last executing test programs:

28.223904411s ago: executing program 0 (id=240):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='percpu_alloc_percpu\x00'}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="760a00000100100061315000000000006ad915e54e913a5b"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100000000000000090000000008000d00", @ANYRES32, @ANYBLOB="0800020000000000080001"], 0x2c}}, 0x0) (async)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)={0x113081, 0xd3, 0x8}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f00000004c0)={'syztnl2\x00', &(0x7f00000003c0)={'ip6gre0\x00', <r4=>0x0, 0x29, 0x0, 0x10, 0x9, 0x5d, @dev={0xfe, 0x80, '\x00', 0x2d}, @mcast1, 0x1, 0x8000, 0x8, 0x5}})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)={0x1b, 0x0, 0x0, 0x40000, 0x0, r3, 0x0, '\x00', r4, 0x0, 0xffffffe, 0x10, 0xeffffffc, 0x0, @void, @value, @void, @value}, 0x50) (async)
r6 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r7, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x8}}, {}, [], {{0x4, 0x1, 0xb, 0x1, 0x9, 0x10}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
close(r8) (async)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r10=>0x0}, &(0x7f0000000080)=0x8)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000d80)="0000000000000001ff6943b80000000800000028f2000000008607000000ebcd1f63dd65dd530700a28f2cbf86f474fad8cb594ed9fabe9ec277bb8d", 0x3c, r11) (async)
setsockopt$inet_sctp6_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f00000001c0)={r10, 0xffffffa7}, 0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000000)={<r12=>r10, 0x8}, &(0x7f0000000080)=0x8) (async)
r13 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r14 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x3c, r14, 0x1, 0x0, 0x0, {0x9}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0x3c}}, 0x0) (async)
setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r12, 0x4}, 0x8)

28.174225329s ago: executing program 0 (id=241):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x743480, 0xd)
mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x94b1dbe55190a15a) (async)
mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x94b1dbe55190a15a)
mount(&(0x7f00000003c0)=@sr0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100)='ext2\x00', 0x80081f, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, &(0x7f0000000580)={0x0, 0x7f, 0x80, 0x3231564e, 0x3, [0x2], [0x2000], [], [0x400000000000001]}) (async)
ioctl$DRM_IOCTL_MODE_ADDFB2(r2, 0xc06864b8, &(0x7f0000000580)={0x0, 0x7f, 0x80, 0x3231564e, 0x3, [0x2], [0x2000], [], [0x400000000000001]})
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000040)={0xc, 0x103, 0x1, {0x9, 0x61, 0x3, 0xe}})

28.173515331s ago: executing program 0 (id=242):
r0 = io_uring_setup(0x64d0, &(0x7f0000000280)={0x0, 0x7c6b, 0x8, 0x2, 0x2b2})
r1 = syz_io_uring_setup(0x24f8, &(0x7f00000001c0)={0x0, 0xa688, 0x2000, 0x1000, 0x10, 0x0, r0}, &(0x7f0000000080), &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_setup(0x20000bdb, &(0x7f00000000c0)={0x0, 0x0, 0x200}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000003c0))
syz_io_uring_submit(r4, r2, &(0x7f0000000400)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
shutdown(r3, 0x1)

28.094125068s ago: executing program 0 (id=243):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000002c0)={{}, {0x1, 0x6}, [], {0x4, 0x4}, [], {0x10, 0x2}, {0x20, 0x4}}, 0x24, 0x3)
chdir(&(0x7f0000000140)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x8, 0x18, &(0x7f0000000040)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @generic={0x4, 0x8, 0x1, 0xc}, @jmp={0x5, 0x0, 0xb, 0x6, 0x5, 0xfffffffffffffff4, 0x4}, @map_fd={0x18, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @alu={0x4, 0x1, 0x6, 0x7, 0x1, 0xffffffffffffffc0, 0xfffffffffffffffc}], &(0x7f0000000100)='syzkaller\x00', 0xb, 0xe4, &(0x7f0000000200)=""/228, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x5, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x7, 0x1000, 0xc62}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, &(0x7f0000000300)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xc}, {0x3, 0x1, 0x8, 0x9}], 0x10, 0x9, @void, @value}, 0x94)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r2, 0x1, 0xfffffffd, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r3=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r3}, 0xb7, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x0, 0x0, 0x4, 0x2, '\x00\x00\x00\x00\a\x00'}, 0x210}}, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0x3, &(0x7f0000002040)=ANY=[@ANYBLOB="1802000000000000000800000000000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, r5, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r7, 0x5425, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003"], 0x54}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

27.778755378s ago: executing program 0 (id=245):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x7, 0x60000000, 0x5, 0x18004, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x100, 0x5, 0x0, @value, @void, @value}, 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000280)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0xf56, 0x0, [{0x0, 0xfe}, {}, {}, {0x0, 0x35}, {0x0, 0x80}, {}, {}, {0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x4, 0x4}]}})

27.671144179s ago: executing program 0 (id=247):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x6c, 0x10, 0x403, 0x70bd22, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x20000}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x1c, 0x5, 0x0, 0x1, [{0xa, 0x4, @multicast}, {0xa, 0x4, @random="7dfc8eb49143"}]}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x1e}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_ADDRESS={0xa}]}, 0x6c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
close(r4)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000040))
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xd, 0x10, 0x200, &(0x7f0000000cc0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc09000000cc1c22a3b8f31cc645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701f50500000a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714b5e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92cc2ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2903d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d722e44a5f0148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000600000000000000000000f80000000000000000000000000000000000000000005593e85f00"})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001680)=ANY=[@ANYRES32=r3], 0x14}, 0x1, 0x0, 0x0, 0x20048805}, 0x0)
recvmmsg(r6, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x10e0}, {&(0x7f0000001580)=""/238, 0xf0}], 0x4, 0x0, 0x353}}], 0x40000000000002e, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x8a43896168ef71a7, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000018, 0x0, 0x6}]})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='mmap_lock_acquire_returned\x00', r10}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x5, 0x4)
r11 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket(0x10, 0x3, 0x0)
write(r12, &(0x7f0000000000)='\"', 0xfdef)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'})
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
stat(&(0x7f00000006c0)='./file0/file0\x00', &(0x7f0000000700))
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc)

27.61017794s ago: executing program 32 (id=247):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x6c, 0x10, 0x403, 0x70bd22, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0x20000}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_DATA={0x1c, 0x5, 0x0, 0x1, [{0xa, 0x4, @multicast}, {0xa, 0x4, @random="7dfc8eb49143"}]}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x1e}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_ADDRESS={0xa}]}, 0x6c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
close(r4)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000040))
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xd, 0x10, 0x200, &(0x7f0000000cc0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc09000000cc1c22a3b8f31cc645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701f50500000a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714b5e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92cc2ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2903d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d722e44a5f0148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000600000000000000000000f80000000000000000000000000000000000000000005593e85f00"})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001680)=ANY=[@ANYRES32=r3], 0x14}, 0x1, 0x0, 0x0, 0x20048805}, 0x0)
recvmmsg(r6, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x10e0}, {&(0x7f0000001580)=""/238, 0xf0}], 0x4, 0x0, 0x353}}], 0x40000000000002e, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x8a43896168ef71a7, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000018, 0x0, 0x6}]})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='mmap_lock_acquire_returned\x00', r10}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x5, 0x4)
r11 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket(0x10, 0x3, 0x0)
write(r12, &(0x7f0000000000)='\"', 0xfdef)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r12, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'})
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
stat(&(0x7f00000006c0)='./file0/file0\x00', &(0x7f0000000700))
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc)

23.714422457s ago: executing program 1 (id=281):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000080)="05", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x36}, 0x1}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0xe)
shutdown(r0, 0x1)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/custom1\x00', 0x0, 0x0)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
setsockopt$inet6_tcp_buf(r3, 0x6, 0x34, &(0x7f0000000200)="3b62b4342cccbe92fdb87c3cb3bb24a4923d0f4020677a4d786759e7896b6e8f6048446f27cab17e8eb1feac3c26be676dc09b4070e0f535e57340b233a4158a06f69a23addfacd52eb67b354ea369917407b5c97df4493d3b709fc9aa518fd5a7938df23bbc8e3c8e46c63a3e6849e2b0cae6498687e470a24cc59f5530880182c3596638ba64d44224e9f10f0e6a494e8ffbb1b18d2549ee17cb6f36b0771b1df745573709ee74f112c9ec10ad0ae1dbd2fc131dc71458669f32aec22b3cbdbd8f4cbf8ec57555d0dce1d6962f2852b20a2c680483e64e2eba7d4517b252b1709c0e7c9491454c17bfa8eed4b2ec1b98e3e73ee5", 0xf5)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040))
open(&(0x7f00009e1000)='./file0\x00', 0xc00, 0x30)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f000000c3c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f00000000c0)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b}}, 0x50)
creat(&(0x7f0000000180)='./file0\x00', 0x0)
syz_fuse_handle_req(r5, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1d657a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1df604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b6048cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f161044807c4c25c6efc428a7e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x0, {0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)

23.494323515s ago: executing program 1 (id=285):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x106}}, 0x20)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f00000002c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4c00}, 0x20000004)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)='squashfs\x00', 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x100)

23.383223718s ago: executing program 1 (id=290):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000500)='./file0\x00', &(0x7f0000000080)='msdos\x00', 0x0, 0x0) (async)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) (async)
syz_emit_ethernet(0x36, &(0x7f0000000600)={@empty, @random="6a2ddcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}, 0x0)

23.303864365s ago: executing program 1 (id=292):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000040)=0x3, 0x4) (async)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000040)=0x3, 0x4)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x0) (async)
listen(r0, 0x0)
syz_emit_ethernet(0x55, &(0x7f00000005c0)={@remote, @empty, @val={@val={0x88a8, 0x5, 0x1, 0x3}, {0x8100, 0x4, 0x1, 0x4}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x25, 0x3f, 0x0, 0x0, 0xfe, 0x6, 0x0, @remote={0xac, 0x3}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x10, "6c61a716c8cffb45b91a83f7acc2"}]}}, {"57240edd482183"}}}}}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000010c0)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0xfffffffffffffe64, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xb, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x40)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x68, 0x0, 0x1, 0x700, 0x0, 0x0, {0xa, 0x0, 0x9}, [@CTA_FILTER={0x44, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x904}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0xa04}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x1c1}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x52}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x1}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x60a}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x8a}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x509}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x8}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x20000010)
close(r3) (async)
close(r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000180)={0x2})
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000010000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30000000003c000000060a010400000000000000000100000008000b40000000000900010073797a300000000014000480100001800a0001007265646972000000140000001100"], 0xc4}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x45, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r3) (async)
close(r3)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0/../file0\x00', 0x28) (async)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0/../file0\x00', 0x28)
mount$bind(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) (async)
mount$bind(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0)
r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000440), 0xa592f049b225ff84, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r8, 0xc0189379, &(0x7f0000000480)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb) (async)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)

23.194428151s ago: executing program 1 (id=294):
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @rand_addr, 0x2}, 0x1c)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @dev, 'bond_slave_1\x00'}}, 0x1e)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
setsockopt$inet_mreqn(r3, 0x0, 0x20, &(0x7f00000002c0)={@local, @dev={0xac, 0x14, 0x14, 0x20}}, 0xc)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x1, @broadcast, 'veth0_to_bond\x00'}}, 0x1e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x62)

22.984066618s ago: executing program 1 (id=298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000140), 0x2200800, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') (async)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0x100801700) (async)
sendfile(r1, r0, 0x0, 0x100801700)
read$FUSE(r0, &(0x7f0000000a80)={0x2020}, 0x2020)

22.956323987s ago: executing program 33 (id=298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000140), 0x2200800, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') (async)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r1 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0x100801700) (async)
sendfile(r1, r0, 0x0, 0x100801700)
read$FUSE(r0, &(0x7f0000000a80)={0x2020}, 0x2020)

14.853668461s ago: executing program 3 (id=399):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r1, 0x800, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x3c1b}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000010}, 0x8000)
write$char_usb(r0, &(0x7f00000008c0)='-0', 0x2)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r3, 0x2}, 0x18)
sendmmsg$unix(r2, &(0x7f000000a5c0)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f000000a540)="b4", 0x1}], 0x1}}, {{&(0x7f0000001380)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0)

14.852018281s ago: executing program 3 (id=401):
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x2)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[<r2=>0x0], &(0x7f0000000340)=[<r3=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r3, r3], 0x39, 0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[r3, r2], 0x2})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0], 0x2, r2})
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x54, 0x0, 0x0, {0x8, 0x1}, {0x47, 0x2}, @rumble={0x101, 0xffff}})
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
ioctl$sock_bt_hidp_HIDPCONNDEL(r4, 0x400448c9, &(0x7f0000000180)={@none, 0x7})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, 0x0)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async)
fcntl$setlease(r0, 0x400, 0x2) (async)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r3, r3], 0x39}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[r3, r2], 0x2}) (async)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0], 0x2, r2}) (async)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x54, 0x0, 0x0, {0x8, 0x1}, {0x47, 0x2}, @rumble={0x101, 0xffff}}) (async)
syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) (async)
ioctl$sock_bt_hidp_HIDPCONNDEL(r4, 0x400448c9, &(0x7f0000000180)={@none, 0x7}) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) (async)
mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, 0x0) (async)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8) (async)

14.74361574s ago: executing program 3 (id=402):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000280)={0x0, 0x24000000, 0x10000, 0x0, 0x2, 0x1})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000040)=0x3, 0x4)
r1 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)
madvise(&(0x7f000002a000/0x10000)=nil, 0x10000, 0x15)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x8000, 0xf}]})
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0)
mmap$snddsp_control(&(0x7f0000030000/0x2000)=nil, 0x1000, 0x100000a, 0x8010, r3, 0x83000000)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller0\x00', {0x4}, 0x4})
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000180))

14.742622001s ago: executing program 3 (id=404):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x98, 0x0, &(0x7f0000003200)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1442, 0x0, 0x0, 0x0, 0xfffffffffffffc78, 0x0, 0x0}}], 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000000)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_bpf={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0xfffffffffffffd5c}, {0x4}, {0xc}, {0xc}}}, @m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}}, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="cc000000000000005a"])
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000340)='./file0/../file0/../file0/../file0\x00', &(0x7f00000003c0)='./file0\x00')
r7 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'bond0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=@newlink={0x44, 0x10, 0x1, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8, 0x27bae304562a7b2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_PRIMARY_RESELECT={0x3a, 0xc, 0x1}, @IFLA_BOND_ARP_ALL_TARGETS={0x8, 0xa, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x20008000)

14.503410174s ago: executing program 3 (id=410):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000500)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r3)
socket$caif_seqpacket(0x25, 0x5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000200)="c75582abf2ef0e4c0b130817b5786bf907ea9c6f3dfafb756c96961a9faf30eee7ac0ab183d750e6e70b07eb4c750a89db44db506e62b9994d929024f734a79e9a5085807c795b8f", 0x0, 0x48)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000000)="45ff44bbab51dba8a27114154f1632f969758e23f47722217d7271a4e3d5222019d31291128a0e08b5a4b24bff4e3c928980d590ba53765e5048fe87ecbb70dee0f9e05e94883017", 0x0, 0x48)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ff1000/0xf000)=nil, 0xf000})

14.103816229s ago: executing program 3 (id=416):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRES32=r0, @ANYBLOB=',group_id=', @ANYRESDEC=r0])
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000180)={0x2a, 0x4, 0x0, {0x1, 0x7fffffff, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x7)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f00000000c0)=0xc0)

14.024846142s ago: executing program 34 (id=416):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRES32=r0, @ANYBLOB=',group_id=', @ANYRESDEC=r0])
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000180)={0x2a, 0x4, 0x0, {0x1, 0x7fffffff, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x7)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f00000000c0)=0xc0)

2.931734215s ago: executing program 6 (id=566):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = dup(0xffffffffffffffff)
sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)={0x5c, 0x6, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
r1 = io_uring_setup(0x2ef2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000340)={0x8, 0x2}, 0x4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r4, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=""/104, 0x68}], 0x1}}], 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="1c0008000100000000003d0000004600004000000000008490783fffffffac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="be003fed03009fe702000000000082d588380100010000000000000000621372b6445bb54c6e077901d5ab27b21f969a6f2c2500390931363cb83ca485322df83dcddf1aa7c85faeeeecbf878b38a9153ce9936c96eb6564cbcff33bc8c4b1d3a7929c2dae04e1267dd3457214d816e19430ed5ad3665f"], 0x4e)
mlockall(0x1)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r7=>r1}, './file0\x00'})
ioctl$BTRFS_IOC_QUOTA_RESCAN(r7, 0x4040942c, &(0x7f00000000c0)={0x0, 0xc5f8, [0x5, 0x101, 0x5, 0x4, 0x4, 0x9]})
r8 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000040)='user\x00N\xac]\x86\x8a\xa3\x7f\x00', &(0x7f0000000080)='\x00', 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.45097338s ago: executing program 2 (id=573):
r0 = fsopen(&(0x7f00000001c0)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0xf2) (async)
r2 = syz_open_procfs(0x0, 0x0)
pread64(r2, 0x0, 0x0, 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04"], 0x24) (async)
socket(0x15, 0x5, 0x0) (async)
fchdir(r1)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)

2.383939379s ago: executing program 2 (id=574):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000700)=""/4096, 0x0})
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})
ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f0000000140)=0x10001)
pipe(&(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
close(0x3)

2.382716865s ago: executing program 2 (id=575):
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)="77ab1b", 0x3}, 0x1, 0x0, 0x0, 0x40004}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f00000003c0))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, &(0x7f0000000040)={0x7, 0x7fffffffffffffff})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e6430"], 0x4b0}, 0x1, 0x0, 0x0, 0x44}, 0x0)

2.292848153s ago: executing program 2 (id=577):
r0 = socket$inet6(0xa, 0xa, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000100)=ANY=[@ANYBLOB="89040000000000000708007c2ce9ae12b10a0401"], 0x30) (async)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000001940)={0xa, 0x0, 0x7, @mcast1, 0x2}, 0x1c)

2.223400274s ago: executing program 2 (id=579):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000080)={[0x4, 0x9, 0x4, 0x100000001, 0x6, 0x8, 0x7ff, 0xc, 0xffff, 0x9, 0x1, 0x2, 0xfffffffffffffff9, 0x0, 0x100, 0x6], 0x2000, 0x2080})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000440)={'veth0_vlan\x00', {0x2, 0x0, @multicast1}})
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

2.222534883s ago: executing program 2 (id=580):
r0 = socket(0x28, 0x5, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xec) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x5, &(0x7f0000000040)=@framed={{}, [@map_idx={0x18, 0x0, 0x5, 0x0, 0x85ffffff}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000500), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000000)={0x0, [[0x7fff, 0x6, 0x0, 0x11, 0x0, 0x0, 0xa, 0xfffffffd], [0x0, 0x0, 0x1ffffffd, 0xfffffffd, 0xc000, 0x5, 0x0, 0xfffffffd], [0x80000001, 0x6, 0x0, 0x0, 0xfffffffe, 0xfffffffe, 0x2]], '\x00', [{0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x5f06, 0x6}, {0x0, 0x1b}, {}, {0x1, 0x9}, {0x1, 0x7}, {0x4, 0x7}, {0x0, 0xffffff7c}], '\x00', 0x0, 0x0, 0x0, 0x2}) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x1c, 0x15, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x24040808) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006000400ffff00000800030000000000080001"], 0x44}}, 0x0) (async, rerun: 32)
r6 = socket$inet_dccp(0x2, 0x6, 0x0) (rerun: 32)
setsockopt(r6, 0x10d, 0x6, &(0x7f00000000c0)="240f12a0", 0x4) (async)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000004400), 0xa82, 0x0)
ioctl$SNAPSHOT_UNFREEZE(r7, 0x3302)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000000)="9f90875a73ad17dee9ebece02db2103d", 0x20) (async)
r9 = accept$alg(r8, 0x0, 0x0)
read$alg(r9, &(0x7f0000000240)=""/245, 0xf5)
fadvise64(r7, 0x0, 0xfc2, 0x5) (async)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000000)={'veth1_macvtap\x00', 0x44})

2.021063654s ago: executing program 5 (id=586):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x38, 0xd, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0xfffe)

2.0157903s ago: executing program 5 (id=587):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x3, 0xe}}}, 0x24}}, 0x0)
socket$kcm(0x29, 0x18ae8c875e60bd84, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='msdos\x00', 0x200000, &(0x7f0000000380)='/dev/snd/pcmC#D#p\x00')
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x24000)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r1, 0xc0984124, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r1, 0xc0884123, &(0x7f0000000140)={0x0, "a164c2ff3a839d6225acc1c548a86660e2ce7077eb680232d934b62f7a7d1646bce0f7715f7ca40e6db4e75a8303b37f29e3cf2b510b5929147ab672a7a91837"})
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=@newtfilter={0x90, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x2, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb, 0x3, '.,\\-\\{\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x55b, 0x2, 0x10000000, 0x7, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x90}}, 0x801)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x6)
ioctl$SIOCAX25DELFWD(r3, 0x541b, &(0x7f0000000000)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default})
ioctl$SIOCAX25GETINFOOLD(r3, 0x89e9, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_simple_pair_complete={{0x36, 0x7}, {0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xa)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.923833532s ago: executing program 5 (id=588):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000018c0), 0x2, 0x0)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000001900)=0x100)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000003201"], 0x138)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r2, 0x80045300, 0xfffffffffffffffe)
openat$vicodec0(0xffffffffffffff9c, &(0x7f00000018c0), 0x2, 0x0) (async)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000001900)=0x100) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6) (async)
write$bt_hci(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000003201"], 0x138) (async)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r2, 0x80045300, 0xfffffffffffffffe) (async)

1.79633107s ago: executing program 5 (id=589):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0300d6000a000200aaaaaaaaaa0c"], 0x28}}, 0x0)
unshare(0x2a020480)
unshare(0x2a020400)

1.795883861s ago: executing program 5 (id=590):
mkdir(&(0x7f0000000600)='./file0\x00', 0xe8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="400905000000088315ef3c113765a35744c80cdfc7383bb536079638cb0be9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write(r3, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2, @thr={0x0, 0x0}})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
timer_settime(r5, 0x1, &(0x7f0000000240)={{0x77359400}, {0x0, 0x989680}}, &(0x7f00000002c0))
sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYRES8=r0], 0x14d8}}, 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r7, 0xc0105b08, &(0x7f0000000040))
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f58b04"])
mount(&(0x7f0000000180)=@sr0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='ocfs2\x00', 0x11, 0x0)

1.79557443s ago: executing program 6 (id=591):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @random})
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="83", 0x1}], 0x1, &(0x7f0000000200)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x41, 0x0, 0x2}}], 0x20, 0x40040}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84) (async)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @random}) (async)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10) (async)
sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="83", 0x1}], 0x1, &(0x7f0000000200)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x41, 0x0, 0x2}}], 0x20, 0x40040}, 0x0) (async)

1.795121871s ago: executing program 6 (id=592):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='highspeed\x00', 0xa)
accept$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f0000000040)=0x10)
r2 = socket(0xa, 0x3, 0x3a)
ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000000))
bind$rose(r2, &(0x7f0000000100)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast]}, 0x40)
ioctl$HCIINQUIRY(r0, 0x400448de, &(0x7f00000000c0)={0x0, 0x8000})

1.133878425s ago: executing program 4 (id=594):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x8, 0x0, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3d}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7d}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r1, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), r0)

1.083934522s ago: executing program 4 (id=595):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000700)=""/4096, 0x0})
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})
ioctl$SNDCTL_DSP_SUBDIVIDE(r2, 0xc0045009, &(0x7f0000000140)=0x10001)
close(0x3)

1.079582505s ago: executing program 4 (id=596):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000800000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000032ce8500000004000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x1abb01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000002240)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000002440)={"d01588cc882451c1e2c88bce9ba97a2b", <r4=>0x0, 0x0, {0x101, 0x78}, {0x9d6, 0xe}, 0x2, [0x7, 0x1000, 0x7fffffff, 0x3, 0x7a57, 0x7, 0x1, 0xfffffffffffffffc, 0x3, 0x3, 0x3, 0x2, 0x1661, 0x4, 0x0, 0x8]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000002540)={"d2e212a9c576226f73085a11806387b0", r3, r4, {0x4, 0x1}, {0x0, 0x2}, 0x3, [0xfffffffffffffc01, 0x7, 0x0, 0x9f03, 0x1, 0x140, 0x3, 0x1, 0x0, 0xfffffffffffffffc, 0x2, 0x9, 0xffff, 0x2fc, 0x3, 0x5]})
write$tun(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a000000ffffffffffffaaaaaaaaaad288a800008100400086dd61c313a00048110000000000000000000000ffffac1e0001ff0200000000000000000000000000014e234e24004890"], 0x8a)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000800000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00', r0}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0)
r7 = gettid()
r8 = fanotify_init(0x0, 0x0)
fanotify_mark(r8, 0x80, 0x4800003e, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
sched_setaffinity(r7, 0x8, &(0x7f0000000040)=0x800)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)

924.185285ms ago: executing program 4 (id=597):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000006c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r2, 0x501, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4c004)
r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0x1000000})
socket(0x2, 0x80805, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x0, 0x6edf42202ccb441a, 0x0, 0x8}, &(0x7f00000000c0)=0x18)

923.819897ms ago: executing program 6 (id=598):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x6})
r1 = syz_open_pts(r0, 0xf9cfd84146077570)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f00000000c0))
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x2)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000100)=0x4)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) (async)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x6}) (async)
syz_open_pts(r0, 0xf9cfd84146077570) (async)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f00000000c0)) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x2) (async)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000100)=0x4) (async)

919.696229ms ago: executing program 4 (id=599):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080))
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x11e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0x0, 0x0, 0xfffffffd}}, @NETEM_LOSS_GI={0x18, 0x1, {0x10}}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2, {0xfffffffc}}]}}}]}, 0x9c}}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff00000000000086df6012000800503a00fe8000000000000000000000000000bbfe8000000000000000040000000000aa0200907800000000605b29ab00001100fe8000000000000000000000000000000000000000000000000039d6d0bd80533aa404c900000521000000000000fb36eeca6fad00"/134], 0x0)

843.168369ms ago: executing program 6 (id=600):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x769})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r2 = syz_open_dev$dmmidi(&(0x7f0000000080), 0x2, 0x2003)
clock_gettime(0x0, &(0x7f0000000340)={<r3=>0x0, <r4=>0x0})
pselect6(0x40, &(0x7f0000000280)={0x6, 0x8, 0x5, 0xb7c, 0x6, 0x7e, 0xc00000, 0xffff}, &(0x7f00000002c0)={0x9, 0xe927, 0x3, 0x2, 0xfffffffffffffff9, 0x0, 0xffffffffffff0001}, &(0x7f0000000300)={0x132, 0x1, 0x3, 0x1000, 0x1, 0xfffffffffffffffb, 0xd}, &(0x7f0000000380)={r3, r4+60000000}, &(0x7f0000000400)={&(0x7f00000003c0)={[0x4]}, 0x8})
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r2, 0xc0245720, &(0x7f0000000040))
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r5, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000000000)={0xb}, 0x20)
ppoll(&(0x7f0000000180)=[{r1, 0x4047, 0x700}], 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x6559, 0x13580, 0x3}, &(0x7f0000000040), &(0x7f0000000140))
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r6, &(0x7f0000004180)={0x2020}, 0x2020)
setsockopt$bt_BT_FLUSHABLE(r6, 0x112, 0x8, &(0x7f00000001c0)=0x7, 0x4)
syz_io_uring_setup(0x3c4a, &(0x7f0000000040)={0x0, 0x298f, 0x10, 0x2, 0x74, 0x0, r6}, &(0x7f00000000c0), &(0x7f0000000100))
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="6c000000020605000000000000000000000000000e0003006269746d61703a697000000005000400000000000900020073797a310000a29b6b9f1b33d9a9a11700002480078008000800000000001800018014000240ff020000000000000000000000000001050005000200"], 0x6c}}, 0x0)

133.978358ms ago: executing program 5 (id=601):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040)) (async, rerun: 64)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=@framed={{0x56, 0xa, 0x0, 0x0, 0x0, 0x79, 0x11, 0x30}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (rerun: 64)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058565d, 0x0) (rerun: 64)
close_range(r0, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r3 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000240), 0x440700, 0x0) (rerun: 64)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
r4 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
r5 = getpgid(0x0) (async, rerun: 64)
r6 = openat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x1}, 0x18)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0xa4, 0x10, 0xffffff1f, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@IFLA_NET_NS_PID={0x8, 0x13, r5}, @IFLA_NET_NS_FD={0x8, 0x1c, r6}, @IFLA_VF_PORTS={0x74, 0x18, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "937105cd18eb374740e4062a59e6a7f7"}]}, {0x58, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x85}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "04eab38369609267fdc2f063ecd4364e"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "24a532fe32f4844571b9ba464746e432"}, @IFLA_PORT_VF={0x8, 0x1, 0x2}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "b5ce39d06fb85bb2c839b4530752432f"}, @IFLA_PORT_VF={0x8, 0x1, 0x1}]}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40114}, 0x4040004)

1.232747ms ago: executing program 4 (id=602):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r0, 0x5201)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}], 0x1}}], 0x2, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)={0x268, 0x0, 0x5, 0x101, 0x0, 0x0, {0x0, 0x0, 0x200}, [{{0x254, 0x1, {{0x0, 0x100000}, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', "b7411bd57b00b03cffb7437cdda2f487fdb1869db0669865b50427c59853678c", "3c8097bd14f735197114ccd7cbc7a177a83da33a65aecc1ba79b66b12eeb5500", [{}, {0x8001, 0x0, {0x2}}, {}, {}, {0x100}, {0x0, 0xf5}, {0x800}, {0x0, 0x0, {0x2, 0x1}}, {0x0, 0x0, {0x2, 0x28000000}}, {}, {}, {0x0, 0x0, {0x1}}, {0x0, 0x0, {0x0, 0x3}}, {0x0, 0x4}, {}, {}, {}, {}, {0x0, 0x0, {0x1}}, {}, {}, {}, {}, {}, {0x1, 0x0, {0x0, 0x4000}}, {}, {}, {0x0, 0x4, {0x49946a349f2937f2}}, {}, {0x0, 0x0, {0x3}}, {}, {0x0, 0x0, {0x3, 0x2}}, {}, {0xffff}, {}, {0x0, 0x1}, {}, {0x0, 0xfffc}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0xc060}, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x148, &(0x7f0000000300)={0x0, 0x1, 0x3, 0x10})
mq_timedreceive(r3, &(0x7f0000000840)=""/44, 0x2c, 0x9, &(0x7f0000001980))
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@allocspi={0x11c, 0x16, 0x411, 0x0, 0x0, {{{@in6=@remote, @in=@private}, {@in6=@private1, 0x0, 0x33}, @in=@empty, {}, {}, {}, 0x8000000}, 0x0, 0xfdffff00}, [@lifetime_val={0x24, 0x9, {0x7, 0x40002, 0x6, 0x9}}]}, 0x11c}}, 0x0)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r4, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00010002"], 0x8)

0s ago: executing program 6 (id=603):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
modify_ldt$write(0x1, &(0x7f0000000040)={0xc, 0x0, 0x400}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x2001}, 0x18, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3})
readv(r1, &(0x7f00000026c0)=[{&(0x7f0000000180)=""/239, 0xef}], 0x1)
syz_io_uring_setup(0x3d28, &(0x7f0000000280)={0x0, 0x0, 0x80, 0x7fe}, &(0x7f0000c57000), 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000020c0)='fdinfo/3\x00')
read$FUSE(r2, &(0x7f0000000080)={0x2020, 0x0, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
landlock_restrict_self(r0, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x1c, 0x0, 0x1, 0x8000000, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r5, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x20004001, &(0x7f0000000800)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r8=>0x0})
setsockopt$inet6_IPV6_PKTINFO(r6, 0x29, 0x32, &(0x7f0000000840)={@mcast1, r8}, 0x14)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file2\x00', 0x80, 0x3c)
linkat(r9, &(0x7f0000000140)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x400)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000040)=0x7)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f00000000c0)=0x7d)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYRES16=r3, @ANYRES64=r7, @ANYRESOCT=r4], &(0x7f0000002100)='GPL\x00', 0x5, 0xb8, &(0x7f000000cf3d)=""/184, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, r2, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000500)={'\x00', 0x2})

kernel console output (not intermixed with test programs):

e, different from the descriptor's value: 9
[   54.838605][ T6102] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   54.841621][ T6102] usb 5-1: config 0 interface 0 has no altsetting 0
[   54.844788][ T6102] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   54.847309][ T6102] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   54.849744][ T6102] usb 5-1: Product: syz
[   54.850875][ T6102] usb 5-1: Manufacturer: syz
[   54.852020][ T6102] usb 5-1: SerialNumber: syz
[   54.861962][ T6102] usb 5-1: config 0 descriptor??
[   54.875661][ T6102] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[   55.070544][  T828] usb 5-1: USB disconnect, device number 4
[   55.080332][  T828] yurex 5-1:0.0: USB YUREX #0 now disconnected
[   55.383446][ T6446] overlayfs: conflicting lowerdir path
[   55.574105][ T6451] netlink: 36 bytes leftover after parsing attributes in process `syz.3.100'.
[   55.582051][ T6451] sctp: [Deprecated]: syz.3.100 (pid 6451) Use of int in max_burst socket option deprecated.
[   55.582051][ T6451] Use struct sctp_assoc_value instead
[   55.588836][ T6451] program syz.3.100 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   55.798498][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   55.802488][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   55.814638][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   55.819867][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   55.823744][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   55.827338][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.105'.
[   56.026014][ T6487] ptrace attach of "/syz-executor exec"[6493] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
[   56.145705][ T6501] CUSE: unknown device info "ts_offset"
[   56.147563][   T39] kauditd_printk_skb: 87 callbacks suppressed
[   56.147573][   T39] audit: type=1400 audit(1732004614.174:329): avc:  denied  { map } for  pid=6500 comm="syz.0.114" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   56.170810][ T6501] CUSE: DEVNAME unspecified
[   56.175418][   T39] audit: type=1400 audit(1732004614.204:330): avc:  denied  { execute_no_trans } for  pid=6502 comm="syz.3.115" path="/25/file2" dev="tmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   56.188547][   T39] audit: type=1400 audit(1732004614.214:331): avc:  denied  { create } for  pid=6500 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   56.190655][ T6501] binder: 6500:6501 ioctl 8933 200001c0 returned -22
[   56.193880][   T39] audit: type=1400 audit(1732004614.224:332): avc:  denied  { write } for  pid=6500 comm="syz.0.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   56.261411][   T39] audit: type=1400 audit(1732004614.294:333): avc:  denied  { mounton } for  pid=6512 comm="syz.3.116" path="/26/file0" dev="tmpfs" ino=178 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   56.275156][   T39] audit: type=1400 audit(1732004614.294:334): avc:  denied  { mount } for  pid=6512 comm="syz.3.116" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   56.296604][   T39] audit: type=1400 audit(1732004614.324:335): avc:  denied  { read write } for  pid=6518 comm="syz.3.119" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   56.305217][ T6198] libceph: connect (1)[c::]:6789 error -101
[   56.307208][ T6198] libceph: mon0 (1)[c::]:6789 connect error
[   56.308347][   T39] audit: type=1400 audit(1732004614.334:336): avc:  denied  { open } for  pid=6518 comm="syz.3.119" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   56.331775][ T6515] ceph: No mds server is up or the cluster is laggy
[   56.415583][ T6534] tmpfs: Bad value for 'mpol'
[   56.415602][   T39] audit: type=1400 audit(1732004614.444:337): avc:  denied  { mounton } for  pid=6533 comm="syz.3.122" path="/syzcgroup/unified/syz3" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   56.456488][   T39] audit: type=1326 audit(1732004614.484:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6535 comm="syz.3.123" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bd857e759 code=0x0
[   56.527807][ T5946] Bluetooth: hci3: command 0x0419 tx timeout
[   56.547785][ T6541] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6541 comm=syz.0.125
[   56.556692][ T6541] nbd: must specify at least one socket
[   56.561177][ T6541] netlink: 5300 bytes leftover after parsing attributes in process `syz.0.125'.
[   56.565086][ T6541] openvswitch: netlink: IP tunnel dst address not specified
[   56.724390][ T6552] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[   56.726926][ T6552] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[   56.899476][ T6562] /dev/sr0: Can't open blockdev
[   57.031199][ T6566] /dev/sr0: Can't open blockdev
[   57.117942][ T6578] x86/PAT: syz.2.134:6578 freeing invalid memtype [mem 0xfed00000-0xfed00fff]
[   57.164436][ T6583] Bluetooth: MGMT ver 1.23
[   57.166839][ T6583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6583 comm=syz.0.135
[   57.177438][ T6573] team0 (unregistering): Port device team_slave_0 removed
[   57.185459][ T6573] team0 (unregistering): Port device team_slave_1 removed
[   57.213580][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.136'.
[   57.501529][ T6611] netfs: Couldn't get user pages (rc=-14)
[   57.503815][ T6611] netfs: Zero-sized read [R=1]
[   57.967730][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   58.077755][ T6627] mkiss: ax0: crc mode is auto.
[   58.117780][    T9] usb 7-1: Using ep0 maxpacket: 8
[   58.121187][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   58.125037][    T9] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   58.128674][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.134124][    T9] usb 7-1: config 0 descriptor??
[   58.343109][    T9] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   58.390762][ T6653] lo: entered allmulticast mode
[   58.397284][ T6653] tunl0: entered allmulticast mode
[   58.403465][ T6653] gre0: entered allmulticast mode
[   58.410945][ T6653] gretap0: entered allmulticast mode
[   58.416395][ T6653] erspan0: entered allmulticast mode
[   58.421879][ T6653] ip_vti0: entered allmulticast mode
[   58.427385][ T6653] ip6_vti0: entered allmulticast mode
[   58.432343][ T6653] sit0: entered allmulticast mode
[   58.438831][ T6653] ip6tnl0: entered allmulticast mode
[   58.442596][ T6653] ip6gre0: entered allmulticast mode
[   58.450557][ T6653] syz_tun: entered allmulticast mode
[   58.455940][ T6653] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.459355][ T6653] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.462650][ T6653] bridge0: entered allmulticast mode
[   58.468635][ T6653] vcan0: entered allmulticast mode
[   58.472332][ T6653] bond0: entered allmulticast mode
[   58.473796][ T6653] bond_slave_0: entered allmulticast mode
[   58.475304][ T6653] bond_slave_1: entered allmulticast mode
[   58.480101][ T6653] team0: entered allmulticast mode
[   58.481634][ T6653] team_slave_0: entered allmulticast mode
[   58.483162][ T6653] team_slave_1: entered allmulticast mode
[   58.486641][ T6653] dummy0: entered allmulticast mode
[   58.490172][ T6653] nlmon0: entered allmulticast mode
[   58.493410][ T6653] caif0: entered allmulticast mode
[   58.495809][ T6653] batadv0: entered allmulticast mode
[   58.508377][ T6653] vxcan0: entered allmulticast mode
[   58.511650][ T6653] vxcan1: entered allmulticast mode
[   58.516091][ T6653] veth0: entered allmulticast mode
[   58.521871][ T6653] veth1: entered allmulticast mode
[   58.528409][ T6653] wg0: entered allmulticast mode
[   58.531404][ T6653] wg1: entered allmulticast mode
[   58.534252][ T6653] wg2: entered allmulticast mode
[   58.537298][ T6653] veth0_to_bridge: entered allmulticast mode
[   58.543907][ T6653] veth1_to_bridge: entered allmulticast mode
[   58.549663][ T6653] veth0_to_bond: entered allmulticast mode
[   58.554278][ T6653] veth1_to_bond: entered allmulticast mode
[   58.560650][ T6653] veth0_to_team: entered allmulticast mode
[   58.565651][ T6653] veth1_to_team: entered allmulticast mode
[   58.571419][ T6653] veth0_to_batadv: entered allmulticast mode
[   58.574285][ T6653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.577210][ T6653] batadv_slave_0: entered allmulticast mode
[   58.581450][ T6653] veth1_to_batadv: entered allmulticast mode
[   58.584401][ T6653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.587130][ T6653] batadv_slave_1: entered allmulticast mode
[   58.591233][ T6653] xfrm0: entered allmulticast mode
[   58.594429][ T6653] veth0_to_hsr: entered allmulticast mode
[   58.597577][ T6653] hsr_slave_0: entered allmulticast mode
[   58.601110][ T6653] veth1_to_hsr: entered allmulticast mode
[   58.604269][ T6653] hsr_slave_1: entered allmulticast mode
[   58.608241][ T6653] hsr0: entered allmulticast mode
[   58.612214][ T6653] veth1_virt_wifi: entered allmulticast mode
[   58.616049][ T6653] veth0_virt_wifi: entered allmulticast mode
[   58.621382][ T6653] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[   58.624538][ T6653] veth1_vlan: entered allmulticast mode
[   58.628045][ T6653] veth0_vlan: entered allmulticast mode
[   58.634872][ T6653] vlan0: entered allmulticast mode
[   58.636333][ T6653] vlan1: entered allmulticast mode
[   58.639254][ T6653] macvlan0: entered allmulticast mode
[   58.642564][ T6653] macvlan1: entered allmulticast mode
[   58.645249][ T6653] ipvlan0: entered allmulticast mode
[   58.646798][ T6653] ipvlan1: entered allmulticast mode
[   58.650261][ T6653] veth1_macvtap: entered allmulticast mode
[   58.653438][ T6653] veth0_macvtap: entered allmulticast mode
[   58.656513][ T6653] macvtap0: entered allmulticast mode
[   58.660953][ T6653] macsec0: entered allmulticast mode
[   58.666328][ T6653] geneve0: entered allmulticast mode
[   58.669987][ T6653] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.672352][ T6653] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.674698][ T6653] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.677035][ T6653] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.681485][ T6653] geneve1: entered allmulticast mode
[   58.684841][ T6653] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   58.689863][ T6653] netdevsim netdevsim0 netdevsim1: entered allmulticast mode
[   58.693416][ T6653] netdevsim netdevsim0 netdevsim2: entered allmulticast mode
[   58.697363][ T6653] netdevsim netdevsim0 netdevsim3: entered allmulticast mode
[   58.706259][ T6653] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode
[   58.711136][ T6653] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[   58.714274][ T6653] bond1: left promiscuous mode
[   58.717864][ T6657] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   58.744743][ T6621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.750759][ T6621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.765796][ T6621] sp0: Synchronizing with TNC
[   58.842429][   T35] usb 7-1: USB disconnect, device number 3
[   58.848723][   T35] iowarrior 7-1:0.0: I/O-Warror #0 now disconnected
[   59.107630][    T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   59.259247][    T9] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   59.263612][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   59.267776][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   59.271863][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   59.276695][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   59.280572][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.285555][    T9] usb 8-1: config 0 descriptor??
[   59.290924][ T6673] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   59.420030][ T5946] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   59.422605][ T5946] Bluetooth: hci1: Injecting HCI hardware error event
[   59.425514][ T5945] Bluetooth: hci1: hardware error 0x00
[   59.700066][    T9] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd
[   59.703977][    T9] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   59.713687][    T9] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   59.746553][ T6706] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[   59.747763][ T6707] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0
[   59.752590][ T6706] xt_connbytes: Forcing CT accounting to be enabled
[   59.754492][ T6706] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   59.757795][ T6706] xt_bpf: check failed: parse error
[   59.796867][ T6709] syz.2.170: attempt to access beyond end of device
[   59.796867][ T6709] loop2: rw=0, sector=64, nr_sectors = 1 limit=0
[   59.807842][ T6709] syz.2.170: attempt to access beyond end of device
[   59.807842][ T6709] loop2: rw=0, sector=256, nr_sectors = 1 limit=0
[   59.811111][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   59.814521][ T6709] syz.2.170: attempt to access beyond end of device
[   59.814521][ T6709] loop2: rw=0, sector=512, nr_sectors = 1 limit=0
[   59.818785][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   59.822170][ T6709] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   59.824623][ T6709] UDF-fs: Scanning with blocksize 512 failed
[   59.826952][ T6709] syz.2.170: attempt to access beyond end of device
[   59.826952][ T6709] loop2: rw=0, sector=64, nr_sectors = 2 limit=0
[   59.830848][ T6709] syz.2.170: attempt to access beyond end of device
[   59.830848][ T6709] loop2: rw=0, sector=512, nr_sectors = 2 limit=0
[   59.834268][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   59.836947][ T6709] syz.2.170: attempt to access beyond end of device
[   59.836947][ T6709] loop2: rw=0, sector=1024, nr_sectors = 2 limit=0
[   59.841105][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   59.843681][ T6709] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   59.844943][ T6712] IPv6: NLM_F_REPLACE set, but no existing node found!
[   59.845701][ T6709] UDF-fs: Scanning with blocksize 1024 failed
[   59.846087][ T6709] syz.2.170: attempt to access beyond end of device
[   59.846087][ T6709] loop2: rw=0, sector=64, nr_sectors = 4 limit=0
[   59.854108][ T6709] syz.2.170: attempt to access beyond end of device
[   59.854108][ T6709] loop2: rw=0, sector=1024, nr_sectors = 4 limit=0
[   59.857641][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   59.860106][ T6709] syz.2.170: attempt to access beyond end of device
[   59.860106][ T6709] loop2: rw=0, sector=2048, nr_sectors = 4 limit=0
[   59.863491][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   59.865997][ T6709] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   59.868349][ T6709] UDF-fs: Scanning with blocksize 2048 failed
[   59.870608][ T6709] syz.2.170: attempt to access beyond end of device
[   59.870608][ T6709] loop2: rw=0, sector=64, nr_sectors = 8 limit=0
[   59.874684][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   59.877252][ T6709] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   59.879842][ T6709] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   59.881877][ T6709] UDF-fs: Scanning with blocksize 4096 failed
[   59.883435][ T6709] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[   59.978126][ T6716] Illegal XDP return value 4031279021 on prog  (id 21) dev syz_tun, expect packet loss!
[   60.027631][ T6001] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   60.097443][ T5946] Bluetooth: hci0: unexpected event for opcode 0x1804
[   60.100884][ T5946] Bluetooth: hci0: ACL packet for unknown connection handle 201
[   60.103100][ T5946] Bluetooth: hci0: ACL packet for unknown connection handle 201
[   60.178688][ T6001] usb 5-1: Using ep0 maxpacket: 8
[   60.183805][ T6001] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[   60.186975][ T6001] usb 5-1: config 0 has no interface number 0
[   60.190027][ T6001] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   60.193806][ T6001] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   60.196981][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   60.205819][ T6001] usb 5-1: config 0 descriptor??
[   60.212058][ T6001] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[   60.415753][ T5947] usb 5-1: USB disconnect, device number 5
[   60.418767][ T5947] iowarrior 5-1:0.1: I/O-Warror #1 now disconnected
[   60.636237][ T6745] netlink: 'syz.2.180': attribute type 5 has an invalid length.
[   60.638547][ T6745] netlink: 'syz.2.180': attribute type 33 has an invalid length.
[   60.682920][ T6749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6749 comm=syz.2.181
[   60.688076][ T6749] __nla_validate_parse: 3 callbacks suppressed
[   60.688092][ T6749] netlink: 48 bytes leftover after parsing attributes in process `syz.2.181'.
[   60.714906][ T6751] netlink: 12 bytes leftover after parsing attributes in process `syz.2.182'.
[   60.745350][ T6753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.183'.
[   60.751264][ T6753] macsec0: entered promiscuous mode
[   60.815252][ T6756] netlink: 12 bytes leftover after parsing attributes in process `syz.2.184'.
[   60.821897][ T6756] nft_compat: unsupported protocol 5
[   60.870387][ T6759] ALSA: seq fatal error: cannot create timer (-19)
[   61.075196][ T6770] block nbd0: shutting down sockets
[   61.128023][ T6089] usb 8-1: reset high-speed USB device number 4 using dummy_hcd
[   61.198149][ T6779] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[   61.200720][ T6779] netlink: 'syz.0.190': attribute type 10 has an invalid length.
[   61.203073][ T6779] bridge0: left allmulticast mode
[   61.207455][ T6779] bridge0: entered allmulticast mode
[   61.209616][ T6779] bond0: (slave bridge0): Enslaving as an active interface with a down link
[   61.358307][   T39] kauditd_printk_skb: 48 callbacks suppressed
[   61.358323][   T39] audit: type=1400 audit(1732004619.394:387): avc:  denied  { create } for  pid=6793 comm="syz.2.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[   61.427848][   T39] audit: type=1400 audit(1732004619.464:388): avc:  denied  { remount } for  pid=6798 comm="syz.0.195" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   61.464323][   T39] audit: type=1400 audit(1732004619.494:389): avc:  denied  { setopt } for  pid=6800 comm="syz.0.196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.469939][   T39] audit: type=1400 audit(1732004619.494:390): avc:  denied  { ioctl } for  pid=6800 comm="syz.0.196" path="socket:[13669]" dev="sockfs" ino=13669 ioctlcmd=0x943b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.490442][ T5945] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   61.647938][   T39] audit: type=1400 audit(1732004619.684:391): avc:  denied  { read } for  pid=6805 comm="syz.2.197" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   61.654559][   T39] audit: type=1400 audit(1732004619.684:392): avc:  denied  { open } for  pid=6805 comm="syz.2.197" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   61.680637][   T39] audit: type=1400 audit(1732004619.714:393): avc:  denied  { write } for  pid=6807 comm="syz.2.198" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   61.686671][ T5945] Bluetooth: hci0: ACL packet for unknown connection handle 200
[   61.689858][   T39] audit: type=1400 audit(1732004619.714:394): avc:  denied  { ioctl } for  pid=6807 comm="syz.2.198" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0x9439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   61.700855][   T39] audit: type=1400 audit(1732004619.714:395): avc:  denied  { read write } for  pid=6807 comm="syz.2.198" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   61.706880][   T39] audit: type=1400 audit(1732004619.714:396): avc:  denied  { open } for  pid=6807 comm="syz.2.198" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   61.751552][ T6810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.199'.
[   61.755769][ T6810] IPVS: Error joining to the multicast group
[   61.758613][ T6811] netlink: 8 bytes leftover after parsing attributes in process `syz.2.199'.
[   61.762415][ T6811] IPVS: Error joining to the multicast group
[   61.765111][ T6810] netlink: 28 bytes leftover after parsing attributes in process `syz.2.199'.
[   62.000219][ T6820] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   62.174880][ T6828] netlink: 'syz.2.206': attribute type 4 has an invalid length.
[   62.178211][ T6828] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.181210][ T6828] batadv_slave_1: entered promiscuous mode
[   62.352726][ T6833] IPVS: persistence engine module ip_vs_pe_t not found
[   62.361764][ T6838] kernel profiling enabled (shift: 17)
[   62.373641][ T6840] netlink: 16 bytes leftover after parsing attributes in process `syz.0.211'.
[   62.507654][ T6089] usb 8-1: device descriptor read/64, error -71
[   62.585170][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.0.214'.
[   62.589450][ T6847] netlink: 134744 bytes leftover after parsing attributes in process `syz.0.214'.
[   62.627609][ T6102] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[   62.710007][ T5945] Bluetooth: hci0: SCO packet for unknown connection handle 201
[   62.733407][ T6867] netlink: 'syz.2.219': attribute type 2 has an invalid length.
[   62.777986][ T6089] usb 8-1: reset high-speed USB device number 4 using dummy_hcd
[   62.779958][    C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   62.786538][ T6089] usb 8-1: device reset changed ep0 maxpacket size!
[   62.789686][ T6102] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   62.791810][    T9] usb 8-1: USB disconnect, device number 4
[   62.792651][ T6102] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[   62.797461][ T6102] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   62.801196][ T6102] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 256, setting to 8
[   62.804507][ T6102] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   62.807369][ T6102] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.813068][ T6838] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   62.824702][ T6102] hub 6-1:1.0: bad descriptor, ignoring hub
[   62.826185][ T6102] hub 6-1:1.0: probe with driver hub failed with error -5
[   62.830609][ T6102] cdc_wdm 6-1:1.0: skipping garbage
[   62.831859][ T6102] cdc_wdm 6-1:1.0: skipping garbage
[   62.833925][ T6102] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   62.835359][ T6102] cdc_wdm 6-1:1.0: Unknown control protocol
[   62.889492][ T6877] random: crng reseeded on system resumption
[   62.927691][    T9] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   63.087781][    T9] usb 8-1: Using ep0 maxpacket: 8
[   63.093999][    T9] usb 8-1: config index 0 descriptor too short (expected 5924, got 36)
[   63.097022][    T9] usb 8-1: config 250 has an invalid interface number: 228 but max is -1
[   63.100068][    T9] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0
[   63.103235][    T9] usb 8-1: config 250 has no interface number 0
[   63.105571][    T9] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   63.110215][    T9] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   63.113953][    T9] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   63.117398][    T9] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   63.121111][    T9] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   63.125998][    T9] usb 8-1: config 250 interface 228 has no altsetting 0
[   63.130169][    T9] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   63.133381][    T9] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   63.136303][    T9] usb 8-1: Product: syz
[   63.137913][    T9] usb 8-1: SerialNumber: syz
[   63.143010][    T9] hub 8-1:250.228: bad descriptor, ignoring hub
[   63.145449][    T9] hub 8-1:250.228: probe with driver hub failed with error -5
[   63.580764][ T6838] usb 6-1: reset low-speed USB device number 3 using dummy_hcd
[   63.637713][ T6087] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   63.788012][ T6087] usb 5-1: Using ep0 maxpacket: 8
[   63.791459][ T6087] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   63.795461][ T6087] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   63.799383][ T6087] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   63.803179][ T6087] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   63.808681][ T6087] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   63.812022][ T6087] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.871024][ T6880] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   63.876698][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   63.878602][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   63.884490][    T9] usblp 8-1:250.228: usblp1: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   63.956983][ T6918] futex_wake_op: syz.2.233 tries to shift op by 32; fix this program
[   63.960792][ T6918] netlink: 'syz.2.233': attribute type 1 has an invalid length.
[   63.971669][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   63.974131][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   63.976657][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   63.979056][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   63.981051][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[   63.984033][ T6918] 8021q: adding VLAN 0 to HW filter on device batadv1
[   63.986899][ T6918] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[   64.019787][ T6921] program syz.2.234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   64.022686][ T6087] usb 5-1: GET_CAPABILITIES returned 0
[   64.024570][ T6087] usbtmc 5-1:16.0: can't read capabilities
[   64.025334][ T6922] program syz.2.234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   64.059274][    T9] usb 8-1: reset high-speed USB device number 5 using dummy_hcd
[   64.077747][ T6838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.081469][ T6838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.197790][ T6087] usb 6-1: USB disconnect, device number 3
[   64.223634][ T6001] usb 5-1: USB disconnect, device number 6
[   64.297716][ T1476] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   64.448021][ T1476] usb 7-1: Using ep0 maxpacket: 16
[   64.451268][ T1476] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[   64.454106][ T1476] usb 7-1: config 0 has no interface number 0
[   64.456304][ T1476] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   64.459988][ T1476] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   64.465316][ T1476] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   64.468781][ T1476] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   64.471649][ T1476] usb 7-1: Product: syz
[   64.473175][ T1476] usb 7-1: SerialNumber: syz
[   64.476574][ T1476] usb 7-1: config 0 descriptor??
[   64.481470][ T1476] cm109 7-1:0.8: invalid payload size 0, expected 4
[   64.485640][ T1476] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input8
[   64.683418][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[   64.728315][ T1476] usb 8-1: USB disconnect, device number 5
[   64.731675][ T1476] usblp1: removed
[   64.910987][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[   64.913927][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[   64.915900][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[   64.918794][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[   64.921435][ T1476] usb 7-1: USB disconnect, device number 4
[   64.923020][    C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71
[   64.923031][    C1] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   64.924239][ T6943] netlink: 'syz.0.240': attribute type 13 has an invalid length.
[   64.936698][ T1476] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[   65.052330][ T6952] evm: overlay not supported
[   65.634812][ T6962] nbd: must specify at least one socket
[   65.643548][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   65.650397][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   65.654371][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   65.662626][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   65.667088][ T5946] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   65.671854][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   65.743108][ T6980] i2c i2c-1: Invalid block write size 34
[   65.807406][ T6968] chnl_net:caif_netlink_parms(): no params data found
[   65.883417][ T6968] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.885493][ T6968] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.888272][ T6968] bridge_slave_0: entered allmulticast mode
[   65.890435][ T6968] bridge_slave_0: entered promiscuous mode
[   65.893865][ T6968] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.895820][ T6968] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.898311][ T6968] bridge_slave_1: entered allmulticast mode
[   65.900418][ T6968] bridge_slave_1: entered promiscuous mode
[   65.922387][ T6968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.926273][ T6968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.950551][ T6968] team0: Port device team_slave_0 added
[   65.954402][ T6968] team0: Port device team_slave_1 added
[   65.984462][ T6968] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.986402][ T6968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.994757][ T6968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.001308][ T6968] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.004437][ T6968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.013888][ T6001] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   66.016248][ T6968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.022667][ T6087] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   66.043625][ T6990] __nla_validate_parse: 4 callbacks suppressed
[   66.043636][ T6990] netlink: 60 bytes leftover after parsing attributes in process `syz.3.255'.
[   66.085110][ T6221] bridge_slave_1: left promiscuous mode
[   66.092371][ T6221] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.096022][ T6221] bridge_slave_0: left promiscuous mode
[   66.098379][ T6221] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.147740][ T6087] usb 7-1: device descriptor read/64, error -71
[   66.148017][ T6001] usb 6-1: device descriptor read/64, error -71
[   66.200861][ T6221] bond0 (unregistering): (slave bridge0): Releasing backup interface
[   66.203848][ T6221] bridge0 (unregistering): left allmulticast mode
[   66.375242][ T6221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   66.378719][ T6221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   66.381734][ T6221] bond0 (unregistering): Released all slaves
[   66.397652][ T6087] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[   66.397691][ T6001] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   66.456065][ T6221] bond1 (unregistering): Released all slaves
[   66.461849][ T6968] hsr_slave_0: entered promiscuous mode
[   66.464063][ T6968] hsr_slave_1: entered promiscuous mode
[   66.465995][ T6968] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.469310][ T6968] Cannot create hsr debugfs directory
[   66.491230][   T39] kauditd_printk_skb: 21 callbacks suppressed
[   66.491242][   T39] audit: type=1400 audit(1732004624.524:418): avc:  denied  { create } for  pid=6993 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   66.501195][   T39] audit: type=1400 audit(1732004624.534:419): avc:  denied  { setopt } for  pid=6993 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   66.507334][   T39] audit: type=1400 audit(1732004624.534:420): avc:  denied  { ioctl } for  pid=6993 comm="syz.3.256" path="socket:[14828]" dev="sockfs" ino=14828 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   66.515492][   T39] audit: type=1400 audit(1732004624.544:421): avc:  denied  { ioctl } for  pid=6993 comm="syz.3.256" path="socket:[14829]" dev="sockfs" ino=14829 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[   66.515943][ T6993] delete_channel: no stack
[   66.537926][ T6087] usb 7-1: device descriptor read/64, error -71
[   66.556442][ T6001] usb 6-1: device descriptor read/64, error -71
[   66.563341][ T6996] syzkaller1: entered promiscuous mode
[   66.564853][ T6996] syzkaller1: entered allmulticast mode
[   66.651380][   T39] audit: type=1400 audit(1732004624.684:422): avc:  denied  { read } for  pid=7000 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.657893][ T6087] usb usb7-port1: attempt power cycle
[   66.660310][   T39] audit: type=1400 audit(1732004624.694:423): avc:  denied  { open } for  pid=7000 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.669558][   T39] audit: type=1400 audit(1732004624.694:424): avc:  denied  { getattr } for  pid=7000 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.670948][ T6968] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   66.677753][ T6001] usb usb6-port1: attempt power cycle
[   66.679367][   T39] audit: type=1400 audit(1732004624.704:425): avc:  denied  { write } for  pid=6999 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1767 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.692496][   T39] audit: type=1400 audit(1732004624.704:426): avc:  denied  { add_name } for  pid=6999 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   66.700346][   T39] audit: type=1400 audit(1732004624.704:427): avc:  denied  { create } for  pid=6999 comm="dhcpcd-run-hook" name="resolv.conf.eth2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   66.720740][ T6968] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   66.724721][ T6968] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   66.729246][ T6968] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   66.805069][ T6221] hsr_slave_0: left promiscuous mode
[   66.807348][ T6221] hsr_slave_1: left promiscuous mode
[   66.809920][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.812539][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.008748][ T6087] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   67.038041][ T6087] usb 7-1: device descriptor read/8, error -71
[   67.051564][ T6001] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   67.068888][ T6001] usb 6-1: device descriptor read/8, error -71
[   67.313870][ T6087] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   67.317696][ T6001] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   67.338837][ T6087] usb 7-1: device descriptor read/8, error -71
[   67.339072][ T6001] usb 6-1: device descriptor read/8, error -71
[   67.448518][ T6001] usb usb6-port1: unable to enumerate USB device
[   67.449079][ T6087] usb usb7-port1: unable to enumerate USB device
[   67.551115][ T6221] team0 (unregistering): Port device team_slave_1 removed
[   67.618625][ T6221] team0 (unregistering): Port device team_slave_0 removed
[   67.738056][ T5945] Bluetooth: hci3: command tx timeout
[   68.167917][ T6968] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.186017][ T6968] 8021q: adding VLAN 0 to HW filter on device team0
[   68.205531][ T6220] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.207717][ T6220] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.213366][ T6220] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.215246][ T6220] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.236674][ T7023] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7023 comm=syz.3.261
[   68.245996][ T7023] netlink: 28 bytes leftover after parsing attributes in process `syz.3.261'.
[   68.354314][ T6968] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.473344][ T6968] veth0_vlan: entered promiscuous mode
[   68.482629][ T6968] veth1_vlan: entered promiscuous mode
[   68.505926][ T6968] veth0_macvtap: entered promiscuous mode
[   68.514371][ T6968] veth1_macvtap: entered promiscuous mode
[   68.525276][ T6968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.529238][ T6968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.531831][ T6968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.534664][ T6968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.537316][ T6968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.540691][ T6968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.546191][ T6968] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.554677][ T6968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.560592][ T6968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.564067][ T6968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.567775][ T6968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.572915][ T6968] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.578293][ T6968] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.581401][ T6968] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.584514][ T6968] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.587263][ T6968] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.635314][ T6227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.637853][ T6227] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.656412][ T6221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.659844][ T6221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.312853][ T7073] syz.1.268 (7073): drop_caches: 2
[   69.329673][ T7119] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[   69.502825][ T7132] binder: 7131:7132 ioctl ae41 2 returned -22
[   69.541121][ T7129] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   69.543088][ T7129] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   69.544704][ T7129] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   69.563294][ T7129] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   69.578121][ T7129] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   69.579751][ T7129] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   69.587875][ T7129] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   69.606428][ T7142] geneve2: entered promiscuous mode
[   69.608613][ T7142] geneve2: entered allmulticast mode
[   69.761637][ T7163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.765860][ T7163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.771295][ T7163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.774842][ T7163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.784480][ T7163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.788763][ T7163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.792190][ T7163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.795134][ T7163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.799634][ T7167] bio_check_eod: 2 callbacks suppressed
[   69.799645][ T7167] syz.1.290: attempt to access beyond end of device
[   69.799645][ T7167] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[   69.806193][ T7167] FAT-fs (nbd1): unable to read boot sector
[   69.854509][ T7177] netlink: 32 bytes leftover after parsing attributes in process `syz.1.292'.
[   69.856823][ T7176] warning: `syz.4.293' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   69.875497][ T6102] IPVS: starting estimator thread 0...
[   69.878891][ T7176] tipc: Started in network mode
[   69.880240][ T7176] tipc: Node identity ac1414aa, cluster identity 4711
[   69.883244][ T7176] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   69.885417][ T7176] tipc: Enabled bearer <udp:s>, priority 10
[   69.968200][ T7178] IPVS: using max 34 ests per chain, 81600 per kthread
[   69.997647][ T6001] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[   70.019034][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.128294][ T6001] usb 7-1: device descriptor read/64, error -71
[   70.167591][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.189848][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.269943][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.296730][ T5946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.300202][ T5946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.303125][ T5946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.307608][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.308220][ T5946] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.314631][ T5946] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   70.317074][ T5946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   70.354243][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.367720][ T6001] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[   70.426156][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.457661][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.468026][ T7203] chnl_net:caif_netlink_parms(): no params data found
[   70.493551][ T7222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'.
[   70.507716][ T6001] usb 7-1: device descriptor read/64, error -71
[   70.575150][ T7233] tmpfs: Bad value for 'mpol'
[   70.597568][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.600139][ T7236] binder: 7235:7236 ioctl c0306201 20000480 returned -22
[   70.611963][ T7203] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.614563][ T7203] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.617141][ T7203] bridge_slave_0: entered allmulticast mode
[   70.617831][ T6001] usb usb7-port1: attempt power cycle
[   70.622677][ T7203] bridge_slave_0: entered promiscuous mode
[   70.625593][ T7203] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.628434][ T7203] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.631423][ T7203] bridge_slave_1: entered allmulticast mode
[   70.634412][ T7203] bridge_slave_1: entered promiscuous mode
[   70.676173][ T7203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.683489][ T7203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.741055][ T7203] team0: Port device team_slave_0 added
[   70.747660][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   70.750017][   T12] bridge_slave_1: left allmulticast mode
[   70.751543][   T12] bridge_slave_1: left promiscuous mode
[   70.753096][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.757069][   T12] bridge_slave_0: left allmulticast mode
[   70.759460][   T12] bridge_slave_0: left promiscuous mode
[   70.761165][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.890139][   T35] tipc: Node number set to 2886997162
[   70.969388][ T6001] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[   70.989778][ T6001] usb 7-1: device descriptor read/8, error -71
[   71.031067][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   71.035182][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   71.037667][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   71.043106][   T12] bond0 (unregistering): Released all slaves
[   71.052327][ T7203] team0: Port device team_slave_1 added
[   71.087556][ T7203] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.091311][ T1410] ieee802154 phy0 wpan0: encryption failed: -22
[   71.091452][ T7203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.094225][ T1410] ieee802154 phy1 wpan1: encryption failed: -22
[   71.101670][ T7203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.110441][ T7203] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.112456][ T7203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.119324][ T7203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.190056][ T7203] hsr_slave_0: entered promiscuous mode
[   71.192371][ T7203] hsr_slave_1: entered promiscuous mode
[   71.194497][ T7203] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.196664][ T7203] Cannot create hsr debugfs directory
[   71.258148][ T6001] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[   71.278115][ T6001] usb 7-1: device descriptor read/8, error -71
[   71.307613][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   71.331384][   T12] hsr_slave_0: left promiscuous mode
[   71.333682][   T12] hsr_slave_1: left promiscuous mode
[   71.335729][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.340933][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.343954][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.346106][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.363012][   T12] veth1_macvtap: left promiscuous mode
[   71.364908][   T12] veth0_macvtap: left promiscuous mode
[   71.366587][   T12] veth1_vlan: left promiscuous mode
[   71.368472][   T12] veth0_vlan: left promiscuous mode
[   71.387852][ T6001] usb usb7-port1: unable to enumerate USB device
[   71.647713][ T5946] Bluetooth: hci3: command 0x040f tx timeout
[   71.847666][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   72.128164][   T12] team0 (unregistering): Port device team_slave_1 removed
[   72.215856][   T12] team0 (unregistering): Port device team_slave_0 removed
[   72.369493][ T5946] Bluetooth: hci2: command tx timeout
[   72.786911][   T39] kauditd_printk_skb: 35 callbacks suppressed
[   72.786923][   T39] audit: type=1400 audit(1732004630.814:463): avc:  denied  { append } for  pid=7261 comm="syz.2.317" name="001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   73.671493][ T7203] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   73.692630][ T7203] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   73.711380][ T7203] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   73.722218][ T7203] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   73.727778][ T5946] Bluetooth: hci3: command 0x040f tx timeout
[   73.787319][ T7203] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.810233][ T7203] 8021q: adding VLAN 0 to HW filter on device team0
[   73.816790][ T6220] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.820097][ T6220] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.825233][ T7280] i2c i2c-1: Invalid block write size 34
[   73.830321][ T7280] i2c i2c-1: Invalid block write size 34
[   73.831916][ T6220] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.831938][ T7280] i2c i2c-1: Invalid block write size 34
[   73.834849][ T6220] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.934842][   T39] audit: type=1400 audit(1732004631.964:464): avc:  denied  { lock } for  pid=7293 comm="syz.3.323" path="socket:[16901]" dev="sockfs" ino=16901 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   73.959310][ T7300] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[   73.965037][   T39] audit: type=1400 audit(1732004631.994:465): avc:  denied  { write } for  pid=7299 comm="syz.3.324" name="kcm" dev="proc" ino=4026533082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   73.983953][ T7300] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[   74.003479][ T7203] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.059850][   T39] audit: type=1400 audit(1732004632.094:466): avc:  denied  { write } for  pid=7319 comm="syz.4.327" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   74.060875][ T7320] Cannot find del_set index 2 as target
[   74.078024][ T7320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7320 comm=syz.4.327
[   74.082050][ T7320] ubi0: attaching mtd0
[   74.085084][   T39] audit: type=1400 audit(1732004632.104:467): avc:  denied  { create } for  pid=7319 comm="syz.4.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   74.091266][ T7320] ubi0: scanning is finished
[   74.092532][ T7320] ubi0: empty MTD device detected
[   74.093579][   T39] audit: type=1400 audit(1732004632.104:468): avc:  denied  { getopt } for  pid=7319 comm="syz.4.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   74.105347][ T7326] netlink: 24 bytes leftover after parsing attributes in process `syz.3.328'.
[   74.112441][ T7203] veth0_vlan: entered promiscuous mode
[   74.118703][ T7203] veth1_vlan: entered promiscuous mode
[   74.145017][ T7203] veth0_macvtap: entered promiscuous mode
[   74.151076][ T7203] veth1_macvtap: entered promiscuous mode
[   74.156452][ T7203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.161483][ T7203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.165264][ T7203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.169136][ T7203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.171885][ T7203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.174749][ T7203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.185774][ T7203] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.192091][ T7203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.196488][ T7203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.199653][ T7203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.203274][ T7203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.209053][ T7203] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.209666][ T7320] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   74.213894][ T7320] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   74.215756][ T7320] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   74.217685][ T7320] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   74.219792][ T7320] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   74.220691][ T7203] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.221595][ T7320] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   74.224838][ T7203] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.226963][ T7320] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3112944526
[   74.226980][ T7320] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   74.227781][ T7335] ubi0: background thread "ubi_bgt0d" started, PID 7335
[   74.229978][ T7203] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.248557][ T7203] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.266866][ T7338] netlink: 'syz.4.330': attribute type 1 has an invalid length.
[   74.323479][ T6220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.325898][ T6220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.350222][ T6221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.352478][ T6221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.391656][ T7351] xt_hashlimit: size too large, truncated to 1048576
[   74.447603][ T5946] Bluetooth: hci2: command tx timeout
[   74.619943][ T7371] tmpfs: Bad value for 'mpol'
[   74.738235][ T7388] netlink: 36 bytes leftover after parsing attributes in process `syz.3.339'.
[   74.766660][   T39] audit: type=1400 audit(1732004632.794:469): avc:  denied  { write } for  pid=7391 comm="syz.5.341" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   74.828587][ T7399] dns_resolver: Unsupported content type (24)
[   74.917048][   T39] audit: type=1400 audit(1732004632.944:470): avc:  denied  { mount } for  pid=7410 comm="syz.3.346" name="/" dev="ramfs" ino=16977 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   75.007612][    C3] net_ratelimit: 2 callbacks suppressed
[   75.007625][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   75.080685][   T39] audit: type=1400 audit(1732004633.114:471): avc:  denied  { bind } for  pid=7424 comm="syz.5.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   75.089502][   T39] audit: type=1400 audit(1732004633.124:472): avc:  denied  { write } for  pid=7424 comm="syz.5.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   75.173734][ T7436] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   75.183714][ T7436] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   75.186070][ T7436] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   75.189136][ T7436] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   75.191925][ T7436] netdevsim netdevsim5 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[   75.194355][ T7436] netdevsim netdevsim5 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[   75.196863][ T7436] netdevsim netdevsim5 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[   75.204483][ T7436] netdevsim netdevsim5 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[   75.208922][ T7436] geneve2: entered promiscuous mode
[   75.210505][ T7436] geneve2: entered allmulticast mode
[   75.229012][ T7440] netlink: 'syz.5.351': attribute type 3 has an invalid length.
[   75.237567][ T7440] netlink: 44 bytes leftover after parsing attributes in process `syz.5.351'.
[   75.252927][ T7440] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   75.443141][ T7457] hsr0: entered allmulticast mode
[   75.444896][ T7457] hsr_slave_0: entered allmulticast mode
[   75.446801][ T7457] hsr_slave_1: entered allmulticast mode
[   75.540613][ T7451] Bluetooth: hci0: Opcode 0x080f failed: -4
[   75.757277][ T7478] syz.2.362: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   75.761933][ T7478] CPU: 3 UID: 0 PID: 7478 Comm: syz.2.362 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0
[   75.764664][ T7478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.767465][ T7478] Call Trace:
[   75.768386][ T7478]  <TASK>
[   75.769180][ T7478]  dump_stack_lvl+0x16c/0x1f0
[   75.770434][ T7478]  warn_alloc+0x24d/0x3a0
[   75.771572][ T7478]  ? __pfx_warn_alloc+0x10/0x10
[   75.772865][ T7478]  ? __pfx_stack_trace_save+0x10/0x10
[   75.774327][ T7478]  ? kasan_save_stack+0x42/0x60
[   75.775672][ T7478]  ? kasan_save_stack+0x33/0x60
[   75.776964][ T7478]  ? kasan_save_track+0x14/0x30
[   75.778257][ T7478]  ? __kasan_kmalloc+0xaa/0xb0
[   75.779521][ T7478]  ? xskq_create+0x52/0x1d0
[   75.780731][ T7478]  ? do_sock_setsockopt+0x222/0x480
[   75.782096][ T7478]  ? __sys_setsockopt+0x1a0/0x230
[   75.783426][ T7478]  ? __x64_sys_setsockopt+0xbd/0x160
[   75.784829][ T7478]  __vmalloc_node_range_noprof+0x11a7/0x15a0
[   75.786398][ T7478]  ? xskq_create+0xfb/0x1d0
[   75.787602][ T7478]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   75.789269][ T7478]  ? xskq_create+0xfb/0x1d0
[   75.790469][ T7478]  vmalloc_user_noprof+0x6b/0x90
[   75.791859][ T7478]  ? xskq_create+0xfb/0x1d0
[   75.793079][ T7478]  xskq_create+0xfb/0x1d0
[   75.794222][ T7478]  xsk_setsockopt+0x757/0xa10
[   75.795483][ T7478]  ? __pfx_xsk_setsockopt+0x10/0x10
[   75.796867][ T7478]  ? selinux_socket_setsockopt+0x6a/0x80
[   75.798422][ T7478]  ? __pfx_xsk_setsockopt+0x10/0x10
[   75.799786][ T7478]  do_sock_setsockopt+0x222/0x480
[   75.801117][ T7478]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   75.802620][ T7478]  ? lock_acquire+0x2f/0xb0
[   75.803966][ T7478]  __sys_setsockopt+0x1a0/0x230
[   75.805256][ T7478]  __x64_sys_setsockopt+0xbd/0x160
[   75.806699][ T7478]  ? do_syscall_64+0x91/0x250
[   75.807939][ T7478]  ? lockdep_hardirqs_on+0x7c/0x110
[   75.809311][ T7478]  do_syscall_64+0xcd/0x250
[   75.810511][ T7478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.811921][ T5946] Bluetooth: hci3: command 0x040f tx timeout
[   75.812060][ T7478] RIP: 0033:0x7ff3ba57e759
[   75.814956][ T7478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.817641][   T25] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   75.819968][ T7478] RSP: 002b:00007ff3bb361038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   75.819987][ T7478] RAX: ffffffffffffffda RBX: 00007ff3ba735f80 RCX: 00007ff3ba57e759
[   75.819994][ T7478] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[   75.820001][ T7478] RBP: 00007ff3ba5f175e R08: 0000000000000020 R09: 0000000000000000
[   75.820009][ T7478] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000
[   75.820016][ T7478] R13: 0000000000000000 R14: 00007ff3ba735f80 R15: 00007ffc5e362fb8
[   75.820044][ T7478]  </TASK>
[   75.838733][ T7478] Mem-Info:
[   75.839864][ T7478] active_anon:6682 inactive_anon:0 isolated_anon:0
[   75.839864][ T7478]  active_file:10788 inactive_file:38348 isolated_file:0
[   75.839864][ T7478]  unevictable:1771 dirty:28 writeback:0
[   75.839864][ T7478]  slab_reclaimable:8137 slab_unreclaimable:71775
[   75.839864][ T7478]  mapped:17832 shmem:2475 pagetables:836
[   75.839864][ T7478]  sec_pagetables:311 bounce:0
[   75.839864][ T7478]  kernel_misc_reclaimable:0
[   75.839864][ T7478]  free:487932 free_pcp:1904 free_cma:0
[   75.853485][ T7478] Node 0 active_anon:26736kB inactive_anon:0kB active_file:43152kB inactive_file:153320kB unevictable:3548kB isolated(anon):0kB isolated(file):0kB mapped:71220kB dirty:108kB writeback:0kB shmem:6364kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13872kB pagetables:3472kB sec_pagetables:1244kB all_unreclaimable? no
[   75.863414][ T7478] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   75.872025][ T7478] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   75.880062][ T7478] lowmem_reserve[]: 0 1214 0 0 0
[   75.881587][ T7478] Node 0 DMA32 free:341228kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:26736kB inactive_anon:0kB active_file:43152kB inactive_file:153320kB unevictable:3548kB writepending:108kB present:2080628kB managed:1272184kB mlocked:0kB bounce:0kB free_pcp:6248kB local_pcp:3948kB free_cma:0kB
[   75.890739][ T7478] lowmem_reserve[]: 0 0 0 0 0
[   75.892178][ T7478] Node 1 Normal free:1587636kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:1044kB local_pcp:0kB free_cma:0kB
[   75.899894][ T7478] lowmem_reserve[]: 0 0 0 0 0
[   75.901483][ T7478] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   75.905311][ T7478] Node 0 DMA32: 121*4kB (UM) 133*8kB (ME) 432*16kB (UME) 678*32kB (UME) 484*64kB (UME) 95*128kB (UME) 48*256kB (UME) 45*512kB (UME) 20*1024kB (UME) 9*2048kB (UME) 47*4096kB (UM) = 340044kB
[   75.910576][ T7478] Node 1 Normal: 3*4kB (ME) 9*8kB (UME) 12*16kB (UME) 145*32kB (UME) 66*64kB (UME) 12*128kB (UME) 6*256kB (UE) 9*512kB (UME) 2*1024kB (U) 4*2048kB (UM) 381*4096kB (M) = 1587636kB
[   75.915819][ T7478] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   75.918698][ T7478] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   75.921321][ T7478] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   75.923377][ T7488] netlink: 92 bytes leftover after parsing attributes in process `syz.2.362'.
[   75.923935][ T7478] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   75.929767][ T7478] 51614 total pagecache pages
[   75.931096][ T7478] 0 pages in swap cache
[   75.931103][ T7478] Free swap  = 124448kB
[   75.931108][ T7478] Total swap = 124996kB
[   75.934652][ T7478] 1048443 pages RAM
[   75.935721][ T7478] 0 pages HighMem/MovableOnly
[   75.937050][ T7478] 281076 pages reserved
[   75.938314][ T7478] 0 pages cma reserved
[   75.967593][   T25] usb 9-1: Using ep0 maxpacket: 8
[   75.970441][   T25] usb 9-1: config 251 has an invalid interface number: 29 but max is 0
[   75.972869][   T25] usb 9-1: config 251 has no interface number 0
[   75.974728][   T25] usb 9-1: config 251 interface 29 altsetting 71 has an invalid descriptor for endpoint zero, skipping
[   75.977886][   T25] usb 9-1: config 251 interface 29 altsetting 71 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[   75.981192][   T25] usb 9-1: config 251 interface 29 has no altsetting 0
[   75.983353][   T25] usb 9-1: New USB device found, idVendor=054c, idProduct=0069, bcdDevice= a.8d
[   75.986113][   T25] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.047646][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   76.080772][ T7494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.365'.
[   76.170232][ T7511] vlan0: entered promiscuous mode
[   76.182418][ T7509] vlan0: left promiscuous mode
[   76.198269][   T25] usb 9-1: string descriptor 0 read error: -71
[   76.202366][   T25] usb-storage 9-1:251.29: USB Mass Storage device detected
[   76.210583][   T25] usb-storage 9-1:251.29: Quirks match for vid 054c pid 0069: 1
[   76.223392][ T7514] Bluetooth: MGMT ver 1.23
[   76.225700][ T7514] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   76.294662][   T25] usb 9-1: USB disconnect, device number 2
[   76.585407][ T7539] xt_nat: multiple ranges no longer supported
[   77.004199][ T7558] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[   77.006544][ T7558] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   77.009218][ T7558] vhci_hcd vhci_hcd.0: Device attached
[   77.014696][ T7560] vhci_hcd: connection closed
[   77.015030][ T6220] vhci_hcd: stop threads
[   77.017811][ T5945] Bluetooth: hci2: command tx timeout
[   77.019195][ T6220] vhci_hcd: release socket
[   77.028142][ T6220] vhci_hcd: disconnect device
[   77.087714][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   77.097864][ T7563] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   77.102175][ T7563] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   77.117714][ T7563] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   77.119874][ T7563] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   77.129625][ T7563] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   77.238245][ T7563] IPVS: set_ctl: invalid protocol: 28 224.0.0.2:20000
[   77.505814][ T7598] netlink: 'syz.3.390': attribute type 10 has an invalid length.
[   77.529534][ T7598] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   77.543805][ T7600] random: crng reseeded on system resumption
[   77.559731][ T7586] Bluetooth: hci0: Opcode 0x080f failed: -4
[   77.708052][ T7600] Unrecognized hibernate image header format!
[   77.710181][ T7600] PM: hibernation: Image mismatch: architecture specific data
[   77.727012][ T7605] input: syz0 as /devices/virtual/input/input9
[   77.772520][ T7618] GUP no longer grows the stack in syz.3.394 (7618): 20004000-2000a000 (20002000)
[   77.775378][ T7618] CPU: 0 UID: 0 PID: 7618 Comm: syz.3.394 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0
[   77.778425][ T7618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.781469][ T7618] Call Trace:
[   77.782414][ T7618]  <TASK>
[   77.783238][ T7618]  dump_stack_lvl+0x16c/0x1f0
[   77.784548][ T7618]  gup_vma_lookup+0x1d2/0x220
[   77.785807][ T7618]  __get_user_pages+0x236/0x3b50
[   77.787135][ T7618]  ? find_held_lock+0x2d/0x110
[   77.788427][ T7618]  ? mtree_load+0x30a/0xa40
[   77.789601][ T7618]  ? __pfx_lock_release+0x10/0x10
[   77.790989][ T7618]  ? trace_lock_acquire+0x14a/0x1d0
[   77.792437][ T7618]  ? __pfx___get_user_pages+0x10/0x10
[   77.794092][ T7618]  get_user_pages_remote+0x25e/0xb30
[   77.795739][ T7618]  ? __pfx_get_user_pages_remote+0x10/0x10
[   77.797566][ T7618]  __access_remote_vm+0x235/0x7b0
[   77.799006][ T7618]  ? __pfx___access_remote_vm+0x10/0x10
[   77.800461][ T7618]  ? lock_acquire+0x2f/0xb0
[   77.801665][ T7618]  ? proc_pid_cmdline_read+0x25c/0x900
[   77.803096][ T7618]  proc_pid_cmdline_read+0x4f5/0x900
[   77.804505][ T7618]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   77.806058][ T7618]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   77.807730][ T7618]  vfs_readv+0x6bf/0x890
[   77.808866][ T7618]  ? __pfx___lock_acquire+0x10/0x10
[   77.810234][ T7618]  ? __pfx_vfs_readv+0x10/0x10
[   77.811502][ T7618]  ? __fget_files+0x1fc/0x3a0
[   77.812824][ T7618]  ? __pfx_lock_release+0x10/0x10
[   77.814204][ T7618]  ? trace_lock_acquire+0x14a/0x1d0
[   77.815591][ T7618]  ? __fget_files+0x206/0x3a0
[   77.816867][ T7618]  ? do_preadv+0x1b1/0x270
[   77.818079][ T7618]  do_preadv+0x1b1/0x270
[   77.819291][ T7618]  ? __pfx_do_preadv+0x10/0x10
[   77.820608][ T7618]  do_syscall_64+0xcd/0x250
[   77.821821][ T7618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.823481][ T7618] RIP: 0033:0x7f0bd857e759
[   77.824805][ T7618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.829967][ T7618] RSP: 002b:00007f0bd92c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   77.832279][ T7618] RAX: ffffffffffffffda RBX: 00007f0bd8735f80 RCX: 00007f0bd857e759
[   77.834348][ T7618] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004
[   77.836422][ T7618] RBP: 00007f0bd85f175e R08: 0000000000000000 R09: 0000000000000000
[   77.838631][ T7618] R10: 0000000000000500 R11: 0000000000000246 R12: 0000000000000000
[   77.840781][ T7618] R13: 0000000000000000 R14: 00007f0bd8735f80 R15: 00007ffc78f63fe8
[   77.842996][ T7618]  </TASK>
[   77.843804][   T39] kauditd_printk_skb: 105 callbacks suppressed
[   77.843815][   T39] audit: type=1326 audit(1732004635.874:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4f0b975727 code=0x7ffc0000
[   77.843962][    C0] vkms_vblank_simulate: vblank timer overrun
[   77.845812][   T39] audit: type=1326 audit(1732004635.874:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0b91a0f9 code=0x7ffc0000
[   77.860602][   T39] audit: type=1326 audit(1732004635.874:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f4f0b97e759 code=0x7ffc0000
[   77.866669][   T39] audit: type=1326 audit(1732004635.884:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4f0b975727 code=0x7ffc0000
[   77.873256][   T39] audit: type=1326 audit(1732004635.884:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0b91a0f9 code=0x7ffc0000
[   77.879273][   T39] audit: type=1326 audit(1732004635.884:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f4f0b97e759 code=0x7ffc0000
[   77.883903][ T7620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.395'.
[   77.885377][   T39] audit: type=1326 audit(1732004635.894:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4f0b975727 code=0x7ffc0000
[   77.885402][   T39] audit: type=1326 audit(1732004635.894:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4f0b91a0f9 code=0x7ffc0000
[   77.885421][   T39] audit: type=1326 audit(1732004635.894:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f4f0b97e759 code=0x7ffc0000
[   77.885439][   T39] audit: type=1326 audit(1732004635.904:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7603 comm="syz.5.393" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4f0b975727 code=0x7ffc0000
[   77.923415][ T7620] netlink: 16 bytes leftover after parsing attributes in process `syz.3.395'.
[   77.930071][ T7620] gtp0: entered promiscuous mode
[   77.932351][ T7620] gtp0: entered allmulticast mode
[   77.939599][ T7620] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.138399][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   78.327215][ T7637] syz.3.401: attempt to access beyond end of device
[   78.327215][ T7637] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[   78.338323][ T7637] syz.3.401: attempt to access beyond end of device
[   78.338323][ T7637] loop3: rw=0, sector=120, nr_sectors = 8 limit=0
[   78.342528][ T7637] Mount JFS Failure: -5
[   78.343893][ T7637] jfs_mount failed w/return code = -5
[   78.352816][ T7633] kvm: emulating exchange as write
[   78.420858][ T7643] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   78.440234][ T7643] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   78.485269][ T7648] binder_alloc: 7647: binder_alloc_buf size -904 failed, no address space
[   78.489874][ T7648] binder_alloc: allocated: 8 (num: 1 largest: 8), free: 12280 (num: 1 largest: 12280)
[   78.494518][ T7648] program syz.3.404 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   78.515904][ T7648] netlink: 16 bytes leftover after parsing attributes in process `syz.3.404'.
[   78.527816][ T7655] netlink: 5312 bytes leftover after parsing attributes in process `syz.4.407'.
[   78.533113][ T7655] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   78.542130][ T7648] bond0: entered promiscuous mode
[   78.544091][ T7648] bond_slave_0: entered promiscuous mode
[   78.546352][ T7648] bond_slave_1: entered promiscuous mode
[   78.550276][ T7648] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[   78.553415][ T7648] bond0: entered allmulticast mode
[   78.555221][ T7648] bond_slave_0: entered allmulticast mode
[   78.557451][ T7648] bond_slave_1: entered allmulticast mode
[   78.559519][ T7648] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[   78.615674][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.4.409'.
[   78.787720][   T57] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   78.949401][   T57] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.953482][   T57] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.956523][   T57] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   78.961934][   T57] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   78.965398][   T57] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.978557][   T57] usb 10-1: config 0 descriptor??
[   79.142069][ T6268] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.167633][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   79.168635][ T5946] Bluetooth: hci3: command 0x040f tx timeout
[   79.169869][ T5945] Bluetooth: hci2: command 0x0405 tx timeout
[   79.196413][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.200856][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.202938][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.205140][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.232297][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.234374][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.236575][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.239157][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.241261][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.243345][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.245821][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.248707][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.257610][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.260091][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.262241][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[   79.264427][   T57] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[   79.269495][   T57] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[   79.282510][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   79.288970][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   79.292161][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   79.303243][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   79.306179][ T6268] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.309233][ T5946] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   79.309487][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   79.383706][ T6250] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xfd
[   79.402464][ T6268] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.409644][    C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   79.410558][ T7718] netlink: 'syz.4.425': attribute type 6 has an invalid length.
[   79.480197][ T6268] bond0: (slave netdevsim0): Releasing backup interface
[   79.482388][ T6268] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[   79.484611][ T6268] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode
[   79.489839][ T6268] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.502143][ T7699] chnl_net:caif_netlink_parms(): no params data found
[   79.531323][ T7727] netlink: 'syz.4.425': attribute type 10 has an invalid length.
[   79.534191][ T7727] bond0: (slave bond_slave_0): Releasing backup interface
[   79.569410][ T7699] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.572302][ T7699] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.575100][ T7699] bridge_slave_0: entered allmulticast mode
[   79.581296][ T7699] bridge_slave_0: entered promiscuous mode
[   79.588528][ T7699] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.591214][ T7699] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.594131][ T7699] bridge_slave_1: entered allmulticast mode
[   79.597484][ T7699] bridge_slave_1: entered promiscuous mode
[   79.646539][ T7699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.658053][ T7699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.705031][ T6268] bridge_slave_1: left allmulticast mode
[   79.706526][ T6268] bridge_slave_1: left promiscuous mode
[   79.708469][ T6268] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.711696][ T6268] bridge_slave_0: left allmulticast mode
[   79.713470][ T6268] bridge_slave_0: left promiscuous mode
[   79.715166][ T6268] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.060361][ T6268] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.063703][ T6268] bond_slave_0: left promiscuous mode
[   80.066421][ T6268] bond_slave_0: left allmulticast mode
[   80.071540][ T6268] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.075755][ T6268] bond_slave_1: left promiscuous mode
[   80.078033][ T6268] bond_slave_1: left allmulticast mode
[   80.082229][ T6268] bond0 (unregistering): Released all slaves
[   80.094600][ T7699] team0: Port device team_slave_0 added
[   80.108081][ T7699] team0: Port device team_slave_1 added
[   80.137434][ T7699] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.142607][ T7699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.149810][ T7699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.160446][ T7699] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.162984][ T7699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.177653][ T7699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.211542][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   80.313527][ T7699] hsr_slave_0: entered promiscuous mode
[   80.316022][ T7699] hsr_slave_1: entered promiscuous mode
[   80.320388][ T7699] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.323804][ T7699] Cannot create hsr debugfs directory
[   80.346294][ T7756] __nla_validate_parse: 1 callbacks suppressed
[   80.346312][ T7756] netlink: 8 bytes leftover after parsing attributes in process `syz.4.429'.
[   80.409929][ T7765] devtmpfs: Cannot enable quota on remount
[   80.519928][ T7657] usb 10-1: string descriptor 0 read error: -71
[   80.522483][ T6268] hsr_slave_0: left promiscuous mode
[   80.524668][ T6268] hsr_slave_1: left promiscuous mode
[   80.526607][ T6268] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.531898][ T6268] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.535734][ T6268] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.538019][ T6268] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.556161][ T6268] veth1_macvtap: left promiscuous mode
[   80.558517][ T6268] veth0_macvtap: left promiscuous mode
[   80.560562][ T6268] veth1_vlan: left promiscuous mode
[   80.562616][ T6268] veth0_vlan: left promiscuous mode
[   80.677778][ T1476] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   80.721057][ T7775] program syz.2.433 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   80.724710][ T7775] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[   80.726438][ T7775] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   80.729844][ T7775] vhci_hcd vhci_hcd.0: Device attached
[   80.850675][ T1476] usb 9-1: Using ep0 maxpacket: 8
[   80.855359][ T1476] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[   80.858679][ T1476] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   80.861783][ T1476] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   80.864753][ T1476] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   80.867459][ T1476] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   80.871410][ T1476] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   80.873796][ T1476] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.920467][ T6001] vhci_hcd: vhci_device speed not set
[   80.983589][ T5984] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[   80.987295][ T6001] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[   81.079931][ T1476] usb 9-1: usb_control_msg returned -32
[   81.082012][ T1476] usbtmc 9-1:16.0: can't read capabilities
[   81.150113][ T5984] usb 7-1: config 0 has no interfaces?
[   81.152682][ T5984] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   81.156084][ T5984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.162195][ T5984] usb 7-1: config 0 descriptor??
[   81.247625][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   81.247822][ T5946] Bluetooth: hci3: command 0x040f tx timeout
[   81.247875][ T5945] Bluetooth: hci2: command 0x0405 tx timeout
[   81.298520][  T828] usb 10-1: USB disconnect, device number 2
[   81.333776][ T5946] Bluetooth: hci1: command tx timeout
[   81.341322][ T1014] cfg80211: failed to load regulatory.db
[   81.375064][ T7775] netlink: 76 bytes leftover after parsing attributes in process `syz.2.433'.
[   81.463313][ T6001] vhci_hcd: vhci_device speed not set
[   81.517654][ T6001] usb 41-1: device descriptor read/64, error -71
[   81.717670][ T6001] vhci_hcd: vhci_device speed not set
[   81.780144][ T6001] usb 41-1: new full-speed USB device number 3 using vhci_hcd
[   82.221775][ T7784] netlink: 'syz.4.430': attribute type 3 has an invalid length.
[   82.223879][ T7784] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.430'.
[   82.228368][  T828] usb 7-1: USB disconnect, device number 13
[   82.234833][ T7777] vhci_hcd: connection reset by peer
[   82.237188][ T6258] vhci_hcd: stop threads
[   82.239517][ T6258] vhci_hcd: release socket
[   82.242051][ T7699] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   82.243179][ T6258] vhci_hcd: disconnect device
[   82.256046][ T7699] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   82.261152][ T7699] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   82.264830][ T7699] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   82.270638][ T7789] QAT: Invalid ioctl -2147192301
[   82.287640][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   82.290236][ T7789] syzkaller1: entered promiscuous mode
[   82.410631][ T7699] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.425394][ T7699] 8021q: adding VLAN 0 to HW filter on device team0
[   82.433519][ T6263] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.435597][ T6263] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.443792][ T6258] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.446612][ T6258] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.487056][ T7803] netlink: 24 bytes leftover after parsing attributes in process `syz.5.436'.
[   82.503657][ T7803] kAFS: unparsable volume name
[   82.582861][ T7699] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.621963][ T7818] IPVS: set_ctl: invalid protocol: 41 100.1.1.1:20003
[   82.693370][ T7825] netlink: 'syz.5.438': attribute type 1 has an invalid length.
[   82.696211][ T7825] netlink: 'syz.5.438': attribute type 2 has an invalid length.
[   82.751918][ T7699] veth0_vlan: entered promiscuous mode
[   82.756225][ T7699] veth1_vlan: entered promiscuous mode
[   82.761234][ T7836] netlink: 36 bytes leftover after parsing attributes in process `syz.5.439'.
[   82.775406][ T7699] veth0_macvtap: entered promiscuous mode
[   82.780066][ T7699] veth1_macvtap: entered promiscuous mode
[   82.786932][ T7699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.792924][ T7699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.795920][ T7699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.799640][ T7699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.803353][ T7699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.807347][ T7699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.814212][ T7699] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.819074][ T7699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.821909][ T7699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.825043][ T7699] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.828571][ T7699] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.832149][ T7699] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.840546][ T7699] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.844088][ T7699] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.846606][ T7699] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.852085][ T7699] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.899181][ T6268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.901905][ T6268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.917456][ T6268] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.920223][ T6268] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.987176][ T7856] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7856 comm=syz.2.443
[   82.992675][ T7856] nbd: must specify at least one socket
[   82.994955][ T7856] netlink: 5312 bytes leftover after parsing attributes in process `syz.2.443'.
[   82.998837][ T7856] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   83.041766][   T39] kauditd_printk_skb: 173 callbacks suppressed
[   83.041781][   T39] audit: type=1400 audit(1732004641.074:761): avc:  denied  { ioctl } for  pid=7866 comm="syz.2.445" path="socket:[19832]" dev="sockfs" ino=19832 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   83.130364][   T39] audit: type=1400 audit(1732004641.164:762): avc:  denied  { connect } for  pid=7872 comm="syz.2.447" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   83.133578][ T7876] xt_nat: multiple ranges no longer supported
[   83.136599][   T39] audit: type=1400 audit(1732004641.164:763): avc:  denied  { setopt } for  pid=7875 comm="syz.5.448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   83.147217][   T39] audit: type=1400 audit(1732004641.174:764): avc:  denied  { listen } for  pid=7875 comm="syz.5.448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   83.184481][ T7880] netlink: 'syz.2.449': attribute type 21 has an invalid length.
[   83.186648][ T7880] netlink: 152 bytes leftover after parsing attributes in process `syz.2.449'.
[   83.218663][   T39] audit: type=1400 audit(1732004641.254:765): avc:  denied  { create } for  pid=7883 comm="syz.2.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   83.264798][ T7890] fuse: Bad value for 'group_id'
[   83.266273][ T7890] fuse: Bad value for 'group_id'
[   83.309325][ T7893] netlink: 'syz.6.452': attribute type 29 has an invalid length.
[   83.327623][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   83.327771][ T5946] Bluetooth: hci2: command 0x0405 tx timeout
[   83.381356][ T7900] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7900 comm=syz.6.453
[   83.388309][ T7900] nbd: must specify at least one socket
[   83.391262][ T7900] netlink: 5300 bytes leftover after parsing attributes in process `syz.6.453'.
[   83.394690][ T7900] openvswitch: netlink: Message has 8 unknown bytes.
[   83.407779][ T5946] Bluetooth: hci1: command tx timeout
[   83.417638][ T1014] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[   83.436848][ T1476] usb 9-1: USB disconnect, device number 3
[   83.512927][   T39] audit: type=1400 audit(1732004641.544:766): avc:  denied  { setopt } for  pid=7906 comm="syz.2.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   83.534431][ T7910] ALSA: seq fatal error: cannot create timer (-22)
[   83.576023][   T39] audit: type=1400 audit(1732004641.604:767): avc:  denied  { ioctl } for  pid=7917 comm="syz.4.458" path="socket:[19867]" dev="sockfs" ino=19867 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   83.578446][ T1014] usb 10-1: Using ep0 maxpacket: 32
[   83.593730][ T1014] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[   83.596251][ T1014] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   83.602165][ T1014] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   83.606601][ T1014] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   83.617266][ T1014] usb 10-1: config 0 interface 0 has no altsetting 0
[   83.622512][ T1014] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   83.627089][ T1014] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   83.631532][ T1014] usb 10-1: Product: syz
[   83.633180][ T1014] usb 10-1: Manufacturer: syz
[   83.634962][ T1014] usb 10-1: SerialNumber: syz
[   83.638858][ T1014] usb 10-1: config 0 descriptor??
[   83.645433][ T1014] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   83.650031][ T1014] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   83.854934][   T39] audit: type=1400 audit(1732004641.884:768): avc:  denied  { read } for  pid=7942 comm="syz.4.464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   83.904442][ T1014] usb 10-1: USB disconnect, device number 3
[   83.906185][    C0] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[   83.908482][ T1014] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[   83.910780][   T39] audit: type=1400 audit(1732004641.944:769): avc:  denied  { write } for  pid=7942 comm="syz.4.464" path="socket:[19909]" dev="sockfs" ino=19909 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   83.949999][   T39] audit: type=1400 audit(1732004641.984:770): avc:  denied  { connect } for  pid=7948 comm="syz.4.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   84.023687][ T7956] program syz.4.466 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.111610][ T7962] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[   84.321239][ T7973] geneve2: entered promiscuous mode
[   84.323368][ T7973] geneve2: entered allmulticast mode
[   84.367636][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   84.478951][ T7990] program syz.4.475 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.623266][ T8000] 9p: Unknown access argument aÖý¦ž5Ѷ)•a<Yë^[ÄÕ�Ño-8Aîƒß[Œ
[   84.623266][ T8000] Üš‡£º6üÿÿÿÿÿÿÿúˆ9}¤#—°yˆ"¶usìõ{i›Å<: -22
[   84.632538][ T8001] netlink: 8 bytes leftover after parsing attributes in process `syz.4.476'.
[   84.635499][ T8001] bridge0: entered allmulticast mode
[   84.821798][ T8029] netlink: 'syz.6.482': attribute type 3 has an invalid length.
[   84.824748][ T8029] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.482'.
[   84.861778][ T8035] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   84.916715][ T8044] input: syz0 as /devices/virtual/input/input10
[   85.004902][ T8056] 9pnet_fd: Insufficient options for proto=fd
[   85.053606][ T8059] netlink: 'syz.6.489': attribute type 9 has an invalid length.
[   85.400120][ T8075] netlink: 'syz.6.494': attribute type 1 has an invalid length.
[   85.405261][ T8075] __nla_validate_parse: 3 callbacks suppressed
[   85.405276][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.6.494'.
[   85.410765][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   85.497852][ T5946] Bluetooth: hci1: command tx timeout
[   85.553768][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.6.495'.
[   85.554681][ T8082] QAT: Invalid ioctl 1342215180
[   85.703072][ T8088] netlink: 'syz.2.497': attribute type 30 has an invalid length.
[   85.717859][ T8088] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   85.942483][ T8107] MTD: Attempt to mount non-MTD device "/dev/sr0"
[   85.959635][ T8107] cramfs: wrong magic
[   86.051640][ T8118] loop2: detected capacity change from 0 to 7
[   86.055729][ T8118] Dev loop2: unable to read RDB block 7
[   86.058761][ T8118]  loop2: unable to read partition table
[   86.060282][ T8118] loop2: partition table beyond EOD, truncated
[   86.061824][ T8118] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   86.084164][ T5356] Dev loop2: unable to read RDB block 7
[   86.085601][ T5356]  loop2: unable to read partition table
[   86.087028][ T5356] loop2: partition table beyond EOD, truncated
[   86.104568][ T8121] fuse: Bad value for 'user_id'
[   86.106532][ T8121] fuse: Bad value for 'user_id'
[   86.123037][ T5356] Dev loop2: unable to read RDB block 7
[   86.124613][ T5356]  loop2: unable to read partition table
[   86.126262][ T5356] loop2: partition table beyond EOD, truncated
[   86.174971][ T8125] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8125 comm=syz.5.507
[   86.180774][ T8125] nbd: must specify at least one socket
[   86.183413][ T8125] netlink: 5300 bytes leftover after parsing attributes in process `syz.5.507'.
[   86.186271][ T8125] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[   86.216629][ T8131] xt_TCPMSS: Only works on TCP SYN packets
[   86.225979][ T8128] sctp: [Deprecated]: syz.2.506 (pid 8128) Use of int in max_burst socket option deprecated.
[   86.225979][ T8128] Use struct sctp_assoc_value instead
[   86.243601][ T8131] netlink: 'syz.5.509': attribute type 10 has an invalid length.
[   86.261053][ T8131] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   86.266250][ T8131] netlink: 52 bytes leftover after parsing attributes in process `syz.5.509'.
[   86.268747][ T8133] netlink: 8 bytes leftover after parsing attributes in process `syz.4.510'.
[   86.273201][ T8133] netlink: 4 bytes leftover after parsing attributes in process `syz.4.510'.
[   86.305152][ T8131] MTD: Attempt to mount non-MTD device "/dev/sr0"
[   86.312774][ T8131] cramfs: wrong magic
[   86.417353][ T8145] netlink: ct family unspecified
[   86.420902][ T8145] openvswitch: netlink: Actions may not be safe on all matching packets
[   86.460490][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   86.610882][ T8159] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8159 comm=syz.6.517
[   86.617424][ T8159] nbd: must specify at least one socket
[   86.626345][ T8159] netlink: 5300 bytes leftover after parsing attributes in process `syz.6.517'.
[   86.634702][ T8159] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[   86.657683][   T25] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[   86.809085][   T25] usb 9-1: unable to get BOS descriptor or descriptor too short
[   86.811892][   T25] usb 9-1: not running at top speed; connect to a high speed hub
[   86.815857][   T25] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   86.820373][   T25] usb 9-1: config 1 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   86.824593][   T25] usb 9-1: config 1 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   86.829267][   T25] usb 9-1: config 1 interface 0 has no altsetting 0
[   86.833780][   T25] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   86.836633][   T25] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.839363][   T25] usb 9-1: Product: syz
[   86.840611][   T25] usb 9-1: Manufacturer: syz
[   86.841968][   T25] usb 9-1: SerialNumber: syz
[   86.917685][ T6001] vhci_hcd: vhci_device speed not set
[   87.018903][ T5946] Bluetooth: hci0: unexpected event for opcode 0x2006
[   87.027710][ T1476] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[   87.167593][ T1476] usb 11-1: device descriptor read/64, error -71
[   87.171266][ T8186] xt_TCPMSS: Only works on TCP SYN packets
[   87.175051][ T8186] netlink: 'syz.2.525': attribute type 10 has an invalid length.
[   87.186331][ T8187] 9pnet_fd: Insufficient options for proto=fd
[   87.186361][ T8186] 9pnet_fd: Insufficient options for proto=fd
[   87.437610][ T1476] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[   87.487592][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   87.528183][ T8203] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8203 comm=syz.5.527
[   87.534725][ T8203] nbd: must specify at least one socket
[   87.540439][ T8203] netlink: 5300 bytes leftover after parsing attributes in process `syz.5.527'.
[   87.543893][ T8203] openvswitch: netlink: IP tunnel dst address not specified
[   87.567643][ T1476] usb 11-1: device descriptor read/64, error -71
[   87.567689][ T5946] Bluetooth: hci1: command tx timeout
[   87.697730][ T1476] usb usb11-port1: attempt power cycle
[   87.938260][ T8240] netlink: 'syz.2.534': attribute type 21 has an invalid length.
[   87.940405][ T8240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.534'.
[   87.984353][ T8247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8247 comm=syz.2.536
[   87.991599][ T8247] nbd: must specify at least one socket
[   87.994341][ T8247] netlink: 5300 bytes leftover after parsing attributes in process `syz.2.536'.
[   87.997993][ T8247] openvswitch: netlink: IP tunnel dst address not specified
[   88.037717][ T1476] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[   88.058737][ T1476] usb 11-1: device descriptor read/8, error -71
[   88.088319][ T8265] netlink: 'syz.5.541': attribute type 5 has an invalid length.
[   88.267606][ T5946] Bluetooth: hci2: unexpected event for opcode 0x2027
[   88.268294][ T8289] afs: Unknown parameter 'xI»¨ÚLd»‡ÞëqÊ'
[   88.288691][ T6001] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[   88.297809][ T1476] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[   88.318261][ T1476] usb 11-1: device descriptor read/8, error -71
[   88.428141][ T1476] usb usb11-port1: unable to enumerate USB device
[   88.438969][ T6001] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   88.442166][ T6001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   88.444936][ T6001] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   88.449395][ T6001] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   88.453712][ T6001] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   88.456075][ T6001] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.459228][ T6001] usb 7-1: config 0 descriptor??
[   88.461699][ T8262] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[   88.868377][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.870949][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.873790][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.876159][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.878900][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.881372][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.883372][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.885738][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.887830][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.890034][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.892335][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.894615][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.897037][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.900012][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.902367][ T6001] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[   88.904490][ T6001] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[   88.909980][ T6001] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   88.918949][ T6001] usb 7-1: USB disconnect, device number 14
[   89.281534][ T8306] __vm_enough_memory: pid: 8306, comm: syz.5.547, bytes: 4503599627366400 not enough memory for the allocation
[   89.435624][   T25] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22
[   89.445429][   T25] usb 9-1: USB disconnect, device number 4
[   89.549596][   T39] kauditd_printk_skb: 24 callbacks suppressed
[   89.549610][   T39] audit: type=1400 audit(1732004647.584:795): avc:  denied  { watch_reads } for  pid=8307 comm="syz.4.548" path="/70" dev="tmpfs" ino=386 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   89.843176][ T8329] syzkaller1: entered promiscuous mode
[   89.845155][ T8329] syzkaller1: entered allmulticast mode
[   89.855223][ T8331] xt_hashlimit: size too large, truncated to 1048576
[   89.863157][ T8334] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8334 comm=syz.4.554
[   89.867299][ T8331] syz.4.554: vmalloc error: size 8392704, failed to allocated page array size 16392, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[   89.876260][ T8331] CPU: 2 UID: 0 PID: 8331 Comm: syz.4.554 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0
[   89.880373][ T8331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   89.883950][ T8331] Call Trace:
[   89.885107][ T8331]  <TASK>
[   89.886122][ T8331]  dump_stack_lvl+0x16c/0x1f0
[   89.887778][ T8331]  warn_alloc+0x24d/0x3a0
[   89.889292][ T8331]  ? __pfx_warn_alloc+0x10/0x10
[   89.891020][ T8331]  ? __get_vm_area_node+0x190/0x2d0
[   89.893149][ T8331]  ? __get_vm_area_node+0x1bc/0x2d0
[   89.895190][ T8331]  __vmalloc_node_range_noprof+0x114a/0x15a0
[   89.897481][ T8331]  ? __pfx___lock_acquire+0x10/0x10
[   89.899131][ T8331]  ? hashlimit_mt_check_common+0x8b0/0x1450
[   89.900715][ T8331]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   89.902297][ T8331]  ? __pfx_lock_release+0x10/0x10
[   89.903648][ T8331]  ? trace_lock_acquire+0x14a/0x1d0
[   89.905034][ T8331]  ? hashlimit_mt_check_common+0x8b0/0x1450
[   89.906700][ T8331]  vmalloc_noprof+0x6b/0x90
[   89.907898][ T8331]  ? hashlimit_mt_check_common+0x8b0/0x1450
[   89.909504][ T8331]  hashlimit_mt_check_common+0x8b0/0x1450
[   89.912000][ T8331]  hashlimit_mt_check+0x71/0x90
[   89.913735][ T8331]  ? __pfx_hashlimit_mt_check+0x10/0x10
[   89.915870][ T8331]  xt_check_match+0x284/0xa50
[   89.917454][ T8331]  ? dmar_validate_one_drhd+0x1c2/0x1f0
[   89.919009][ T8331]  ? __pfx_xt_check_match+0x10/0x10
[   89.920769][ T8331]  ? xt_find_target+0x1ee/0x290
[   89.922185][ T8331]  ? xt_find_match+0x1f2/0x290
[   89.923604][ T8331]  find_check_entry.constprop.0+0x34d/0xa20
[   89.925334][ T8331]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[   89.927795][ T8331]  ? kvfree+0x47/0x50
[   89.929624][ T8331]  translate_table+0xd06/0x17b0
[   89.931331][ T8331]  ? __pfx_translate_table+0x10/0x10
[   89.932797][ T8331]  ? __might_fault+0xe3/0x190
[   89.934128][ T8331]  do_ip6t_set_ctl+0x605/0xc40
[   89.935509][ T8331]  ? rcu_is_watching+0x12/0xc0
[   89.937119][ T8331]  ? trace_contention_end+0xea/0x140
[   89.938679][ T8331]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[   89.940104][ T8331]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   89.941632][ T8331]  ? nf_sockopt_find.constprop.0+0x221/0x290
[   89.943313][ T8331]  nf_setsockopt+0x8a/0xf0
[   89.944527][ T8331]  ipv6_setsockopt+0x135/0x170
[   89.945816][ T8331]  rawv6_setsockopt+0xd7/0x680
[   89.947600][ T8331]  ? __pfx_rawv6_setsockopt+0x10/0x10
[   89.949612][ T8331]  ? selinux_socket_setsockopt+0x6a/0x80
[   89.951413][ T8331]  ? sock_common_setsockopt+0x2e/0xf0
[   89.952911][ T8331]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   89.954578][ T8331]  do_sock_setsockopt+0x222/0x480
[   89.956316][ T8331]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   89.958002][ T8331]  ? lock_acquire+0x2f/0xb0
[   89.959354][ T8331]  __sys_setsockopt+0x1a0/0x230
[   89.960663][ T8331]  __x64_sys_setsockopt+0xbd/0x160
[   89.961930][ T8331]  ? do_syscall_64+0x91/0x250
[   89.963525][ T8331]  ? lockdep_hardirqs_on+0x7c/0x110
[   89.965562][ T8331]  do_syscall_64+0xcd/0x250
[   89.967390][ T8331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.969236][ T8331] RIP: 0033:0x7ff16657e759
[   89.970375][ T8331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.975257][ T8331] RSP: 002b:00007ff167315038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   89.977590][ T8331] RAX: ffffffffffffffda RBX: 00007ff166735f80 RCX: 00007ff16657e759
[   89.980198][ T8331] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000023
[   89.982213][ T8331] RBP: 00007ff1665f175e R08: 0000000000000588 R09: 0000000000000000
[   89.984419][ T8331] R10: 00000000200014c0 R11: 0000000000000246 R12: 0000000000000000
[   89.986829][ T8331] R13: 0000000000000000 R14: 00007ff166735f80 R15: 00007ffdbb4c9d28
[   89.989231][ T8331]  </TASK>
[   89.995292][ T8331] Mem-Info:
[   89.996215][ T8331] active_anon:9291 inactive_anon:0 isolated_anon:0
[   89.996215][ T8331]  active_file:2664 inactive_file:46657 isolated_file:0
[   89.996215][ T8331]  unevictable:1768 dirty:166 writeback:0
[   89.996215][ T8331]  slab_reclaimable:8201 slab_unreclaimable:73355
[   89.996215][ T8331]  mapped:18465 shmem:4339 pagetables:997
[   89.996215][ T8331]  sec_pagetables:312 bounce:0
[   89.996215][ T8331]  kernel_misc_reclaimable:0
[   89.996215][ T8331]  free:483755 free_pcp:1947 free_cma:0
[   90.012855][ T8331] Node 0 active_anon:39024kB inactive_anon:0kB active_file:10656kB inactive_file:186556kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:72744kB dirty:660kB writeback:0kB shmem:15556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:14256kB pagetables:3988kB sec_pagetables:1248kB all_unreclaimable? no
[   90.031456][ T8331] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   90.043952][ T8331] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   90.055427][ T8331] lowmem_reserve[]: 0 1214 0 0 0
[   90.057395][ T8331] Node 0 DMA32 free:324552kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:41504kB inactive_anon:0kB active_file:12392kB inactive_file:186556kB unevictable:3536kB writepending:660kB present:2080628kB managed:1272184kB mlocked:0kB bounce:0kB free_pcp:8580kB local_pcp:840kB free_cma:0kB
[   90.065429][ T8347] overlayfs: missing 'lowerdir'
[   90.072204][ T8331] lowmem_reserve[]: 0 0 0 0 0
[   90.074412][ T8331] Node 1 Normal free:1587688kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:1096kB local_pcp:816kB free_cma:0kB
[   90.087609][ T8331] lowmem_reserve[]: 0 0 0 0 0
[   90.090502][ T8331] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   90.094359][ T8331] Node 0 DMA32: 2*4kB (UM) 126*8kB (UME) 69*16kB (ME) 122*32kB (UME) 308*64kB (ME) 59*128kB (ME) 30*256kB (UME) 43*512kB (UME) 33*1024kB (UME) 17*2048kB (UME) 46*4096kB (UM) = 320008kB
[   90.100446][ T8331] Node 1 Normal: 4*4kB (UME) 9*8kB (UME) 13*16kB (UME) 140*32kB (UME) 65*64kB (UME) 14*128kB (UME) 6*256kB (UE) 9*512kB (UME) 2*1024kB (U) 4*2048kB (UM) 381*4096kB (M) = 1587688kB
[   90.105952][ T8331] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   90.118036][ T8331] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   90.120908][ T8331] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   90.123365][ T8331] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   90.126112][ T8331] 57289 total pagecache pages
[   90.128575][ T8331] 0 pages in swap cache
[   90.129918][ T8331] Free swap  = 124448kB
[   90.131257][ T8331] Total swap = 124996kB
[   90.132403][ T8331] 1048443 pages RAM
[   90.133604][ T8331] 0 pages HighMem/MovableOnly
[   90.135157][ T8331] 281076 pages reserved
[   90.136413][ T8331] 0 pages cma reserved
[   90.153915][   T39] audit: type=1400 audit(1732004648.184:796): avc:  denied  { create } for  pid=8354 comm="syz.6.559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   90.162710][   T39] audit: type=1400 audit(1732004648.184:797): avc:  denied  { bind } for  pid=8354 comm="syz.6.559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   90.183733][   T39] audit: type=1400 audit(1732004648.184:798): avc:  denied  { write } for  pid=8354 comm="syz.6.559" path="socket:[23399]" dev="sockfs" ino=23399 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[   90.578829][   T39] audit: type=1400 audit(1732004648.614:799): avc:  denied  { create } for  pid=8384 comm="syz.4.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   90.586752][   T39] audit: type=1400 audit(1732004648.614:800): avc:  denied  { write } for  pid=8384 comm="syz.4.569" path="socket:[20336]" dev="sockfs" ino=20336 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   90.595486][   T39] audit: type=1400 audit(1732004648.614:801): avc:  denied  { nlmsg_read } for  pid=8384 comm="syz.4.569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   90.607642][    C3] net_ratelimit: 2 callbacks suppressed
[   90.607664][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   90.625108][ T8390] __nla_validate_parse: 4 callbacks suppressed
[   90.625125][ T8390] netlink: 4 bytes leftover after parsing attributes in process `syz.4.570'.
[   90.636862][ T8392] fuse: Unknown parameter 'fd& 2'
[   90.682584][   T39] audit: type=1400 audit(1732004648.714:802): avc:  denied  { setopt } for  pid=8397 comm="syz.2.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   90.727821][ T5946] Bluetooth: hci0: Malformed Event: 0x2f
[   90.793713][   T39] audit: type=1400 audit(1732004648.824:803): avc:  denied  { write } for  pid=8410 comm="syz.2.575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   90.793937][ T8411] ieee802154 phy0 wpan0: encryption failed: -22
[   90.811177][ T8414] netlink: 5300 bytes leftover after parsing attributes in process `syz.4.576'.
[   90.814388][ T8414] openvswitch: netlink: IP tunnel dst address not specified
[   90.915131][   T39] audit: type=1400 audit(1732004648.944:804): avc:  denied  { ioctl } for  pid=8424 comm="syz.4.578" path="socket:[24674]" dev="sockfs" ino=24674 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   91.060966][ T8439] netlink: 36 bytes leftover after parsing attributes in process `syz.4.583'.
[   91.063658][ T8439] netlink: 'syz.4.583': attribute type 10 has an invalid length.
[   91.066146][ T8439] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.068237][ T8439] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.071052][ T8439] bridge0: left allmulticast mode
[   91.077246][ T8439] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.079501][ T8439] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.081636][ T8439] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.083654][ T8439] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.087771][ T8439] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   91.188739][ T8448] syz.5.587 uses old SIOCAX25GETINFO
[   91.507790][ T1014] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[   91.647684][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   91.657760][ T1014] usb 10-1: Using ep0 maxpacket: 8
[   91.661219][ T1014] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   91.665395][ T1014] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   91.669884][ T1014] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   91.673610][ T1014] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   91.678466][ T1014] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   91.681732][ T1014] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.892448][ T1014] usb 10-1: usb_control_msg returned -32
[   91.894466][ T1014] usbtmc 10-1:16.0: can't read capabilities
[   91.977613][ T8472] i2c i2c-1: Invalid block write size 34
[   92.190325][ T8468] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[   92.285490][ T8484] (syz.5.590,8484,2):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   92.289171][ T8484] (syz.5.590,8484,2):ocfs2_fill_super:1178 ERROR: status = -22
[   92.423299][ T8492] netlink: 52 bytes leftover after parsing attributes in process `syz.6.600'.
[   92.472260][   T35] usb 10-1: USB disconnect, device number 4
[   92.687710][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   93.237649][ T1014] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[   93.289143][ T8501] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   93.292064][ T8501] SELinux: failed to load policy
[   93.300028][ T8501] sp0: Synchronizing with TNC
[   93.387670][ T1014] usb 10-1: Using ep0 maxpacket: 8
[   93.391387][ T1014] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   93.394137][ T1014] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   93.397066][ T1014] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   93.400068][ T1014] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   93.403825][ T1014] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   93.406217][ T1014] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.613798][ T1014] usb 10-1: GET_CAPABILITIES returned 0
[   93.615695][ T1014] usbtmc 10-1:16.0: can't read capabilities
[   93.727661][    C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   93.816306][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.819069][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.821904][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.824771][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.827280][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.829836][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.832233][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.834684][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.837115][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.839594][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.842084][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.844505][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.848921][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.852378][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.854937][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.857316][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.861863][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.865229][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.869359][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   93.873116][    C2] ==================================================================
[   93.875899][   T35] usb 10-1: USB disconnect, device number 5
[   93.876030][    C2] BUG: KASAN: slab-use-after-free in usb_anchor_suspend_wakeups+0x28/0x40
SYZFAIL: failed to recv rpc
[   93.880838][    C2] Write of size 4 at addr ffff88804b881910 by task syz.5.601/8496
[   93.885555][    C2] 
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   93.886865][    C2] CPU: 2 UID: 0 PID: 8496 Comm: syz.5.601 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0
[   93.890989][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.894691][    C2] Call Trace:
[   93.895837][    C2]  <IRQ>
[   93.896973][    C2]  dump_stack_lvl+0x116/0x1f0
[   93.898646][    C2]  print_report+0xc3/0x620
[   93.900348][    C2]  ? __virt_addr_valid+0x5e/0x590
[   93.902064][    C2]  ? __phys_addr+0xc6/0x150
[   93.904031][    C2]  kasan_report+0xd9/0x110
[   93.905815][    C2]  ? usb_anchor_suspend_wakeups+0x28/0x40
[   93.908088][    C2]  ? usb_anchor_suspend_wakeups+0x28/0x40
[   93.910282][    C2]  kasan_check_range+0xef/0x1a0
[   93.912074][    C2]  usb_anchor_suspend_wakeups+0x28/0x40
[   93.914270][    C2]  __usb_hcd_giveback_urb+0x223/0x6e0
[   93.916256][    C2]  usb_hcd_giveback_urb+0x396/0x450
[   93.918111][    C2]  dummy_timer+0x17f0/0x3930
[   93.919768][    C2]  ? lock_acquire+0x2f/0xb0
[   93.921361][    C2]  ? debug_object_deactivate+0x13c/0x370
[   93.923315][    C2]  ? do_raw_spin_unlock+0x172/0x230
[   93.925061][    C2]  ? find_held_lock+0x2d/0x110
[   93.926594][    C2]  ? __hrtimer_run_queues+0x53d/0xae0
[   93.928397][    C2]  ? __pfx_lock_release+0x10/0x10
[   93.930208][    C2]  ? __pfx_dummy_timer+0x10/0x10
[   93.932032][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   93.934285][    C2]  ? __pfx_dummy_timer+0x10/0x10
[   93.936159][    C2]  __hrtimer_run_queues+0x20a/0xae0
[   93.938080][    C2]  ? __pfx___hrtimer_run_queues+0x10/0x10
[   93.940230][    C2]  ? ktime_get_update_offsets_now+0x201/0x310
[   93.942346][    C2]  hrtimer_run_softirq+0x17d/0x350
[   93.943828][    C2]  handle_softirqs+0x213/0x8f0
[   93.945135][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[   93.946597][    C2]  irq_exit_rcu+0xbb/0x120
[   93.948103][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   93.950330][    C2]  </IRQ>
[   93.951537][    C2]  <TASK>
[   93.952742][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   93.954982][    C2] RIP: 0010:refill_stock+0x17d/0x220
[   93.956918][    C2] Code: ea 03 80 3c 02 00 0f 85 ac 00 00 00 48 03 1c ed 80 8b a6 8d 48 89 df e8 61 b0 ff ff e8 2c ee 9d ff 9c 58 f6 c4 02 75 1b fb 5b <5d> 41 5c 41 5d 41 5e c3 cc cc cc cc 5b 5d 41 5c 41 5d 41 5e e9 9a
[   93.963495][    C2] RSP: 0018:ffffc90006647b50 EFLAGS: 00000246
[   93.965263][    C2] RAX: 0000000000000006 RBX: ffff888045fc4000 RCX: 1ffffffff20be9d1
[   93.967355][    C2] RDX: 0000000000000000 RSI: ffffffff8b6cd180 RDI: ffffffff8bd1c960
[   93.970099][    C2] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000000001
[   93.972745][    C2] R10: ffffffff905f90cf R11: 0000000000000000 R12: ffff888045fc4000
[   93.975328][    C2] R13: 0000000000000001 R14: 0000000000000002 R15: ffff8880442c4088
[   93.978052][    C2]  obj_cgroup_uncharge_pages+0x4e/0x230
[   93.980387][    C2]  __memcg_kmem_uncharge_page+0xdd/0x290
[   93.982505][    C2]  exit_task_stack_account+0x98/0xf0
[   93.984245][    C2]  do_exit+0x1c8a/0x2d70
[   93.985720][    C2]  ? get_signal+0x8f2/0x2770
[   93.987354][    C2]  ? __pfx_do_exit+0x10/0x10
[   93.988950][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   93.990873][    C2]  do_group_exit+0xd3/0x2a0
[   93.992464][    C2]  get_signal+0x25fb/0x2770
[   93.994161][    C2]  ? __pfx_get_signal+0x10/0x10
[   93.995956][    C2]  arch_do_signal_or_restart+0x90/0x7e0
[   93.998108][    C2]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   94.000639][    C2]  syscall_exit_to_user_mode+0x150/0x2a0
[   94.002505][    C2]  do_syscall_64+0xda/0x250
[   94.003942][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.005734][    C2] RIP: 0033:0x7f4f0b97e759
[   94.007167][    C2] Code: Unable to access opcode bytes at 0x7f4f0b97e72f.
[   94.009548][    C2] RSP: 002b:00007f4f0c75a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.012253][    C2] RAX: fffffffffffffff5 RBX: 00007f4f0bb35f80 RCX: 00007f4f0b97e759
[   94.014603][    C2] RDX: 0000000020000040 RSI: 00000000c0145b0e RDI: 0000000000000006
[   94.016921][    C2] RBP: 00007f4f0b9f175e R08: 0000000000000000 R09: 0000000000000000
[   94.019322][    C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.021704][    C2] R13: 0000000000000000 R14: 00007f4f0bb35f80 R15: 00007ffcfb30e748
[   94.024241][    C2]  </TASK>
[   94.025243][    C2] 
[   94.026017][    C2] Allocated by task 8496:
[   94.027402][    C2]  kasan_save_stack+0x33/0x60
[   94.029041][    C2]  kasan_save_track+0x14/0x30
[   94.030642][    C2]  __kasan_kmalloc+0xaa/0xb0
[   94.032188][    C2]  usbtmc_open+0xa6/0x9b0
[   94.033543][    C2]  usb_open+0x186/0x220
[   94.034816][    C2]  chrdev_open+0x237/0x6a0
[   94.036186][    C2]  do_dentry_open+0x6ca/0x1530
[   94.037643][    C2]  vfs_open+0x82/0x3f0
[   94.038903][    C2]  path_openat+0x1e6a/0x2d60
[   94.040316][    C2]  do_filp_open+0x20c/0x470
[   94.041837][    C2]  do_sys_openat2+0x17a/0x1e0
[   94.043292][    C2]  __x64_sys_openat+0x175/0x210
[   94.044862][    C2]  do_syscall_64+0xcd/0x250
[   94.046318][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.048255][    C2] 
[   94.049058][    C2] Freed by task 8496:
[   94.050317][    C2]  kasan_save_stack+0x33/0x60
[   94.051771][    C2]  kasan_save_track+0x14/0x30
[   94.053240][    C2]  kasan_save_free_info+0x3b/0x60
[   94.054809][    C2]  __kasan_slab_free+0x51/0x70
[   94.056342][    C2]  kfree+0x14f/0x4b0
[   94.057701][    C2]  usbtmc_release+0x271/0x380
[   94.059248][    C2]  __fput+0x3f8/0xb60
[   94.060543][    C2]  task_work_run+0x14e/0x250
[   94.061976][    C2]  get_signal+0x1ca/0x2770
[   94.063348][    C2]  arch_do_signal_or_restart+0x90/0x7e0
[   94.065036][    C2]  syscall_exit_to_user_mode+0x150/0x2a0
[   94.066749][    C2]  do_syscall_64+0xda/0x250
[   94.068159][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.070057][    C2] 
[   94.070834][    C2] The buggy address belongs to the object at ffff88804b881800
[   94.070834][    C2]  which belongs to the cache kmalloc-1k of size 1024
[   94.075441][    C2] The buggy address is located 272 bytes inside of
[   94.075441][    C2]  freed 1024-byte region [ffff88804b881800, ffff88804b881c00)
[   94.079659][    C2] 
[   94.080419][    C2] The buggy address belongs to the physical page:
[   94.082355][    C2] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b880
[   94.085124][    C2] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   94.087992][    C2] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   94.090431][    C2] page_type: f5(slab)
[   94.091678][    C2] raw: 00fff00000000040 ffff88801b042dc0 dead000000000100 dead000000000122
[   94.094253][    C2] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   94.096809][    C2] head: 00fff00000000040 ffff88801b042dc0 dead000000000100 dead000000000122
[   94.099417][    C2] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   94.101999][    C2] head: 00fff00000000003 ffffea00012e2001 ffffffffffffffff 0000000000000000
[   94.104930][    C2] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   94.107656][    C2] page dumped because: kasan: bad access detected
[   94.109572][    C2] page_owner tracks the page as allocated
[   94.111283][    C2] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5943, tgid 5943 (syz-executor), ts 46226920113, free_ts 0
[   94.117821][    C2]  post_alloc_hook+0x2d1/0x350
[   94.119467][    C2]  get_page_from_freelist+0xfce/0x2f80
[   94.121100][    C2]  __alloc_pages_noprof+0x223/0x25a0
[   94.122679][    C2]  alloc_pages_mpol_noprof+0x2c9/0x610
[   94.124350][    C2]  new_slab+0x2c9/0x410
[   94.125604][    C2]  ___slab_alloc+0xdac/0x1880
[   94.127037][    C2]  __slab_alloc.constprop.0+0x56/0xb0
[   94.128704][    C2]  __kmalloc_node_noprof+0x357/0x430
[   94.130369][    C2]  __kvmalloc_node_noprof+0xad/0x1a0
[   94.132064][    C2]  bucket_table_alloc.isra.0+0x86/0x460
[   94.133841][    C2]  rhashtable_init_noprof+0x41a/0x7e0
[   94.135649][    C2]  ioam6_net_init+0xb1/0x170
[   94.137128][    C2]  ops_init+0x1df/0x5f0
[   94.138512][    C2]  setup_net+0x21f/0x860
[   94.139971][    C2]  copy_net_ns+0x2b4/0x6b0
[   94.141490][    C2]  create_new_namespaces+0x3ea/0xad0
[   94.143216][    C2] page_owner free stack trace missing
[   94.144918][    C2] 
[   94.145683][    C2] Memory state around the buggy address:
[   94.147397][    C2]  ffff88804b881800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.149805][    C2]  ffff88804b881880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.152170][    C2] >ffff88804b881900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.154577][    C2]                          ^
[   94.155957][    C2]  ffff88804b881980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.158292][    C2]  ffff88804b881a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   94.160578][    C2] ==================================================================
[   94.162894][    C2] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   94.165009][    C2] CPU: 2 UID: 0 PID: 8496 Comm: syz.5.601 Not tainted 6.12.0-syzkaller-00233-g9fb2cfa4635a #0
[   94.168123][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.171391][    C2] Call Trace:
[   94.172452][    C2]  <IRQ>
[   94.173390][    C2]  dump_stack_lvl+0x3d/0x1f0
[   94.174865][    C2]  panic+0x71d/0x800
[   94.176106][    C2]  ? __pfx_panic+0x10/0x10
[   94.177520][    C2]  ? rcu_is_watching+0x12/0xc0
[   94.178987][    C2]  ? __pfx_lock_release+0x10/0x10
[   94.180571][    C2]  ? check_panic_on_warn+0x1f/0xb0
[   94.182199][    C2]  check_panic_on_warn+0xab/0xb0
[   94.183717][    C2]  end_report+0x117/0x180
[   94.185145][    C2]  kasan_report+0xe9/0x110
[   94.186568][    C2]  ? usb_anchor_suspend_wakeups+0x28/0x40
[   94.188417][    C2]  ? usb_anchor_suspend_wakeups+0x28/0x40
[   94.190353][    C2]  kasan_check_range+0xef/0x1a0
[   94.191835][    C2]  usb_anchor_suspend_wakeups+0x28/0x40
[   94.193557][    C2]  __usb_hcd_giveback_urb+0x223/0x6e0
[   94.195198][    C2]  usb_hcd_giveback_urb+0x396/0x450
[   94.196821][    C2]  dummy_timer+0x17f0/0x3930
[   94.198349][    C2]  ? lock_acquire+0x2f/0xb0
[   94.199731][    C2]  ? debug_object_deactivate+0x13c/0x370
[   94.201383][    C2]  ? do_raw_spin_unlock+0x172/0x230
[   94.202860][    C2]  ? find_held_lock+0x2d/0x110
[   94.204209][    C2]  ? __hrtimer_run_queues+0x53d/0xae0
[   94.205886][    C2]  ? __pfx_lock_release+0x10/0x10
[   94.207559][    C2]  ? __pfx_dummy_timer+0x10/0x10
[   94.209100][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   94.210915][    C2]  ? __pfx_dummy_timer+0x10/0x10
[   94.212547][    C2]  __hrtimer_run_queues+0x20a/0xae0
[   94.214515][    C2]  ? __pfx___hrtimer_run_queues+0x10/0x10
[   94.216293][    C2]  ? ktime_get_update_offsets_now+0x201/0x310
[   94.218191][    C2]  hrtimer_run_softirq+0x17d/0x350
[   94.219838][    C2]  handle_softirqs+0x213/0x8f0
[   94.221438][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[   94.223167][    C2]  irq_exit_rcu+0xbb/0x120
[   94.224606][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   94.226290][    C2]  </IRQ>
[   94.227199][    C2]  <TASK>
[   94.228244][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   94.229888][    C2] RIP: 0010:refill_stock+0x17d/0x220
[   94.231348][    C2] Code: ea 03 80 3c 02 00 0f 85 ac 00 00 00 48 03 1c ed 80 8b a6 8d 48 89 df e8 61 b0 ff ff e8 2c ee 9d ff 9c 58 f6 c4 02 75 1b fb 5b <5d> 41 5c 41 5d 41 5e c3 cc cc cc cc 5b 5d 41 5c 41 5d 41 5e e9 9a
[   94.236941][    C2] RSP: 0018:ffffc90006647b50 EFLAGS: 00000246
[   94.238600][    C2] RAX: 0000000000000006 RBX: ffff888045fc4000 RCX: 1ffffffff20be9d1
[   94.240758][    C2] RDX: 0000000000000000 RSI: ffffffff8b6cd180 RDI: ffffffff8bd1c960
[   94.242966][    C2] RBP: 0000000000000002 R08: 0000000000000001 R09: 0000000000000001
[   94.245002][    C2] R10: ffffffff905f90cf R11: 0000000000000000 R12: ffff888045fc4000
[   94.247025][    C2] R13: 0000000000000001 R14: 0000000000000002 R15: ffff8880442c4088
[   94.249133][    C2]  obj_cgroup_uncharge_pages+0x4e/0x230
[   94.250461][    C2]  __memcg_kmem_uncharge_page+0xdd/0x290
[   94.252032][    C2]  exit_task_stack_account+0x98/0xf0
[   94.253414][    C2]  do_exit+0x1c8a/0x2d70
[   94.254518][    C2]  ? get_signal+0x8f2/0x2770
[   94.255665][    C2]  ? __pfx_do_exit+0x10/0x10
[   94.256809][    C2]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   94.258067][    C2]  do_group_exit+0xd3/0x2a0
[   94.259210][    C2]  get_signal+0x25fb/0x2770
[   94.260393][    C2]  ? __pfx_get_signal+0x10/0x10
[   94.261661][    C2]  arch_do_signal_or_restart+0x90/0x7e0
[   94.263143][    C2]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   94.264814][    C2]  syscall_exit_to_user_mode+0x150/0x2a0
[   94.266318][    C2]  do_syscall_64+0xda/0x250
[   94.267519][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.269121][    C2] RIP: 0033:0x7f4f0b97e759
[   94.270299][    C2] Code: Unable to access opcode bytes at 0x7f4f0b97e72f.
[   94.272163][    C2] RSP: 002b:00007f4f0c75a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.274322][    C2] RAX: fffffffffffffff5 RBX: 00007f4f0bb35f80 RCX: 00007f4f0b97e759
[   94.276376][    C2] RDX: 0000000020000040 RSI: 00000000c0145b0e RDI: 0000000000000006
[   94.278555][    C2] RBP: 00007f4f0b9f175e R08: 0000000000000000 R09: 0000000000000000
[   94.280531][    C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.282607][    C2] R13: 0000000000000000 R14: 00007f4f0bb35f80 R15: 00007ffcfb30e748
[   94.284750][    C2]  </TASK>
[   94.286126][    C2] Kernel Offset: disabled
[   94.287236][    C2] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:24:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000006 RBX=0000000000000000 RCX=1ffffffff2dc9b5d RDX=0000000000000002
RSI=ffff888023c5af20 RDI=ffff888023c5af42 RBP=0000000000000006 RSP=ffffc9000341fae8
R8 =0000000000000000 R9 =fffffbfff2dc6790 R10=ffffffff96e33c87 R11=0000000000000000
R12=ffff888023c5a440 R13=dffffc0000000000 R14=ffff888023c5af20 R15=0000000000000000
RIP=ffffffff816a5866 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555562a10500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffc5c54dbc8 CR3=0000000047c08000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc5e362260 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff3ba5f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000000c1467 RBX=0000000000000001 RCX=ffffffff8b245149 RDX=0000000000000000
RSI=ffffffff8b6cd180 RDI=ffffffff8bd1c960 RBP=ffffed1003b57910 RSP=ffffc90000187e08
R8 =0000000000000001 R9 =ffffed100d4e7025 R10=ffff88806a73812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801dabc880 R14=ffffffff905f90c8 R15=0000000000000000
RIP=ffffffff8b24652f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000004e0ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f014d7ec690 00005619825494a0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000fec00000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f027aed7676 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f027aed7676 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000600
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1400000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000016005089
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffaaaaaaffaaaaaa ffaaaaaaffaaaaaa
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0000aaff0000aa ffaaaaaaffaaaaaa
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff0000000000aa 00ff0000000000aa
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0271d4f4f0
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0271d4fde0
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850c5ab5 RDI=ffffffff9aaf0d00 RBP=ffffffff9aaf0cc0 RSP=ffffc90000858570
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=666f206574697257
R12=0000000000000000 R13=000000000000002f R14=ffffffff850c5a50 R15=0000000000000000
RIP=ffffffff850c5adf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020c57000 CR3=000000004e0ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d006c28eb457e1d3 0c83cb93a8561147
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 faa64caa0bb4f88a 3fb32536d79c3a58
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1b0df7a048342ac5 635d368368125a5a
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bbb9e9beb276566e a95e6abe0676ff1d
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000065c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 edb7c10f00000039 f95874f4f963008e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 02580c9f00000039 0000003900000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000039f91e47aa d180d000d30433d9
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00053e30f9b950dc 000000393b39571a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f60f1aece34a0756 03119d6c133a94dd
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b2b7a6e931f49a55 80988e72e83e0da3
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=fffffbfff20bf219 RBX=fffffbfff20bf21a RCX=ffffffff81953726 RDX=fffffbfff20bf21a
RSI=0000000000000008 RDI=ffffffff905f90c8 RBP=fffffbfff20bf219 RSP=ffffc9000551f790
R8 =0000000000000000 R9 =fffffbfff20bf219 R10=ffffffff905f90cf R11=0000000000000000
R12=000000000003dc0c R13=0000000000000200 R14=ffffea0000c1a200 R15=0000000000000000
RIP=ffffffff81ef3465 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f20fc2c2280 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4f0c718d58 CR3=000000004ef78000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefee000 Opmask01=0000000000000000 Opmask02=00000000ffbfef77 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11264d20 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff00ff0000ff00 ffff000000ff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656e696c5f706c63 73002a5d392d305b 79747400786d7470 0079747400646461
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 54003d534b4e494c 564544003d4d4554 535953425553003d 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d30312f312d3031 2f30316273752f35 2e6463685f796d6d 75642f6d726f6674
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5341494c41444f4d 0000000000000021 0000302e36313a31
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 0000003165737500 317761726469682f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020