sockfs" ino=100365 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  333.374124][   T95] bridge_slave_1: left allmulticast mode
[  333.375888][   T95] bridge_slave_1: left promiscuous mode
[  333.377635][   T95] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.392110][   T95] bridge_slave_0: left allmulticast mode
[  333.394150][   T95] bridge_slave_0: left promiscuous mode
[  333.395948][   T95] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.418172][T21118] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  333.748070][   T95] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.752418][   T95] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.756818][   T95] bond0 (unregistering): Released all slaves
[  333.894976][   T63] Bluetooth: hci0: command tx timeout
[  334.192970][   T95] hsr_slave_0: left promiscuous mode
[  334.195805][   T95] hsr_slave_1: left promiscuous mode
[  334.198077][   T95] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  334.201004][   T95] batman_adv: batadv0: Removing interface: batadv_slave_0
[  334.217226][   T95] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  334.220692][   T95] batman_adv: batadv0: Removing interface: batadv_slave_1
[  334.259363][   T95] veth1_macvtap: left promiscuous mode
[  334.261290][   T95] veth0_macvtap: left promiscuous mode
[  334.263609][   T95] veth1_vlan: left promiscuous mode
[  334.265620][   T95] veth0_vlan: left promiscuous mode
[  335.202156][   T95] team0 (unregistering): Port device team_slave_1 removed
[  335.327384][   T95] team0 (unregistering): Port device team_slave_0 removed
[  335.963233][   T63] Bluetooth: hci0: command tx timeout
[  336.112183][T21152] syz_tun: entered allmulticast mode
[  336.137636][T21151] syz_tun: left allmulticast mode
[  336.168187][T21057] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  336.179523][T21057] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  336.188220][T21057] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  336.201140][T21057] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  336.283599][T21131] Bluetooth: hci1: Opcode 0x0406 failed: -110
[  336.286190][   T63] Bluetooth: hci1: command 0x0406 tx timeout
[  336.309127][T21057] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.321832][T21057] 8021q: adding VLAN 0 to HW filter on device team0
[  336.331794][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.334230][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.354561][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.357416][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.497097][T21131] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  336.500392][T21131] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  336.502674][T21131] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  336.506231][T21131] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  336.511584][T21131] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  336.513941][T21131] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  336.517793][T21131] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  336.554845][T21057] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.566467][T21185] syz_tun: entered allmulticast mode
[  336.568092][T21131] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  336.569837][T21184] syz_tun: left allmulticast mode
[  336.740573][T21057] veth0_vlan: entered promiscuous mode
[  336.753833][T21057] veth1_vlan: entered promiscuous mode
[  336.771011][T21057] veth0_macvtap: entered promiscuous mode
[  336.775451][T21057] veth1_macvtap: entered promiscuous mode
[  336.787706][T21057] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.798083][T21057] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.805334][T21057] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.808371][T21057] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.811097][T21057] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.814900][T21057] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.869430][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.876240][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.911195][T21171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  336.916620][T21171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.442399][   T40] audit: type=1804 audit(1751159726.556:691): pid=21220 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.8.6197" name="/newroot/94/file0" dev="tmpfs" ino=544 res=1 errno=0
[  337.442735][T21220] ref_ctr increment failed for inode: 0x220 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888037eee0c0
[  337.465917][T21219] uprobe: syz.8.6197:21219 failed to unregister, leaking uprobe
[  337.493513][   T40] audit: type=1326 audit(1751159726.616:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21221 comm="syz.9.6198" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f261758e929 code=0x0
[  337.568336][   T40] audit: type=1804 audit(1751159726.686:693): pid=21226 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.6200" name="file0" dev="ramfs" ino=100568 res=1 errno=0
[  337.878326][   T40] audit: type=1400 audit(1751159726.996:694): avc:  denied  { call } for  pid=21240 comm="syz.8.6205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  338.374184][   T63] Bluetooth: hci1: command 0x0406 tx timeout
[  338.537246][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  338.721856][   T95] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.436228][ T5295] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  339.443882][ T5295] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  339.448108][ T5295] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  339.452044][ T5295] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  339.459602][ T5295] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  339.518302][T21269] lo speed is unknown, defaulting to 1000
[  339.706869][T21269] chnl_net:caif_netlink_parms(): no params data found
[  339.835611][T21269] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.838624][T21269] bridge0: port 1(bridge_slave_0) entered disabled state
[  339.841623][T21269] bridge_slave_0: entered allmulticast mode
[  339.846430][T21269] bridge_slave_0: entered promiscuous mode
[  339.851486][T21269] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.855450][T21269] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.858457][T21269] bridge_slave_1: entered allmulticast mode
[  339.862180][T21269] bridge_slave_1: entered promiscuous mode
[  339.907051][T21269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.911970][T21269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.957491][T21269] team0: Port device team_slave_0 added
[  339.961141][T21269] team0: Port device team_slave_1 added
[  340.004313][T21269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  340.006816][T21269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.015899][T21269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  340.020552][T21269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  340.022841][T21269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.031898][T21269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  340.136594][   T95] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.148535][T21269] hsr_slave_0: entered promiscuous mode
[  340.151161][T21269] hsr_slave_1: entered promiscuous mode
[  340.153712][T21269] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  340.157384][T21269] Cannot create hsr debugfs directory
[  340.260540][   T95] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.343719][   T95] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.432679][T21293] binder: 21292:21293 ioctl c0306201 200000000380 returned -14
[  340.460949][ T5295] Bluetooth: hci1: command 0x0406 tx timeout
[  340.488401][   T40] audit: type=1800 audit(1751159729.606:695): pid=21295 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.6223" name="bus" dev="overlay" ino=7196 res=0 errno=0
[  340.537710][   T40] audit: type=1400 audit(1751159729.656:696): avc:  denied  { mounton } for  pid=21296 comm="syz.1.6224" path="/1371/file1/file0" dev="autofs" ino=99946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  340.538733][   T95] bridge_slave_1: left allmulticast mode
[  340.548969][   T95] bridge_slave_1: left promiscuous mode
[  340.551062][   T95] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.558021][   T95] bridge_slave_0: left allmulticast mode
[  340.559918][   T95] bridge_slave_0: left promiscuous mode
[  340.562136][   T95] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.613512][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout
[  340.920179][   T95] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  340.927781][   T95] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.933236][   T95] bond0 (unregistering): Released all slaves
[  341.535232][   T95] hsr_slave_0: left promiscuous mode
[  341.538082][   T95] hsr_slave_1: left promiscuous mode
[  341.540082][   T95] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.542396][   T95] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.545456][   T95] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.547902][   T95] batman_adv: batadv0: Removing interface: batadv_slave_1
[  341.573389][ T5295] Bluetooth: hci0: command tx timeout
[  341.582742][   T95] veth1_macvtap: left promiscuous mode
[  341.584766][   T95] veth0_macvtap: left promiscuous mode
[  341.587006][   T95] veth1_vlan: left promiscuous mode
[  341.592324][   T95] veth0_vlan: left promiscuous mode
[  341.946950][T21333] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6227'.
[  342.592057][   T95] team0 (unregistering): Port device team_slave_1 removed
[  342.693316][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout
[  342.700886][   T95] team0 (unregistering): Port device team_slave_0 removed
[  343.616451][T21269] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  343.627692][T21269] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  343.650805][T21269] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  343.653195][ T5295] Bluetooth: hci0: command tx timeout
[  343.668977][T21269] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  343.751248][T21269] 8021q: adding VLAN 0 to HW filter on device bond0
[  343.761958][T21269] 8021q: adding VLAN 0 to HW filter on device team0
[  343.767534][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  343.770664][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  343.774519][T21365] Bluetooth: (null): Invalid header checksum
[  343.782567][ T1149] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.784914][ T1149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  343.929550][T21269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  344.087244][T21269] veth0_vlan: entered promiscuous mode
[  344.092548][T21269] veth1_vlan: entered promiscuous mode
[  344.110611][T21269] veth0_macvtap: entered promiscuous mode
[  344.114937][T21269] veth1_macvtap: entered promiscuous mode
[  344.126842][T21269] batman_adv: batadv0: Interface activated: batadv_slave_0
[  344.133672][T21269] batman_adv: batadv0: Interface activated: batadv_slave_1
[  344.145411][T21269] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  344.148081][T21269] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  344.150629][T21269] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  344.154173][T21269] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  344.204866][   T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.207190][   T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.218840][T21171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.221592][T21171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.583611][T21395] tipc: Started in network mode
[  344.585553][T21395] tipc: Node identity 7f000001, cluster identity 4711
[  344.589406][T21395] tipc: Enabled bearer <udp:syz2>, priority 10
[  345.457972][T21410] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6247'.
[  345.583563][T21414] syz_tun: entered allmulticast mode
[  345.592050][T21414] dvmrp1: entered allmulticast mode
[  345.600373][T21413] syz_tun: left allmulticast mode
[  345.673283][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  345.719935][  T837] tipc: Node number set to 2130706433
[  345.953719][T21431] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6256'.
[  346.059088][T21435] umip_printk: 1 callbacks suppressed
[  346.063934][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  346.067143][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  346.070185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  346.314931][T21171] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.095310][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  347.098658][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  347.101796][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  347.108283][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  347.111156][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  347.136757][T21446] lo speed is unknown, defaulting to 1000
[  347.350105][T21446] chnl_net:caif_netlink_parms(): no params data found
[  347.378610][T21461] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6266'.
[  347.465854][T21446] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.469039][T21446] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.472197][T21446] bridge_slave_0: entered allmulticast mode
[  347.476289][T21446] bridge_slave_0: entered promiscuous mode
[  347.480998][T21446] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.483689][T21446] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.486412][T21446] bridge_slave_1: entered allmulticast mode
[  347.489085][T21446] bridge_slave_1: entered promiscuous mode
[  347.534442][T21446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.543337][T21446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.593309][T21446] team0: Port device team_slave_0 added
[  347.599039][T21446] team0: Port device team_slave_1 added
[  347.630948][T21446] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.633914][T21446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.644899][T21446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.649351][T21446] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.652092][T21446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.660904][T21446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.719631][T21446] hsr_slave_0: entered promiscuous mode
[  347.721897][T21446] hsr_slave_1: entered promiscuous mode
[  347.725358][T21446] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  347.728113][T21446] Cannot create hsr debugfs directory
[  347.748474][   T40] audit: type=1400 audit(1751159736.866:697): avc:  denied  { write } for  pid=21471 comm="syz.9.6269" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  347.868477][T21476] netlink: 'syz.8.6271': attribute type 4 has an invalid length.
[  347.889649][T21476] netlink: 'syz.8.6271': attribute type 4 has an invalid length.
[  348.298971][T21171] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.407329][T21171] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.495920][T21171] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.620231][T21171] bridge_slave_1: left allmulticast mode
[  348.622036][T21171] bridge_slave_1: left promiscuous mode
[  348.626360][T21171] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.630335][T21171] bridge_slave_0: left allmulticast mode
[  348.632618][T21171] bridge_slave_0: left promiscuous mode
[  348.635160][T21171] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.021168][T21171] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  349.029841][T21171] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  349.034607][T21171] bond0 (unregistering): Released all slaves
[  349.173323][ T5295] Bluetooth: hci0: command tx timeout
[  349.413352][   T40] audit: type=1400 audit(1751159738.536:698): avc:  denied  { ioctl } for  pid=21520 comm="syz.9.6286" path="/126/file0/file0" dev="fuse" ino=0 ioctlcmd=0x5402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  349.488437][   T40] audit: type=1400 audit(1751159738.606:699): avc:  denied  { link } for  pid=21525 comm="syz.9.6287" name="file1" dev="tmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  349.511543][   T40] audit: type=1400 audit(1751159738.626:700): avc:  denied  { rename } for  pid=21525 comm="syz.9.6287" name="file0" dev="overlay" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  349.521384][   T40] audit: type=1400 audit(1751159738.626:701): avc:  denied  { setattr } for  pid=21525 comm="syz.9.6287" name="#88" dev="tmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  349.532572][T21171] hsr_slave_0: left promiscuous mode
[  349.542548][T21171] hsr_slave_1: left promiscuous mode
[  349.552829][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  349.556441][T21171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  349.567097][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  349.569916][T21171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  349.611604][T21171] veth1_macvtap: left promiscuous mode
[  349.616111][T21171] veth0_macvtap: left promiscuous mode
[  349.618661][T21171] veth1_vlan: left promiscuous mode
[  349.620560][T21171] veth0_vlan: left promiscuous mode
[  350.690720][T21171] team0 (unregistering): Port device team_slave_1 removed
[  350.797817][T21171] team0 (unregistering): Port device team_slave_0 removed
[  351.253458][ T5295] Bluetooth: hci0: command tx timeout
[  351.636681][T21537] netlink: 'syz.9.6290': attribute type 3 has an invalid length.
[  351.640144][T21537] netlink: 'syz.9.6290': attribute type 3 has an invalid length.
[  351.716455][T21446] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  351.722953][T21554] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  351.729338][T21446] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  351.742592][T21446] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  351.753275][T21446] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  351.840854][T21446] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.865395][T21446] 8021q: adding VLAN 0 to HW filter on device team0
[  351.870530][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.872897][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  351.881957][T20921] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.884271][T20921] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.029429][T21446] 8021q: adding VLAN 0 to HW filter on device batadv0
[  352.073240][ T9250] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  352.111935][T21575] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6299'.
[  352.148379][T21575] netlink: 16 bytes leftover after parsing attributes in process `syz.9.6299'.
[  352.208707][T21446] veth0_vlan: entered promiscuous mode
[  352.214749][T21446] veth1_vlan: entered promiscuous mode
[  352.233319][ T9250] usb 13-1: Using ep0 maxpacket: 32
[  352.239003][ T9250] usb 13-1: config 0 has an invalid interface number: 231 but max is 0
[  352.241835][ T9250] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  352.246269][T21446] veth0_macvtap: entered promiscuous mode
[  352.250136][T21446] veth1_macvtap: entered promiscuous mode
[  352.253682][ T9250] usb 13-1: config 0 has no interface number 0
[  352.255647][ T9250] usb 13-1: config 0 interface 231 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  352.258908][ T9250] usb 13-1: config 0 interface 231 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  352.267909][ T9250] usb 13-1: New USB device found, idVendor=d024, idProduct=5e5a, bcdDevice=16.a9
[  352.270838][ T9250] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.273528][ T9250] usb 13-1: Product: syz
[  352.274893][ T9250] usb 13-1: Manufacturer: syz
[  352.276410][ T9250] usb 13-1: SerialNumber: syz
[  352.277133][T21446] batman_adv: batadv0: Interface activated: batadv_slave_0
[  352.279532][ T9250] usb 13-1: config 0 descriptor??
[  352.282807][T21562] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  352.285892][T21446] batman_adv: batadv0: Interface activated: batadv_slave_1
[  352.287558][ T9250] usb-storage 13-1:0.231: USB Mass Storage device detected
[  352.291661][T21446] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.299204][T21446] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.303437][T21446] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.307797][T21446] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  352.362729][   T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.366402][   T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.383493][   T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.386930][   T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.523694][ T9250] usb 13-1: USB disconnect, device number 2
[  352.686216][T21592] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6304'.
[  352.945543][T21596] kvm: pic: level sensitive irq not supported
[  352.946110][T21596] kvm: pic: non byte read
[  352.951423][T21596] kvm: pic: level sensitive irq not supported
[  352.951748][T21596] kvm: pic: non byte read
[  352.957572][T21596] kvm: pic: level sensitive irq not supported
[  352.957910][T21596] kvm: pic: non byte read
[  352.964009][T21596] kvm: pic: level sensitive irq not supported
[  352.964257][T21596] kvm: pic: non byte read
[  352.968597][T21596] kvm: pic: level sensitive irq not supported
[  352.968830][T21596] kvm: pic: non byte read
[  352.973852][T21596] kvm: pic: level sensitive irq not supported
[  352.974185][T21596] kvm: pic: non byte read
[  352.979977][T21596] kvm: pic: level sensitive irq not supported
[  352.980305][T21596] kvm: pic: non byte read
[  353.396828][T21608] lo speed is unknown, defaulting to 1000
[  353.431156][   T40] audit: type=1326 audit(1751159742.546:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21607 comm="syz.8.6310" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x0
[  354.132850][   T40] audit: type=1400 audit(1751159743.246:703): avc:  denied  { transfer } for  pid=21613 comm="syz.9.6311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  354.133837][T21614] binder_alloc: 21613: binder_alloc_buf, no vma
[  354.177482][T21616] netlink: 'syz.9.6312': attribute type 1 has an invalid length.
[  354.192945][T21616] 8021q: adding VLAN 0 to HW filter on device bond1
[  354.213713][T21616] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6312'.
[  354.275147][T21616] vlan2: entered promiscuous mode
[  354.277023][T21616] bond1: entered promiscuous mode
[  354.285208][T21620] dummy0: entered promiscuous mode
[  354.299825][T21620] bond1: (slave dummy0): making interface the new active one
[  354.303856][T21620] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  354.615179][   T46] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.255734][T21635] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6317'.
[  355.278076][T21635] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6317'.
[  355.314675][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  355.319989][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  355.325467][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  355.342112][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  355.345721][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  355.370845][T21636] lo speed is unknown, defaulting to 1000
[  355.424325][T21641] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6319'.
[  355.497146][T21641] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21641 comm=syz.9.6319
[  355.685997][T21636] chnl_net:caif_netlink_parms(): no params data found
[  355.761896][T21659] kvm: vcpu 0: requested 64 ns lapic timer period limited to 200000 ns
[  355.813828][   T63] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  355.819258][   T63] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  355.822970][   T63] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  355.826945][   T63] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  355.829872][   T63] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  356.050611][T21636] bridge0: port 1(bridge_slave_0) entered blocking state
[  356.054380][T21662] lo speed is unknown, defaulting to 1000
[  356.058786][T21636] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.061926][T21636] bridge_slave_0: entered allmulticast mode
[  356.077303][T21636] bridge_slave_0: entered promiscuous mode
[  356.083895][T21636] bridge0: port 2(bridge_slave_1) entered blocking state
[  356.086449][T21636] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.093578][T21636] bridge_slave_1: entered allmulticast mode
[  356.109642][T21636] bridge_slave_1: entered promiscuous mode
[  356.210142][T21636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  356.217709][T21636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  356.280288][T21636] team0: Port device team_slave_0 added
[  356.286962][T21636] team0: Port device team_slave_1 added
[  356.381294][T21636] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.382763][   T40] audit: type=1326 audit(1751159745.496:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21672 comm="syz.8.6331" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x0
[  356.385260][T21636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.410604][T21636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.420319][T21636] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.423989][T21636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.434325][T21636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.444033][T21674] vlan3: entered promiscuous mode
[  356.445839][T21674] vlan3: entered allmulticast mode
[  356.447937][T21674] hsr_slave_1: entered allmulticast mode
[  356.473991][   T46] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.620114][   T46] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.635480][T21636] hsr_slave_0: entered promiscuous mode
[  356.637827][T21636] hsr_slave_1: entered promiscuous mode
[  356.639917][T21636] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  356.642343][T21636] Cannot create hsr debugfs directory
[  356.728049][   T46] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.942456][T21687] Bluetooth: (null): Out-of-order packet arrived (4 != 0)
[  356.945630][   T95] Bluetooth: (null): Invalid header checksum
[  356.970710][T21662] chnl_net:caif_netlink_parms(): no params data found
[  356.998832][   T46] bridge_slave_1: left allmulticast mode
[  357.001329][   T46] bridge_slave_1: left promiscuous mode
[  357.004396][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.009867][   T46] bridge_slave_0: left allmulticast mode
[  357.011796][   T46] bridge_slave_0: left promiscuous mode
[  357.014239][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.301274][   T40] audit: type=1400 audit(1751159746.416:705): avc:  denied  { append } for  pid=21697 comm="syz.8.6337" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  357.406461][ T5295] Bluetooth: hci0: command tx timeout
[  357.518389][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.528789][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.534791][   T46] bond0 (unregistering): Released all slaves
[  357.746598][T21662] bridge0: port 1(bridge_slave_0) entered blocking state
[  357.749019][T21662] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.751500][T21662] bridge_slave_0: entered allmulticast mode
[  357.758714][T21662] bridge_slave_0: entered promiscuous mode
[  357.768350][T21662] bridge0: port 2(bridge_slave_1) entered blocking state
[  357.770736][T21662] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.778296][T21662] bridge_slave_1: entered allmulticast mode
[  357.782492][T21662] bridge_slave_1: entered promiscuous mode
[  357.880356][T21662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  357.899186][T21662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  357.903151][ T5295] Bluetooth: hci4: command tx timeout
[  358.062554][T21662] team0: Port device team_slave_0 added
[  358.073840][T21662] team0: Port device team_slave_1 added
[  358.094209][T21712] binder: 21711:21712 ioctl c0306201 200000000980 returned -11
[  358.240051][T21717] netlink: 'syz.9.6342': attribute type 4 has an invalid length.
[  358.272652][   T46] hsr_slave_0: left promiscuous mode
[  358.275795][   T46] hsr_slave_1: left promiscuous mode
[  358.277990][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.280383][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  358.289476][T21715] netlink: 'syz.9.6342': attribute type 4 has an invalid length.
[  358.290713][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  358.295550][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.359005][   T46] veth1_macvtap: left promiscuous mode
[  358.361357][   T46] veth0_macvtap: left promiscuous mode
[  358.364149][   T46] veth1_vlan: left promiscuous mode
[  358.366434][   T46] veth0_vlan: left promiscuous mode
[  359.417307][   T46] team0 (unregistering): Port device team_slave_1 removed
[  359.493421][   T63] Bluetooth: hci0: command tx timeout
[  359.560472][   T46] team0 (unregistering): Port device team_slave_0 removed
[  359.964441][   T63] Bluetooth: hci4: command tx timeout
[  360.473996][T21662] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.476591][T21662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.488098][T21662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.494300][T21662] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.497204][T21662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.509778][T21662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  360.572757][T21722] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !å¯fIZEô¿¹ô,ô =©ÜÝ$)²% Ä‚L
[  360.575737][T21662] hsr_slave_0: entered promiscuous mode
[  360.578233][T21662] hsr_slave_1: entered promiscuous mode
[  360.580287][T21662] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  360.582941][T21662] Cannot create hsr debugfs directory
[  360.863380][T21636] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  360.889929][T21636] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  360.911573][T21636] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  360.917527][T21636] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  361.165404][T21636] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.178672][T21636] 8021q: adding VLAN 0 to HW filter on device team0
[  361.249299][   T95] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.251619][   T95] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.258190][T21171] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.260496][T21171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.520463][T21636] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.563492][   T63] Bluetooth: hci0: command tx timeout
[  361.584928][T21662] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  361.589568][T21662] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  361.616083][T21662] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  361.629054][T21662] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  361.723957][T21636] veth0_vlan: entered promiscuous mode
[  361.728974][T21636] veth1_vlan: entered promiscuous mode
[  361.740852][T21662] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.760140][T21662] 8021q: adding VLAN 0 to HW filter on device team0
[  361.767177][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.769492][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.785612][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.788604][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.793536][T21636] veth0_macvtap: entered promiscuous mode
[  361.817704][T21636] veth1_macvtap: entered promiscuous mode
[  361.842004][T21636] batman_adv: batadv0: Interface activated: batadv_slave_0
[  361.878847][T21636] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.889749][T21636] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.896738][T21636] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.900369][T21636] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.916251][T21636] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.055564][   T63] Bluetooth: hci4: command tx timeout
[  362.093176][T21799] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.111544][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.119029][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.184373][T21799] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.204974][T21662] 8021q: adding VLAN 0 to HW filter on device batadv0
[  362.209006][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.213734][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.252413][T21662] veth0_vlan: entered promiscuous mode
[  362.339601][T21799] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.352565][T21662] veth1_vlan: entered promiscuous mode
[  362.378587][T21662] veth0_macvtap: entered promiscuous mode
[  362.384526][T21662] veth1_macvtap: entered promiscuous mode
[  362.403204][T21662] batman_adv: batadv0: Interface activated: batadv_slave_0
[  362.412127][T21662] batman_adv: batadv0: Interface activated: batadv_slave_1
[  362.448244][T21799] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.462897][T21662] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.475170][T21662] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.478477][T21662] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.481251][T21662] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.566008][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.570805][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.597656][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.600220][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.606035][T21799] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.614403][T21799] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.625915][T21799] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.641081][T21799] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.874722][   T40] audit: type=1326 audit(1751159751.996:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21840 comm="syz.8.6353" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x0
[  362.985467][T21852] netlink: 'syz.2.6355': attribute type 1 has an invalid length.
[  362.991491][T21852] geneve2: entered allmulticast mode
[  363.041288][T21855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6355'.
[  363.437875][T21171] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.133263][   T63] Bluetooth: hci4: command tx timeout
[  364.358100][   T40] audit: type=1400 audit(1751159753.476:707): avc:  denied  { watch } for  pid=21924 comm="syz.8.6366" path="/154/bus/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="overlay" ino=899 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  364.423609][T21934] netlink: 'syz.8.6369': attribute type 12 has an invalid length.
[  364.456302][T21171] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.461193][ T5295] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  364.468494][ T5295] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  364.474760][ T5295] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  364.477744][ T5295] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  364.480366][ T5295] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  364.508157][T21935] lo speed is unknown, defaulting to 1000
[  364.715496][T21935] chnl_net:caif_netlink_parms(): no params data found
[  364.826999][T21935] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.830007][T21935] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.832369][T21935] bridge_slave_0: entered allmulticast mode
[  364.835446][T21935] bridge_slave_0: entered promiscuous mode
[  364.839319][T21935] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.842150][T21935] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.845085][T21935] bridge_slave_1: entered allmulticast mode
[  364.847935][T21935] bridge_slave_1: entered promiscuous mode
[  364.939823][T21935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.959466][T21935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.007886][T21935] team0: Port device team_slave_0 added
[  365.012369][T21935] team0: Port device team_slave_1 added
[  365.032776][T21171] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.072254][T21935] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.075094][T21935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.084867][T21935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.089239][T21935] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.091481][T21935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  365.101182][T21935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  365.134799][T21171] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.233766][T21935] hsr_slave_0: entered promiscuous mode
[  365.236007][T21935] hsr_slave_1: entered promiscuous mode
[  365.238608][T21935] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  365.241689][T21935] Cannot create hsr debugfs directory
[  365.260602][T21991] netlink: 'syz.9.6379': attribute type 1 has an invalid length.
[  365.347569][T21991] 8021q: adding VLAN 0 to HW filter on device bond3
[  365.352125][T21991] bond2: (slave bond3): making interface the new active one
[  365.356607][T21991] bond2: (slave bond3): Enslaving as an active interface with an up link
[  365.371520][T21991] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6379'.
[  365.436335][T21991] 8021q: adding VLAN 0 to HW filter on device bond2
[  365.499118][T21171] bridge_slave_1: left allmulticast mode
[  365.501939][T21171] bridge_slave_1: left promiscuous mode
[  365.512879][T21171] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.538299][T21171] bridge_slave_0: left allmulticast mode
[  365.540680][T21171] bridge_slave_0: left promiscuous mode
[  365.544227][T21171] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.888998][   T40] audit: type=1326 audit(1751159755.006:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22026 comm="syz.9.6386" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f261758e929 code=0x0
[  365.974227][T21171] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  365.978587][T21171] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  365.982373][T21171] bond0 (unregistering): Released all slaves
[  366.259319][T22040] syzkaller0: entered promiscuous mode
[  366.261098][T22040] syzkaller0: entered allmulticast mode
[  366.524415][ T5295] Bluetooth: hci0: command tx timeout
[  367.023214][T22053] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6393'.
[  368.034304][   T40] audit: type=1400 audit(1751159757.156:709): avc:  denied  { create } for  pid=22057 comm="syz.2.6395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  368.058970][   T40] audit: type=1400 audit(1751159757.166:710): avc:  denied  { ioctl } for  pid=22057 comm="syz.2.6395" path="socket:[106235]" dev="sockfs" ino=106235 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  368.388739][T22058] bpq0: entered promiscuous mode
[  368.487872][T22070] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6400'.
[  368.552323][T22070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6400'.
[  368.560268][T21171] hsr_slave_0: left promiscuous mode
[  368.562835][T21171] hsr_slave_1: left promiscuous mode
[  368.574636][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.577019][T21171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.580391][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.582721][T21171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  368.603185][ T5295] Bluetooth: hci0: command tx timeout
[  368.616724][T21171] veth1_macvtap: left promiscuous mode
[  368.618549][T21171] veth0_macvtap: left promiscuous mode
[  368.620340][T21171] veth1_vlan: left promiscuous mode
[  368.622028][T21171] veth0_vlan: left promiscuous mode
[  369.752653][T21171] team0 (unregistering): Port device team_slave_1 removed
[  369.860254][T21171] team0 (unregistering): Port device team_slave_0 removed
[  370.693799][ T5295] Bluetooth: hci0: command tx timeout
[  370.886748][T21935] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  370.892270][T21935] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  370.896705][T21935] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  370.903040][T21935] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  370.955937][T21935] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.982184][T21935] 8021q: adding VLAN 0 to HW filter on device team0
[  370.989375][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.991885][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.999148][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.001376][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.141367][T21935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.353520][T21935] veth0_vlan: entered promiscuous mode
[  371.358950][T21935] veth1_vlan: entered promiscuous mode
[  371.383967][T21935] veth0_macvtap: entered promiscuous mode
[  371.389361][T21935] veth1_macvtap: entered promiscuous mode
[  371.409248][T21935] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.417781][T21935] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.424911][T21935] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.428397][T21935] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.431826][T21935] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.436919][T21935] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.482249][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.487086][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.502072][T20921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.504785][T20921] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.893722][T22118] orangefs_mount: mount request failed with -4
[  372.767840][T22156] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  372.767863][T22156] overlayfs: failed to set xattr on upper
[  372.767868][T22156] overlayfs: ...falling back to redirect_dir=nofollow.
[  372.767873][T22156] overlayfs: ...falling back to index=off.
[  372.767878][T22156] overlayfs: ...falling back to uuid=null.
[  372.777048][T22156] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  372.993353][T22166] netlink: 'syz.8.6420': attribute type 39 has an invalid length.
[  373.230088][T22168] netlink: 68 bytes leftover after parsing attributes in process `syz.8.6421'.
[  373.583267][T22171] bond1: (slave dummy0): Releasing active interface
[  373.590781][T22171] bridge_slave_0: left allmulticast mode
[  373.592677][T22171] bridge_slave_0: left promiscuous mode
[  373.595588][T22171] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.602607][T22171] bridge_slave_1: left allmulticast mode
[  373.613143][T22171] bridge_slave_1: left promiscuous mode
[  373.616267][T22171] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.630466][T22171] bond0: (slave bond_slave_0): Releasing backup interface
[  373.654742][T22171] bond0: (slave bond_slave_1): Releasing backup interface
[  373.682442][T22171] team0: Port device team_slave_0 removed
[  373.707497][T22171] team0: Port device team_slave_1 removed
[  373.709785][T22171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  373.712106][T22171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  373.715837][T22171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  373.718298][T22171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  373.728930][T22171] bond2: (slave bond3): Releasing backup interface
[  373.794046][T20921] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.644676][   T40] audit: type=1326 audit(1751159763.766:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22174 comm="syz.8.6425" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x0
[  374.656562][T22178] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6423'.
[  374.659626][T22177] netlink: 'syz.9.6424': attribute type 10 has an invalid length.
[  374.698284][T22177] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  374.756291][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  374.766376][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  374.771405][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  374.779988][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  374.784851][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  374.814089][T22181] lo speed is unknown, defaulting to 1000
[  374.977704][T22181] chnl_net:caif_netlink_parms(): no params data found
[  375.041743][   T40] audit: type=1326 audit(1751159764.156:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22187 comm="syz.2.6428" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7f9538e929 code=0x0
[  375.059967][T22181] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.062395][T22181] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.064848][T22181] bridge_slave_0: entered allmulticast mode
[  375.067491][T22181] bridge_slave_0: entered promiscuous mode
[  375.070759][T22181] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.072969][T22181] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.075415][T22181] bridge_slave_1: entered allmulticast mode
[  375.078631][T22181] bridge_slave_1: entered promiscuous mode
[  375.132242][T22181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.139729][T22181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.208364][T22181] team0: Port device team_slave_0 added
[  375.218924][T22181] team0: Port device team_slave_1 added
[  375.260042][T22181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.262765][T22181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.272820][T22181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.278006][T22181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.280679][T22181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.290721][T22181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.337024][T22181] hsr_slave_0: entered promiscuous mode
[  375.339367][T22181] hsr_slave_1: entered promiscuous mode
[  375.341438][T22181] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  375.344295][T22181] Cannot create hsr debugfs directory
[  375.492864][T20921] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.573647][T20921] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.594382][T22206] bridge_slave_0: left allmulticast mode
[  375.596388][T22206] bridge_slave_0: left promiscuous mode
[  375.598499][T22206] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.606821][T22206] bridge_slave_1: left allmulticast mode
[  375.608770][T22206] bridge_slave_1: left promiscuous mode
[  375.610835][T22206] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.617696][T22206] bond0: (slave bond_slave_0): Releasing backup interface
[  375.622536][T22206] bond0: (slave bond_slave_1): Releasing backup interface
[  375.639615][T22206] team0: Port device team_slave_0 removed
[  375.650620][T22206] team0: Port device team_slave_1 removed
[  375.656865][T22206] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  375.659938][T22206] batman_adv: batadv0: Removing interface: batadv_slave_0
[  375.663348][T22206] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  375.665881][T22206] batman_adv: batadv0: Removing interface: batadv_slave_1
[  375.676111][T22206] bond1: (slave geneve2): Releasing active interface
[  375.678185][T22206] geneve2: left promiscuous mode
[  375.736291][T22209] xt_hashlimit: size too large, truncated to 1048576
[  375.747382][T20921] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.758226][T22207] team0: Mode changed to "random"
[  375.762502][T22206] vlan0: entered promiscuous mode
[  375.780307][T22206] team0: Port device vlan0 added
[  375.790014][T22207] tipc: Enabled bearer <eth:team0>, priority 0
[  375.883617][T20921] bridge_slave_1: left allmulticast mode
[  375.885481][T20921] bridge_slave_1: left promiscuous mode
[  375.887339][T20921] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.892916][T20921] bridge_slave_0: left allmulticast mode
[  375.895074][T20921] bridge_slave_0: left promiscuous mode
[  375.896956][T20921] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.180469][T22222] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6435'.
[  376.276756][T20921] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  376.282633][T20921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  376.287508][T20921] bond0 (unregistering): Released all slaves
[  376.326426][T22220] batadv_slave_1: entered promiscuous mode
[  376.329606][T22221] vlan1: entered allmulticast mode
[  376.332028][T22221] veth0_vlan: entered allmulticast mode
[  376.337360][T22222] tipc: Resetting bearer <eth:team0>
[  376.527148][T22222] tipc: Disabling bearer <eth:team0>
[  376.540090][T22222] team0 (unregistering): Port device vlan0 removed
[  376.620759][   T40] audit: type=1400 audit(1751159765.736:713): avc:  denied  { setattr } for  pid=22233 comm="syz.9.6437" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  376.638992][T22218] batadv_slave_1: left promiscuous mode
[  376.844908][ T5295] Bluetooth: hci0: command tx timeout
[  376.958320][T20921] hsr_slave_0: left promiscuous mode
[  376.960488][T20921] hsr_slave_1: left promiscuous mode
[  376.962629][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.965305][T20921] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.968940][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.971314][T20921] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.024185][T20921] veth1_macvtap: left promiscuous mode
[  377.026043][T20921] veth0_macvtap: left promiscuous mode
[  377.027814][T20921] veth1_vlan: left promiscuous mode
[  377.029984][T20921] veth0_vlan: left promiscuous mode
[  378.212790][T20921] team0 (unregistering): Port device team_slave_1 removed
[  378.317563][T20921] team0 (unregistering): Port device team_slave_0 removed
[  378.369691][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  378.380708][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  378.925005][ T5295] Bluetooth: hci0: command tx timeout
[  379.102926][T22267] veth0_vlan: left promiscuous mode
[  379.209914][T22181] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  379.214563][T22181] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  379.225675][T22181] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  379.230245][T22181] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  379.337951][   T40] audit: type=1400 audit(1751159768.456:714): avc:  denied  { rename } for  pid=22307 comm="syz.8.6452" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  379.365373][T22181] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.410064][T22181] 8021q: adding VLAN 0 to HW filter on device team0
[  379.415461][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.417879][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.434130][   T91] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.437268][   T91] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.482169][T22318] vlan3: entered promiscuous mode
[  379.488957][T22318] vlan3: entered allmulticast mode
[  379.490640][T22318] hsr_slave_1: entered allmulticast mode
[  379.551937][T22324] netlink: 'syz.8.6457': attribute type 1 has an invalid length.
[  379.577828][T22324] 8021q: adding VLAN 0 to HW filter on device bond2
[  379.630653][T22324] veth7: entered promiscuous mode
[  379.638212][T22324] bond2: (slave veth7): Enslaving as an active interface with a down link
[  379.663533][T22330] bond0: (slave wlan1): Releasing backup interface
[  379.705643][T22324] vlan5: entered allmulticast mode
[  379.708112][T22324] bond2: entered allmulticast mode
[  379.711576][T22324] bond2: (slave vlan5): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  379.747153][T22181] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.758238][T22330] bridge0: port 1(vlan0) entered blocking state
[  379.760757][T22330] bridge0: port 1(vlan0) entered disabled state
[  379.763897][T22330] vlan0: entered allmulticast mode
[  379.765901][T22330] bond0: entered allmulticast mode
[  379.780653][T22332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  379.783915][T22332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.790621][T22332] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.792968][T22332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.007799][T22181] veth0_vlan: entered promiscuous mode
[  380.015115][T22181] veth1_vlan: entered promiscuous mode
[  380.029921][T22181] veth0_macvtap: entered promiscuous mode
[  380.041566][T22181] veth1_macvtap: entered promiscuous mode
[  380.051010][T22181] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.056537][T22181] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.075305][T22181] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.078381][T22181] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.081006][T22181] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.084270][T22181] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.136652][   T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.139331][   T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.169906][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.172920][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.241775][T22353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6465'.
[  380.256645][   T40] audit: type=1400 audit(1751159769.376:715): avc:  denied  { ioctl } for  pid=22358 comm="syz.9.6466" path="socket:[109874]" dev="sockfs" ino=109874 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  380.459996][T22363] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  380.459996][T22363] The task syz.9.6467 (22363) triggered the difference, watch for misbehavior.
[  381.215782][   T40] audit: type=1400 audit(1751159770.336:716): avc:  denied  { getopt } for  pid=22377 comm="syz.2.6474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  381.367873][T22387] netlink: 'syz.9.6477': attribute type 1 has an invalid length.
[  381.416641][T22387] bond4: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  381.456728][T22387] veth11: entered promiscuous mode
[  381.461669][T22387] bond4: (slave veth11): Enslaving as a backup interface with a down link
[  381.575440][   T91] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.668804][T22398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6481'.
[  382.746799][T22405] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  382.751520][T22405] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  382.751903][   T40] audit: type=1326 audit(1751159771.866:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.755340][T22405] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  382.761475][   T40] audit: type=1326 audit(1751159771.866:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.766445][T22405] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  382.770925][   T40] audit: type=1326 audit(1751159771.876:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.774040][T22405] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  382.781685][   T40] audit: type=1326 audit(1751159771.876:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.791154][   T40] audit: type=1326 audit(1751159771.876:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.791153][T22407] bridge0: entered allmulticast mode
[  382.799010][T22407] pim6reg: entered allmulticast mode
[  382.800949][   T40] audit: type=1326 audit(1751159771.876:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.807714][T22407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6484'.
[  382.812054][T22407] bridge_slave_1: left allmulticast mode
[  382.813962][T22407] bridge_slave_1: left promiscuous mode
[  382.816152][T22407] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.817293][   T40] audit: type=1326 audit(1751159771.876:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.827893][   T40] audit: type=1326 audit(1751159771.876:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22400 comm="syz.8.6483" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd73e38e929 code=0x7ffc0000
[  382.837863][T22407] bridge_slave_0: left allmulticast mode
[  382.839758][T22407] bridge_slave_0: left promiscuous mode
[  382.841786][T22407] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.862227][T22407] bridge0 (unregistering): left allmulticast mode
[  382.940364][T22409] lo speed is unknown, defaulting to 1000
[  383.040660][T22403] lo speed is unknown, defaulting to 1000
[  383.295043][T22403] chnl_net:caif_netlink_parms(): no params data found
[  383.329012][   T91] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.445933][T22403] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.448340][T22403] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.451355][T22403] bridge_slave_0: entered allmulticast mode
[  383.454621][T22403] bridge_slave_0: entered promiscuous mode
[  383.482406][   T91] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.491487][T22403] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.496592][T22403] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.498959][T22403] bridge_slave_1: entered allmulticast mode
[  383.502834][T22403] bridge_slave_1: entered promiscuous mode
[  383.521713][T22440] netlink: 'syz.2.6492': attribute type 1 has an invalid length.
[  383.563317][   T63] Bluetooth: hci0: command 0x1003 tx timeout
[  383.563410][ T5295] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  383.606660][T22442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6492'.
[  383.637906][   T91] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.662854][T22440] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  383.666282][T22440] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  383.669110][T22440] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  383.672197][T22440] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  383.678795][T22440] bond1: (slave geneve2): making interface the new active one
[  383.684659][T22440] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  383.694100][T22403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.705428][T22403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.755532][T22442] 8021q: adding VLAN 0 to HW filter on device bond1
[  383.808811][T22403] team0: Port device team_slave_0 added
[  383.816694][T22403] team0: Port device team_slave_1 added
[  384.011123][T22403] batman_adv: batadv0: Adding interface: batadv_slave_0
[  384.013960][T22403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.022149][T22403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.048216][T22403] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.050536][T22403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.054480][T22455] Invalid option length (1048180) for dns_resolver key
[  384.055863][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  384.055919][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  384.055965][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  384.079723][T22403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.655636][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880266d1400: rx timeout, send abort
[  384.859099][ T5295] Bluetooth: hci2: command tx timeout
[  385.158595][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880266d1400: abort rx timeout. Force session deactivation
[  385.413007][T22403] hsr_slave_0: entered promiscuous mode
[  385.416830][T22403] hsr_slave_1: entered promiscuous mode
[  385.419822][T22403] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  385.422966][T22403] Cannot create hsr debugfs directory
[  385.658843][   T91] bridge_slave_1: left allmulticast mode
[  385.660783][   T91] bridge_slave_1: left promiscuous mode
[  385.665785][   T91] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.680702][   T91] bridge_slave_0: left allmulticast mode
[  385.682567][   T91] bridge_slave_0: left promiscuous mode
[  385.691527][   T91] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.073013][   T91] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.078859][   T91] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.083724][   T91] bond0 (unregistering): Released all slaves
[  386.445894][T22498] netlink: 'syz.2.6507': attribute type 1 has an invalid length.
[  386.499356][T22501] netlink: 'syz.8.6508': attribute type 1 has an invalid length.
[  386.547068][T22498] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  386.563888][T22501] 8021q: adding VLAN 0 to HW filter on device bond3
[  386.572774][   T91] hsr_slave_0: left promiscuous mode
[  386.575879][   T91] hsr_slave_1: left promiscuous mode
[  386.577876][   T91] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  386.580193][   T91] batman_adv: batadv0: Removing interface: batadv_slave_0
[  386.582905][   T91] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.585825][   T91] batman_adv: batadv0: Removing interface: batadv_slave_1
[  386.619784][   T91] veth1_macvtap: left promiscuous mode
[  386.622049][   T91] veth0_macvtap: left promiscuous mode
[  386.624428][   T91] veth1_vlan: left promiscuous mode
[  386.626168][   T91] veth0_vlan: left promiscuous mode
[  386.720745][T22513] netlink: 'syz.9.6509': attribute type 1 has an invalid length.
[  386.832261][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  386.832273][   T40] audit: type=1400 audit(1751159775.946:727): avc:  denied  { create } for  pid=22512 comm="syz.9.6509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  386.840633][   T40] audit: type=1400 audit(1751159775.946:728): avc:  denied  { write } for  pid=22512 comm="syz.9.6509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  386.926447][ T5295] Bluetooth: hci2: command tx timeout
[  387.569872][   T91] team0 (unregistering): Port device team_slave_1 removed
[  387.677157][   T91] team0 (unregistering): Port device team_slave_0 removed
[  388.505846][T22504] 8021q: adding VLAN 0 to HW filter on device bond3
[  388.508121][T22504] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  388.512023][T22504] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  388.574146][T20921] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  388.575031][T22498] 8021q: adding VLAN 0 to HW filter on device bond2
[  388.586915][T22501] gretap1: entered promiscuous mode
[  388.597514][T22501] bond3: (slave gretap1): making interface the new active one
[  388.600497][T22501] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  388.621211][T22511] bond3: (slave vlan5): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  388.653709][T22513] 8021q: adding VLAN 0 to HW filter on device bond5
[  388.666776][T22515] bond5: (slave gretap1): making interface the new active one
[  388.671148][T22515] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  388.697275][   T95] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  388.816649][T22525] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6512'.
[  388.847148][T22530] netlink: 88 bytes leftover after parsing attributes in process `syz.2.6514'.
[  388.991852][T22403] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  388.996342][T22403] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  389.000771][T22403] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  389.003318][ T5295] Bluetooth: hci2: command tx timeout
[  389.009775][T22403] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  389.100040][T22403] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.129525][T22403] 8021q: adding VLAN 0 to HW filter on device team0
[  389.135152][T20921] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.137490][T20921] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.148022][T20921] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.151019][T20921] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.384663][T22403] 8021q: adding VLAN 0 to HW filter on device batadv0
[  389.729195][T22403] veth0_vlan: entered promiscuous mode
[  389.735984][T22403] veth1_vlan: entered promiscuous mode
[  389.757390][T22403] veth0_macvtap: entered promiscuous mode
[  389.766302][T22403] veth1_macvtap: entered promiscuous mode
[  389.790436][T22403] batman_adv: batadv0: Interface activated: batadv_slave_0
[  389.800526][T22403] batman_adv: batadv0: Interface activated: batadv_slave_1
[  389.821077][T22403] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  389.824966][T22403] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  389.828627][T22403] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  389.832293][T22403] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  389.866395][T22594] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6526'.
[  389.916975][T22594] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  389.919568][T22594] IPv6: NLM_F_CREATE should be set when creating new route
[  389.923839][T22594] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  389.926482][   T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.926812][T22594] IPv6: NLM_F_CREATE should be set when creating new route
[  389.929784][   T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.948051][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  389.950679][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  390.283006][T22614] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6535'.
[  390.395416][T22619] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  390.399443][T22619] overlayfs: NFS export requires an index dir, falling back to nfs_export=off.
[  390.574895][   T40] audit: type=1400 audit(1751159779.696:729): avc:  denied  { getopt } for  pid=22630 comm="syz.9.6543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  391.043316][T22641] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6546'.
[  391.057159][T22641] bridge0: port 1(veth0_to_bond) entered blocking state
[  391.059563][T22641] bridge0: port 1(veth0_to_bond) entered disabled state
[  391.061876][T22641] veth0_to_bond: entered allmulticast mode
[  391.065782][T22641] veth0_to_bond: entered promiscuous mode
[  391.073957][T22641] vlan3: entered allmulticast mode
[  391.076072][T22641] veth1: entered allmulticast mode
[  391.078441][T22641] bridge0: port 2(vlan3) entered blocking state
[  391.080498][T22641] bridge0: port 2(vlan3) entered disabled state
[  391.084505][T22641] vlan3: entered promiscuous mode
[  391.086701][T22641] veth1: entered promiscuous mode
[  391.887344][T20921] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.102249][T22654] Set syz1 is full, maxelem 65536 reached
[  393.133978][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  393.139504][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  393.142640][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  393.146919][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  393.149928][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  393.198450][T22666] lo speed is unknown, defaulting to 1000
[  393.427997][T22666] chnl_net:caif_netlink_parms(): no params data found
[  393.518416][T22666] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.521151][T22666] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.524451][T22666] bridge_slave_0: entered allmulticast mode
[  393.527188][T22666] bridge_slave_0: entered promiscuous mode
[  393.530415][T22666] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.532703][T22666] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.539632][T22666] bridge_slave_1: entered allmulticast mode
[  393.542419][T22666] bridge_slave_1: entered promiscuous mode
[  393.576262][T22666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.581145][T22666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.656872][T20921] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.671741][T22666] team0: Port device team_slave_0 added
[  393.677643][T22666] team0: Port device team_slave_1 added
[  393.690449][T22671] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  393.754500][T22666] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.756725][T22666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.765323][T22666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.792901][T22692] cgroup: Unknown subsys name 'cpuset'
[  393.793241][T20921] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.802510][T22666] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.805554][T22666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.814991][T22666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.900996][T20921] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.919468][T22666] hsr_slave_0: entered promiscuous mode
[  393.923016][T22666] hsr_slave_1: entered promiscuous mode
[  393.928977][T22666] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  393.932165][T22666] Cannot create hsr debugfs directory
[  394.019609][T22696] bond2: (slave veth7): Releasing active interface
[  394.024430][T22696] bond3: (slave gretap1): Releasing active interface
[  394.025961][T22698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6561'.
[  394.104666][ T9250] usb 14-1: new high-speed USB device number 3 using dummy_hcd
[  394.177007][T20921] bridge_slave_1: left allmulticast mode
[  394.178991][T20921] bridge_slave_1: left promiscuous mode
[  394.181338][T20921] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.185603][T20921] bridge_slave_0: left allmulticast mode
[  394.187381][T20921] bridge_slave_0: left promiscuous mode
[  394.191424][T20921] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.263390][ T9250] usb 14-1: Using ep0 maxpacket: 16
[  394.270439][ T9250] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  394.275949][ T9250] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  394.281456][ T9250] usb 14-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  394.284449][ T9250] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.288316][ T9250] usb 14-1: config 0 descriptor??
[  394.528913][T22694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.532769][T22694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.555884][T20921] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.556747][ T9250] usbhid 14-1:0.0: can't add hid device: -71
[  394.562160][ T9250] usbhid 14-1:0.0: probe with driver usbhid failed with error -71
[  394.565763][T20921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.567193][ T9250] usb 14-1: USB disconnect, device number 3
[  394.571581][T20921] bond0 (unregistering): Released all slaves
[  394.611615][T22702] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  394.838279][T22733] TCP: out of memory -- consider tuning tcp_mem
[  395.021246][T20921] hsr_slave_0: left promiscuous mode
[  395.025405][T20921] hsr_slave_1: left promiscuous mode
[  395.027387][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.029784][T20921] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.048133][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.050765][T20921] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.112532][T20921] veth1_macvtap: left promiscuous mode
[  395.114573][T20921] veth0_macvtap: left promiscuous mode
[  395.116492][T20921] veth1_vlan: left promiscuous mode
[  395.118270][T20921] veth0_vlan: left promiscuous mode
[  395.163322][ T5295] Bluetooth: hci0: command tx timeout
[  395.169608][T22739] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  395.176486][   T24] kernel read not supported for file /vga_arbiter (pid: 24 comm: kworker/2:0)
[  395.379911][ T5295] Bluetooth: hci3: unexpected event for opcode 0x204e
[  395.513619][T22748] cgroup: Unknown subsys name 'cpuset'
[  395.545438][   T40] audit: type=1400 audit(1751159784.666:730): avc:  denied  { kexec_image_load } for  pid=22749 comm="syz.2.6577" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  395.569800][   T40] audit: type=1400 audit(1751159784.686:731): avc:  denied  { read write } for  pid=21662 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  395.583135][   T40] audit: type=1400 audit(1751159784.696:732): avc:  denied  { open } for  pid=21662 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  395.591329][   T40] audit: type=1400 audit(1751159784.696:733): avc:  denied  { ioctl } for  pid=21662 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  395.621792][   T40] audit: type=1400 audit(1751159784.736:734): avc:  denied  { allowed } for  pid=22751 comm="syz.2.6578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  395.662742][ T5295] Bluetooth: hci3: unexpected event for opcode 0x2031
[  395.707352][ T5295] Bluetooth: hci3: unexpected event for opcode 0x202d
[  395.831106][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  395.833128][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  395.838022][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.855046][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[  395.857716][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  395.860236][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.870591][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(16)
[  395.873249][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  395.877034][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.881114][T22768] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  395.899975][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(20)
[  395.902477][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  395.905143][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.909080][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(22)
[  395.911254][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  395.913963][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.916913][T22768] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  395.927759][T22768] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(26)
[  395.930129][T22768] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  395.937749][T22768] vhci_hcd vhci_hcd.0: Device attached
[  395.942591][T22768] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  395.954711][T22777] vhci_hcd: connection closed
[  395.955208][T22771] vhci_hcd: connection closed
[  395.957291][T22775] vhci_hcd: connection closed
[  395.959780][T22769] vhci_hcd: connection closed
[  395.960268][T22779] vhci_hcd: connection closed
[  395.963696][   T59] vhci_hcd: stop threads
[  395.967492][   T59] vhci_hcd: release socket
[  395.969319][   T59] vhci_hcd: disconnect device
[  395.974594][T22773] vhci_hcd: connection closed
[  395.979268][   T59] vhci_hcd: stop threads
[  395.983526][   T59] vhci_hcd: release socket
[  395.992299][   T59] vhci_hcd: disconnect device
[  396.003705][   T59] vhci_hcd: stop threads
[  396.005642][   T59] vhci_hcd: release socket
[  396.007464][   T59] vhci_hcd: disconnect device
[  396.014551][   T59] vhci_hcd: stop threads
[  396.015945][   T59] vhci_hcd: release socket
[  396.017412][   T59] vhci_hcd: disconnect device
[  396.021754][   T59] vhci_hcd: stop threads
[  396.023262][   T59] vhci_hcd: release socket
[  396.031705][   T59] vhci_hcd: disconnect device
[  396.033261][   T24] vhci_hcd: vhci_device speed not set
[  396.043333][   T59] vhci_hcd: stop threads
[  396.046011][   T59] vhci_hcd: release socket
[  396.047555][   T59] vhci_hcd: disconnect device
[  396.437531][T22732] Set syz1 is full, maxelem 65536 reached
[  396.518440][ T5295] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  396.521709][ T5295] CPU: 3 UID: 0 PID: 5295 Comm: kworker/u33:1 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[  396.521728][ T5295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  396.521737][ T5295] Workqueue: hci4 hci_rx_work
[  396.521774][ T5295] Call Trace:
[  396.521779][ T5295]  <TASK>
[  396.521786][ T5295]  dump_stack_lvl+0x16c/0x1f0
[  396.521805][ T5295]  sysfs_warn_dup+0x7f/0xa0
[  396.521827][ T5295]  sysfs_create_dir_ns+0x24b/0x2b0
[  396.521841][ T5295]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  396.521856][ T5295]  ? find_held_lock+0x2b/0x80
[  396.521881][ T5295]  ? do_raw_spin_unlock+0x172/0x230
[  396.521895][ T5295]  kobject_add_internal+0x2c4/0x9b0
[  396.521918][ T5295]  kobject_add+0x16e/0x240
[  396.521928][ T5295]  ? __pfx_kobject_add+0x10/0x10
[  396.521941][ T5295]  ? do_raw_spin_unlock+0x172/0x230
[  396.521954][ T5295]  ? kobject_put+0xab/0x5a0
[  396.521975][ T5295]  device_add+0x288/0x1a70
[  396.521995][ T5295]  ? __pfx_dev_set_name+0x10/0x10
[  396.522006][ T5295]  ? __pfx_device_add+0x10/0x10
[  396.522023][ T5295]  ? mgmt_send_event_skb+0x2fb/0x460
[  396.522043][ T5295]  hci_conn_add_sysfs+0x17e/0x230
[  396.522061][ T5295]  le_conn_complete_evt+0x1075/0x1d70
[  396.522081][ T5295]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  396.522096][ T5295]  ? hci_event_packet+0x459/0x11c0
[  396.522115][ T5295]  hci_le_conn_complete_evt+0x23c/0x370
[  396.522134][ T5295]  hci_le_meta_evt+0x354/0x5e0
[  396.522151][ T5295]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  396.522169][ T5295]  hci_event_packet+0x685/0x11c0
[  396.522184][ T5295]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  396.522202][ T5295]  ? __pfx_hci_event_packet+0x10/0x10
[  396.522219][ T5295]  ? kcov_remote_start+0x3c9/0x6d0
[  396.522232][ T5295]  ? lockdep_hardirqs_on+0x7c/0x110
[  396.522250][ T5295]  hci_rx_work+0x2c5/0x16b0
[  396.522270][ T5295]  ? rcu_is_watching+0x12/0xc0
[  396.522291][ T5295]  process_one_work+0x9cc/0x1b70
[  396.522315][ T5295]  ? __pfx_process_one_work+0x10/0x10
[  396.522335][ T5295]  ? assign_work+0x1a0/0x250
[  396.522361][ T5295]  worker_thread+0x6c8/0xf10
[  396.522384][ T5295]  ? __pfx_worker_thread+0x10/0x10
[  396.522396][ T5295]  kthread+0x3c2/0x780
[  396.522406][ T5295]  ? __pfx_kthread+0x10/0x10
[  396.522417][ T5295]  ? rcu_is_watching+0x12/0xc0
[  396.522430][ T5295]  ? __pfx_kthread+0x10/0x10
[  396.522440][ T5295]  ret_from_fork+0x5d4/0x6f0
[  396.522456][ T5295]  ? __pfx_kthread+0x10/0x10
[  396.522466][ T5295]  ret_from_fork_asm+0x1a/0x30
[  396.522485][ T5295]  </TASK>
[  396.522502][ T5295] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  396.607057][ T5295] Bluetooth: hci4: failed to register connection device
[  396.721644][   T40] audit: type=1400 audit(1751159785.836:735): avc:  denied  { remount } for  pid=22781 comm="syz.2.6588" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  396.730990][T20921] team0 (unregistering): Port device team_slave_1 removed
[  396.948610][T20921] team0 (unregistering): Port device team_slave_0 removed
[  397.243240][   T63] Bluetooth: hci0: command tx timeout
[  397.568921][T22806] netlink: 'syz.2.6596': attribute type 10 has an invalid length.
[  397.625836][T22807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6596'.
[  397.920615][T22804] veth0_to_bond: left allmulticast mode
[  397.922451][T22804] veth0_to_bond: left promiscuous mode
[  397.924960][T22804] bridge0: port 1(veth0_to_bond) entered disabled state
[  397.934159][T22804] bond0: (slave bond_slave_0): Releasing backup interface
[  397.942093][T22804] bond0: (slave bond_slave_1): Releasing backup interface
[  397.971290][   T63] Bluetooth: hci3: unexpected event for opcode 0x0c2d
[  397.975543][T22804] team0: Port device team_slave_0 removed
[  397.985646][T22804] team0: Port device team_slave_1 removed
[  397.998409][T22804] bond1: (slave geneve2): Releasing active interface
[  398.023815][T22804] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  398.027913][T22804] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  398.031869][T22804] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  398.039129][T22804] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  398.049294][T22804] bond2: (slave ip6gretap1): Removing an active aggregator
[  398.052887][T22804] bond2: (slave ip6gretap1): Releasing backup interface
[  398.059194][T22804] vlan3: left promiscuous mode
[  398.060969][T22804] veth1: left promiscuous mode
[  398.062689][T22804] bridge0: port 2(vlan3) entered disabled state
[  398.075219][T22805] team0: Mode changed to "loadbalance"
[  398.082365][T22806] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.088324][T22806] team0: Port device bond0 added
[  398.246229][T22807] team0 (unregistering): Port device bond0 removed
[  398.414290][T22666] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  398.426341][T22666] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  398.441764][T22666] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  398.465686][T22666] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  398.579194][T22666] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.611845][T22666] 8021q: adding VLAN 0 to HW filter on device team0
[  398.625786][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.628366][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.636036][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.638396][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.693300][   T40] audit: type=1400 audit(1751159787.786:736): avc:  denied  { write } for  pid=22819 comm="syz.9.6602" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  398.828746][T22666] 8021q: adding VLAN 0 to HW filter on device batadv0
[  399.033381][T22666] veth0_vlan: entered promiscuous mode
[  399.038572][T22666] veth1_vlan: entered promiscuous mode
[  399.064804][T22666] veth0_macvtap: entered promiscuous mode
[  399.069933][T22666] veth1_macvtap: entered promiscuous mode
[  399.087543][T22666] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.105771][T22666] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.110952][T22666] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.126224][T22666] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.129302][T22666] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.132251][T22666] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.204488][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.207653][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.226665][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  399.230573][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.514296][   T63] Bluetooth: hci3: ISO packet too small
[  399.523224][   T34] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  399.577601][   T63] Bluetooth: hci1: unexpected event for opcode 0x0407
[  399.623215][T22888] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6617'.
[  399.673231][   T34] usb 7-1: Using ep0 maxpacket: 16
[  399.679970][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  399.683445][   T34] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  399.686954][   T34] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[  399.692897][   T34] usb 7-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  399.696550][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.699165][   T34] usb 7-1: Product: syz
[  399.700472][   T34] usb 7-1: Manufacturer: syz
[  399.702019][   T34] usb 7-1: SerialNumber: syz
[  399.712422][   T34] usb 7-1: config 0 descriptor??
[  399.714877][T22863] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  399.721983][   T40] audit: type=1400 audit(1751159788.836:737): avc:  denied  { create } for  pid=22893 comm="syz.9.6621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  399.730532][   T34] mcba_usb 7-1:0.0 can0: failed tx_urb -90
[  399.731086][   T40] audit: type=1400 audit(1751159788.846:738): avc:  denied  { setopt } for  pid=22893 comm="syz.9.6621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  399.732833][   T34] mcba_usb 7-1:0.0 can0: Failed to send cmd (169)
[  399.732898][   T34] mcba_usb 7-1:0.0 can0: failed tx_urb -90
[  399.739566][   T40] audit: type=1400 audit(1751159788.866:739): avc:  denied  { write } for  pid=22893 comm="syz.9.6621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  399.744715][   T34] mcba_usb 7-1:0.0 can0: Failed to send cmd (169)
[  399.751923][   T34] mcba_usb 7-1:0.0: Microchip CAN BUS Analyzer connected
[  399.942829][   T34] usb 7-1: USB disconnect, device number 7
[  399.945623][   T34] mcba_usb 7-1:0.0 can0: device disconnected
[  400.198505][   T63] Bluetooth: hci3: unexpected event for opcode 0x0407
[  400.417434][T22933] lo speed is unknown, defaulting to 1000
[  400.531748][T22940] bridge_slave_0: invalid flags given to default FDB implementation
[  400.600731][   T63] Bluetooth: hci1: unexpected event 0x3e length: 262 > 260
[  400.600754][   T63] Bluetooth: hci1: unexpected subevent 0x0d length: 261 > 260
[  400.610546][   T63] Bluetooth: hci1: adv larger than maximum supported
[  400.610613][   T63] Bluetooth: hci1: adv larger than maximum supported
[  401.117378][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.531348][ T5295] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  402.538731][ T5295] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  402.544318][ T5295] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  402.553319][ T5295] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  402.557675][ T5295] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  402.587703][T22980] lo speed is unknown, defaulting to 1000
[  402.750623][T22980] chnl_net:caif_netlink_parms(): no params data found
[  402.854046][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.867184][T22980] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.869435][T22980] bridge0: port 1(bridge_slave_0) entered disabled state
[  402.871966][T22980] bridge_slave_0: entered allmulticast mode
[  402.880920][T22980] bridge_slave_0: entered promiscuous mode
[  402.887709][T22980] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.890751][T22980] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.894308][T22980] bridge_slave_1: entered allmulticast mode
[  402.898744][T22980] bridge_slave_1: entered promiscuous mode
[  402.931263][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.955098][T22980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  402.962023][T22980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.014996][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.030616][T22980] team0: Port device team_slave_0 added
[  403.040842][T22980] team0: Port device team_slave_1 added
[  403.101657][T22980] batman_adv: batadv0: Adding interface: batadv_slave_0
[  403.107473][T22980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.116570][T22980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  403.123373][T22980] batman_adv: batadv0: Adding interface: batadv_slave_1
[  403.125742][T22980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  403.134875][T22980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  403.235563][T22980] hsr_slave_0: entered promiscuous mode
[  403.237891][T22980] hsr_slave_1: entered promiscuous mode
[  403.239990][T22980] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  403.242375][T22980] Cannot create hsr debugfs directory
[  403.332375][   T12] bridge_slave_1: left allmulticast mode
[  403.334716][   T12] bridge_slave_1: left promiscuous mode
[  403.336563][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.340901][   T12] bridge_slave_0: left allmulticast mode
[  403.342901][   T12] bridge_slave_0: left promiscuous mode
[  403.345139][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.544437][ T5997] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  403.696060][ T5997] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  403.698829][ T5997] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  403.702089][ T5997] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  403.702477][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  403.704968][ T5997] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  403.704986][ T5997] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  403.708065][ T5997] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  403.717663][ T5997] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  403.720182][ T5997] usb 7-1: Product: syz
[  403.720531][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  403.721515][ T5997] usb 7-1: Manufacturer: syz
[  403.724730][ T5997] cdc_wdm 7-1:1.0: skipping garbage
[  403.727545][ T5997] cdc_wdm 7-1:1.0: skipping garbage
[  403.730781][ T5997] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  403.731284][   T12] bond0 (unregistering): Released all slaves
[  403.732657][ T5997] cdc_wdm 7-1:1.0: Unknown control protocol
[  404.185900][   T12] hsr_slave_0: left promiscuous mode
[  404.190080][   T12] hsr_slave_1: left promiscuous mode
[  404.192649][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.199648][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.205859][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.208842][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.249354][   T12] veth1_macvtap: left promiscuous mode
[  404.251251][   T12] veth0_macvtap: left promiscuous mode
[  404.253717][   T12] veth1_vlan: left promiscuous mode
[  404.255523][   T12] veth0_vlan: left promiscuous mode
[  404.453429][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout
[  404.620496][ T5295] Bluetooth: hci0: command tx timeout
[  405.279963][   T12] team0 (unregistering): Port device team_slave_1 removed
[  405.421125][   T12] team0 (unregistering): Port device team_slave_0 removed
[  406.305527][ T6026] usb 7-1: USB disconnect, device number 8
[  406.473455][T23069] ipvlan1: entered promiscuous mode
[  406.475280][T23069] 8021q: adding VLAN 0 to HW filter on device ipvlan1
[  406.477741][T23069] bond0: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  406.551955][T22980] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  406.565623][T22980] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  406.574582][T22980] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  406.586895][T22980] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  406.652363][T22980] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.667855][T22980] 8021q: adding VLAN 0 to HW filter on device team0
[  406.677615][T22800] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.679960][T22800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.689545][T22800] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.692823][T22800] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.693181][ T5295] Bluetooth: hci0: command tx timeout
[  406.858267][T23111] vlan5: entered promiscuous mode
[  406.860424][T23111] bridge0: entered promiscuous mode
[  406.862650][T23111] vlan0: entered promiscuous mode
[  406.866161][T23111] bond0: entered promiscuous mode
[  406.869703][T23111] vlan5: entered allmulticast mode
[  406.871787][T23111] bridge0: entered allmulticast mode
[  406.890011][T22980] 8021q: adding VLAN 0 to HW filter on device batadv0
[  406.915230][T23117] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6686'.
[  407.054169][T22980] veth0_vlan: entered promiscuous mode
[  407.061393][T22980] veth1_vlan: entered promiscuous mode
[  407.088559][T22980] veth0_macvtap: entered promiscuous mode
[  407.092470][T22980] veth1_macvtap: entered promiscuous mode
[  407.101208][T22980] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.106702][T22980] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.116718][T22980] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.120417][T22980] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.124538][T22980] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.127390][T22980] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.181500][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.184395][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.202986][T20921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.206494][T20921] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.214406][ T6026] usb 14-1: new low-speed USB device number 4 using dummy_hcd
[  407.364568][ T6026] usb 14-1: config 0 has an invalid interface number: 55 but max is 0
[  407.367195][ T6026] usb 14-1: config 0 has no interface number 0
[  407.369251][ T6026] usb 14-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  407.372604][ T6026] usb 14-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  407.376722][ T6026] usb 14-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  407.380549][ T6026] usb 14-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  407.384178][ T6026] usb 14-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  407.387713][ T6026] usb 14-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  407.392438][ T6026] usb 14-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  407.396142][ T6026] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.403657][ T6026] usb 14-1: config 0 descriptor??
[  407.406083][T23127] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  407.408455][T23127] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  407.414460][ T6026] ldusb 14-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  407.499404][   T40] audit: type=1400 audit(1751159796.616:740): avc:  denied  { create } for  pid=23141 comm="syz.8.6694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  407.508402][   T40] audit: type=1400 audit(1751159796.616:741): avc:  denied  { write } for  pid=23141 comm="syz.8.6694" path="socket:[115157]" dev="sockfs" ino=115157 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  407.619381][T23127] ldusb 14-1:0.55: Write buffer overflow, 111 bytes dropped
[  407.628109][ T6026] usb 14-1: USB disconnect, device number 4
[  407.632969][ T6026] ldusb 14-1:0.55: LD USB Device #0 now disconnected
[  409.063760][ T5997] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  409.286445][T21171] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.759138][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  410.769049][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  410.772407][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  410.775742][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  410.780296][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  411.060191][T23263] lo speed is unknown, defaulting to 1000
[  411.094927][   T40] audit: type=1800 audit(1751159800.206:742): pid=23270 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.6739" name="dmabuf" dev="dmabuf" ino=19 res=0 errno=0
[  411.269524][T23263] chnl_net:caif_netlink_parms(): no params data found
[  411.366395][T21171] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.385924][T23263] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.388181][T23263] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.390611][T23263] bridge_slave_0: entered allmulticast mode
[  411.393549][T23263] bridge_slave_0: entered promiscuous mode
[  411.397184][T23263] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.399531][T23263] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.401843][T23263] bridge_slave_1: entered allmulticast mode
[  411.405937][T23263] bridge_slave_1: entered promiscuous mode
[  411.442065][T23263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  411.456874][T21171] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.463627][T23263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.500408][T23263] team0: Port device team_slave_0 added
[  411.506497][T23263] team0: Port device team_slave_1 added
[  411.518467][T21171] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.553893][T23263] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.556112][T23263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.564237][T23263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.568559][T23263] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.570764][T23263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.579124][T23263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.626931][T23263] hsr_slave_0: entered promiscuous mode
[  411.629341][T23263] hsr_slave_1: entered promiscuous mode
[  411.631670][T23263] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  411.634130][T23263] Cannot create hsr debugfs directory
[  411.735945][T21171] bridge_slave_1: left allmulticast mode
[  411.737762][T21171] bridge_slave_1: left promiscuous mode
[  411.739595][T21171] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.743999][T21171] bridge_slave_0: left allmulticast mode
[  411.745794][T21171] bridge_slave_0: left promiscuous mode
[  411.747607][T21171] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.095540][T21171] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  412.099812][T21171] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  412.103747][T21171] bond0 (unregistering): Released all slaves
[  412.592417][T21171] hsr_slave_0: left promiscuous mode
[  412.594905][T21171] hsr_slave_1: left promiscuous mode
[  412.596940][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.599607][T21171] batman_adv: batadv0: Removing interface: batadv_slave_0
[  412.602407][T21171] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  412.604970][T21171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  412.638632][T21171] veth1_macvtap: left promiscuous mode
[  412.640386][T21171] veth0_macvtap: left promiscuous mode
[  412.642125][T21171] veth1_vlan: left promiscuous mode
[  412.643820][T21171] veth0_vlan: left promiscuous mode
[  412.844979][ T5295] Bluetooth: hci0: command tx timeout
[  413.631277][T21171] team0 (unregistering): Port device team_slave_1 removed
[  413.747438][T21171] team0 (unregistering): Port device team_slave_0 removed
[  414.494789][T23263] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  414.500847][T23263] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  414.508291][T23263] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  414.514998][T23263] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  414.593421][T23263] 8021q: adding VLAN 0 to HW filter on device bond0
[  414.603154][T23263] 8021q: adding VLAN 0 to HW filter on device team0
[  414.608215][T22800] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.610757][T22800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  414.623883][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.626154][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.762046][T23263] 8021q: adding VLAN 0 to HW filter on device batadv0
[  414.909524][T23263] veth0_vlan: entered promiscuous mode
[  414.915068][T23263] veth1_vlan: entered promiscuous mode
[  414.930089][T23263] veth0_macvtap: entered promiscuous mode
[  414.933219][ T5295] Bluetooth: hci0: command tx timeout
[  414.936050][T23263] veth1_macvtap: entered promiscuous mode
[  414.945262][T23263] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.951905][T23263] batman_adv: batadv0: Interface activated: batadv_slave_1
[  414.959634][T23263] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.963404][T23263] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.966196][T23263] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.968879][T23263] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.011256][T20921] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.014130][T20921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.031172][T22800] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.033755][T22800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.301122][T20921] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.818338][T20921] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.901786][   T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  418.906111][   T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  418.909221][   T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  418.913251][   T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  418.917222][   T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  418.935760][T23352] lo speed is unknown, defaulting to 1000
[  418.963702][T20921] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.116178][T20921] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.132561][T23352] chnl_net:caif_netlink_parms(): no params data found
[  419.233929][T23352] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.236747][T23352] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.239594][T23352] bridge_slave_0: entered allmulticast mode
[  419.243431][T23352] bridge_slave_0: entered promiscuous mode
[  419.249239][T23352] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.251547][T23352] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.254361][T23352] bridge_slave_1: entered allmulticast mode
[  419.259478][T23352] bridge_slave_1: entered promiscuous mode
[  419.311341][T23352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.319524][T23352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.387099][T23352] team0: Port device team_slave_0 added
[  419.400099][T23352] team0: Port device team_slave_1 added
[  419.452967][T23352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.456083][T23352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.465042][T23352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.470125][T23352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.472242][T23352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.482230][T23352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.487364][T20921] bridge_slave_1: left allmulticast mode
[  419.489271][T20921] bridge_slave_1: left promiscuous mode
[  419.491561][T20921] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.496054][T20921] bridge_slave_0: left allmulticast mode
[  419.497925][T20921] bridge_slave_0: left promiscuous mode
[  419.500139][T20921] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.916034][T20921] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  419.920607][T20921] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  419.924729][T20921] bond0 (unregistering): Released all slaves
[  419.989114][T23352] hsr_slave_0: entered promiscuous mode
[  419.991475][T23352] hsr_slave_1: entered promiscuous mode
[  419.996466][T23352] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  419.999635][T23352] Cannot create hsr debugfs directory
[  420.293234][T20921] hsr_slave_0: left promiscuous mode
[  420.302200][T20921] hsr_slave_1: left promiscuous mode
[  420.304536][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  420.308077][T20921] batman_adv: batadv0: Removing interface: batadv_slave_0
[  420.312322][T20921] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  420.317678][T20921] batman_adv: batadv0: Removing interface: batadv_slave_1
[  420.376591][T20921] veth1_macvtap: left promiscuous mode
[  420.378976][T20921] veth0_macvtap: left promiscuous mode
[  420.381406][T20921] veth1_vlan: left promiscuous mode
[  420.385206][T20921] veth0_vlan: left promiscuous mode
[  420.926514][ T5295] Bluetooth: hci0: command tx timeout
[  421.332928][T20921] team0 (unregistering): Port device team_slave_1 removed
[  421.442647][T20921] team0 (unregistering): Port device team_slave_0 removed
[  422.500499][T23352] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  422.505161][T23352] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  422.513352][T23352] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  422.525532][T23352] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  422.573867][T23352] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.585889][T23352] 8021q: adding VLAN 0 to HW filter on device team0
[  422.590753][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.593027][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  422.608066][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.610376][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  422.723899][T23352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  422.866216][T23352] veth0_vlan: entered promiscuous mode
[  422.871043][T23352] veth1_vlan: entered promiscuous mode
[  422.885092][T23352] veth0_macvtap: entered promiscuous mode
[  422.888795][T23352] veth1_macvtap: entered promiscuous mode
[  422.897847][T23352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  422.904368][T23352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  422.909445][T23352] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  422.912189][T23352] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  422.915100][T23352] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  422.917820][T23352] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  422.967714][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  422.970649][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  422.985600][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  422.989391][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.013152][    C0] ------------[ cut here ]------------
[  423.015238][    C0] workqueue: cannot queue hci_cmd_timeout on wq hci0
[  423.017414][    C0] WARNING: CPU: 0 PID: 23352 at kernel/workqueue.c:2257 __queue_work+0xc9c/0x10f0
[  423.020283][    C0] Modules linked in:
[  423.021887][    C0] CPU: 0 UID: 0 PID: 23352 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[  423.026889][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  423.030208][    C0] RIP: 0010:__queue_work+0xc9c/0x10f0
[  423.031822][    C0] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 00 ff ab 8b e8 f5 16 f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 a6 56 38 00 90 0f 0b 90 e9 1b f6 ff
[  423.037753][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010082
[  423.039643][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248
[  423.042098][    C0] RDX: ffff8880570ea440 RSI: ffffffff817ae255 RDI: 0000000000000001
[  423.044536][    C0] RBP: ffff88805f608970 R08: 0000000000000001 R09: 0000000000000000
[  423.046948][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000000f8f
[  423.049360][    C0] R13: 0000000080000100 R14: ffff8880550bb978 R15: 0000000000000001
[  423.051848][    C0] FS:  0000000000000000(0000) GS:ffff8880d6752000(0000) knlGS:0000000000000000
[  423.054627][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  423.056706][    C0] CR2: 00007fff26e71f40 CR3: 000000000e382000 CR4: 0000000000352ef0
[  423.059164][    C0] Call Trace:
[  423.060232][    C0]  <IRQ>
[  423.061174][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  423.062990][    C0]  call_timer_fn+0x19a/0x620
[  423.064401][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  423.066024][    C0]  ? __run_timers+0x559/0x960
[  423.067501][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  423.069327][    C0]  __run_timers+0x569/0x960
[  423.070772][    C0]  ? __pfx___run_timers+0x10/0x10
[  423.072350][    C0]  run_timer_base+0x114/0x190
[  423.073839][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  423.075457][    C0]  run_timer_softirq+0x1a/0x40
[  423.076936][    C0]  handle_softirqs+0x216/0x8e0
[  423.078497][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  423.080176][    C0]  __irq_exit_rcu+0x109/0x170
[  423.081564][    C0]  irq_exit_rcu+0x9/0x30
[  423.082874][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  423.084632][    C0]  </IRQ>
[  423.085590][    C0]  <TASK>
[  423.086470][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  423.088305][    C0] RIP: 0010:lock_acquire+0x62/0x350
[  423.089947][    C0] Code: 63 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 62 90 0f 0f 0f 82 74 02 00 00 8b 35 4a c2 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 62 34 12 0f 85 c7 02 00 00 48 83 c4
[  423.095902][    C0] RSP: 0018:ffffc90003b6f908 EFLAGS: 00000206
[  423.097822][    C0] RAX: 0000000000000046 RBX: ffff8880550bb948 RCX: 0000000000000001
[  423.100277][    C0] RDX: 0000000000000000 RSI: ffffffff8ddf4c23 RDI: ffffffff8c157ca0
[  423.102642][    C0] RBP: 0000000000000000 R08: 349526fd36ca3b13 R09: ffffffff96b53678
[  423.105094][    C0] R10: 0000000000000008 R11: 0000000000000001 R12: 0000000000000001
[  423.107559][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  423.110034][    C0]  ? lockdep_init_map_type+0x5c/0x280
[  423.111742][    C0]  ? touch_wq_lockdep_map+0x9c/0x1c0
[  423.113432][    C0]  touch_wq_lockdep_map+0xad/0x1c0
[  423.115020][    C0]  ? touch_wq_lockdep_map+0x9c/0x1c0
[  423.116637][    C0]  __flush_workqueue+0x128/0x1230
[  423.118227][    C0]  ? drain_workqueue+0xd1/0x3d0
[  423.119729][    C0]  ? __pfx___flush_workqueue+0x10/0x10
[  423.121444][    C0]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  423.123214][    C0]  drain_workqueue+0x199/0x3d0
[  423.124726][    C0]  hci_dev_close_sync+0x39b/0x11d0
[  423.126388][    C0]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  423.128127][    C0]  ? up_write+0x1b2/0x520
[  423.129598][    C0]  hci_dev_do_close+0x2e/0x90
[  423.131141][    C0]  hci_unregister_dev+0x227/0x640
[  423.132691][    C0]  ? __pfx_vhci_release+0x10/0x10
[  423.134286][    C0]  vhci_release+0x79/0xf0
[  423.135701][    C0]  __fput+0x402/0xb70
[  423.136972][    C0]  task_work_run+0x150/0x240
[  423.138457][    C0]  ? __pfx_task_work_run+0x10/0x10
[  423.140066][    C0]  ? switch_task_namespaces+0xeb/0x100
[  423.141825][    C0]  do_exit+0x86c/0x2bd0
[  423.143123][    C0]  ? do_raw_spin_lock+0x12c/0x2b0
[  423.144691][    C0]  ? __pfx_do_exit+0x10/0x10
[  423.146219][    C0]  ? rcu_is_watching+0x12/0xc0
[  423.147692][    C0]  do_group_exit+0xd3/0x2a0
[  423.149140][    C0]  __x64_sys_exit_group+0x3e/0x50
[  423.150739][    C0]  x64_sys_call+0x1530/0x1730
[  423.152279][    C0]  do_syscall_64+0xcd/0x4c0
[  423.153738][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.155577][    C0] RIP: 0033:0x7fd89b78e929
[  423.156988][    C0] Code: Unable to access opcode bytes at 0x7fd89b78e8ff.
[  423.159208][    C0] RSP: 002b:00007fff26e74118 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  423.161824][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd89b78e929
[  423.164244][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  423.166713][    C0] RBP: 00007fd89b7ee8f0 R08: 00007fff26e71eb7 R09: 0000000000000003
[  423.169179][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.171622][    C0] R13: 0000000000000003 R14: 00000000ffffffff R15: 00007fff26e742d0
[  423.174326][    C0]  </TASK>
[  423.175485][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  423.178098][    C0] CPU: 0 UID: 0 PID: 23352 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[  423.181975][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  423.185589][    C0] Call Trace:
[  423.186644][    C0]  <IRQ>
[  423.187527][    C0]  dump_stack_lvl+0x3d/0x1f0
[  423.188993][    C0]  panic+0x71c/0x800
[  423.190258][    C0]  ? __pfx_panic+0x10/0x10
[  423.191697][    C0]  ? show_trace_log_lvl+0x29b/0x3e0
[  423.193366][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  423.195224][    C0]  ? __queue_work+0xc9c/0x10f0
[  423.196825][    C0]  check_panic_on_warn+0xab/0xb0
[  423.198411][    C0]  __warn+0xf6/0x3c0
[  423.199644][    C0]  ? __queue_work+0xc9c/0x10f0
[  423.201145][    C0]  report_bug+0x3c3/0x580
[  423.202517][    C0]  ? __queue_work+0xc9c/0x10f0
[  423.204315][    C0]  handle_bug+0x184/0x210
[  423.205894][    C0]  exc_invalid_op+0x17/0x50
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  423.207422][    C0]  asm_exc_invalid_op+0x1a/0x20
[  423.209085][    C0] RIP: 0010:__queue_work+0xc9c/0x10f0
[  423.210794][    C0] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 28 04 00 00 48 8b 75 18 4c 89 f2 48 c7 c7 00 ff ab 8b e8 f5 16 f7 ff 90 <0f> 0b 90 90 e9 96 f7 ff ff e8 a6 56 38 00 90 0f 0b 90 e9 1b f6 ff
[  423.216717][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010082
[  423.218643][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248
[  423.221088][    C0] RDX: ffff8880570ea440 RSI: ffffffff817ae255 RDI: 0000000000000001
[  423.223544][    C0] RBP: ffff88805f608970 R08: 0000000000000001 R09: 0000000000000000
[  423.226035][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000000f8f
[  423.228444][    C0] R13: 0000000080000100 R14: ffff8880550bb978 R15: 0000000000000001
[  423.230904][    C0]  ? __warn_printk+0x198/0x350
[  423.232413][    C0]  ? __warn_printk+0x1a5/0x350
[  423.233932][    C0]  ? __queue_work+0xc9b/0x10f0
[  423.235431][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  423.237258][    C0]  call_timer_fn+0x19a/0x620
[  423.238745][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  423.240328][    C0]  ? __run_timers+0x559/0x960
[  423.241822][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  423.243650][    C0]  __run_timers+0x569/0x960
[  423.245134][    C0]  ? __pfx___run_timers+0x10/0x10
[  423.246738][    C0]  run_timer_base+0x114/0x190
[  423.248214][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  423.249858][    C0]  run_timer_softirq+0x1a/0x40
[  423.251373][    C0]  handle_softirqs+0x216/0x8e0
[  423.252847][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  423.254501][    C0]  __irq_exit_rcu+0x109/0x170
[  423.255987][    C0]  irq_exit_rcu+0x9/0x30
[  423.257278][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  423.258941][    C0]  </IRQ>
[  423.259848][    C0]  <TASK>
[  423.260793][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  423.262670][    C0] RIP: 0010:lock_acquire+0x62/0x350
[  423.264300][    C0] Code: 63 34 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 62 90 0f 0f 0f 82 74 02 00 00 8b 35 4a c2 0f 0f 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 62 34 12 0f 85 c7 02 00 00 48 83 c4
[  423.270048][    C0] RSP: 0018:ffffc90003b6f908 EFLAGS: 00000206
[  423.271888][    C0] RAX: 0000000000000046 RBX: ffff8880550bb948 RCX: 0000000000000001
[  423.274282][    C0] RDX: 0000000000000000 RSI: ffffffff8ddf4c23 RDI: ffffffff8c157ca0
[  423.276748][    C0] RBP: 0000000000000000 R08: 349526fd36ca3b13 R09: ffffffff96b53678
[  423.279207][    C0] R10: 0000000000000008 R11: 0000000000000001 R12: 0000000000000001
[  423.281655][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  423.284089][    C0]  ? lockdep_init_map_type+0x5c/0x280
[  423.285802][    C0]  ? touch_wq_lockdep_map+0x9c/0x1c0
[  423.287456][    C0]  touch_wq_lockdep_map+0xad/0x1c0
[  423.289061][    C0]  ? touch_wq_lockdep_map+0x9c/0x1c0
[  423.290715][    C0]  __flush_workqueue+0x128/0x1230
[  423.292292][    C0]  ? drain_workqueue+0xd1/0x3d0
[  423.293828][    C0]  ? __pfx___flush_workqueue+0x10/0x10
[  423.295555][    C0]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  423.297327][    C0]  drain_workqueue+0x199/0x3d0
[  423.298834][    C0]  hci_dev_close_sync+0x39b/0x11d0
[  423.300437][    C0]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  423.302182][    C0]  ? up_write+0x1b2/0x520
[  423.303549][    C0]  hci_dev_do_close+0x2e/0x90
[  423.305049][    C0]  hci_unregister_dev+0x227/0x640
[  423.306559][    C0]  ? __pfx_vhci_release+0x10/0x10
[  423.308096][    C0]  vhci_release+0x79/0xf0
[  423.309460][    C0]  __fput+0x402/0xb70
[  423.310724][    C0]  task_work_run+0x150/0x240
[  423.312172][    C0]  ? __pfx_task_work_run+0x10/0x10
[  423.313795][    C0]  ? switch_task_namespaces+0xeb/0x100
[  423.315512][    C0]  do_exit+0x86c/0x2bd0
[  423.316833][    C0]  ? do_raw_spin_lock+0x12c/0x2b0
[  423.318417][    C0]  ? __pfx_do_exit+0x10/0x10
[  423.319875][    C0]  ? rcu_is_watching+0x12/0xc0
[  423.321400][    C0]  do_group_exit+0xd3/0x2a0
[  423.322838][    C0]  __x64_sys_exit_group+0x3e/0x50
[  423.324417][    C0]  x64_sys_call+0x1530/0x1730
[  423.325878][    C0]  do_syscall_64+0xcd/0x4c0
[  423.327260][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.329109][    C0] RIP: 0033:0x7fd89b78e929
[  423.330555][    C0] Code: Unable to access opcode bytes at 0x7fd89b78e8ff.
[  423.332710][    C0] RSP: 002b:00007fff26e74118 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  423.335341][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd89b78e929
[  423.337833][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  423.340259][    C0] RBP: 00007fd89b7ee8f0 R08: 00007fff26e71eb7 R09: 0000000000000003
[  423.342636][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.345123][    C0] R13: 0000000000000003 R14: 00000000ffffffff R15: 00007fff26e742d0
[  423.347564][    C0]  </TASK>
[  423.349244][    C0] Kernel Offset: disabled
[  423.350627][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:08:19  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bfaf5 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc90000007550
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000049 R14=ffffffff9b0882e0 R15=ffffffff855bfa90
RIP=ffffffff855bfb1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6752000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fff26e71f40 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b9846a3 00007fd89b9846a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64657474696d7265 7020746f6e206e6f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff26e743c6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff26e743c6 00007fff26e743cc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fd89b811c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81a8fb92 RDX=ffff88802944c880
RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc900060a7a28
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=000000002630c749 R13=ffff88806a53ad48 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81bc1a32 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6852000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f02dc421e9c CR3=000000003485e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8a464ef1 ffffffff8a4658cf 0000000700000004 0000000600040008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8a4630b1 ffffffff86912ce1 ffffffff8a0df012 ffffffff8696d25b
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff898ee0a0 ffffffff898efa89 ffffffff898edf59 ffffffff8a466bca
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8a7616c9 ffffffff898ee252 ffffffff898ee34e ffffffff898eaf15
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff898eddf0 ffffffff8a7616bc ffffffff898eadba ffffffff898ededa
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8693eacf ffffffff8a760a8d ffffffff898d292f ffffffff898ee52b
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8693e884 ffffffff898eafe4 ffffffff898d2ad5 ffffffff8a760a9c
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff898ee52b ffffffff8693e884 ffffffff898eafe4 ffffffff898d2ad5
ZMM25=0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668 0ae3f6680ae3f668
ZMM26=7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e 7ec9a94e7ec9a94e
ZMM27=64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a 64f8a43a64f8a43a
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7d2800007d280000 7d2800007d280000 7d2800007d280000 7d2800007d280000 7d2800007d280000 7d2800007d280000 7d2800007d280000 7d2800007d280000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88806a442060 RCX=ffffffff81b001cd RDX=ffff888036ef4880
RSI=ffffffff81b001a9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900030af518
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d48840d R15=ffff88806a63b580
RIP=ffffffff81b001ab RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6952000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc5adce7d60 CR3=0000000028b01000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=000000000000007f Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5ad1846a3 00007fc5ad1846a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8249bef0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000300000008 0000000200000021
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500000007 0000000400000009
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000e
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555718ded74 00005555718ded70
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 90080018a8030c08 0018a00312080018 980310080000002c 1208001800000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000610 a003028208001998 0306080019900310 080019880000002f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1980031200000000 0303f2ba080018f0 0306080018e80312 080018e00000002e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 18d8030400000000 0307fffe080018c8 031fe08080800800 18c003020000002d
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0308080000000000 90080018a8030c08 0018a00312080018 980310080000002c
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff8b4e1357 RDX=0000000000000001
RSI=0000000000000000 RDI=0000000000000000 RBP=00000000000002f9 RSP=ffffc9000342fb20
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81bc1bbc RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a52000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f0722958e9c CR3=0000000028a52000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fc8bed4600 000055fc8bed4600
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe9807e1c0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6574617220646574 63656c6553203a37 3579687020313132 303865656569205d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746361706d692064 6c756f6320686369 6877203272657961 6c206e6f20646574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e656d6761726620 6562206c6c697720 656361667265746e 6920736968742072
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65766f20676e696f 67207374656b6361 50202e7374656b63 6170207664612d6e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616d74616220666f 2074726f70736e61 7274206568742065 6c646e6168206f74
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000