last executing test programs:

3m23.929846139s ago: executing program 3 (id=826):
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x6a, 0x5, 0x20000000, 0x3) (async)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x12, &(0x7f0000000000)=0x548d2552, 0x4)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, &(0x7f0000000080)={0x6, 0x7, 'syz0\x00'}, &(0x7f00000000c0)=0x28) (async)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000040)=0x30)

3m23.541595575s ago: executing program 3 (id=828):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
getsockopt$MRT6(r2, 0x29, 0x24, 0x0, &(0x7f0000000180))
r3 = dup(r1)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000080)={0x9, 0x6, 0x1, 0xeab5, 0x7ff})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000480)="c744240000200000c744240200400000c7442406000000000f011c240f21e10fe56491f30f01c89aca9cec3675290000ba4300b0f7ee66f6e4440f20c03501000000440f22c066baf80cb88ccef985ef66bafc0c66b8f69266ef2e0fc7afe79a8903", 0x61}], 0x1, 0x11, 0x0, 0xfffffffffffffdd5)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)

3m22.87028949s ago: executing program 3 (id=830):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000006119a400000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async, rerun: 64)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000040)=0x40000000) (async, rerun: 64)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000090900030073797a32000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c000180090001006d617371"], 0xbc}}, 0x4000040) (async)
syz_clone(0x10010000, &(0x7f0000000140)="017bedc1169be288d537799562edc8f97d545b1d937a324b39bc1eb179bf831fb10e5f7cc19400a4810298241f94135e613bc8339f44c4a65ca9591f6fa6fb5729b80614b741ecc10647480a277f2aeee725689c55518b1d1a6a1a8e1109bbee4f9d09418a37f87f022a", 0x6a, &(0x7f0000000300), &(0x7f0000000380), &(0x7f00000003c0))
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}]}}}]}, 0x3c}}, 0x0) (async)
r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
readv(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/6, 0x6}, {&(0x7f0000000200)=""/229, 0xe5}], 0x2)

3m22.672360192s ago: executing program 3 (id=832):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006840)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(0x3)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
r3 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x207a98, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_sctp_SIOCINQ(r7, 0x541b, &(0x7f0000000040))
bind$bt_hci(r6, &(0x7f0000000180)={0x1f, 0xffff, 0x3}, 0x6)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0)
read$FUSE(r8, &(0x7f0000001080)={0x2020}, 0x2020)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r10=>0x0})
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000013002901000000000000000007000000", @ANYRES32=r10, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0)
setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000000080)={r10, 0x1, 0x6, @broadcast}, 0x10)
write(r6, &(0x7f0000000000)="38000300010003", 0x7)

3m22.287019217s ago: executing program 3 (id=836):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRESDEC=r1, @ANYRES16=r0, @ANYRES32=r1, @ANYRES32=r0], 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001000010000000000ecffffff00000000", @ANYRES32=r4, @ANYBLOB="0000000000000000300012800e0001006970366772657461700000001c00028006000f000000000006000e00"], 0x50}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=@newchain={0x8c, 0x64, 0x8, 0x70bd2d, 0x80000001, {0x0, 0x0, 0x0, r4, {0x1, 0xf}, {0x3, 0x1}, {0x2, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x54, 0x2, [@TCA_FLOW_MASK={0x8, 0x6, 0x200}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x6}, @TCA_FLOW_MASK={0x8, 0x6, 0x4}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0xffff, 0x3}}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x3}, @TCA_FLOW_KEYS={0x8, 0x1, 0x131fb}, @TCA_FLOW_MASK={0x8, 0x6, 0x869}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x9}, @TCA_FLOW_XOR={0x8, 0x7, 0xe}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x216}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x8c}, 0x1, 0x0, 0x0, 0x5}, 0x600000a1)

3m21.924526338s ago: executing program 3 (id=839):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

3m21.787888829s ago: executing program 32 (id=839):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

2m14.115806422s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

1m54.176874367s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

1m33.011459386s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

1m14.514724199s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

52.046716369s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

30.672946092s ago: executing program 1 (id=645):
socket$l2tp(0x2, 0x2, 0x73)

20.117109636s ago: executing program 2 (id=1460):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4000000010000104000000000300000000000000", @ANYRES32=0x0, @ANYBLOB="10c00000000000001800128008000100677470000c000280050005000100000008000300", @ANYRES32=0x0, @ANYBLOB="14408e26299c8954e694f0dd9ce1267771f4493dbd4f3b60eb9357fc4d9ba9b73391441effade700414c73c8c0ef113b1eb5766682efbde2b3e95c1f736e0f42e99a6796b8e9b1c197b99825484af27f6a5234e409bf2898d4"], 0x40}}, 0x8000)

17.730413344s ago: executing program 4 (id=1461):
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) (async)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2, 0x8}}, './file0/file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2, 0x8}}, './file0/file0\x00'})
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_elf32(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0xcd, 0x3, 0x0, 0x5, 0x8000000000000001, 0x2, 0x3, 0x10, 0x301, 0x38, 0x1b3, 0x40, 0x0, 0x20, 0x0, 0x4, 0x0, 0x4}, [], "", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa38)
close(r0)
execve(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

17.730054491s ago: executing program 0 (id=1462):
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) (async)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000440)={&(0x7f0000800000/0x800000)=nil, &(0x7f000051f000/0x4000)=nil, 0x800000, 0x1, 0xfe}) (async)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002, 0x0, 0xffffffff}, 0x0, 0x0) (async)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

17.491698613s ago: executing program 2 (id=1463):
syz_emit_ethernet(0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd604dd30800380601fe800000000000000000000000000038fe8000000000000000000000000000aa00004001", @ANYRES32=0x0, @ANYRES32=0x41424344, @ANYBLOB="e002000090780040051a0000cabd0000a8e4000000040028c4ebffffffffffffff04030300fe06e2d41f2065f9f206f7c3d900"], 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000280)=0xc447, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), r2)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000002c0)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000200)=0xe8)
r5 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r6, 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x10, &(0x7f0000000400)={[{@verity_require}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@uuid_null}, {@redirect_dir_follow}, {@uuid_null}], [{@fowner_gt={'fowner>', r4}}, {@uid_eq={'uid', 0x3d, r6}}, {@measure}, {@permit_directio}, {@fsname={'fsname', 0x3d, '\'(.'}}, {@fsmagic={'fsmagic', 0x3d, 0x93}}, {@fowner_lt={'fowner<', 0xee01}}]})
sendmsg$GTP_CMD_NEWPDP(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r3, 0x1, 0x0, 0x0, {0x3}, [@GTPA_VERSION={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010101}, @GTPA_LINK={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x805}, 0x0)
sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)={0x14, r3, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x810)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES32=r4, @ANYBLOB="010800000000030000000b00000008000300", @ANYRES32=r7, @ANYBLOB="20005080050002000500000008000300eeab0f00090001007ee5d52ffd000000"], 0x3c}}, 0x0)
r8 = getpid()
getpriority(0x2, r8)

17.490041524s ago: executing program 4 (id=1464):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14"], 0x18}, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmmsg(r4, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x2000000)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000080)="0fc75800f30f35baf80c66b8da08d88e66efbafc0ced0f23f466b8000000000f23d80f21f86635c00000400f23f8440f20c066350b000000440f22c066b9800000c00f326635002000000f3026660f3880b500a02664f3ae", 0x58}], 0x1, 0x59, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17.420088863s ago: executing program 0 (id=1465):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xe26f0000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(0xffffffffffffffff, &(0x7f00000092c0), 0x4ff, 0xfdff) (async)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r3=>r1, {0x8}}, './file0/file0\x00'})
r4 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, &(0x7f0000000040)={0x0, 0x7ff, 0x41}) (async)
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)=""/51, 0x33}, {&(0x7f0000000180)=""/26, 0x1a}, {&(0x7f00000001c0)=""/144, 0x90}, {&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000b40)=""/4096, 0x1000}, {&(0x7f0000000440)=""/216, 0xd8}], 0x6)
r5 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r5, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x100, 0x0, 0x2, 0xffffffff, 0x2})
r6 = socket(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f0000000000)="7800000018002507b9409b14ffff00000202be040205fe056403040c5c0015003f0020010a0000000d0085a168216b46d32345653600648d27000b000a00080049935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000402160008000800000000000000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f00000010c0)=@security={'security\x00', 0x64, 0x4, 0x558, 0x100000c, 0x0, 0xc8, 0xc8, 0xffffffff, 0xffffffff, 0x4c0, 0x4c0, 0x4c0, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @rand_addr, 0x0, 0x0, 'veth0_vlan\x00', 'syzkaller1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x0, 0x7}}]}, @common=@SET={0x60}}, {{@ip={@empty, @private, 0x0, 0x0, 'wg2\x00', 'veth0\x00'}, 0x0, 0x2d0, 0x2f8, 0x0, {}, [@common=@unspec=@bpf0={{0x230}}, @common=@ah={{0x30}}]}, @common=@inet=@TCPMSS={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5b8) (async)
write$tcp_mem(r7, &(0x7f0000000280)={0x7, 0x2d, 0xffffffffffffffff, 0x3a, 0x0, 0x2c}, 0x48)
close_range(r4, r4, 0x2)
mkdir(0x0, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r11=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r7, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r10, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r11}]}, 0x1c}}, 0x0)

17.335422005s ago: executing program 2 (id=1466):
r0 = fsopen(&(0x7f0000000100)='vxfs\x00', 0x1)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0, {0x2, 0x7}}, './file0\x00'})
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x7, @loopback, 0x2}, 0x1c)
r2 = syz_clone(0x5200000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r2, &(0x7f0000000040)='ns/uts\x00')
prlimit64(r2, 0x7, &(0x7f0000000780)={0x1, 0x1}, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0x4e21, 0x48, 0x0, @wg=@cookie={0x3, 0x2, "88c73b21f267636d01fca2712c1c941e1cdafbbb43f09c70", "e13808ca72381f41e5fff9620915b6f78670dfaf9a2038083179cf6b7931c9b4"}}}}}}}, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

17.158884964s ago: executing program 4 (id=1467):
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) (async)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
shutdown(r2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
socket$phonet_pipe(0x23, 0x5, 0x2) (async)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_INITSTATE(r3, 0x113, 0x4, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x45b, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xc0}, [@ldst={0x5}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10) (async)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000040), 0x4) (async)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000040), 0x4)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3)
ppoll(&(0x7f0000000080)=[{r1, 0x2488}], 0x1, 0x0, 0x0, 0x0)
shutdown(r1, 0x0)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000100)=0x3, 0x4) (async)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000100)=0x3, 0x4)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0xfffd, 0x0, 0xa, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffb}, {0x0, 0x3800000000000000}}}, 0xb8}}, 0x20004800)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@updpolicy={0xb8, 0x19, 0x1, 0x400000, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x2, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffb}, {0x5, 0x0, 0x8}, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xb8}}, 0x20004000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8000000140001000000000000000000e00000020000000000000003000000000000000000000000000000000000000003000000000000000a"], 0xb8}}, 0x0) (async)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8000000140001000000000000000000e00000020000000000000003000000000000000000000000000000000000000003000000000000000a"], 0xb8}}, 0x0)

17.052934867s ago: executing program 2 (id=1468):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'\x00', <r1=>0x0})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180)={'#! ', '', [], 0xa, "1c1d74de89"}, 0x9)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r5, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x18, 0x2, 0x2, 0x3, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_EXPECT_TUPLE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4800}, 0x800)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x403, 0x70bd26, 0x0, {0x0, 0x0, 0x74, 0x0, 0x30040}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xfffffffd}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x885}, 0x0)
mmap(&(0x7f00004a6000/0x2000)=nil, 0x2000, 0x3, 0x4010, r8, 0xd9a19000)
getsockopt$ARPT_SO_GET_ENTRIES(r7, 0x0, 0x61, &(0x7f0000000140)=ANY=[@ANYBLOB="6669d052337a00000000000000000000000000000000000000000000000000e304"], &(0x7f0000000bc0)=0x2c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0x99, 0x0, 0x0, 0x2, 0x2, '\x00', 0xc94})
r9 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r9, &(0x7f0000000040)={0xa, 0x10010000004e20, 0x0, @local, 0xe}, 0x1c)
sendmmsg$inet(r9, &(0x7f0000000b00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000000)="c1", 0xfcf6}], 0x1}}], 0x1, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=r1, @ANYRES16=r1, @ANYRES32=r6, @ANYRESHEX=r3], 0x4c}, 0x1, 0x0, 0x0, 0x200080d0}, 0x0)

16.560580542s ago: executing program 4 (id=1469):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000200)={0x1, &(0x7f0000001300)=[{}]}) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0}) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) (async)
r4 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x8000)
ioctl$CEC_G_MODE(r4, 0x80046108, &(0x7f00000000c0)) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r6, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0x4000})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) (async)
sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="3c000000e71617a90fa5df6c8a5d76993c77baa531a260002fdcf00a9563f17d589a6111910a073edee7e17029888acb5f9a76f510a3486fd6e94224d5c5be2eacf3c678b68de1bea8ad37e39996e105000000ddaddf98115f4239e2d56d05e2957243517a1a5db1b19858112c8e53c728426d2c44902498ce4a918659293db98a2a600414baa7efd1071a5e2a2d262adeaba1285e8d", @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf253400000008000300", @ANYRES32=r2, @ANYBLOB="140055007247f349b80a030e0058db7b93cf355a0a0034000101010101010000"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x40)

16.207703184s ago: executing program 0 (id=1470):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = memfd_create(&(0x7f00000011c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\v)\x06B\xf0\xed\x91 )y\xb4\xba\xba\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\xb8\xfa\xbbb\xb1\x03\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5pe,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0\b\x00\x00\x00\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x05x\x1a\x90\xf4\x03\xe7\xe9\xa9', 0x7)
fallocate(r0, 0x0, 0x0, 0x400001)
ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000080)={0x0, 0x0, 0x9, 0x100000001})
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x18, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x2}]}}}}}}}}, 0x0)

16.207258853s ago: executing program 4 (id=1471):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4000000)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1}, 0x6e) (async)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000009c0)="5c000000130025cc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc008002c0007000200060019c00364bc24eab556a705251e618218db677642109146a2378c877bddbcc1863b747ee3d5addad5eb3f3c90b561", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) (async, rerun: 64)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 64)
pipe(&(0x7f00000045c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r5, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r6, 0x0) (async)
sendmsg$NL80211_CMD_DEL_STATION(r6, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x80, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7, 0x50}}}}, [@NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x10, 0xbd, [0xc59a, 0x8ac8, 0x1, 0x921b, 0x2, 0x4]}, @NL80211_ATTR_STA_FLAGS={0xc, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_MFP={0x4}]}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}, @NL80211_ATTR_STA_WME={0x3c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x29}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x81}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xf7}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x3}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x5}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x4005}, 0x40850)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r2) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x2d, 0x31, 0x3a, 0x31, 0x2f, 0x35]}}}, 0x4e}]})
vmsplice(r4, &(0x7f00000019c0)=[{&(0x7f0000001a00)="ce", 0x1}], 0x1, 0x8) (async)
splice(r3, 0x0, r2, 0x0, 0x8000, 0x0) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xd80, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f00000000c0)={r6, 0x8, 0xffffffffffffffd7}) (async)
ioctl$SIOCSIFHWADDR(r7, 0x8924, &(0x7f0000000080)={'caif0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}}) (async)
capget(0x0, &(0x7f00000001c0)) (async, rerun: 32)
r8 = socket$unix(0x1, 0x1, 0x0) (rerun: 32)
bind$alg(r6, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) (async)
bind$unix(r8, &(0x7f0000003000)=@abs={0x1}, 0x4f) (async, rerun: 32)
openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000100), 0xd3d749dbcabbbf56, 0x0) (rerun: 32)

16.100535622s ago: executing program 0 (id=1472):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.940723918s ago: executing program 4 (id=1473):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a", 0x2a}], 0x1)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000200))
move_pages(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000ffa000/0x3000)=nil], 0x0, 0x0, 0x2)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/255, 0xff}], 0x1, &(0x7f0000001500)=[{&(0x7f0000000300)=""/233, 0xe9}], 0x1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x60, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4c, 0x1, [@m_sample={0x48, 0x1, 0x0, 0x0, {{0xfffffebe}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x60}}, 0x0)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x3, 0x0, 0xb85f, 0x3, 0x6, 0x1, 0x0, 0x9, 0xb, 0x0, 0x0, 0x80000001, 0x81e, 0x8, 0x12, 0x1a, 0x61, '\x00', 0xb, 0x4})
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000000440)={0x5, "b54e0289c2e297201f5e883ea24f401e42d3f4e5be34cc92ab4c39b1f3fba01e6c93ecd2d9210638828c855a768759929471a3057d28139040b8c403ee9cecbc73008de74f96257cdc4c6c7b5c71ebd5b91c98573228d3cc6467a182e61fef4cd4456be3d625b51317d84a39da6cf657e05a8b54d61af4db22514940689893a417c72499903fbf31359ce114af764caec0d1cdc59933162f017babd98af64a75d23491ac596c33da2dc10d6f1044ca70de9842f8dbd61608e14843a66e41cdeab8d0731d0963843b56b86696bd9756e32ae9fcfe36efcbd5a112ddbfa29b1aefe7e1f99be8277cf306bbb2c191a08916a83b588ebcc29c9b0908afcc395a5233464319016cb66631c1942541c74ac15f783684bdb597a2fb6b0884ab27f19ae60fd92949aaec4f823445926e882074833a939ffa7d2b095527f299e4a57cc3e9037b237ba60a59f127e795647c53baf66d3228b2f8a5123231dc77e4b008e3226eb134b1bd9a3bd9b618e797ae873a9ae87134ba23fdc384ec2a1f6114c0dc4587b6bc7f5d6ee276957e87a31d657821aa199319d1b287121cf24bbe834f5b256ad5be872ef063c953a337763742e4182437648539d95845880ab8b998219dfb16550cb41e0ce4cbf9a9ce5a9a250896a0ad7dd471b8f195b9c7a5fd0d4d2c904d2c8efb431ca3ae8b36ca08b26d24ec0d53f317cb6c728228c1d5398bc14515"})

15.936616602s ago: executing program 2 (id=1474):
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0xb9)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xcc)
listen(r3, 0x8)
ioctl$SIOCAX25GETINFOOLD(r3, 0x89e9, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r4)
keyctl$assume_authority(0x10, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r6, 0x48212b8952c3aff5, 0x70bd24, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
pwritev2(r0, &(0x7f0000000180), 0x0, 0x2, 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002) (async)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0xb9) (async)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) (async)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
syz_init_net_socket$ax25(0x3, 0x5, 0xcc) (async)
listen(r3, 0x8) (async)
ioctl$SIOCAX25GETINFOOLD(r3, 0x89e9, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r4) (async)
keyctl$assume_authority(0x10, 0x0) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r6, 0x48212b8952c3aff5, 0x70bd24, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) (async)
pwritev2(r0, &(0x7f0000000180), 0x0, 0x2, 0x0, 0x0) (async)

15.676194754s ago: executing program 0 (id=1475):
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f00000000c0)={0x2, 0x6, 0xfffffffc, 0x7, 'syz0\x00', 0x27})
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe99)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x2, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @bcast]})
getpeername$netrom(r1, &(0x7f0000000080)={{}, [@remote, @remote, @remote, @netrom, @remote, @default, @rose, @bcast]}, &(0x7f0000000100)=0x11)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000fcb000)=0xffffffff, 0x4)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f00000000c0)={0x2, 0x6, 0xfffffffc, 0x7, 'syz0\x00', 0x27}) (async)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe99) (async)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bpq0, 0x2, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @bcast]}) (async)
getpeername$netrom(r1, &(0x7f0000000080)={{}, [@remote, @remote, @remote, @netrom, @remote, @default, @rose, @bcast]}, &(0x7f0000000100)=0x11) (async)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x0) (async)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000fcb000)=0xffffffff, 0x4) (async)

15.480082891s ago: executing program 0 (id=1476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1da40006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a80008000800104004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300fc0d15", 0xd8}], 0x1}, 0x4004040)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r4, &(0x7f0000000280)='./file0\x00', 0x200)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f0000000540)={0xa, 0x4e23, 0x0, @mcast1}, 0xffffffffffffff88)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/l2cap\x00')
sendto$inet6(r7, &(0x7f0000000480)="3864ea3bde3b8f93aba29dedd4799cdd057e0584ac9410a1a5ddd39a57cb0c4547091a3ee35e8ce47dd0f5fb07c760aac0c3b1d5d43f9e896d0a9b318ba268899c4f7a6da6244eb0f110a606f8ac33a6e6438bdddd83ef0afc920b316a4031d77d3f1f72975528788197cb72b65259d5bfce691a310dafcf5c594302ddd19df4ad8d557b77da3d4b67e011fdcd3312950746205a527dfa", 0x1, 0x20048010, &(0x7f000005ffe4)={0xa, 0x4e23, 0x80000, @loopback}, 0x39)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000740)={0x2, 0x9, 0x201, 0x7, 0x1, 0x2, 0x2, 0x13}, 0x20)
sendmmsg$inet6(r6, &(0x7f0000004900)=[{}], 0x1, 0x41091)
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000080)="0fc75800f30f35baf80c66b8da08d88e66efbafc0ced0f23f466b8000000000f23d80f21f86635c00000400f23f8440f20c066350b000000440f22c066b9800000c00f326635002000000f3026660f3880b500a02664f3ae", 0x58}], 0x1, 0x59, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000240))
getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f0000000300)={'TPROXY\x00'}, &(0x7f00000003c0)=0x1e)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x9, 0x3, 0x308, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x238, 0xffffffff, 0xffffffff, 0x238, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@uncond, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xd}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0x8d], 0x3, 0x1e}}, @common=@ipv6header={{0x28}, {0xe, 0x80, 0x1}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x80, 0x1, 0x6, 'pptp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000060a0104000000000000000007000000140000001100010000000000000000070200000a"], 0x3c}, 0x1, 0x0, 0x0, 0x40091}, 0x20008811)

15.288283199s ago: executing program 2 (id=1477):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfff2, 0xe}, {}, {0xe}}}, 0x24}}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r7)
getsockname$packet(r7, &(0x7f00000007c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r8, @ANYBLOB="0100000000000000240012000c000100627269646765000e1400020008000700"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x11, 0x8100, r8, 0x1, 0x0, 0x6, @local}, 0x14)
ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, &(0x7f0000000440)=0x1f)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a68000000060a09040000000000000000020000000900010073797a08000000000000000073797a32000000003c000480380001800b00010064796e7365740000280002800900010073797a320000000008000340000000000800094000000001080004400000000e140000001100010000000000000000000000000abebf66effc4ca7855e"], 0x90}}, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xc}, @hci_rp_read_local_version={{0x7}, {0x6, 0x1, 0x81, 0x6, 0x2, 0x8}}}}, 0xf)

200.54854ms ago: executing program 33 (id=1476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)="d8000000180081054e81f783db4cb9040a1da40006007c09e8fc55a10a0015000600142603600e1208000f00fff00401a80008000800104004080000055c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe144ecc447c65e206d25b4084121d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300fc0d15", 0xd8}], 0x1}, 0x4004040)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r4, &(0x7f0000000280)='./file0\x00', 0x200)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f0000000540)={0xa, 0x4e23, 0x0, @mcast1}, 0xffffffffffffff88)
r7 = syz_open_procfs(0x0, &(0x7f0000000440)='net/l2cap\x00')
sendto$inet6(r7, &(0x7f0000000480)="3864ea3bde3b8f93aba29dedd4799cdd057e0584ac9410a1a5ddd39a57cb0c4547091a3ee35e8ce47dd0f5fb07c760aac0c3b1d5d43f9e896d0a9b318ba268899c4f7a6da6244eb0f110a606f8ac33a6e6438bdddd83ef0afc920b316a4031d77d3f1f72975528788197cb72b65259d5bfce691a310dafcf5c594302ddd19df4ad8d557b77da3d4b67e011fdcd3312950746205a527dfa", 0x1, 0x20048010, &(0x7f000005ffe4)={0xa, 0x4e23, 0x80000, @loopback}, 0x39)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000740)={0x2, 0x9, 0x201, 0x7, 0x1, 0x2, 0x2, 0x13}, 0x20)
sendmmsg$inet6(r6, &(0x7f0000004900)=[{}], 0x1, 0x41091)
r8 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000080)="0fc75800f30f35baf80c66b8da08d88e66efbafc0ced0f23f466b8000000000f23d80f21f86635c00000400f23f8440f20c066350b000000440f22c066b9800000c00f326635002000000f3026660f3880b500a02664f3ae", 0x58}], 0x1, 0x59, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x8040ae9f, &(0x7f0000000240))
getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f0000000300)={'TPROXY\x00'}, &(0x7f00000003c0)=0x1e)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x11, 0x3, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x9, 0x3, 0x308, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x238, 0xffffffff, 0xffffffff, 0x238, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@uncond, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xd}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x100, 0x148, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0x8d], 0x3, 0x1e}}, @common=@ipv6header={{0x28}, {0xe, 0x80, 0x1}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x80, 0x1, 0x6, 'pptp\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000060a0104000000000000000007000000140000001100010000000000000000070200000a"], 0x3c}, 0x1, 0x0, 0x0, 0x40091}, 0x20008811)

97.024504ms ago: executing program 34 (id=1477):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfff2, 0xe}, {}, {0xe}}}, 0x24}}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r7)
getsockname$packet(r7, &(0x7f00000007c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r8, @ANYBLOB="0100000000000000240012000c000100627269646765000e1400020008000700"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x11, 0x8100, r8, 0x1, 0x0, 0x6, @local}, 0x14)
ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, &(0x7f0000000440)=0x1f)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a68000000060a09040000000000000000020000000900010073797a08000000000000000073797a32000000003c000480380001800b00010064796e7365740000280002800900010073797a320000000008000340000000000800094000000001080004400000000e140000001100010000000000000000000000000abebf66effc4ca7855e"], 0x90}}, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xc}, @hci_rp_read_local_version={{0x7}, {0x6, 0x1, 0x81, 0x6, 0x2, 0x8}}}}, 0xf)

0s ago: executing program 35 (id=1473):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb011a52f436dd2a", 0x2a}], 0x1)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000200))
move_pages(0x0, 0x1, &(0x7f00000000c0)=[&(0x7f0000ffa000/0x3000)=nil], 0x0, 0x0, 0x2)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/255, 0xff}], 0x1, &(0x7f0000001500)=[{&(0x7f0000000300)=""/233, 0xe9}], 0x1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x60, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x4c, 0x1, [@m_sample={0x48, 0x1, 0x0, 0x0, {{0xfffffebe}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x60}}, 0x0)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x3, 0x0, 0xb85f, 0x3, 0x6, 0x1, 0x0, 0x9, 0xb, 0x0, 0x0, 0x80000001, 0x81e, 0x8, 0x12, 0x1a, 0x61, '\x00', 0xb, 0x4})
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000000440)={0x5, "b54e0289c2e297201f5e883ea24f401e42d3f4e5be34cc92ab4c39b1f3fba01e6c93ecd2d9210638828c855a768759929471a3057d28139040b8c403ee9cecbc73008de74f96257cdc4c6c7b5c71ebd5b91c98573228d3cc6467a182e61fef4cd4456be3d625b51317d84a39da6cf657e05a8b54d61af4db22514940689893a417c72499903fbf31359ce114af764caec0d1cdc59933162f017babd98af64a75d23491ac596c33da2dc10d6f1044ca70de9842f8dbd61608e14843a66e41cdeab8d0731d0963843b56b86696bd9756e32ae9fcfe36efcbd5a112ddbfa29b1aefe7e1f99be8277cf306bbb2c191a08916a83b588ebcc29c9b0908afcc395a5233464319016cb66631c1942541c74ac15f783684bdb597a2fb6b0884ab27f19ae60fd92949aaec4f823445926e882074833a939ffa7d2b095527f299e4a57cc3e9037b237ba60a59f127e795647c53baf66d3228b2f8a5123231dc77e4b008e3226eb134b1bd9a3bd9b618e797ae873a9ae87134ba23fdc384ec2a1f6114c0dc4587b6bc7f5d6ee276957e87a31d657821aa199319d1b287121cf24bbe834f5b256ad5be872ef063c953a337763742e4182437648539d95845880ab8b998219dfb16550cb41e0ce4cbf9a9ce5a9a250896a0ad7dd471b8f195b9c7a5fd0d4d2c904d2c8efb431ca3ae8b36ca08b26d24ec0d53f317cb6c728228c1d5398bc14515"})

kernel console output (not intermixed with test programs):

7][ T9161] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  302.500090][ T5967] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  302.519353][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  302.645539][ T9161] usb 5-1: Using ep0 maxpacket: 8
[  302.649022][ T9161] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  302.654705][ T9161] usb 5-1: config 0 has no interface number 0
[  302.660687][ T9161] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  302.680264][ T9161] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  302.688895][ T9161] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.722527][ T9161] usb 5-1: config 0 descriptor??
[  302.744810][ T9161] iowarrior 5-1:0.1: no interrupt-in endpoint found
[  302.798993][   T40] audit: type=1400 audit(1748880012.258:639): avc:  denied  { accept } for  pid=9866 comm="syz.4.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  302.971051][ T9857] syzkaller1: entered promiscuous mode
[  302.978120][ T9857] syzkaller1: entered allmulticast mode
[  303.006118][ T8269] bridge_slave_1: left allmulticast mode
[  303.008290][ T8269] bridge_slave_1: left promiscuous mode
[  303.010972][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.024931][ T8269] bridge_slave_0: left allmulticast mode
[  303.032737][ T8269] bridge_slave_0: left promiscuous mode
[  303.050865][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.100056][   T50] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  303.303095][   T50] usb 9-1: device descriptor read/64, error -71
[  303.545615][   T50] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  303.686552][   T50] usb 9-1: device descriptor read/64, error -71
[  303.795790][   T50] usb usb9-port1: attempt power cycle
[  304.139251][   T50] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  304.183540][   T50] usb 9-1: device descriptor read/8, error -71
[  304.239488][ T8269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.251892][ T8269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.261701][ T8269] bond0 (unregistering): Released all slaves
[  304.435476][   T50] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  304.488275][   T50] usb 9-1: device descriptor read/8, error -71
[  304.555578][ T5968] Bluetooth: hci0: command tx timeout
[  304.649730][   T50] usb usb9-port1: unable to enumerate USB device
[  304.671854][ T9892] netlink: 20 bytes leftover after parsing attributes in process `syz.2.970'.
[  304.675759][ T9892] netem: invalid attributes len -11
[  304.680898][ T9892] netem: change failed
[  304.776565][ T9860] chnl_net:caif_netlink_parms(): no params data found
[  304.927504][   T40] audit: type=1400 audit(1748880014.398:640): avc:  denied  { getopt } for  pid=9899 comm="syz.2.971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  305.019767][ T9900] Driver unsupported XDP return value 0 on prog  (id 123) dev N/A, expect packet loss!
[  305.098277][ T9900] overlay: Bad value for 'nfs_export'
[  305.300288][ T8269] hsr_slave_0: left promiscuous mode
[  305.304413][ T8269] hsr_slave_1: left promiscuous mode
[  305.310733][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.318555][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  305.328855][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  305.333484][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  305.457361][ T8269] veth1_macvtap: left promiscuous mode
[  305.460803][ T8269] veth0_macvtap: left promiscuous mode
[  305.471532][ T8269] veth1_vlan: left promiscuous mode
[  305.475859][ T8269] veth0_vlan: left promiscuous mode
[  305.953384][ T9906] input: syz1 as /devices/virtual/input/input17
[  305.957206][ T9906] input: failed to attach handler leds to device input17, error: -6
[  306.136684][ T9908] binder: BC_ACQUIRE_RESULT not supported
[  306.140359][ T9908] binder: 9907:9908 ioctl c0306201 200000000100 returned -22
[  306.637540][ T5968] Bluetooth: hci0: command tx timeout
[  308.128057][ T8269] team0 (unregistering): Port device team_slave_1 removed
[  308.461536][ T8269] team0 (unregistering): Port device team_slave_0 removed
[  308.718083][ T5968] Bluetooth: hci0: command tx timeout
[  310.796002][ T5968] Bluetooth: hci0: command tx timeout
[  311.058951][   T34] usb 5-1: USB disconnect, device number 11
[  311.453920][ T9922] No control pipe specified
[  311.627047][   T40] audit: type=1400 audit(1748880021.078:641): avc:  denied  { mounton } for  pid=9920 comm="syz.4.976" path="/43/file0" dev="tmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  311.749589][ T9860] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.763372][ T9860] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.778498][ T9860] bridge_slave_0: entered allmulticast mode
[  311.784750][ T9860] bridge_slave_0: entered promiscuous mode
[  312.729979][ T9933] team0 (unregistering): Port device team_slave_0 removed
[  312.791873][ T9933] team0 (unregistering): Port device team_slave_1 removed
[  312.886110][ T9860] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.889733][ T9860] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.894693][ T9860] bridge_slave_1: entered allmulticast mode
[  312.899305][ T9860] bridge_slave_1: entered promiscuous mode
[  313.229111][ T9946] netlink: 'syz.0.980': attribute type 12 has an invalid length.
[  313.235466][ T9946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.980'.
[  313.477952][ T9958] 9p: Unknown access argument 00000000000000000000(: -22
[  313.626540][ T9962] netlink: 'syz.0.983': attribute type 10 has an invalid length.
[  313.682891][ T9965] netlink: 'syz.0.983': attribute type 10 has an invalid length.
[  313.686445][ T9965] netlink: 2 bytes leftover after parsing attributes in process `syz.0.983'.
[  313.691490][ T9958] usb usb8: usbfs: process 9958 (syz.4.982) did not claim interface 0 before use
[  313.731136][ T9860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.743956][ T9860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.754086][ T9957] netlink: 'syz.4.982': attribute type 21 has an invalid length.
[  313.797962][ T9957] netlink: 128 bytes leftover after parsing attributes in process `syz.4.982'.
[  313.834623][ T9962] batman_adv: batadv0: Adding interface: team0
[  313.835534][ T9969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.983'.
[  313.849047][ T9962] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.849112][ T9962] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  313.913285][ T9965] team0: entered promiscuous mode
[  313.915849][ T9965] team_slave_0: entered promiscuous mode
[  313.931368][ T9965] team_slave_1: entered promiscuous mode
[  313.935377][ T9965] 8021q: adding VLAN 0 to HW filter on device team0
[  313.967577][ T9965] batman_adv: batadv0: Interface activated: team0
[  313.970388][ T9969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.983'.
[  313.973950][ T9965] batman_adv: batadv0: Interface deactivated: team0
[  314.030161][ T9965] batman_adv: batadv0: Removing interface: team0
[  314.069898][ T9965] bridge0: port 3(team0) entered blocking state
[  314.087094][ T9965] bridge0: port 3(team0) entered disabled state
[  314.092900][ T9965] team0: entered allmulticast mode
[  314.096004][ T9965] team_slave_0: entered allmulticast mode
[  314.098772][ T9965] team_slave_1: entered allmulticast mode
[  314.104000][ T9965] bridge0: port 3(team0) entered blocking state
[  314.116575][ T9965] bridge0: port 3(team0) entered forwarding state
[  314.161891][ T9957] netlink: 'syz.4.982': attribute type 4 has an invalid length.
[  314.165631][ T9957] netlink: 'syz.4.982': attribute type 5 has an invalid length.
[  314.173924][ T9957] netlink: 3 bytes leftover after parsing attributes in process `syz.4.982'.
[  314.298179][   T40] audit: type=1400 audit(1748880023.758:642): avc:  denied  { execute } for  pid=9974 comm="syz.2.988" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  314.308817][ T9860] team0: Port device team_slave_0 added
[  314.483087][ T9860] team0: Port device team_slave_1 added
[  314.707685][ T9991] program syz.4.992 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  314.714577][ T5968] Bluetooth: Unknown BR/EDR signaling command 0x0f
[  314.732981][ T5968] Bluetooth: Wrong link type (-22)
[  314.746563][ T5968] Bluetooth: Unknown BR/EDR signaling command 0x11
[  314.751733][ T5968] Bluetooth: Wrong link type (-22)
[  314.755847][ T5968] Bluetooth: Unknown BR/EDR signaling command 0x11
[  314.760144][ T5968] Bluetooth: Wrong link type (-22)
[  314.770593][ T5968] Bluetooth: Unknown BR/EDR signaling command 0x0c
[  314.773680][ T5968] Bluetooth: Wrong link type (-22)
[  314.776306][ T5968] Bluetooth: hci1: link tx timeout
[  314.785988][ T9860] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.787221][ T5968] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  314.793528][ T9860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.812633][ T9860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.917668][ T9860] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.920768][ T9860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.960757][ T9860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.994889][   T40] audit: type=1400 audit(1748880024.448:643): avc:  denied  { associate } for  pid=9998 comm="syz.4.993" name="47" dev="tmpfs" ino=264 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  315.336320][ T9860] hsr_slave_0: entered promiscuous mode
[  315.340305][ T9860] hsr_slave_1: entered promiscuous mode
[  316.461101][T10038] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1001'.
[  316.499449][T10038] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  316.570678][T10038] CIFS mount error: No usable UNC path provided in device string!
[  316.570678][T10038] 
[  316.574551][T10038] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  316.689736][T10035] 8021q: VLANs not supported on ip6tnl0
[  316.796169][ T5968] Bluetooth: hci1: command 0x0406 tx timeout
[  316.865508][T10046] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1002'.
[  317.247933][T10068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1007'.
[  317.323832][   T40] audit: type=1400 audit(1748880027.795:644): avc:  denied  { read } for  pid=10067 comm="syz.0.1007" dev="sockfs" ino=35939 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  317.476760][T10078] x_tables: ip_tables: udp match: only valid for protocol 17
[  317.483830][T10078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  317.642017][ T9860] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  317.653977][ T9860] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  317.663361][ T9860] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  317.694408][ T9860] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  317.705340][   T40] audit: type=1326 audit(1748880028.175:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.736329][   T40] audit: type=1326 audit(1748880028.175:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.750129][   T40] audit: type=1326 audit(1748880028.175:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.781792][   T40] audit: type=1326 audit(1748880028.175:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.803252][   T40] audit: type=1326 audit(1748880028.175:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.814407][   T40] audit: type=1326 audit(1748880028.175:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.828172][   T40] audit: type=1326 audit(1748880028.175:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.857354][ T9860] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.902748][   T40] audit: type=1326 audit(1748880028.175:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fe56638e969 code=0x7ffc0000
[  317.921047][ T9860] 8021q: adding VLAN 0 to HW filter on device team0
[  317.926657][   T40] audit: type=1326 audit(1748880028.175:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10093 comm="syz.2.1013" exe="/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  318.042035][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.045244][ T8269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.068469][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.071781][ T8269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.163628][T10100] syzkaller0: entered promiscuous mode
[  318.165943][T10100] syzkaller0: entered allmulticast mode
[  318.232919][T10100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  318.260667][T10100] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  318.321657][T10104] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.1015'.
[  318.326694][T10104] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1015'.
[  318.458107][T10122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1020'.
[  318.487579][ T6015] usb 9-1: new low-speed USB device number 6 using dummy_hcd
[  318.653065][ T6015] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  318.683143][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  318.722017][ T6015] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  318.732764][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  318.753879][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  318.763041][ T6015] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  318.770223][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  318.779688][ T6015] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  318.817135][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  318.822538][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  318.835422][ T6015] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  318.839790][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  318.845882][ T6015] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  318.850099][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  318.854130][ T6015] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  318.867625][ T6015] usb 9-1: string descriptor 0 read error: -22
[  318.873089][ T6015] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  318.881167][ T6015] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.943303][ T6015] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  319.164344][ T6015] usb 9-1: USB disconnect, device number 6
[  319.336574][ T9860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.461860][ T9860] veth0_vlan: entered promiscuous mode
[  319.472771][ T9860] veth1_vlan: entered promiscuous mode
[  319.602479][ T9860] veth0_macvtap: entered promiscuous mode
[  319.609720][ T9860] veth1_macvtap: entered promiscuous mode
[  319.685616][ T9860] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.707200][ T9860] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.731480][ T9860] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.749340][ T9860] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.753393][ T9860] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.771083][ T9860] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.791751][ T5959] Bluetooth: hci2: link tx timeout
[  319.808017][ T5959] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  319.854756][ T5968] Bluetooth: hci2: unexpected event for opcode 0x2012
[  319.989433][ T8264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  319.993008][ T8264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.034839][ T8269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.058403][ T8269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.861922][    C3] vkms_vblank_simulate: vblank timer overrun
[  321.278481][ T5968] Bluetooth: hci2: link tx timeout
[  321.281681][ T5968] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  321.316066][    C3] vkms_vblank_simulate: vblank timer overrun
[  321.365422][T10184] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1031'.
[  321.449649][ T5968] Bluetooth: hci2: link tx timeout
[  321.451885][ T5968] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  321.455070][   T54] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  321.566504][   T54] usb 9-1: device descriptor read/64, error -71
[  321.767014][T10190] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2834047395 (22672379160 ns) > initial count (8751802360 ns). Using initial count to start timer.
[  321.784382][T10190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1033'.
[  321.799850][ T5968] Bluetooth: hci2: link tx timeout
[  321.801931][ T5968] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  321.822452][   T54] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  321.836690][T10190] kvm: pic: single mode not supported
[  321.836785][T10190] kvm: pic: level sensitive irq not supported
[  321.996864][   T54] usb 9-1: device descriptor read/64, error -71
[  322.149979][   T54] usb usb9-port1: attempt power cycle
[  322.287970][ T8252] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.535887][   T54] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  322.578012][   T54] usb 9-1: device descriptor read/8, error -71
[  322.712266][ T8252] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.815383][   T54] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  322.822323][ T8252] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.842098][   T54] usb 9-1: device descriptor read/8, error -71
[  322.955724][   T54] usb usb9-port1: unable to enumerate USB device
[  323.058544][ T8252] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.063992][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  323.064008][   T40] audit: type=1400 audit(1748880033.535:658): avc:  denied  { read } for  pid=10194 comm="syz.0.1034" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  323.152649][T10197] max out of range
[  323.252473][   T40] audit: type=1400 audit(1748880033.725:659): avc:  denied  { watch } for  pid=10193 comm="syz.2.1035" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=2059 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  323.369853][    C3] vkms_vblank_simulate: vblank timer overrun
[  323.373873][ T5968] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  323.382130][ T5968] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  323.412329][ T5968] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  323.419637][ T8252] bridge_slave_1: left allmulticast mode
[  323.423518][ T8252] bridge_slave_1: left promiscuous mode
[  323.439739][ T8252] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.457903][ T5968] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  323.489481][ T5968] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  323.585875][    C3] vkms_vblank_simulate: vblank timer overrun
[  323.625235][ T8252] bridge_slave_0: left allmulticast mode
[  323.628389][ T8252] bridge_slave_0: left promiscuous mode
[  323.631519][ T8252] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.724600][    C3] vkms_vblank_simulate: vblank timer overrun
[  323.811958][    C3] vkms_vblank_simulate: vblank timer overrun
[  323.957896][   T40] audit: type=1400 audit(1748880034.415:660): avc:  denied  { write } for  pid=10200 comm="syz.2.1036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  324.745452][ T8252] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  324.769560][ T8252] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  324.794853][ T8252] bond0 (unregistering): Released all slaves
[  324.828731][T10201] tipc: Started in network mode
[  324.830912][T10201] tipc: Node identity ac1414aa, cluster identity 4711
[  324.842824][T10201] tipc: Enabled bearer <udp:s>, priority 10
[  324.889638][    C3] vkms_vblank_simulate: vblank timer overrun
[  325.093793][    C3] vkms_vblank_simulate: vblank timer overrun
[  325.113020][T10217] netlink: 'syz.0.1041': attribute type 1 has an invalid length.
[  325.129162][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1040'.
[  325.161940][T10215] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1040'.
[  325.205812][    C3] vkms_vblank_simulate: vblank timer overrun
[  325.284091][T10222] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1042'.
[  325.298125][T10220] veth3: entered promiscuous mode
[  325.436684][T10223] vlan0: entered allmulticast mode
[  325.439475][T10223] netdevsim netdevsim0 netdevsim3: entered allmulticast mode
[  325.683340][ T5959] Bluetooth: hci0: command tx timeout
[  325.840249][ T6048] tipc: Node number set to 2886997162
[  325.890257][T10255] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=10255 comm=syz.0.1048
[  325.969643][ T8252] hsr_slave_0: left promiscuous mode
[  325.972861][ T8252] hsr_slave_1: left promiscuous mode
[  325.994572][ T8252] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.999605][ T8252] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.015230][   T10] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  326.024363][ T8252] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.045945][ T8252] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.151631][ T8252] veth1_macvtap: left promiscuous mode
[  326.159145][ T8252] veth0_macvtap: left promiscuous mode
[  326.162354][ T8252] veth1_vlan: left promiscuous mode
[  326.166708][ T8252] veth0_vlan: left promiscuous mode
[  326.169489][   T40] audit: type=1400 audit(1748880036.645:661): avc:  denied  { mount } for  pid=10268 comm="syz.2.1050" name="/" dev="configfs" ino=2072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  326.200616][   T10] usb 9-1: Using ep0 maxpacket: 32
[  326.203842][   T40] audit: type=1400 audit(1748880036.645:662): avc:  denied  { setattr } for  pid=10268 comm="syz.2.1050" name="/" dev="configfs" ino=2072 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  326.216980][   T10] usb 9-1: config 1 interface 0 has no altsetting 0
[  326.220802][   T40] audit: type=1400 audit(1748880036.695:663): avc:  denied  { unmount } for  pid=5961 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  326.230237][   T10] usb 9-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.40
[  326.251940][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.263321][   T10] usb 9-1: Product: 绍ڗﳗ٦ㄴ镳毠檌嵓㣡츈
[  326.271535][   T10] usb 9-1: Manufacturer: 彝氮稀腒꿑쨺ੈﭽ桫
[  326.276843][   T10] usb 9-1: SerialNumber: 
[  327.765339][ T5959] Bluetooth: hci0: command tx timeout
[  328.501205][   T10] usbhid 9-1:1.0: can't add hid device: -71
[  328.503844][   T10] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[  328.518221][   T10] usb 9-1: USB disconnect, device number 11
[  328.754949][T10284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1053'.
[  329.313174][ T8252] team0 (unregistering): Port device team_slave_1 removed
[  329.696662][ T8252] team0 (unregistering): Port device team_slave_0 removed
[  329.849725][ T5959] Bluetooth: hci0: command tx timeout
[  331.915434][ T5959] Bluetooth: hci0: command tx timeout
[  332.184871][T10198] chnl_net:caif_netlink_parms(): no params data found
[  332.201002][T10272] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  332.460666][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1055'.
[  333.082065][T10198] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.090741][T10198] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.095625][T10198] bridge_slave_0: entered allmulticast mode
[  333.104023][T10198] bridge_slave_0: entered promiscuous mode
[  333.104872][T10322] IPv6: Can't replace route, no match found
[  333.127126][T10198] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.157959][T10198] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.172185][T10198] bridge_slave_1: entered allmulticast mode
[  333.177428][T10198] bridge_slave_1: entered promiscuous mode
[  333.393931][ T6029] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  333.428839][   T40] audit: type=1400 audit(1748880043.905:664): avc:  denied  { shutdown } for  pid=10331 comm="syz.0.1064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  333.444776][T10334] IPv4: Oversized IP packet from 172.20.20.24
[  333.452175][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  333.462407][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  333.481857][T10198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.532165][T10332] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.553594][T10198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.570190][ T6029] usb 9-1: Using ep0 maxpacket: 32
[  333.583295][ T6029] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  333.589359][ T6029] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  333.593938][ T6029] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  333.612001][ T6029] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  333.653824][T10337] netlink: 'syz.2.1065': attribute type 2 has an invalid length.
[  333.657251][T10337] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1065'.
[  333.661891][T10337] nbd: must specify a device to reconfigure
[  333.673900][ T6029] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  333.682475][ T6029] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  333.690289][ T6029] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.693875][ T6029] usb 9-1: Product: syz
[  333.697273][ T6029] usb 9-1: Manufacturer: syz
[  333.700581][ T6029] usb 9-1: SerialNumber: syz
[  333.706473][ T6029] usb 9-1: config 0 descriptor??
[  333.716207][T10326] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  333.749889][ T6029] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input18
[  333.772878][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  333.783818][T10198] team0: Port device team_slave_0 added
[  333.787721][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  333.794671][ T5333] xpad 9-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  333.822732][   T40] audit: type=1400 audit(1748880044.285:665): avc:  denied  { map } for  pid=10335 comm="syz.2.1065" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.855268][   T40] audit: type=1400 audit(1748880044.285:666): avc:  denied  { execute } for  pid=10335 comm="syz.2.1065" path="/dev/loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  333.900960][T10198] team0: Port device team_slave_1 added
[  333.924374][ T5333] xpad 9-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  334.065133][T10326] xpad 9-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  334.107808][T10291] xpad 9-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  334.134398][ T5333] xpad 9-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  334.136267][   T10] usb 9-1: USB disconnect, device number 12
[  334.138872][    C2] xpad 9-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19
[  334.350177][T10348] batman_adv: batadv0: Adding interface: dummy0
[  334.354024][T10348] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.375437][T10348] batman_adv: batadv0: Interface activated: dummy0
[  334.494792][T10198] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.507968][T10198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.530309][T10198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  334.537527][T10198] batman_adv: batadv0: Adding interface: batadv_slave_1
[  334.540445][T10198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.548890][T10198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.662931][   T40] audit: type=1400 audit(1748880045.115:667): avc:  denied  { node_bind } for  pid=10360 comm="syz.2.1071" saddr=172.20.20.187 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  334.822654][T10198] hsr_slave_0: entered promiscuous mode
[  334.831442][T10198] hsr_slave_1: entered promiscuous mode
[  335.097951][   T10] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  335.210145][   T40] audit: type=1400 audit(1748880045.685:668): avc:  denied  { ioctl } for  pid=10387 comm="syz.2.1076" path="socket:[35404]" dev="sockfs" ino=35404 ioctlcmd=0x8981 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  335.282821][   T10] usb 9-1: Using ep0 maxpacket: 32
[  335.311795][   T10] usb 9-1: config 1 has an invalid interface number: 3 but max is 2
[  335.341181][   T10] usb 9-1: config 1 has an invalid interface number: 6 but max is 2
[  335.345537][   T10] usb 9-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  335.362258][   T10] usb 9-1: config 1 has no interface number 1
[  335.380312][   T10] usb 9-1: config 1 has no interface number 2
[  335.382824][   T10] usb 9-1: config 1 interface 3 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  335.390775][   T10] usb 9-1: too many endpoints for config 1 interface 6 altsetting 1: 45, using maximum allowed: 30
[  335.395925][   T10] usb 9-1: config 1 interface 6 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 45
[  335.428310][   T10] usb 9-1: config 1 interface 3 has no altsetting 0
[  335.449497][   T10] usb 9-1: config 1 interface 6 has no altsetting 0
[  335.457134][   T10] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  335.463669][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.467996][   T10] usb 9-1: Product: 戀놣琱귡
[  335.470450][   T10] usb 9-1: Manufacturer: ࠬ
[  335.472670][   T10] usb 9-1: SerialNumber: ⇈筁唕艏糍翝垕䰛놬꘨ⵖᣁ4閒絢㓶只㓏諄淆鑧୉ﺐ箚螒ꤙ␶濮豽祵㷺㹊쀎厔ᖜࠥ螘ῷ粘ⅼኞퟠ饷﹫硱区苀먌ᮍ벹⻰䛜Ổ온蛙㾡쇇㑦겗型쏑Q舋ℏ蒰閆削灮硴뿾沢莝匔揓䧘꟨莡틴䙋ᶓ둤䵟孁嗯ꞔﰕ㝛醎䘸ḭ뢮
[  335.828325][T10405] loop6: detected capacity change from 0 to 128
[  335.917295][   T40] audit: type=1400 audit(1748880046.385:669): avc:  denied  { read } for  pid=5333 comm="acpid" name="mouse6" dev="devtmpfs" ino=2973 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  335.933007][   T40] audit: type=1400 audit(1748880046.385:670): avc:  denied  { open } for  pid=5333 comm="acpid" path="/dev/input/mouse6" dev="devtmpfs" ino=2973 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  335.937860][T10405] Invalid logical block size (-1)
[  335.964952][   T40] audit: type=1400 audit(1748880046.385:671): avc:  denied  { ioctl } for  pid=5333 comm="acpid" path="/dev/input/mouse6" dev="devtmpfs" ino=2973 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  336.005986][T10363] IPv6: Can't replace route, no match found
[  336.041412][   T10] usb 9-1: 0:2 : does not exist
[  336.095024][   T10] usb 9-1: USB disconnect, device number 13
[  336.182497][T10287] udevd[10287]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  336.508101][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1080'.
[  336.512219][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1080'.
[  336.859258][T10427] overlayfs: workdir and upperdir must be separate subtrees
[  337.167419][   T40] audit: type=1400 audit(1748880047.645:672): avc:  denied  { write } for  pid=10432 comm="syz.2.1084" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  337.194325][   T40] audit: type=1400 audit(1748880047.645:673): avc:  denied  { write } for  pid=10432 comm="syz.2.1084" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  337.287681][T10439] PKCS7: Unknown OID: [4] 5.25.43183(bad)
[  337.314018][T10439] PKCS7: Only support pkcs7_signedData type
[  337.457777][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  337.650767][   T24] usb 5-1: Using ep0 maxpacket: 8
[  337.667170][   T24] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  337.670632][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  337.704308][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  337.773891][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  337.805906][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  337.812977][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  337.816579][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.853661][T10198] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  337.910740][T10198] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  337.949618][T10198] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  337.981335][T10198] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  338.083632][   T24] usb 5-1: usb_control_msg returned -32
[  338.086721][   T24] usbtmc 5-1:16.0: can't read capabilities
[  338.103578][T10198] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.221880][T10198] 8021q: adding VLAN 0 to HW filter on device team0
[  338.254156][ T8264] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.271359][ T8264] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.301246][ T8264] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.304966][ T8264] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.440987][T10460] usbtmc 5-1:16.0: INITIATE_ABORT_BULK_IN returned 0
[  338.828379][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  338.828398][   T40] audit: type=1326 audit(1748880049.285:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10470 comm="syz.4.1090" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc8ee18e969 code=0x0
[  338.883143][   T50] usb 5-1: USB disconnect, device number 12
[  339.010013][T10198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.086834][T10198] veth0_vlan: entered promiscuous mode
[  339.099934][T10198] veth1_vlan: entered promiscuous mode
[  339.141038][T10198] veth0_macvtap: entered promiscuous mode
[  339.187117][T10198] veth1_macvtap: entered promiscuous mode
[  339.223663][T10198] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.243927][T10198] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.276020][T10198] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.279475][T10198] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.288359][T10198] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.301208][T10198] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.432357][ T8252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.474219][ T8252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.725456][ T8258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.729403][ T8258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.738775][T10488] overlay: filesystem on ./bus not supported as upperdir
[  339.805321][T10491] evm: overlay not supported
[  339.827283][   T40] audit: type=1804 audit(1748880050.295:676): pid=10487 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1092" name="/newroot/39/bus/file0" dev="overlay" ino=233 res=1 errno=0
[  339.974573][T10495] netlink: 'syz.4.1094': attribute type 10 has an invalid length.
[  339.980570][T10495] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1094'.
[  340.047312][T10495] team0: entered promiscuous mode
[  340.051043][T10495] team_slave_0: entered promiscuous mode
[  340.060592][T10495] team_slave_1: entered promiscuous mode
[  340.075764][T10495] bridge0: port 3(team0) entered blocking state
[  340.104281][T10495] bridge0: port 3(team0) entered disabled state
[  340.139253][T10495] team0: entered allmulticast mode
[  340.141890][T10495] team_slave_0: entered allmulticast mode
[  340.144557][T10495] team_slave_1: entered allmulticast mode
[  340.154275][T10495] bridge0: port 3(team0) entered blocking state
[  340.155685][T10502] __vm_enough_memory: pid: 10502, comm: syz.0.1095, bytes: 21199986761728 not enough memory for the allocation
[  340.162298][T10495] bridge0: port 3(team0) entered forwarding state
[  340.469265][T10514] openvswitch: netlink: Flow key attribute not present in set flow.
[  341.159624][   T40] audit: type=1400 audit(1748880051.635:677): avc:  denied  { ioctl } for  pid=10534 comm="syz.2.1102" path="/353/file0/file0" dev="9p" ino=35913832 ioctlcmd=0xae46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  341.187289][   T40] audit: type=1400 audit(1748880051.635:678): avc:  denied  { lock } for  pid=10534 comm="syz.2.1102" path="/353/file0/file0" dev="9p" ino=35913832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  341.373896][   T40] audit: type=1400 audit(1748880051.845:679): avc:  denied  { setopt } for  pid=10543 comm="syz.4.1105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  341.833611][T10560] xt_hashlimit: size too large, truncated to 1048576
[  342.117472][ T8260] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.372139][ T8260] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.498953][   T52] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[  343.620208][ T8260] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.677425][   T52] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 502, setting to 64
[  343.680900][ T5968] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  343.697710][   T52] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 57829, setting to 64
[  343.717437][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.735547][ T5968] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  343.743719][ T5968] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  343.762153][   T52] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  343.765738][ T5968] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  343.785447][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.805027][ T5968] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  343.808343][   T52] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  343.872988][   T52] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  343.924444][ T8260] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.925231][   T52] usb 9-1: SerialNumber: syz
[  343.964209][T10589] netlink: 'syz.0.1119': attribute type 4 has an invalid length.
[  343.969613][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.999555][T10570] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  344.004108][T10570] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  344.021952][T10591] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1119'.
[  344.032548][   T52] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22
[  344.037895][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.086875][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.121669][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.159501][T10596] /dev/sg0: Can't lookup blockdev
[  344.161965][T10596] /dev/sg0: Can't lookup blockdev
[  344.164400][T10596] /dev/sg0: Can't lookup blockdev
[  344.252483][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1114'.
[  344.261585][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1114'.
[  344.266813][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1114'.
[  344.285863][T10570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1114'.
[  344.295255][   T40] audit: type=1400 audit(1748880054.725:680): avc:  denied  { allowed } for  pid=10601 comm="syz.0.1121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  344.338319][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.543036][T10613] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1019 sclass=netlink_route_socket pid=10613 comm=syz.0.1124
[  344.665647][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.746993][ T8260] bridge_slave_1: left allmulticast mode
[  344.751086][ T8260] bridge_slave_1: left promiscuous mode
[  344.758975][ T8260] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.831974][T10570] "syz.4.1114" (10570) uses obsolete ecb(arc4) skcipher
[  344.856371][ T8260] bridge_slave_0: left allmulticast mode
[  344.860159][ T8260] bridge_slave_0: left promiscuous mode
[  344.943476][ T8260] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.089997][ T6048] usb 9-1: USB disconnect, device number 14
[  345.169691][    C0] vkms_vblank_simulate: vblank timer overrun
[  345.517650][    C0] vkms_vblank_simulate: vblank timer overrun
[  345.744911][T10636] syz.2.1126: attempt to access beyond end of device
[  345.744911][T10636] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  345.753069][T10636] MINIX-fs: unable to read superblock
[  345.925703][ T5968] Bluetooth: hci0: command tx timeout
[  345.967461][   T40] audit: type=1400 audit(1748880056.435:681): avc:  denied  { listen } for  pid=10635 comm="syz.2.1126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  346.327580][ T8260] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  346.343086][ T8260] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  346.381976][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.391103][ T8260] bond0 (unregistering): Released all slaves
[  346.454947][T10584] chnl_net:caif_netlink_parms(): no params data found
[  346.469620][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.780775][   T40] audit: type=1400 audit(1748880057.255:682): avc:  denied  { bind } for  pid=10646 comm="syz.2.1129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  346.801101][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.811691][T10645] openvswitch: netlink: IP tunnel dst address not specified
[  346.831466][T10647] netlink: 'syz.2.1129': attribute type 15 has an invalid length.
[  346.847601][T10650] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1129'.
[  346.875664][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.927654][   T40] audit: type=1400 audit(1748880057.405:683): avc:  denied  { lock } for  pid=10649 comm="syz.0.1130" path="socket:[38241]" dev="sockfs" ino=38241 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  347.231717][T10584] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.234797][T10584] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.251624][T10584] bridge_slave_0: entered allmulticast mode
[  347.279064][T10584] bridge_slave_0: entered promiscuous mode
[  347.317681][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.428980][ T8260] hsr_slave_0: left promiscuous mode
[  347.432814][ T8260] hsr_slave_1: left promiscuous mode
[  347.438442][ T8260] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  347.446896][ T8260] batman_adv: batadv0: Removing interface: batadv_slave_0
[  347.451472][ T8260] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  347.460870][ T8260] batman_adv: batadv0: Removing interface: batadv_slave_1
[  347.479819][T10666] binder: 10664:10666 ioctl c0306201 200000000c00 returned -14
[  347.534418][ T8260] veth1_macvtap: left promiscuous mode
[  347.537574][ T8260] veth0_macvtap: left promiscuous mode
[  347.540509][ T8260] veth1_vlan: left promiscuous mode
[  347.543008][ T8260] veth0_vlan: left promiscuous mode
[  347.630547][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.689628][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.859499][T10672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1135'.
[  348.000391][ T5968] Bluetooth: hci0: command tx timeout
[  350.075744][ T5968] Bluetooth: hci0: command tx timeout
[  351.232101][ T8260] team0 (unregistering): Port device team_slave_1 removed
[  351.680191][ T8260] team0 (unregistering): Port device team_slave_0 removed
[  352.164082][ T5968] Bluetooth: hci0: command tx timeout
[  354.434272][T10584] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.439732][T10584] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.442884][T10584] bridge_slave_1: entered allmulticast mode
[  354.448880][T10584] bridge_slave_1: entered promiscuous mode
[  354.497484][T10672] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  354.508978][T10680] bridge0: port 4(batadv0) entered blocking state
[  354.566039][T10680] bridge0: port 4(batadv0) entered disabled state
[  354.586221][T10680] batadv0: entered allmulticast mode
[  354.634051][T10680] batadv0: entered promiscuous mode
[  354.638178][T10680] bridge0: port 4(batadv0) entered blocking state
[  354.642563][T10680] bridge0: port 4(batadv0) entered forwarding state
[  354.674307][T10682] batadv0: left allmulticast mode
[  354.698347][ T8251] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  354.705697][ T8251] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  354.740558][T10682] batadv0: left promiscuous mode
[  354.749906][T10682] bridge0: port 4(batadv0) entered disabled state
[  355.211339][T10584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  355.238621][T10584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.675635][T10584] team0: Port device team_slave_0 added
[  355.710009][T10703] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  355.713427][T10703] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  355.741863][T10584] team0: Port device team_slave_1 added
[  355.867592][T10703] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  355.875457][T10703] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  355.973347][T10703] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  355.976251][T10703] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  356.130546][T10703] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  356.455044][T10584] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.469291][T10584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.496131][T10584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.513446][T10584] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.521190][T10584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.558884][T10584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.746370][T10746] CIFS mount error: No usable UNC path provided in device string!
[  356.746370][T10746] 
[  356.753106][T10746] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  356.782119][T10584] hsr_slave_0: entered promiscuous mode
[  356.810987][T10584] hsr_slave_1: entered promiscuous mode
[  356.914933][T10751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  356.922710][T10751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.289917][T10762] netlink: 'syz.4.1154': attribute type 4 has an invalid length.
[  357.373548][    C1] vkms_vblank_simulate: vblank timer overrun
[  357.550139][ T5968] Bluetooth: hci1: command 0x0406 tx timeout
[  357.661776][    C1] vkms_vblank_simulate: vblank timer overrun
[  357.814860][T10775] Bluetooth: MGMT ver 1.23
[  357.944045][ T5959] Bluetooth: hci2: command 0x0406 tx timeout
[  358.022352][ T5959] Bluetooth: hci0: command 0x0c1a tx timeout
[  358.028143][ T5968] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  358.302980][T10790] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1163'.
[  358.322042][T10790] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10790 comm=syz.0.1163
[  358.419584][T10798] IPv6: NLM_F_CREATE should be specified when creating new route
[  358.676928][T10808] syz_tun: entered allmulticast mode
[  358.687665][   T40] audit: type=1400 audit(1748880069.155:684): avc:  denied  { create } for  pid=10801 comm="syz.0.1166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  358.699075][T10801] syz_tun: left allmulticast mode
[  358.975687][T10817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  358.986970][T10817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  359.437147][T10584] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  359.519760][T10584] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  359.596348][T10584] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  359.605281][ T5968] Bluetooth: hci1: command 0x0406 tx timeout
[  359.675922][T10584] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  360.014150][ T5968] Bluetooth: hci2: command 0x0406 tx timeout
[  360.019535][T10837] tmpfs: Unknown parameter 'm'
[  360.023076][T10584] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.078633][T10584] 8021q: adding VLAN 0 to HW filter on device team0
[  360.085892][ T5968] Bluetooth: hci0: command 0x0c1a tx timeout
[  360.122636][T10841] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1174'.
[  360.128821][ T8260] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.133506][ T8260] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.172286][ T8260] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.183373][ T8260] bridge0: port 2(bridge_slave_1) entered forwarding state
[  360.360031][T10584] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  360.639286][T10584] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.729000][T10584] veth0_vlan: entered promiscuous mode
[  360.769147][T10584] veth1_vlan: entered promiscuous mode
[  360.820998][T10584] veth0_macvtap: entered promiscuous mode
[  360.831209][T10584] veth1_macvtap: entered promiscuous mode
[  360.864857][   T40] audit: type=1400 audit(1748880071.335:685): avc:  denied  { read write } for  pid=10869 comm="syz.0.1178" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  360.899020][T10584] batman_adv: batadv0: Interface activated: batadv_slave_0
[  360.915499][   T40] audit: type=1400 audit(1748880071.385:686): avc:  denied  { open } for  pid=10869 comm="syz.0.1178" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  360.975870][T10584] batman_adv: batadv0: Interface activated: batadv_slave_1
[  360.991923][T10584] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.004147][T10584] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.032686][T10874] binder: 10871:10874 ioctl 704 0 returned -22
[  361.059155][T10874] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1179'.
[  361.059577][T10584] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.074070][T10584] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.408141][T10887] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1181'.
[  361.414056][T10887] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  361.417292][T10887] IPv6: NLM_F_CREATE should be set when creating new route
[  361.566539][ T8269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.619691][ T8269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.774732][ T8260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.789507][ T8260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.945290][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1185'.
[  361.949324][T10904] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10904 comm=syz.0.1185
[  362.039350][T10904] qnx4: no qnx4 filesystem (no root dir).
[  362.508124][T10929] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  362.513080][T10920] tipc: Can't bind to reserved service type 2
[  363.053237][   T40] audit: type=1400 audit(1748880073.525:687): avc:  denied  { getopt } for  pid=10941 comm="syz.2.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  363.089986][   T40] audit: type=1400 audit(1748880073.525:688): avc:  denied  { setattr } for  pid=10941 comm="syz.2.1193" name="NETLINK" dev="sockfs" ino=40372 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  363.283302][ T8269] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.208468][ T8269] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.571464][ T8269] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.778527][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  364.805766][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  364.822031][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  364.830696][ T8269] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.833881][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  364.847231][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  365.038389][   T40] audit: type=1400 audit(1748880075.485:689): avc:  denied  { accept } for  pid=10982 comm="syz.0.1197" lport=45511 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  365.940805][   T40] audit: type=1400 audit(1748880076.415:690): avc:  denied  { sqpoll } for  pid=10993 comm="syz.2.1199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  365.981154][ T8269] bridge_slave_1: left allmulticast mode
[  365.983674][ T8269] bridge_slave_1: left promiscuous mode
[  366.054400][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.158574][ T8269] bridge_slave_0: left allmulticast mode
[  366.162661][ T8269] bridge_slave_0: left promiscuous mode
[  366.196853][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.347962][T11014] netlink: 344 bytes leftover after parsing attributes in process `syz.2.1201'.
[  366.444560][   T40] audit: type=1400 audit(1748880076.915:691): avc:  denied  { ioctl } for  pid=11019 comm="syz.2.1204" path="socket:[38744]" dev="sockfs" ino=38744 ioctlcmd=0x943b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  366.848938][   T40] audit: type=1400 audit(1748880077.325:692): avc:  denied  { watch } for  pid=11029 comm="syz.2.1206" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  366.905413][   T40] audit: type=1400 audit(1748880077.335:693): avc:  denied  { watch_sb } for  pid=11029 comm="syz.2.1206" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  366.968794][ T5959] Bluetooth: hci0: command tx timeout
[  367.111659][T11038] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1209'.
[  367.179404][T11040] openvswitch: netlink: IPv6 tunnel dst address is zero
[  367.182556][   T40] audit: type=1400 audit(1748880077.655:694): avc:  denied  { ioctl } for  pid=11039 comm="syz.0.1210" path="socket:[38772]" dev="sockfs" ino=38772 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  367.239536][   T40] audit: type=1400 audit(1748880077.655:695): avc:  denied  { bind } for  pid=11039 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  367.896144][ T8269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.912273][ T8269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.943415][ T8269] bond0 (unregistering): Released all slaves
[  368.079604][T10978] chnl_net:caif_netlink_parms(): no params data found
[  368.577402][T11053] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1211'.
[  369.046100][ T5959] Bluetooth: hci0: command tx timeout
[  369.278169][T10978] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.282300][T10978] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.287954][T10978] bridge_slave_0: entered allmulticast mode
[  369.294406][T10978] bridge_slave_0: entered promiscuous mode
[  369.445790][T10978] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.448751][T10978] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.466138][T10978] bridge_slave_1: entered allmulticast mode
[  369.470392][T10978] bridge_slave_1: entered promiscuous mode
[  369.615606][ T8269] hsr_slave_0: left promiscuous mode
[  369.623674][ T8269] hsr_slave_1: left promiscuous mode
[  369.628662][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.634087][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.660365][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.664056][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.762170][ T8269] veth1_macvtap: left promiscuous mode
[  369.766364][ T8269] veth0_macvtap: left promiscuous mode
[  369.769999][ T8269] veth1_vlan: left promiscuous mode
[  369.774181][ T8269] veth0_vlan: left promiscuous mode
[  371.115577][ T5959] Bluetooth: hci0: command tx timeout
[  372.484930][ T8269] team0 (unregistering): Port device team_slave_1 removed
[  372.751760][ T8269] team0 (unregistering): Port device team_slave_0 removed
[  373.197547][ T5959] Bluetooth: hci0: command tx timeout
[  375.093937][T10978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.142346][T10978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.437898][   T40] audit: type=1400 audit(1748880085.915:696): avc:  denied  { read } for  pid=11088 comm="syz.2.1216" path="socket:[41500]" dev="sockfs" ino=41500 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  375.443690][T10978] team0: Port device team_slave_0 added
[  375.540688][T10978] team0: Port device team_slave_1 added
[  375.643390][T11085] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1215'.
[  375.769955][T11098] Invalid ELF header type: 0 != 1
[  375.773951][   T40] audit: type=1400 audit(1748880086.245:697): avc:  denied  { module_load } for  pid=11097 comm="syz.0.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  375.800612][T11098] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1217'.
[  375.813629][T10978] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.825617][T10978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.854477][T10978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.886046][T10978] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.900996][T10978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.925877][T10978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  376.251086][T10978] hsr_slave_0: entered promiscuous mode
[  376.283376][T10978] hsr_slave_1: entered promiscuous mode
[  376.293400][T11104] netlink: 'syz.0.1219': attribute type 10 has an invalid length.
[  376.513271][T11104] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  376.521471][T11104] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  377.268175][   T40] audit: type=1400 audit(1748880087.745:698): avc:  denied  { listen } for  pid=11121 comm="syz.4.1222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  377.320076][   T29] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  377.470352][   T29] usb 5-1: device descriptor read/64, error -71
[  377.701792][   T40] audit: type=1400 audit(1748880088.175:699): avc:  denied  { mount } for  pid=11129 comm="syz.4.1223" name="/" dev="ramfs" ino=40530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  377.755393][   T29] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  377.806898][   T40] audit: type=1400 audit(1748880088.285:700): avc:  denied  { mounton } for  pid=11129 comm="syz.4.1223" path="/file1" dev="ramfs" ino=40535 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  377.905379][   T29] usb 5-1: device descriptor read/64, error -71
[  378.015801][   T29] usb usb5-port1: attempt power cycle
[  378.400285][   T29] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  378.435978][   T29] usb 5-1: device descriptor read/8, error -71
[  378.490052][T11150] binder: BINDER_SET_CONTEXT_MGR already set
[  378.521154][T11150] binder: 11149:11150 ioctl 4018620d 200000000040 returned -16
[  378.524009][T10978] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  378.555563][T10978] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  378.583279][T10978] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  378.586481][T11150] binder: 11149:11150 ioctl c0306201 2000000003c0 returned -22
[  378.628457][T10978] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  378.699614][   T29] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  378.744688][   T29] usb 5-1: device descriptor read/8, error -71
[  378.802520][T10978] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.819367][T11161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  378.830404][T11161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.835044][T10978] 8021q: adding VLAN 0 to HW filter on device team0
[  378.847507][ T8258] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.852217][ T8258] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.866502][   T29] usb usb5-port1: unable to enumerate USB device
[  378.894207][ T8257] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.897455][ T8257] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.930852][   T40] audit: type=1400 audit(1748880089.405:701): avc:  denied  { setattr } for  pid=11163 comm="syz.4.1231" path="socket:[41589]" dev="sockfs" ino=41589 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  378.955472][    C1] vkms_vblank_simulate: vblank timer overrun
[  378.970306][   T40] audit: type=1400 audit(1748880089.405:702): avc:  denied  { append } for  pid=11163 comm="syz.4.1231" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  379.009096][T10978] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  379.019428][T10978] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  379.293354][    C1] vkms_vblank_simulate: vblank timer overrun
[  379.300761][T10978] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.387127][T10978] veth0_vlan: entered promiscuous mode
[  379.420918][T10978] veth1_vlan: entered promiscuous mode
[  379.471814][T10978] veth0_macvtap: entered promiscuous mode
[  379.518858][T10978] veth1_macvtap: entered promiscuous mode
[  379.547830][T10978] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.579198][T10978] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.591292][T10978] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.594828][T10978] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.600576][T10978] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.606367][T10978] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.709238][ T8269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.773689][ T8269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.832371][ T8269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.848981][ T8269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.049291][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.259963][T11191] veth1_to_team: entered promiscuous mode
[  380.288315][T11191] veth1_to_team: left promiscuous mode
[  380.574202][   T40] audit: type=1400 audit(1748880091.045:703): avc:  denied  { append } for  pid=11208 comm="syz.0.1240" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  380.923733][   T40] audit: type=1400 audit(1748880091.395:704): avc:  denied  { write } for  pid=11218 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  381.001964][   T40] audit: type=1400 audit(1748880091.415:705): avc:  denied  { read } for  pid=11218 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  381.445280][    C1] vkms_vblank_simulate: vblank timer overrun
[  381.705263][ T5994] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  381.907335][ T5994] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  381.927677][ T5994] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  381.929362][ T8269] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.945624][ T5994] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  381.973150][ T5994] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  381.989991][ T5994] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  381.999749][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  382.005269][ T5994] usb 5-1: Product: syz
[  382.007661][ T5994] usb 5-1: Manufacturer: syz
[  382.023510][ T5994] cdc_wdm 5-1:1.0: skipping garbage
[  382.031370][ T5994] cdc_wdm 5-1:1.0: skipping garbage
[  382.038832][ T5994] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  382.041501][ T5994] cdc_wdm 5-1:1.0: Unknown control protocol
[  382.224486][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  382.224812][ T5994] usb 5-1: USB disconnect, device number 17
[  382.227353][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  382.227379][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  382.595370][ T5994] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  382.760489][ T5994] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  382.767337][ T5994] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  382.771740][ T5994] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  382.796250][ T5994] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.821459][ T5994] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  382.826402][ T5994] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  382.830035][ T5994] usb 5-1: Product: syz
[  382.861093][ T5994] usb 5-1: Manufacturer: syz
[  382.897413][ T5994] cdc_wdm 5-1:1.0: skipping garbage
[  382.915241][ T5994] cdc_wdm 5-1:1.0: skipping garbage
[  382.922913][ T5994] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  382.942638][ T5994] cdc_wdm 5-1:1.0: Unknown control protocol
[  383.290026][T11252] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1246'.
[  383.300282][T11252] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1246'.
[  383.313473][T11252] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1246'.
[  383.667283][ T5968] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  383.688650][ T5968] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  383.697979][T11263] netlink: 'syz.2.1249': attribute type 39 has an invalid length.
[  383.716802][ T5968] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  383.766105][ T5968] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  383.779349][ T5968] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  383.930523][ T8269] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.022403][T11276] sctp: [Deprecated]: syz.4.1253 (pid 11276) Use of struct sctp_assoc_value in delayed_ack socket option.
[  384.022403][T11276] Use struct sctp_sack_info instead
[  384.189364][ T6015] usb 5-1: USB disconnect, device number 18
[  384.362521][ T8269] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.463827][   T40] audit: type=1400 audit(1748880094.925:706): avc:  denied  { write } for  pid=11290 comm="syz.0.1256" path="socket:[39912]" dev="sockfs" ino=39912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  384.496620][T11266] chnl_net:caif_netlink_parms(): no params data found
[  384.640504][ T8269] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.033436][T11266] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.043449][T11266] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.048094][T11266] bridge_slave_0: entered allmulticast mode
[  385.056474][T11266] bridge_slave_0: entered promiscuous mode
[  385.065953][T11266] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.068938][T11266] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.073011][T11266] bridge_slave_1: entered allmulticast mode
[  385.076177][T11302] IPv6: NLM_F_CREATE should be specified when creating new route
[  385.079926][T11302] IPv6: Can't replace route, no match found
[  385.082387][T11266] bridge_slave_1: entered promiscuous mode
[  385.084987][T11302] IPv6: Can't replace route, no match found
[  385.089627][T11302] IPv6: Can't replace route, no match found
[  385.102537][T11302] IPv6: Can't replace route, no match found
[  385.113770][T11302] IPv6: Can't replace route, no match found
[  385.123668][T11302] IPv6: Can't replace route, no match found
[  385.133758][T11302] IPv6: Can't replace route, no match found
[  385.137347][T11302] IPv6: Can't replace route, no match found
[  385.140837][T11302] IPv6: Can't replace route, no match found
[  385.154554][T11302] IPv6: Can't replace route, no match found
[  385.159149][T11302] IPv6: Can't replace route, no match found
[  385.205637][T11302] IPv6: Can't replace route, no match found
[  385.442787][T11266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.526556][T11266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.564833][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.603701][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.670357][T11325] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1261'.
[  385.695329][   T50] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  385.921847][   T50] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  385.927840][   T50] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  385.930189][T11266] team0: Port device team_slave_0 added
[  385.937017][   T50] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  385.957927][ T5959] Bluetooth: hci0: command tx timeout
[  385.962096][   T50] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.989515][   T50] usb 5-1: config 0 descriptor??
[  385.995708][   T50] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  386.003667][   T50] dvb-usb: bulk message failed: -22 (3/0)
[  386.004246][T11266] team0: Port device team_slave_1 added
[  386.064955][   T50] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  386.076154][   T50] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  386.100592][   T50] usb 5-1: media controller created
[  386.104931][   T50] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  386.216996][   T50] dvb-usb: bulk message failed: -22 (6/0)
[  386.235637][   T50] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  386.260590][   T50] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input20
[  386.268903][ T8269] bridge_slave_1: left allmulticast mode
[  386.272550][ T8269] bridge_slave_1: left promiscuous mode
[  386.281323][   T50] dvb-usb: schedule remote query interval to 150 msecs.
[  386.292172][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.330551][   T50] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  386.387199][ T8269] bridge_slave_0: left allmulticast mode
[  386.403754][ T8269] bridge_slave_0: left promiscuous mode
[  386.410026][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.516355][T11346] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  386.517328][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  386.519968][T11346] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  386.533076][   T50] dvb-usb: error while querying for an remote control event.
[  386.727048][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  386.776768][   T50] dvb-usb: error while querying for an remote control event.
[  386.782476][T11355] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  386.786878][T11355] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  386.797862][T11355] vhci_hcd vhci_hcd.0: Device attached
[  386.837062][T11356] vhci_hcd: connection closed
[  386.847439][ T8258] vhci_hcd: stop threads
[  386.852818][ T8258] vhci_hcd: release socket
[  386.887524][ T8258] vhci_hcd: disconnect device
[  386.935321][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  386.939229][   T50] dvb-usb: error while querying for an remote control event.
[  387.110985][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  387.158739][   T50] dvb-usb: error while querying for an remote control event.
[  387.316878][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  387.319104][   T50] dvb-usb: error while querying for an remote control event.
[  387.403840][    C1] vkms_vblank_simulate: vblank timer overrun
[  387.477582][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  387.500598][   T50] dvb-usb: error while querying for an remote control event.
[  387.503672][    C1] vkms_vblank_simulate: vblank timer overrun
[  387.532009][    C1] vkms_vblank_simulate: vblank timer overrun
[  387.598484][    C1] vkms_vblank_simulate: vblank timer overrun
[  387.680489][T11361] kAFS: unparsable volume name
[  387.765707][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  387.768776][   T50] dvb-usb: error while querying for an remote control event.
[  387.916498][ T8269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  387.938430][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  387.940800][   T50] dvb-usb: error while querying for an remote control event.
[  387.969901][ T8269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  387.975948][ T8269] bond0 (unregistering): Released all slaves
[  388.001961][ T5959] Bluetooth: hci0: command 0x041b tx timeout
[  388.095311][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  388.097605][   T50] dvb-usb: error while querying for an remote control event.
[  388.107067][T11266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  388.110086][T11266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.139324][    C1] vkms_vblank_simulate: vblank timer overrun
[  388.171241][T11266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  388.177175][T11266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.180006][T11266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.217052][    C1] vkms_vblank_simulate: vblank timer overrun
[  388.220494][T11266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.293358][   T50] dvb-usb: bulk message failed: -22 (1/0)
[  388.297355][   T50] dvb-usb: error while querying for an remote control event.
[  388.393683][   T50] usb 5-1: USB disconnect, device number 19
[  388.505465][   T40] audit: type=1400 audit(1748880098.965:707): avc:  denied  { connect } for  pid=11378 comm="syz.0.1275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  388.570545][   T50] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  388.761627][T11385] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1277'.
[  388.929550][T11266] hsr_slave_0: entered promiscuous mode
[  388.944994][T11266] hsr_slave_1: entered promiscuous mode
[  388.960232][T11266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.963669][T11266] Cannot create hsr debugfs directory
[  389.361285][    C1] vkms_vblank_simulate: vblank timer overrun
[  389.445228][    C1] vkms_vblank_simulate: vblank timer overrun
[  389.525206][    C1] vkms_vblank_simulate: vblank timer overrun
[  389.704548][   T40] audit: type=1400 audit(1748880100.175:708): avc:  denied  { setopt } for  pid=11396 comm="syz.0.1280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  389.753195][    C1] vkms_vblank_simulate: vblank timer overrun
[  389.777365][   T40] audit: type=1400 audit(1748880100.175:709): avc:  denied  { ioctl } for  pid=11414 comm="syz.2.1285" path="socket:[41968]" dev="sockfs" ino=41968 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  389.807903][    C1] vkms_vblank_simulate: vblank timer overrun
[  389.812594][   T40] audit: type=1400 audit(1748880100.175:710): avc:  denied  { write } for  pid=11414 comm="syz.2.1285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  389.817822][ T8269] hsr_slave_0: left promiscuous mode
[  389.867936][ T8269] hsr_slave_1: left promiscuous mode
[  389.885836][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.897112][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.945570][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.954001][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.089614][ T5968] Bluetooth: hci0: command 0x041b tx timeout
[  390.134629][ T8269] veth1_macvtap: left promiscuous mode
[  390.137273][ T8269] veth0_macvtap: left promiscuous mode
[  390.139767][ T8269] veth1_vlan: left promiscuous mode
[  390.143324][ T8269] veth0_vlan: left promiscuous mode
[  390.218615][T11426] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.388145][T11423] kvm: kvm [11422]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  390.423394][T11423] kvm: kvm [11422]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x7653
[  390.425243][    C1] vkms_vblank_simulate: vblank timer overrun
[  390.427565][T11423] kvm: kvm [11422]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x186) = 0x7653
[  390.434099][T11423] kvm: kvm [11422]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x5f57
[  390.439053][T11423] kvm: kvm [11422]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0x5f57
[  390.465070][T11423] kvm_intel: kvm [11422]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x43c1
[  390.911660][    C1] vkms_vblank_simulate: vblank timer overrun
[  392.165523][ T5968] Bluetooth: hci0: command 0x041b tx timeout
[  393.265325][ T8269] team0 (unregistering): Port device team_slave_1 removed
[  393.624304][ T8269] team0 (unregistering): Port device team_slave_0 removed
[  394.273349][ T5968] Bluetooth: hci0: command 0x041b tx timeout
[  395.227451][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  395.259951][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  397.912226][T11465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1296'.
[  398.398399][T11483] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1299'.
[  398.409106][T11483] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  398.748128][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  398.835488][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  398.905248][ T9161] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  398.909166][    C2] raw-gadget.1 gadget.2: ignoring, device is not running
[  398.911855][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  398.982228][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  399.039875][ T9161] usb 7-1: device descriptor read/64, error -32
[  399.120733][T11511] CIFS: iocharset name too long
[  399.165292][ T9161] raw-gadget.1 gadget.2: failed to queue suspend event
[  399.176539][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  399.261555][   T24] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  399.270709][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  399.325331][ T9161] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  399.328481][    C2] raw-gadget.1 gadget.2: ignoring, device is not running
[  399.331285][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  399.405842][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  399.449404][   T24] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  399.454327][   T24] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  399.472037][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 56461, setting to 64
[  399.495422][ T9161] usb 7-1: device descriptor read/64, error -32
[  399.499393][   T24] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  399.509200][   T24] usb 9-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  399.514626][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.525437][   T24] usb 9-1: Product: syz
[  399.528017][   T24] usb 9-1: Manufacturer: syz
[  399.535582][   T24] usb 9-1: SerialNumber: syz
[  399.549347][   T24] usb 9-1: config 0 descriptor??
[  399.566102][T11504] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  399.593712][ T5968] Bluetooth: hci2: unexpected event for opcode 0x2005
[  399.616466][ T9161] raw-gadget.1 gadget.2: failed to queue suspend event
[  399.661039][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input21
[  399.670130][ T9161] usb usb7-port1: attempt power cycle
[  399.677511][T11266] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  399.693596][ T9161] raw-gadget.1 gadget.2: failed to queue disconnect event
[  399.710869][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  399.783055][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  399.788223][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  399.806405][T11266] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  399.850546][   T40] audit: type=1400 audit(1748880110.325:711): avc:  denied  { append } for  pid=11499 comm="syz.4.1302" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  399.857393][T11266] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  399.923829][T11530] cgroup: Need name or subsystem set
[  399.948689][T11266] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  400.005286][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  400.075529][ T9161] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  400.096670][   T40] audit: type=1400 audit(1748880110.555:712): avc:  denied  { append } for  pid=11531 comm="syz.0.1310" name="pfkey" dev="proc" ino=4026534093 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  400.105879][    C2] raw-gadget.1 gadget.2: ignoring, device is not running
[  400.146801][ T9161] usb 7-1: device descriptor read/8, error -32
[  400.157704][T11266] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.212672][    T9] usb 9-1: USB disconnect, device number 15
[  400.217348][T11266] 8021q: adding VLAN 0 to HW filter on device team0
[  400.259914][ T8269] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.264088][ T8269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  400.275642][ T9161] raw-gadget.1 gadget.2: failed to queue suspend event
[  400.286505][ T8269] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.290459][ T8269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.309420][ T9161] raw-gadget.1 gadget.2: failed to queue reset event
[  400.381284][T11541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1311'.
[  400.385350][   T40] audit: type=1400 audit(1748880110.855:713): avc:  denied  { write } for  pid=11540 comm="syz.0.1311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  400.415362][ T9161] raw-gadget.1 gadget.2: failed to queue resume event
[  400.417156][T11266] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  400.442914][T11266] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  400.483826][ T9161] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  400.575808][    C2] raw-gadget.1 gadget.2: ignoring, device is not running
[  400.589959][ T9161] usb 7-1: device descriptor read/8, error -32
[  400.695313][ T9161] raw-gadget.1 gadget.2: failed to queue suspend event
[  400.706887][ T9161] usb usb7-port1: unable to enumerate USB device
[  400.848363][T11266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.034379][T11266] veth0_vlan: entered promiscuous mode
[  401.073912][T11266] veth1_vlan: entered promiscuous mode
[  401.173847][T11266] veth0_macvtap: entered promiscuous mode
[  401.232320][T11266] veth1_macvtap: entered promiscuous mode
[  401.331133][T11266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  401.361523][T11266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  401.387382][T11266] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  401.400520][T11266] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  401.411230][T11266] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  401.421679][T11266] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  401.833471][ T8252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.855562][ T8252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.945424][ T8258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.950455][ T8258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.951793][T11590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.962284][T11590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.992169][T11594] fuse: Bad value for 'fd'
[  402.097182][T11598] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1323'.
[  402.911059][ T8258] tipc: Subscription rejected, illegal request
[  402.973631][T11617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1328'.
[  403.033460][T11617] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1328'.
[  403.406577][T11634] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  403.449679][T11634] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  403.624410][   T40] audit: type=1400 audit(1748880114.055:714): avc:  denied  { execute } for  pid=11635 comm="syz.4.1334" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  403.939254][ T5994] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  404.108397][ T5994] usb 5-1: Using ep0 maxpacket: 8
[  404.118574][ T5994] usb 5-1: config 0 has an invalid interface number: 150 but max is 0
[  404.122940][ T5994] usb 5-1: config 0 has an invalid interface number: 112 but max is 0
[  404.140598][ T5994] usb 5-1: config 0 has 3 interfaces, different from the descriptor's value: 1
[  404.149473][ T5994] usb 5-1: config 0 has no interface number 1
[  404.162798][ T5994] usb 5-1: config 0 has no interface number 2
[  404.170814][ T5994] usb 5-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  404.188608][ T5994] usb 5-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30
[  404.203490][ T5994] usb 5-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104
[  404.216989][ T5994] usb 5-1: config 0 interface 150 has no altsetting 0
[  404.237146][ T5994] usb 5-1: config 0 interface 112 has no altsetting 0
[  404.241644][ T5994] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  404.249184][ T5994] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.272434][ T5994] usb 5-1: config 0 descriptor??
[  404.283642][ T8269] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.517848][ T5994] usb 5-1: string descriptor 0 read error: -71
[  404.569430][ T5994] usb 5-1: USB disconnect, device number 20
[  405.458913][ T8269] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.521434][T11660] ata1.00: invalid multi_count 1 ignored
[  405.579903][T11663] batadv1: entered promiscuous mode
[  405.766317][ T8269] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.821416][T11664] batadv1: entered promiscuous mode
[  406.058432][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  406.073259][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  406.094663][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  406.122825][ T8269] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.130625][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  406.133108][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  406.491573][T11683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11683 comm=syz.4.1347
[  406.761738][ T8269] bridge_slave_1: left allmulticast mode
[  406.775308][ T8269] bridge_slave_1: left promiscuous mode
[  406.819829][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.866205][ T8269] bridge_slave_0: left allmulticast mode
[  406.868722][ T8269] bridge_slave_0: left promiscuous mode
[  406.871161][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.090899][ T8269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  408.122141][ T8269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  408.134698][ T8269] bond0 (unregistering): Released all slaves
[  408.174170][ T5968] Bluetooth: hci0: command tx timeout
[  408.212456][T11673] chnl_net:caif_netlink_parms(): no params data found
[  408.641328][T11742] openvswitch: netlink: IP tunnel attribute has 176 unknown bytes.
[  408.731199][ T6048] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  408.940253][ T6048] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  408.944367][ T6048] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.977859][ T6048] usb 5-1: config 0 interface 0 has no altsetting 0
[  408.980803][ T6048] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  408.985404][ T6048] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.029077][ T6048] usb 5-1: config 0 descriptor??
[  409.299836][T11765] IPv6: NLM_F_CREATE should be specified when creating new route
[  409.314786][T11765] IPv6: Can't replace route, no match found
[  409.320459][T11673] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.326307][T11673] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.342254][T11673] bridge_slave_0: entered allmulticast mode
[  409.349961][T11673] bridge_slave_0: entered promiscuous mode
[  409.501401][   T40] audit: type=1400 audit(1748880119.975:715): avc:  denied  { ioctl } for  pid=11763 comm="syz.2.1364" path="socket:[45479]" dev="sockfs" ino=45479 ioctlcmd=0xf516 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  409.559539][ T6048] hid-steam 0003:28DE:1102.0008: unknown main item tag 0x0
[  409.562818][ T6048] hid-steam 0003:28DE:1102.0008: unknown main item tag 0x0
[  409.568278][ T6048] hid-steam 0003:28DE:1102.0008: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  409.623013][T11673] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.638830][T11673] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.641888][T11673] bridge_slave_1: entered allmulticast mode
[  409.646356][T11673] bridge_slave_1: entered promiscuous mode
[  409.645955][ T6048] hid-steam 0003:28DE:1102.0008: Steam Controller 'XXXXXXXXXX' connected
[  409.677053][ T6048] input: Steam Controller as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:28DE:1102.0008/input/input22
[  409.684587][T11773] netlink: 'syz.4.1365': attribute type 2 has an invalid length.
[  409.738791][T11773] netlink: 1184 bytes leftover after parsing attributes in process `syz.4.1365'.
[  409.783316][ T6048] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[  409.797643][ T6048] hid-steam 0003:28DE:1102.0009: unknown main item tag 0x0
[  409.815488][ T6048] hid-steam 0003:28DE:1102.0009: hidraw1: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.0-1/input0
[  409.832341][ T6048] usb 5-1: USB disconnect, device number 21
[  409.940771][ T6048] hid-steam 0003:28DE:1102.0008: Steam Controller 'XXXXXXXXXX' disconnected
[  410.015785][T11779] fido_id[11779]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb5/report_descriptor': No such file or directory
[  410.241455][ T5968] Bluetooth: hci0: command tx timeout
[  410.254611][ T8269] hsr_slave_0: left promiscuous mode
[  410.287979][ T8269] hsr_slave_1: left promiscuous mode
[  410.305513][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  410.309736][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  410.330006][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  410.334725][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  410.430403][ T8269] veth1_macvtap: left promiscuous mode
[  410.451773][ T8269] veth0_macvtap: left promiscuous mode
[  410.454694][ T8269] veth1_vlan: left promiscuous mode
[  410.458479][ T8269] veth0_vlan: left promiscuous mode
[  412.317190][ T5968] Bluetooth: hci0: command tx timeout
[  413.666031][ T8269] team0 (unregistering): Port device team_slave_1 removed
[  414.047215][ T8269] team0 (unregistering): Port device team_slave_0 removed
[  414.399073][ T5968] Bluetooth: hci0: command tx timeout
[  416.747898][T11673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  416.754001][T11673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  417.096270][   T40] audit: type=1400 audit(1748880127.525:716): avc:  denied  { accept } for  pid=11801 comm="syz.0.1370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  417.208591][T11810] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1372'.
[  417.217410][T11810] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1372'.
[  417.268731][T11673] team0: Port device team_slave_0 added
[  417.278584][T11673] team0: Port device team_slave_1 added
[  417.397459][T11817] fuse: Unknown parameter '0x0000000000000003'
[  417.416784][T11817] IPv6: NLM_F_CREATE should be specified when creating new route
[  417.441231][T11817] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1375'.
[  417.441698][   T40] audit: type=1400 audit(1748880127.905:717): avc:  denied  { bind } for  pid=11816 comm="syz.4.1375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  417.460739][T11817] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1375'.
[  417.511302][   T40] audit: type=1400 audit(1748880127.905:718): avc:  denied  { node_bind } for  pid=11816 comm="syz.4.1375" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  417.540739][T11673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  417.545918][T11673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.573238][T11673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  417.589930][T11673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  417.593172][T11825] netlink: 'syz.4.1376': attribute type 64 has an invalid length.
[  417.635288][T11673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  417.650463][T11825] netlink: 'syz.4.1376': attribute type 4 has an invalid length.
[  417.696989][T11825] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1376'.
[  417.697311][T11673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  417.909776][   T40] audit: type=1400 audit(1748880128.365:719): avc:  denied  { write } for  pid=11834 comm="syz.0.1377" lport=57011 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  417.984777][   T40] audit: type=1400 audit(1748880128.455:720): avc:  denied  { setattr } for  pid=11838 comm="syz.0.1378" name="file0" dev="9p" ino=35913832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  418.065787][   T40] audit: type=1400 audit(1748880128.455:721): avc:  denied  { mounton } for  pid=11838 comm="syz.0.1378" path="/124/file0" dev="9p" ino=35913825 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  418.302877][T11673] hsr_slave_0: entered promiscuous mode
[  418.307192][T11673] hsr_slave_1: entered promiscuous mode
[  418.317461][   T40] audit: type=1400 audit(1748880128.745:722): avc:  denied  { bind } for  pid=11850 comm="syz.2.1382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  418.534431][T11863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1383'.
[  418.699657][ T5968] Bluetooth: hci2: Unable to find connection with handle 0x00c9
[  418.725048][   T40] audit: type=1400 audit(1748880129.185:723): avc:  denied  { mounton } for  pid=11869 comm="syz.0.1386" path="/126/file0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  418.898827][T11871] syzkaller1: entered promiscuous mode
[  418.901223][T11871] syzkaller1: entered allmulticast mode
[  419.619663][T11888] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1388'.
[  419.860789][T11896] netlink: 'syz.0.1389': attribute type 10 has an invalid length.
[  419.877435][T11896] hsr0: entered promiscuous mode
[  419.882846][T11896] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  419.894078][T11896] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  419.902901][T11896] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  420.123315][    C3] vkms_vblank_simulate: vblank timer overrun
[  420.277692][ T6029] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  420.505253][ T6029] usb 5-1: Using ep0 maxpacket: 16
[  420.518851][ T6029] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.542425][ T6029] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.548421][ T6029] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  420.551709][ T6029] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.570823][ T6029] usb 5-1: config 0 descriptor??
[  420.812903][T11928] 9pnet_virtio: no channels available for device syz
[  421.261725][ T6029] usbhid 5-1:0.0: can't add hid device: -71
[  421.264440][ T6029] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  421.320271][ T6029] usb 5-1: USB disconnect, device number 22
[  421.759259][T11673] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  421.786963][T11673] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  421.855588][    C3] vkms_vblank_simulate: vblank timer overrun
[  421.863933][T11944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1399'.
[  421.870632][T11944] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1399'.
[  421.875791][T11944] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1399'.
[  421.890731][T11673] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  421.918981][T11673] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  421.967326][   T40] audit: type=1400 audit(1748880132.425:724): avc:  denied  { append } for  pid=11947 comm="syz.0.1400" name="event2" dev="devtmpfs" ino=947 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  422.158990][   T40] audit: type=1400 audit(1748880132.625:725): avc:  denied  { name_bind } for  pid=11953 comm="syz.2.1403" src=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  422.247900][T11673] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.269104][T11673] 8021q: adding VLAN 0 to HW filter on device team0
[  422.289965][    C3] vkms_vblank_simulate: vblank timer overrun
[  422.357957][ T8257] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.361443][ T8257] bridge0: port 1(bridge_slave_0) entered forwarding state
[  422.388122][ T8257] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.403915][ T8257] bridge0: port 2(bridge_slave_1) entered forwarding state
[  422.585076][    C3] vkms_vblank_simulate: vblank timer overrun
[  422.607157][T11979] __nla_validate_parse: 2 callbacks suppressed
[  422.607176][T11979] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1408'.
[  422.644936][    C3] vkms_vblank_simulate: vblank timer overrun
[  422.865846][T11974] random: crng reseeded on system resumption
[  422.933235][T11673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  423.008046][T11673] veth0_vlan: entered promiscuous mode
[  423.037670][    C3] vkms_vblank_simulate: vblank timer overrun
[  423.071878][T11673] veth1_vlan: entered promiscuous mode
[  423.096925][T11973] Hibernate inconsistent memory map detected!
[  423.100878][T11973] PM: hibernation: Image mismatch: architecture specific data
[  423.275581][T11673] veth0_macvtap: entered promiscuous mode
[  423.309014][    C3] vkms_vblank_simulate: vblank timer overrun
[  423.317121][T11673] veth1_macvtap: entered promiscuous mode
[  423.338606][T11673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.372545][T11673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.420316][T11673] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.429997][T11673] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.433827][T11673] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.449145][T11673] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.560926][ T1124] sr 2:0:0:0: [sr0] tag#3 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  423.564841][ T1124] sr 2:0:0:0: [sr0] tag#3 Sense Key : Illegal Request [current] 
[  423.609676][ T1124] sr 2:0:0:0: [sr0] tag#3 Add. Sense: Invalid command operation code
[  423.613075][ T1124] sr 2:0:0:0: [sr0] tag#3 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  423.617879][ T1124] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  423.624372][    C3] vkms_vblank_simulate: vblank timer overrun
[  423.625779][ T1124] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  423.675665][ T8269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.676912][    C3] vkms_vblank_simulate: vblank timer overrun
[  423.681820][ T8269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.712932][    C3] vkms_vblank_simulate: vblank timer overrun
[  423.853085][ T8260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.865168][ T8260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.965281][   T40] audit: type=1400 audit(1748880134.385:726): avc:  denied  { lock } for  pid=12024 comm="syz.2.1415" path="socket:[44712]" dev="sockfs" ino=44712 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  424.204944][    C3] vkms_vblank_simulate: vblank timer overrun
[  424.372598][    C3] vkms_vblank_simulate: vblank timer overrun
[  424.553560][    C3] vkms_vblank_simulate: vblank timer overrun
[  424.615071][   T40] audit: type=1400 audit(1748880135.085:727): avc:  denied  { set_context_mgr } for  pid=12043 comm="syz.2.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  424.792438][T12049] support for the xor transformation has been removed.
[  424.812340][T12049] netlink: 'syz.2.1420': attribute type 12 has an invalid length.
[  424.828158][T12042] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1417'.
[  424.843149][T12042] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1417'.
[  425.091348][T12060] netlink: 'syz.2.1422': attribute type 9 has an invalid length.
[  425.245671][   T40] audit: type=1400 audit(1748880135.705:728): avc:  denied  { read } for  pid=12064 comm="syz.0.1423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  427.405653][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  427.419952][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  427.455280][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  427.490338][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  427.543541][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  429.625697][ T5959] Bluetooth: hci0: command tx timeout
[  431.670815][T12086] bridge0: port 3(team0) entered disabled state
[  431.691448][ T5959] Bluetooth: hci0: command tx timeout
[  431.702690][   T40] audit: type=1326 audit(1748880142.175:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12091 comm="syz.0.1429" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff34658e969 code=0x0
[  431.946820][T12086] team0 (unregistering): left allmulticast mode
[  431.950189][T12086] team_slave_0: left allmulticast mode
[  431.953327][T12086] team_slave_1: left allmulticast mode
[  431.957384][T12086] bridge0: port 3(team0) entered disabled state
[  431.966707][T12086] team_slave_0: left promiscuous mode
[  432.004511][T12086] team0 (unregistering): Port device team_slave_0 removed
[  432.008702][T12086] team_slave_1: left promiscuous mode
[  432.024190][T12086] team0 (unregistering): Port device team_slave_1 removed
[  432.311468][ T8269] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.646644][ T8269] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.733029][T12078] chnl_net:caif_netlink_parms(): no params data found
[  432.823029][   T40] audit: type=1400 audit(1748880143.295:730): avc:  denied  { listen } for  pid=12125 comm="syz.0.1435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  432.844138][T12126] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1435'.
[  433.218280][ T8269] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.306898][T12143] lo speed is unknown, defaulting to 1000
[  433.439575][T12148] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1439'.
[  433.546734][T12143] lo speed is unknown, defaulting to 1000
[  433.569938][T12151] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1439'.
[  433.577485][T12151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1439'.
[  433.697447][ T8269] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.765965][ T5959] Bluetooth: hci0: command tx timeout
[  433.878936][T12143] lo speed is unknown, defaulting to 1000
[  433.906989][T12078] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.910344][T12078] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.911677][T12143] infiniband s: RDMA CMA: cma_listen_on_dev, error -98
[  433.913811][T12078] bridge_slave_0: entered allmulticast mode
[  433.944264][T12078] bridge_slave_0: entered promiscuous mode
[  434.020596][T12143] lo speed is unknown, defaulting to 1000
[  434.021516][T12078] bridge0: port 2(bridge_slave_1) entered blocking state
[  434.084206][T12078] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.098089][T12078] bridge_slave_1: entered allmulticast mode
[  434.101345][T12078] bridge_slave_1: entered promiscuous mode
[  434.216175][   T40] audit: type=1400 audit(1748880144.695:731): avc:  denied  { name_connect } for  pid=12164 comm="syz.2.1444" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  434.249048][T12143] lo speed is unknown, defaulting to 1000
[  434.293649][T12143] lo speed is unknown, defaulting to 1000
[  434.412795][    C1] vkms_vblank_simulate: vblank timer overrun
[  434.468452][T12165] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1444'.
[  434.487569][T12143] lo speed is unknown, defaulting to 1000
[  434.491640][T12143] lo speed is unknown, defaulting to 1000
[  434.498517][T12078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  434.541171][T12078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  434.640653][T12143] lo speed is unknown, defaulting to 1000
[  434.777717][T12078] team0: Port device team_slave_0 added
[  434.817380][T12078] team0: Port device team_slave_1 added
[  434.880738][    C1] vkms_vblank_simulate: vblank timer overrun
[  434.890940][   T40] audit: type=1400 audit(1748880145.355:732): avc:  denied  { watch watch_reads } for  pid=12180 comm="syz.4.1449" path="/bus" dev="proc" ino=4026531855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  434.919140][   T40] audit: type=1400 audit(1748880145.375:733): avc:  denied  { read } for  pid=12180 comm="syz.4.1449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  435.096124][ T8269] bridge_slave_1: left allmulticast mode
[  435.107066][ T8269] bridge_slave_1: left promiscuous mode
[  435.111071][ T8269] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.148603][ T8269] bridge_slave_0: left allmulticast mode
[  435.154831][ T8269] bridge_slave_0: left promiscuous mode
[  435.159554][ T8269] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.273956][   T40] audit: type=1400 audit(1748880145.735:734): avc:  denied  { unmount } for  pid=12189 comm="syz.4.1452" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  435.305747][T12190] overlayfs: cannot append lower layer
[  435.570026][T12194] kernel read not supported for file /policy (pid: 12194 comm: syz.4.1454)
[  435.573449][   T40] audit: type=1400 audit(1748880146.035:735): avc:  denied  { module_load } for  pid=12193 comm="syz.4.1454" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[  435.631040][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.865911][ T5959] Bluetooth: hci0: command tx timeout
[  437.976545][ T8269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  438.081677][ T8269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.144773][    C1] vkms_vblank_simulate: vblank timer overrun
[  438.158505][ T8269] bond0 (unregistering): Released all slaves
[  438.200620][T12078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.243974][    C1] vkms_vblank_simulate: vblank timer overrun
[  438.265301][T12078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.274355][T12078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.457146][T12078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.470674][T12078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.546496][    C1] vkms_vblank_simulate: vblank timer overrun
[  438.550404][T12078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.812802][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.017982][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  439.174533][T12246] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1467'.
[  439.180748][T12245] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1467'.
[  439.218446][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  439.225709][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  439.229484][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.243531][T12078] hsr_slave_0: entered promiscuous mode
[  439.246632][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  439.246681][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  439.246701][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.252426][   T24] usb 5-1: config 0 descriptor??
[  439.271067][    C1] vkms_vblank_simulate: vblank timer overrun
[  439.275394][T12078] hsr_slave_1: entered promiscuous mode
[  439.398102][T12078] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  439.401963][T12078] Cannot create hsr debugfs directory
[  439.420948][   T40] audit: type=1400 audit(1748880149.895:736): avc:  denied  { map } for  pid=12247 comm="syz.2.1468" path="socket:[47026]" dev="sockfs" ino=47026 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  439.773545][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  439.791557][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  439.822410][   T24] usb 5-1: USB disconnect, device number 23
[  440.031536][T12268] netlink: 'syz.4.1471': attribute type 25 has an invalid length.
[  440.329625][ T8269] hsr_slave_0: left promiscuous mode
[  440.361639][ T8269] hsr_slave_1: left promiscuous mode
[  440.364969][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  440.369450][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_0
[  440.389211][ T8269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  440.392793][ T8269] batman_adv: batadv0: Removing interface: batadv_slave_1
[  440.502338][   T40] audit: type=1400 audit(1748880150.975:737): avc:  denied  { ioctl } for  pid=12287 comm="syz.0.1475" path="socket:[49199]" dev="sockfs" ino=49199 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  440.541437][   T40] audit: type=1400 audit(1748880151.015:738): avc:  denied  { setattr } for  pid=12287 comm="syz.0.1475" name="file0" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  440.573522][   T40] audit: type=1400 audit(1748880151.015:739): avc:  denied  { read } for  pid=12287 comm="syz.0.1475" name="file0" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  440.617654][   T40] audit: type=1400 audit(1748880151.015:740): avc:  denied  { open } for  pid=12287 comm="syz.0.1475" path="/156/file0" dev="tmpfs" ino=859 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  440.622339][ T8269] veth1_macvtap: left promiscuous mode
[  440.651978][ T8269] veth0_macvtap: left promiscuous mode
[  440.655950][ T8269] veth1_vlan: left promiscuous mode
[  440.658759][ T8269] veth0_vlan: left promiscuous mode
[  440.674900][T12297] netlink: 'syz.0.1476': attribute type 21 has an invalid length.
[  440.690267][   T40] audit: type=1400 audit(1748880151.155:741): avc:  denied  { mounton } for  pid=12288 comm="syz.2.1474" path="/492/bus" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  441.002165][T12306] netlink: 'syz.2.1477': attribute type 7 has an invalid length.
[  441.006329][T12306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1477'.
[  441.075926][T12307] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1477'.
[  449.794978][ T8269] team0 (unregistering): Port device team_slave_1 removed
[  450.953488][ T8269] team0 (unregistering): Port device team_slave_0 removed
[  456.292765][ T7718] raw-gadget.1 gadget.2: failed to queue disconnect event
[  456.511956][ T5968] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  456.522117][ T5968] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  456.542732][ T5968] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  456.555343][ T5968] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  456.576713][ T5968] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  456.654170][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  456.657413][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  456.680969][ T1418] ==================================================================
[  456.686010][ T1418] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90
[  456.686041][ T5959] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  456.689378][ T1418] Read of size 8 at addr ffff888055505020 by task aoe_tx0/1418
[  456.689401][ T1418] 
[  456.689411][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  456.689431][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.689442][ T1418] Call Trace:
[  456.689449][ T1418]  <TASK>
[  456.689456][ T1418]  dump_stack_lvl+0x116/0x1f0
[  456.689495][ T1418]  print_report+0xcd/0x680
[  456.689516][ T1418]  ? __virt_addr_valid+0x81/0x610
[  456.689541][ T1418]  ? __phys_addr+0xe8/0x180
[  456.689565][ T1418]  ? tty_write_room+0x7d/0x90
[  456.689583][ T1418]  kasan_report+0xe0/0x110
[  456.689602][ T1418]  ? tty_write_room+0x7d/0x90
[  456.689621][ T1418]  tty_write_room+0x7d/0x90
[  456.689639][ T1418]  handle_tx+0x14f/0x630
[  456.689665][ T1418]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  456.689687][ T1418]  dev_hard_start_xmit+0x94/0x740
[  456.689706][ T1418]  __dev_queue_xmit+0x7eb/0x43e0
[  456.689725][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.689744][ T1418]  ? finish_task_switch.isra.0+0x221/0xc10
[  456.689762][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.689778][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  456.689797][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  456.689818][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  456.689839][ T1418]  ? do_raw_spin_lock+0x12c/0x2b0
[  456.689864][ T1418]  ? find_held_lock+0x2b/0x80
[  456.689879][ T1418]  ? skb_dequeue+0x126/0x180
[  456.689893][ T1418]  ? find_held_lock+0x2b/0x80
[  456.689909][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.689926][ T1418]  tx+0xcc/0x190
[  456.689942][ T1418]  ? __pfx_tx+0x10/0x10
[  456.689955][ T1418]  kthread+0x1e4/0x3e0
[  456.689980][ T1418]  ? find_held_lock+0x2b/0x80
[  456.690003][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.690026][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  456.690042][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.690061][ T1418]  ? __kthread_parkme+0x19e/0x250
[  456.690080][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.690102][ T1418]  kthread+0x3c5/0x780
[  456.690123][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.690144][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.690160][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.690181][ T1418]  ret_from_fork+0x5d7/0x6f0
[  456.690200][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.690220][ T1418]  ret_from_fork_asm+0x1a/0x30
[  456.690242][ T1418]  </TASK>
[  456.690247][ T1418] 
[  456.690252][ T1418] Allocated by task 6764:
[  456.690260][ T1418]  kasan_save_stack+0x33/0x60
[  456.690276][ T1418]  kasan_save_track+0x14/0x30
[  456.690291][ T1418]  __kasan_kmalloc+0xaa/0xb0
[  456.690306][ T1418]  alloc_tty_struct+0x96/0x8c0
[  456.690329][ T1418]  tty_init_dev.part.0+0x1e/0x500
[  456.690352][ T1418]  tty_init_dev+0x60/0x80
[  456.690364][ T1418]  ptmx_open+0x10d/0x360
[  456.690381][ T1418]  chrdev_open+0x231/0x6a0
[  456.690399][ T1418]  do_dentry_open+0x741/0x1c10
[  456.690415][ T1418]  vfs_open+0x82/0x3f0
[  456.690434][ T1418]  path_openat+0x1de4/0x2cb0
[  456.690450][ T1418]  do_filp_open+0x20b/0x470
[  456.690466][ T1418]  do_sys_openat2+0x11b/0x1d0
[  456.690485][ T1418]  __x64_sys_openat+0x174/0x210
[  456.690506][ T1418]  do_syscall_64+0xcd/0x4c0
[  456.690526][ T1418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.690541][ T1418] 
[  456.690545][ T1418] Freed by task 29:
[  456.690552][ T1418]  kasan_save_stack+0x33/0x60
[  456.690566][ T1418]  kasan_save_track+0x14/0x30
[  456.690581][ T1418]  kasan_save_free_info+0x3b/0x60
[  456.690603][ T1418]  __kasan_slab_free+0x51/0x70
[  456.690620][ T1418]  kfree+0x2b4/0x4d0
[  456.690633][ T1418]  process_one_work+0x9cf/0x1b70
[  456.690655][ T1418]  worker_thread+0x6c8/0xf10
[  456.690677][ T1418]  kthread+0x3c5/0x780
[  456.690695][ T1418]  ret_from_fork+0x5d7/0x6f0
[  456.690713][ T1418]  ret_from_fork_asm+0x1a/0x30
[  456.690728][ T1418] 
[  456.690732][ T1418] Last potentially related work creation:
[  456.690737][ T1418]  kasan_save_stack+0x33/0x60
[  456.690753][ T1418]  kasan_record_aux_stack+0xa7/0xc0
[  456.690776][ T1418]  insert_work+0x36/0x230
[  456.690797][ T1418]  __queue_work+0x97e/0x10f0
[  456.690819][ T1418]  queue_work_on+0x1a4/0x1f0
[  456.690841][ T1418]  release_tty+0x4de/0x5d0
[  456.690861][ T1418]  tty_release_struct+0xb7/0xe0
[  456.690883][ T1418]  tty_release+0xe2d/0x1430
[  456.690904][ T1418]  __fput+0x402/0xb70
[  456.690925][ T1418]  task_work_run+0x14d/0x240
[  456.690946][ T1418]  do_exit+0x864/0x2bd0
[  456.690964][ T1418]  do_group_exit+0xd3/0x2a0
[  456.690987][ T1418]  get_signal+0x2673/0x26d0
[  456.691002][ T1418]  arch_do_signal_or_restart+0x8f/0x7d0
[  456.691026][ T1418]  exit_to_user_mode_loop+0x84/0x110
[  456.691049][ T1418]  do_syscall_64+0x3f6/0x4c0
[  456.691069][ T1418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.691085][ T1418] 
[  456.691089][ T1418] The buggy address belongs to the object at ffff888055505000
[  456.691089][ T1418]  which belongs to the cache kmalloc-cg-2k of size 2048
[  456.691103][ T1418] The buggy address is located 32 bytes inside of
[  456.691103][ T1418]  freed 2048-byte region [ffff888055505000, ffff888055505800)
[  456.691120][ T1418] 
[  456.691125][ T1418] The buggy address belongs to the physical page:
[  456.691133][ T1418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55500
[  456.691149][ T1418] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  456.691162][ T1418] memcg:ffff88805567df01
[  456.691170][ T1418] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  456.691186][ T1418] page_type: f5(slab)
[  456.691202][ T1418] raw: 00fff00000000040 ffff88801b84c140 0000000000000000 dead000000000001
[  456.691217][ T1418] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff88805567df01
[  456.691233][ T1418] head: 00fff00000000040 ffff88801b84c140 0000000000000000 dead000000000001
[  456.691248][ T1418] head: 0000000000000000 0000000000080008 00000000f5000000 ffff88805567df01
[  456.691263][ T1418] head: 00fff00000000003 ffffea0001554001 00000000ffffffff 00000000ffffffff
[  456.691278][ T1418] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  456.691287][ T1418] page dumped because: kasan: bad access detected
[  456.691295][ T1418] page_owner tracks the page as allocated
[  456.691301][ T1418] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6369, tgid 6366 (syz.0.102), ts 143519476692, free_ts 143507262120
[  456.691329][ T1418]  post_alloc_hook+0x1c0/0x230
[  456.691343][ T1418]  get_page_from_freelist+0x1321/0x3890
[  456.691358][ T1418]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  456.691374][ T1418]  alloc_pages_mpol+0x1fb/0x550
[  456.691391][ T1418]  new_slab+0x23b/0x330
[  456.691413][ T1418]  ___slab_alloc+0xd9c/0x1940
[  456.691435][ T1418]  __slab_alloc.constprop.0+0x56/0xb0
[  456.691458][ T1418]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  456.691477][ T1418]  kmemdup_noprof+0x29/0x60
[  456.691493][ T1418]  __devinet_sysctl_register+0xbc/0x360
[  456.691509][ T1418]  devinet_sysctl_register+0x17b/0x200
[  456.691523][ T1418]  inetdev_init+0x2b8/0x5a0
[  456.691535][ T1418]  inetdev_event+0xc5f/0x18a0
[  456.691549][ T1418]  notifier_call_chain+0xbc/0x410
[  456.691565][ T1418]  call_netdevice_notifiers_info+0xbe/0x140
[  456.691590][ T1418]  register_netdevice+0x182e/0x2270
[  456.691611][ T1418] page last free pid 6366 tgid 6366 stack trace:
[  456.691620][ T1418]  __free_frozen_pages+0x7fe/0x1180
[  456.691643][ T1418]  __put_partials+0x16d/0x1c0
[  456.691657][ T1418]  qlist_free_all+0x4d/0x120
[  456.691671][ T1418]  kasan_quarantine_reduce+0x195/0x1e0
[  456.691686][ T1418]  __kasan_slab_alloc+0x69/0x90
[  456.691703][ T1418]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  456.691718][ T1418]  __anon_vma_prepare+0xae/0x5e0
[  456.691733][ T1418]  __vmf_anon_prepare+0x11c/0x240
[  456.691754][ T1418]  __handle_mm_fault+0x27f6/0x53d0
[  456.691777][ T1418]  handle_mm_fault+0x589/0xd10
[  456.691791][ T1418]  do_user_addr_fault+0x60c/0x1370
[  456.691809][ T1418]  exc_page_fault+0x5c/0xb0
[  456.691826][ T1418]  asm_exc_page_fault+0x26/0x30
[  456.691840][ T1418] 
[  456.691844][ T1418] Memory state around the buggy address:
[  456.691853][ T1418]  ffff888055504f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  456.691865][ T1418]  ffff888055504f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  456.691877][ T1418] >ffff888055505000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  456.691886][ T1418]                                ^
[  456.691895][ T1418]  ffff888055505080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  456.691906][ T1418]  ffff888055505100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  456.691915][ T1418] ==================================================================
[  456.695734][ T1418] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  456.695757][ T1418] CPU: 2 UID: 0 PID: 1418 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  456.695783][ T1418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  456.695794][ T1418] Call Trace:
[  456.695804][ T1418]  <TASK>
[  456.695812][ T1418]  dump_stack_lvl+0x3d/0x1f0
[  456.695841][ T1418]  panic+0x71c/0x800
[  456.695864][ T1418]  ? __pfx_panic+0x10/0x10
[  456.695884][ T1418]  ? irqentry_exit+0x3b/0x90
[  456.695906][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.695927][ T1418]  ? tty_write_room+0x7d/0x90
[  456.695959][ T1418]  ? check_panic_on_warn+0x1f/0xb0
[  456.695982][ T1418]  ? tty_write_room+0x7d/0x90
[  456.696000][ T1418]  check_panic_on_warn+0xab/0xb0
[  456.696022][ T1418]  end_report+0x107/0x170
[  456.696043][ T1418]  kasan_report+0xee/0x110
[  456.696064][ T1418]  ? tty_write_room+0x7d/0x90
[  456.696086][ T1418]  tty_write_room+0x7d/0x90
[  456.696106][ T1418]  handle_tx+0x14f/0x630
[  456.696134][ T1418]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  456.696159][ T1418]  dev_hard_start_xmit+0x94/0x740
[  456.696182][ T1418]  __dev_queue_xmit+0x7eb/0x43e0
[  456.696205][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.696226][ T1418]  ? finish_task_switch.isra.0+0x221/0xc10
[  456.696247][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.696265][ T1418]  ? __pfx___dev_queue_xmit+0x10/0x10
[  456.696286][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  456.696310][ T1418]  ? __lock_acquire+0xb8a/0x1c90
[  456.696336][ T1418]  ? do_raw_spin_lock+0x12c/0x2b0
[  456.696362][ T1418]  ? find_held_lock+0x2b/0x80
[  456.696380][ T1418]  ? skb_dequeue+0x126/0x180
[  456.696396][ T1418]  ? find_held_lock+0x2b/0x80
[  456.696414][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.696434][ T1418]  tx+0xcc/0x190
[  456.696452][ T1418]  ? __pfx_tx+0x10/0x10
[  456.696467][ T1418]  kthread+0x1e4/0x3e0
[  456.696525][ T1418]  ? find_held_lock+0x2b/0x80
[  456.696542][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.696566][ T1418]  ? __pfx_default_wake_function+0x10/0x10
[  456.696584][ T1418]  ? lockdep_hardirqs_on+0x7c/0x110
[  456.696605][ T1418]  ? __kthread_parkme+0x19e/0x250
[  456.696625][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.696650][ T1418]  kthread+0x3c5/0x780
[  456.696673][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.696695][ T1418]  ? rcu_is_watching+0x12/0xc0
[  456.696712][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.696735][ T1418]  ret_from_fork+0x5d7/0x6f0
[  456.696756][ T1418]  ? __pfx_kthread+0x10/0x10
[  456.696777][ T1418]  ret_from_fork_asm+0x1a/0x30
[  456.696800][ T1418]  </TASK>
[  456.700225][ T1418] Kernel Offset: disabled

VM DIAGNOSIS:
15:58:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000012599 RBX=0000000000000035 RCX=ffffffff819b6eb2 RDX=ffff88802d2e4880
RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc900040c77f8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=1ffff92000818f02 R13=0000000000000200 R14=ffff888029de8000 R15=ffffc900040c78c8
RIP=ffffffff81bbfad1 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6765000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558557bc6fb0 CR3=0000000033c79000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000557dd17d9600 0000557dd17d9600
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffddc46d5d0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d 3d3d3d3d3d3d3d3d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697665643a725f74 63656a626f3a755f 6d65747379733d74 7865746e6f637420
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 745f6d6461737973 3a725f6d64617379 733a746f6f723d74 7865746e6f637320
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3730373d6f6e6920 227366706d747665 64223d7665642022 7375622f3239342f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 223d687461702022 343734312e322e7a 7973223d6d6d6f63 2038383232313d64
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff91f07666 RBX=0000000000000001 RCX=dffffc0000000000 RDX=0000000000000009
RSI=ffffffff91f07666 RDI=ffffffff9130c830 RBP=ffffffff9130c830 RSP=ffffc90007fe7400
R8 =ffffffff91f0769c R9 =0000000000000000 R10=0000000000000000 R11=00000000000a78d3
R12=ffffffff9130c850 R13=ffffffff8b78d359 R14=ffffffff9130c830 R15=ffffffff9130c830
RIP=ffffffff816aae39 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6865000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f16879f6d00 CR3=000000010fde3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffc0000 Opmask01=000000000000000f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000800000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000800000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f168938502a
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1689583488 00007f1689583480 00007f1689583478 00007f1689583450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f168a0ed100 00007f1689583440 00007f1689583458 00007f16895834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1689583498 00007f1689583490 00007f1689583488 00007f1689583480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000010400 RBX=0000000000000105 RCX=0000000000000836 RDX=0000000000000000
RSI=0000000000010400 RDI=0000000000000036 RBP=0000000000000005 RSP=ffffc900066df720
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000002c00
R12=00000000000f3d1c R13=0000000000000000 R14=00000000000f3d1c R15=fffffbfff27a1e08
RIP=ffffffff816970b8 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6965000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5c2c9da1d0 CR3=000000004e7e9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=00000000000000fd DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffd0 Opmask01=0000000000000008 Opmask02=000000007ffeffff Opmask03=0000000020400004
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558557b96470
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558557b96470
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca2a5f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff00ffffff00 ffffffffffffffff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 737326f624c9c9f3 737326f62620c6c3
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737273737326 7373737373737373
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030323a34696368 2f346963682f6874 6f6f7465756c622f 6c6175747269762f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766736c6d2c3531 2c34312c31312c30 312c342c332c312c 3061722c3332322c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3232322c3132322c 3032322c3135312c 3035312c4533312c 4433312c4333312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4233312c4133312c 3933312c3833312c 3733312c3633312c 3433312c3333312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3133312c3033312c 3232312c3132316b 2c332c312c30652d 3130303065323031
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312c3937312c3837 312c3737312c3637 312c3537312c3437 312c3337312c3237
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81606ea0 RDX=ffff888029ca2440
RSI=ffffffff81606ee8 RDI=ffffffff93d0f040 RBP=0000000000000003 RSP=ffffc900006f8fd0
R8 =0000000000000001 R9 =fffffbfff27a1e08 R10=ffffffff93d0f047 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81606ee9 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a65000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fff84967660 CR3=000000000e382000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffc0000 Opmask01=000000000000000f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20303d766765735f 656c646e61683d53 4e4f4954504f5f4e 4153410063657865
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f42f02ed100 00007f42ef783440 00007f42ef783458 00007f42ef7834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d534e4f4954504f 5f4e415341006365 786500726f747563 6578652d7a79732f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000